diff --git a/LICENSE b/LICENSE
new file mode 100644
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,367 @@
+Mozilla Public License Version 2.0
+==================================
+
+1. Definitions
+--------------
+
+1.1. "Contributor"
+    means each individual or legal entity that creates, contributes to
+    the creation of, or owns Covered Software.
+
+1.2. "Contributor Version"
+    means the combination of the Contributions of others (if any) used
+    by a Contributor and that particular Contributor's Contribution.
+
+1.3. "Contribution"
+    means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+    means Source Code Form to which the initial Contributor has attached
+    the notice in Exhibit A, the Executable Form of such Source Code
+    Form, and Modifications of such Source Code Form, in each case
+    including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+    means
+
+    (a) that the initial Contributor has attached the notice described
+        in Exhibit B to the Covered Software; or
+
+    (b) that the Covered Software was made available under the terms of
+        version 1.1 or earlier of the License, but not also under the
+        terms of a Secondary License.
+
+1.6. "Executable Form"
+    means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+    means a work that combines Covered Software with other material, in
+    a separate file or files, that is not Covered Software.
+
+1.8. "License"
+    means this document.
+
+1.9. "Licensable"
+    means having the right to grant, to the maximum extent possible,
+    whether at the time of the initial grant or subsequently, any and
+    all of the rights conveyed by this License.
+
+1.10. "Modifications"
+    means any of the following:
+
+    (a) any file in Source Code Form that results from an addition to,
+        deletion from, or modification of the contents of Covered
+        Software; or
+
+    (b) any new file in Source Code Form that contains any Covered
+        Software.
+
+1.11. "Patent Claims" of a Contributor
+    means any patent claim(s), including without limitation, method,
+    process, and apparatus claims, in any patent Licensable by such
+    Contributor that would be infringed, but for the grant of the
+    License, by the making, using, selling, offering for sale, having
+    made, import, or transfer of either its Contributions or its
+    Contributor Version.
+
+1.12. "Secondary License"
+    means either the GNU General Public License, Version 2.0, the GNU
+    Lesser General Public License, Version 2.1, the GNU Affero General
+    Public License, Version 3.0, or any later versions of those
+    licenses.
+
+1.13. "Source Code Form"
+    means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+    means an individual or a legal entity exercising rights under this
+    License. For legal entities, "You" includes any entity that
+    controls, is controlled by, or is under common control with You. For
+    purposes of this definition, "control" means (a) the power, direct
+    or indirect, to cause the direction or management of such entity,
+    whether by contract or otherwise, or (b) ownership of more than
+    fifty percent (50%) of the outstanding shares or beneficial
+    ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+    Licensable by such Contributor to use, reproduce, make available,
+    modify, display, perform, distribute, and otherwise exploit its
+    Contributions, either on an unmodified basis, with Modifications, or
+    as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+    for sale, have made, import, and otherwise transfer either its
+    Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+    or
+
+(b) for infringements caused by: (i) Your and any other third party's
+    modifications of Covered Software, or (ii) the combination of its
+    Contributions with other software (except as part of its Contributor
+    Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+    its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+    Form, as described in Section 3.1, and You must inform recipients of
+    the Executable Form how they can obtain a copy of such Source Code
+    Form by reasonable means in a timely manner, at a charge no more
+    than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+    License, or sublicense it under different terms, provided that the
+    license for the Executable Form does not attempt to limit or alter
+    the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+*                                                                      *
+*  6. Disclaimer of Warranty                                           *
+*  -------------------------                                           *
+*                                                                      *
+*  Covered Software is provided under this License on an "as is"       *
+*  basis, without warranty of any kind, either expressed, implied, or  *
+*  statutory, including, without limitation, warranties that the       *
+*  Covered Software is free of defects, merchantable, fit for a        *
+*  particular purpose or non-infringing. The entire risk as to the     *
+*  quality and performance of the Covered Software is with You.        *
+*  Should any Covered Software prove defective in any respect, You     *
+*  (not any Contributor) assume the cost of any necessary servicing,   *
+*  repair, or correction. This disclaimer of warranty constitutes an   *
+*  essential part of this License. No use of any Covered Software is   *
+*  authorized under this License except under this disclaimer.         *
+*                                                                      *
+************************************************************************
+
+************************************************************************
+*                                                                      *
+*  7. Limitation of Liability                                          *
+*  --------------------------                                          *
+*                                                                      *
+*  Under no circumstances and under no legal theory, whether tort      *
+*  (including negligence), contract, or otherwise, shall any           *
+*  Contributor, or anyone who distributes Covered Software as          *
+*  permitted above, be liable to You for any direct, indirect,         *
+*  special, incidental, or consequential damages of any character      *
+*  including, without limitation, damages for lost profits, loss of    *
+*  goodwill, work stoppage, computer failure or malfunction, or any    *
+*  and all other commercial damages or losses, even if such party      *
+*  shall have been informed of the possibility of such damages. This   *
+*  limitation of liability shall not apply to liability for death or   *
+*  personal injury resulting from such party's negligence to the       *
+*  extent applicable law prohibits such limitation. Some               *
+*  jurisdictions do not allow the exclusion or limitation of           *
+*  incidental or consequential damages, so this exclusion and          *
+*  limitation may not apply to You.                                    *
+*                                                                      *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+  This Source Code Form is subject to the terms of the Mozilla Public
+  License, v. 2.0. If a copy of the MPL was not distributed with this
+  file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
diff --git a/README.md b/README.md
new file mode 100644
--- /dev/null
+++ b/README.md
@@ -0,0 +1,44 @@
+# Amazon WorkSpaces Web SDK
+
+* [Version](#version)
+* [Description](#description)
+* [Contribute](#contribute)
+* [Licence](#licence)
+
+
+## Version
+ 
+`2.0` - Derived from API version @2020-07-08@ of the AWS service descriptions, licensed under Apache 2.0.
+
+## Description
+
+Documentation is available via [Hackage](http://hackage.haskell.org/package/amazonka-workspaces-web)
+and the [AWS API Reference](https://aws.amazon.com/documentation/).
+
+The types from this library are intended to be used with [amazonka](http://hackage.haskell.org/package/amazonka),
+which provides mechanisms for specifying AuthN/AuthZ information, sending requests,
+and receiving responses.
+
+Lenses are used for constructing and manipulating types,
+due to the depth of nesting of AWS types and transparency regarding
+de/serialisation into more palatable Haskell values.
+The provided lenses should be compatible with any of the major lens libraries
+[lens](http://hackage.haskell.org/package/lens) or [lens-family-core](http://hackage.haskell.org/package/lens-family-core).
+
+See [Amazonka.WorkSpacesWeb](http://hackage.haskell.org/package/amazonka-workspaces-web/docs/Amazonka-WorkSpacesWeb.html)
+or [the AWS documentation](https://aws.amazon.com/documentation/) to get started.
+
+
+## Contribute
+
+For any problems, comments, or feedback please create an issue [here on GitHub](https://github.com/brendanhay/amazonka/issues).
+
+> _Note:_ this library is an auto-generated Haskell package. Please see `amazonka-gen` for more information.
+
+
+## Licence
+
+`amazonka-workspaces-web` is released under the [Mozilla Public License Version 2.0](http://www.mozilla.org/MPL/).
+
+Parts of the code are derived from AWS service descriptions, licensed under Apache 2.0.
+Source files subject to this contain an additional licensing clause in their header.
diff --git a/amazonka-workspaces-web.cabal b/amazonka-workspaces-web.cabal
new file mode 100644
--- /dev/null
+++ b/amazonka-workspaces-web.cabal
@@ -0,0 +1,156 @@
+cabal-version:      2.2
+name:               amazonka-workspaces-web
+version:            2.0
+synopsis:           Amazon WorkSpaces Web SDK.
+homepage:           https://github.com/brendanhay/amazonka
+bug-reports:        https://github.com/brendanhay/amazonka/issues
+license:            MPL-2.0
+license-file:       LICENSE
+author:             Brendan Hay
+maintainer:
+  Brendan Hay <brendan.g.hay+amazonka@gmail.com>, Jack Kelly <jack@jackkelly.name>
+
+copyright:          Copyright (c) 2013-2023 Brendan Hay
+category:           AWS
+build-type:         Simple
+extra-source-files:
+  fixture/*.proto
+  fixture/*.yaml
+  README.md
+  src/.gitkeep
+
+description:
+  Derived from API version @2020-07-08@ of the AWS service descriptions, licensed under Apache 2.0.
+  .
+  The types from this library are intended to be used with <http://hackage.haskell.org/package/amazonka amazonka>,
+  which provides mechanisms for specifying AuthN/AuthZ information, sending requests, and receiving responses.
+  .
+  It is recommended to use generic lenses or optics from packages such as <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify optional fields and deconstruct responses.
+  .
+  Generated lenses can be found in "Amazonka.WorkSpacesWeb.Lens" and are
+  suitable for use with a lens package such as <http://hackage.haskell.org/package/lens lens> or <http://hackage.haskell.org/package/lens-family-core lens-family-core>.
+  .
+  See "Amazonka.WorkSpacesWeb" and the <https://aws.amazon.com/documentation/ AWS documentation> to get started.
+
+source-repository head
+  type:     git
+  location: git://github.com/brendanhay/amazonka.git
+  subdir:   amazonka-workspaces-web
+
+library
+  default-language: Haskell2010
+  hs-source-dirs:   src gen
+  ghc-options:
+    -Wall -fwarn-incomplete-uni-patterns
+    -fwarn-incomplete-record-updates -funbox-strict-fields
+
+  exposed-modules:
+    Amazonka.WorkSpacesWeb
+    Amazonka.WorkSpacesWeb.AssociateBrowserSettings
+    Amazonka.WorkSpacesWeb.AssociateNetworkSettings
+    Amazonka.WorkSpacesWeb.AssociateTrustStore
+    Amazonka.WorkSpacesWeb.AssociateUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.AssociateUserSettings
+    Amazonka.WorkSpacesWeb.CreateBrowserSettings
+    Amazonka.WorkSpacesWeb.CreateIdentityProvider
+    Amazonka.WorkSpacesWeb.CreateNetworkSettings
+    Amazonka.WorkSpacesWeb.CreatePortal
+    Amazonka.WorkSpacesWeb.CreateTrustStore
+    Amazonka.WorkSpacesWeb.CreateUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.CreateUserSettings
+    Amazonka.WorkSpacesWeb.DeleteBrowserSettings
+    Amazonka.WorkSpacesWeb.DeleteIdentityProvider
+    Amazonka.WorkSpacesWeb.DeleteNetworkSettings
+    Amazonka.WorkSpacesWeb.DeletePortal
+    Amazonka.WorkSpacesWeb.DeleteTrustStore
+    Amazonka.WorkSpacesWeb.DeleteUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.DeleteUserSettings
+    Amazonka.WorkSpacesWeb.DisassociateBrowserSettings
+    Amazonka.WorkSpacesWeb.DisassociateNetworkSettings
+    Amazonka.WorkSpacesWeb.DisassociateTrustStore
+    Amazonka.WorkSpacesWeb.DisassociateUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.DisassociateUserSettings
+    Amazonka.WorkSpacesWeb.GetBrowserSettings
+    Amazonka.WorkSpacesWeb.GetIdentityProvider
+    Amazonka.WorkSpacesWeb.GetNetworkSettings
+    Amazonka.WorkSpacesWeb.GetPortal
+    Amazonka.WorkSpacesWeb.GetPortalServiceProviderMetadata
+    Amazonka.WorkSpacesWeb.GetTrustStore
+    Amazonka.WorkSpacesWeb.GetTrustStoreCertificate
+    Amazonka.WorkSpacesWeb.GetUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.GetUserSettings
+    Amazonka.WorkSpacesWeb.Lens
+    Amazonka.WorkSpacesWeb.ListBrowserSettings
+    Amazonka.WorkSpacesWeb.ListIdentityProviders
+    Amazonka.WorkSpacesWeb.ListNetworkSettings
+    Amazonka.WorkSpacesWeb.ListPortals
+    Amazonka.WorkSpacesWeb.ListTagsForResource
+    Amazonka.WorkSpacesWeb.ListTrustStoreCertificates
+    Amazonka.WorkSpacesWeb.ListTrustStores
+    Amazonka.WorkSpacesWeb.ListUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.ListUserSettings
+    Amazonka.WorkSpacesWeb.TagResource
+    Amazonka.WorkSpacesWeb.Types
+    Amazonka.WorkSpacesWeb.Types.BrowserSettings
+    Amazonka.WorkSpacesWeb.Types.BrowserSettingsSummary
+    Amazonka.WorkSpacesWeb.Types.BrowserType
+    Amazonka.WorkSpacesWeb.Types.Certificate
+    Amazonka.WorkSpacesWeb.Types.CertificateSummary
+    Amazonka.WorkSpacesWeb.Types.EnabledType
+    Amazonka.WorkSpacesWeb.Types.IdentityProvider
+    Amazonka.WorkSpacesWeb.Types.IdentityProviderSummary
+    Amazonka.WorkSpacesWeb.Types.IdentityProviderType
+    Amazonka.WorkSpacesWeb.Types.NetworkSettings
+    Amazonka.WorkSpacesWeb.Types.NetworkSettingsSummary
+    Amazonka.WorkSpacesWeb.Types.Portal
+    Amazonka.WorkSpacesWeb.Types.PortalStatus
+    Amazonka.WorkSpacesWeb.Types.PortalSummary
+    Amazonka.WorkSpacesWeb.Types.RendererType
+    Amazonka.WorkSpacesWeb.Types.Tag
+    Amazonka.WorkSpacesWeb.Types.TrustStore
+    Amazonka.WorkSpacesWeb.Types.TrustStoreSummary
+    Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettingsSummary
+    Amazonka.WorkSpacesWeb.Types.UserSettings
+    Amazonka.WorkSpacesWeb.Types.UserSettingsSummary
+    Amazonka.WorkSpacesWeb.UntagResource
+    Amazonka.WorkSpacesWeb.UpdateBrowserSettings
+    Amazonka.WorkSpacesWeb.UpdateIdentityProvider
+    Amazonka.WorkSpacesWeb.UpdateNetworkSettings
+    Amazonka.WorkSpacesWeb.UpdatePortal
+    Amazonka.WorkSpacesWeb.UpdateTrustStore
+    Amazonka.WorkSpacesWeb.UpdateUserAccessLoggingSettings
+    Amazonka.WorkSpacesWeb.UpdateUserSettings
+    Amazonka.WorkSpacesWeb.Waiters
+
+  build-depends:
+    , amazonka-core  >=2.0  && <2.1
+    , base           >=4.12 && <5
+
+test-suite amazonka-workspaces-web-test
+  type:             exitcode-stdio-1.0
+  default-language: Haskell2010
+  hs-source-dirs:   test
+  main-is:          Main.hs
+  ghc-options:      -Wall -threaded
+
+  -- This section is encoded by the template and any modules added by
+  -- hand outside these namespaces will not correctly be added to the
+  -- distribution package.
+  other-modules:
+    Test.Amazonka.Gen.WorkSpacesWeb
+    Test.Amazonka.WorkSpacesWeb
+    Test.Amazonka.WorkSpacesWeb.Internal
+
+  build-depends:
+    , amazonka-core            >=2.0 && <2.1
+    , amazonka-test            >=2.0 && <2.1
+    , amazonka-workspaces-web
+    , base
+    , bytestring
+    , case-insensitive
+    , tasty
+    , tasty-hunit
+    , text
+    , time
+    , unordered-containers
diff --git a/fixture/AssociateBrowserSettings.yaml b/fixture/AssociateBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AssociateBrowserSettingsResponse.proto b/fixture/AssociateBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateBrowserSettingsResponse.proto
diff --git a/fixture/AssociateNetworkSettings.yaml b/fixture/AssociateNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AssociateNetworkSettingsResponse.proto b/fixture/AssociateNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateNetworkSettingsResponse.proto
diff --git a/fixture/AssociateTrustStore.yaml b/fixture/AssociateTrustStore.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateTrustStore.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AssociateTrustStoreResponse.proto b/fixture/AssociateTrustStoreResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateTrustStoreResponse.proto
diff --git a/fixture/AssociateUserAccessLoggingSettings.yaml b/fixture/AssociateUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AssociateUserAccessLoggingSettingsResponse.proto b/fixture/AssociateUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/AssociateUserSettings.yaml b/fixture/AssociateUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/AssociateUserSettingsResponse.proto b/fixture/AssociateUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/AssociateUserSettingsResponse.proto
diff --git a/fixture/CreateBrowserSettings.yaml b/fixture/CreateBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateBrowserSettingsResponse.proto b/fixture/CreateBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateBrowserSettingsResponse.proto
diff --git a/fixture/CreateIdentityProvider.yaml b/fixture/CreateIdentityProvider.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateIdentityProvider.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateIdentityProviderResponse.proto b/fixture/CreateIdentityProviderResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateIdentityProviderResponse.proto
diff --git a/fixture/CreateNetworkSettings.yaml b/fixture/CreateNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateNetworkSettingsResponse.proto b/fixture/CreateNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateNetworkSettingsResponse.proto
diff --git a/fixture/CreatePortal.yaml b/fixture/CreatePortal.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreatePortal.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreatePortalResponse.proto b/fixture/CreatePortalResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreatePortalResponse.proto
diff --git a/fixture/CreateTrustStore.yaml b/fixture/CreateTrustStore.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateTrustStore.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateTrustStoreResponse.proto b/fixture/CreateTrustStoreResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateTrustStoreResponse.proto
diff --git a/fixture/CreateUserAccessLoggingSettings.yaml b/fixture/CreateUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateUserAccessLoggingSettingsResponse.proto b/fixture/CreateUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/CreateUserSettings.yaml b/fixture/CreateUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/CreateUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/CreateUserSettingsResponse.proto b/fixture/CreateUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/CreateUserSettingsResponse.proto
diff --git a/fixture/DeleteBrowserSettings.yaml b/fixture/DeleteBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteBrowserSettingsResponse.proto b/fixture/DeleteBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteBrowserSettingsResponse.proto
diff --git a/fixture/DeleteIdentityProvider.yaml b/fixture/DeleteIdentityProvider.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteIdentityProvider.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteIdentityProviderResponse.proto b/fixture/DeleteIdentityProviderResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteIdentityProviderResponse.proto
diff --git a/fixture/DeleteNetworkSettings.yaml b/fixture/DeleteNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteNetworkSettingsResponse.proto b/fixture/DeleteNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteNetworkSettingsResponse.proto
diff --git a/fixture/DeletePortal.yaml b/fixture/DeletePortal.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeletePortal.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeletePortalResponse.proto b/fixture/DeletePortalResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeletePortalResponse.proto
diff --git a/fixture/DeleteTrustStore.yaml b/fixture/DeleteTrustStore.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteTrustStore.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteTrustStoreResponse.proto b/fixture/DeleteTrustStoreResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteTrustStoreResponse.proto
diff --git a/fixture/DeleteUserAccessLoggingSettings.yaml b/fixture/DeleteUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteUserAccessLoggingSettingsResponse.proto b/fixture/DeleteUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/DeleteUserSettings.yaml b/fixture/DeleteUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DeleteUserSettingsResponse.proto b/fixture/DeleteUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DeleteUserSettingsResponse.proto
diff --git a/fixture/DisassociateBrowserSettings.yaml b/fixture/DisassociateBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DisassociateBrowserSettingsResponse.proto b/fixture/DisassociateBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateBrowserSettingsResponse.proto
diff --git a/fixture/DisassociateNetworkSettings.yaml b/fixture/DisassociateNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DisassociateNetworkSettingsResponse.proto b/fixture/DisassociateNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateNetworkSettingsResponse.proto
diff --git a/fixture/DisassociateTrustStore.yaml b/fixture/DisassociateTrustStore.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateTrustStore.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DisassociateTrustStoreResponse.proto b/fixture/DisassociateTrustStoreResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateTrustStoreResponse.proto
diff --git a/fixture/DisassociateUserAccessLoggingSettings.yaml b/fixture/DisassociateUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DisassociateUserAccessLoggingSettingsResponse.proto b/fixture/DisassociateUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/DisassociateUserSettings.yaml b/fixture/DisassociateUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/DisassociateUserSettingsResponse.proto b/fixture/DisassociateUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/DisassociateUserSettingsResponse.proto
diff --git a/fixture/GetBrowserSettings.yaml b/fixture/GetBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetBrowserSettingsResponse.proto b/fixture/GetBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetBrowserSettingsResponse.proto
diff --git a/fixture/GetIdentityProvider.yaml b/fixture/GetIdentityProvider.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetIdentityProvider.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetIdentityProviderResponse.proto b/fixture/GetIdentityProviderResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetIdentityProviderResponse.proto
diff --git a/fixture/GetNetworkSettings.yaml b/fixture/GetNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetNetworkSettingsResponse.proto b/fixture/GetNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetNetworkSettingsResponse.proto
diff --git a/fixture/GetPortal.yaml b/fixture/GetPortal.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetPortal.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetPortalResponse.proto b/fixture/GetPortalResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetPortalResponse.proto
diff --git a/fixture/GetPortalServiceProviderMetadata.yaml b/fixture/GetPortalServiceProviderMetadata.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetPortalServiceProviderMetadata.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetPortalServiceProviderMetadataResponse.proto b/fixture/GetPortalServiceProviderMetadataResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetPortalServiceProviderMetadataResponse.proto
diff --git a/fixture/GetTrustStore.yaml b/fixture/GetTrustStore.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetTrustStore.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetTrustStoreCertificate.yaml b/fixture/GetTrustStoreCertificate.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetTrustStoreCertificate.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetTrustStoreCertificateResponse.proto b/fixture/GetTrustStoreCertificateResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetTrustStoreCertificateResponse.proto
diff --git a/fixture/GetTrustStoreResponse.proto b/fixture/GetTrustStoreResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetTrustStoreResponse.proto
diff --git a/fixture/GetUserAccessLoggingSettings.yaml b/fixture/GetUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetUserAccessLoggingSettingsResponse.proto b/fixture/GetUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/GetUserSettings.yaml b/fixture/GetUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/GetUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/GetUserSettingsResponse.proto b/fixture/GetUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/GetUserSettingsResponse.proto
diff --git a/fixture/ListBrowserSettings.yaml b/fixture/ListBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListBrowserSettingsResponse.proto b/fixture/ListBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListBrowserSettingsResponse.proto
diff --git a/fixture/ListIdentityProviders.yaml b/fixture/ListIdentityProviders.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListIdentityProviders.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListIdentityProvidersResponse.proto b/fixture/ListIdentityProvidersResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListIdentityProvidersResponse.proto
diff --git a/fixture/ListNetworkSettings.yaml b/fixture/ListNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListNetworkSettingsResponse.proto b/fixture/ListNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListNetworkSettingsResponse.proto
diff --git a/fixture/ListPortals.yaml b/fixture/ListPortals.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListPortals.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListPortalsResponse.proto b/fixture/ListPortalsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListPortalsResponse.proto
diff --git a/fixture/ListTagsForResource.yaml b/fixture/ListTagsForResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTagsForResource.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTagsForResourceResponse.proto b/fixture/ListTagsForResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTagsForResourceResponse.proto
diff --git a/fixture/ListTrustStoreCertificates.yaml b/fixture/ListTrustStoreCertificates.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTrustStoreCertificates.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTrustStoreCertificatesResponse.proto b/fixture/ListTrustStoreCertificatesResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTrustStoreCertificatesResponse.proto
diff --git a/fixture/ListTrustStores.yaml b/fixture/ListTrustStores.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListTrustStores.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListTrustStoresResponse.proto b/fixture/ListTrustStoresResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListTrustStoresResponse.proto
diff --git a/fixture/ListUserAccessLoggingSettings.yaml b/fixture/ListUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListUserAccessLoggingSettingsResponse.proto b/fixture/ListUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/ListUserSettings.yaml b/fixture/ListUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/ListUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: GET
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/ListUserSettingsResponse.proto b/fixture/ListUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/ListUserSettingsResponse.proto
diff --git a/fixture/TagResource.yaml b/fixture/TagResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/TagResource.yaml
@@ -0,0 +1,10 @@
+---
+method: POST
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/TagResourceResponse.proto b/fixture/TagResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/TagResourceResponse.proto
diff --git a/fixture/UntagResource.yaml b/fixture/UntagResource.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UntagResource.yaml
@@ -0,0 +1,10 @@
+---
+method: DELETE
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UntagResourceResponse.proto b/fixture/UntagResourceResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UntagResourceResponse.proto
diff --git a/fixture/UpdateBrowserSettings.yaml b/fixture/UpdateBrowserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateBrowserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateBrowserSettingsResponse.proto b/fixture/UpdateBrowserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateBrowserSettingsResponse.proto
diff --git a/fixture/UpdateIdentityProvider.yaml b/fixture/UpdateIdentityProvider.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateIdentityProvider.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateIdentityProviderResponse.proto b/fixture/UpdateIdentityProviderResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateIdentityProviderResponse.proto
diff --git a/fixture/UpdateNetworkSettings.yaml b/fixture/UpdateNetworkSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateNetworkSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateNetworkSettingsResponse.proto b/fixture/UpdateNetworkSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateNetworkSettingsResponse.proto
diff --git a/fixture/UpdatePortal.yaml b/fixture/UpdatePortal.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdatePortal.yaml
@@ -0,0 +1,10 @@
+---
+method: PUT
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdatePortalResponse.proto b/fixture/UpdatePortalResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdatePortalResponse.proto
diff --git a/fixture/UpdateTrustStore.yaml b/fixture/UpdateTrustStore.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateTrustStore.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateTrustStoreResponse.proto b/fixture/UpdateTrustStoreResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateTrustStoreResponse.proto
diff --git a/fixture/UpdateUserAccessLoggingSettings.yaml b/fixture/UpdateUserAccessLoggingSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateUserAccessLoggingSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateUserAccessLoggingSettingsResponse.proto b/fixture/UpdateUserAccessLoggingSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateUserAccessLoggingSettingsResponse.proto
diff --git a/fixture/UpdateUserSettings.yaml b/fixture/UpdateUserSettings.yaml
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateUserSettings.yaml
@@ -0,0 +1,10 @@
+---
+method: PATCH
+headers:
+  Authorization:         AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/workspaces-web/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?
+  Host:                  workspaces-web.us-east-1.amazonaws.com
+  Content-Type:          application/x-www-form-urlencoded; charset=utf-8
+  X-Amz-Content-SHA256:  abcdef
+  X-Amz-Date:            20091028T223200Z
+body:
+  ''
diff --git a/fixture/UpdateUserSettingsResponse.proto b/fixture/UpdateUserSettingsResponse.proto
new file mode 100644
--- /dev/null
+++ b/fixture/UpdateUserSettingsResponse.proto
diff --git a/gen/Amazonka/WorkSpacesWeb.hs b/gen/Amazonka/WorkSpacesWeb.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb.hs
@@ -0,0 +1,532 @@
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Derived from API version @2020-07-08@ of the AWS service descriptions, licensed under Apache 2.0.
+--
+-- WorkSpaces Web is a low cost, fully managed WorkSpace built specifically
+-- to facilitate secure, web-based workloads. WorkSpaces Web makes it easy
+-- for customers to safely provide their employees with access to internal
+-- websites and SaaS web applications without the administrative burden of
+-- appliances or specialized client software. WorkSpaces Web provides
+-- simple policy tools tailored for user interactions, while offloading
+-- common tasks like capacity management, scaling, and maintaining browser
+-- images.
+module Amazonka.WorkSpacesWeb
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    -- $errors
+
+    -- ** AccessDeniedException
+    _AccessDeniedException,
+
+    -- ** ConflictException
+    _ConflictException,
+
+    -- ** InternalServerException
+    _InternalServerException,
+
+    -- ** ResourceNotFoundException
+    _ResourceNotFoundException,
+
+    -- ** ServiceQuotaExceededException
+    _ServiceQuotaExceededException,
+
+    -- ** ThrottlingException
+    _ThrottlingException,
+
+    -- ** TooManyTagsException
+    _TooManyTagsException,
+
+    -- ** ValidationException
+    _ValidationException,
+
+    -- * Waiters
+    -- $waiters
+
+    -- * Operations
+    -- $operations
+
+    -- ** AssociateBrowserSettings
+    AssociateBrowserSettings (AssociateBrowserSettings'),
+    newAssociateBrowserSettings,
+    AssociateBrowserSettingsResponse (AssociateBrowserSettingsResponse'),
+    newAssociateBrowserSettingsResponse,
+
+    -- ** AssociateNetworkSettings
+    AssociateNetworkSettings (AssociateNetworkSettings'),
+    newAssociateNetworkSettings,
+    AssociateNetworkSettingsResponse (AssociateNetworkSettingsResponse'),
+    newAssociateNetworkSettingsResponse,
+
+    -- ** AssociateTrustStore
+    AssociateTrustStore (AssociateTrustStore'),
+    newAssociateTrustStore,
+    AssociateTrustStoreResponse (AssociateTrustStoreResponse'),
+    newAssociateTrustStoreResponse,
+
+    -- ** AssociateUserAccessLoggingSettings
+    AssociateUserAccessLoggingSettings (AssociateUserAccessLoggingSettings'),
+    newAssociateUserAccessLoggingSettings,
+    AssociateUserAccessLoggingSettingsResponse (AssociateUserAccessLoggingSettingsResponse'),
+    newAssociateUserAccessLoggingSettingsResponse,
+
+    -- ** AssociateUserSettings
+    AssociateUserSettings (AssociateUserSettings'),
+    newAssociateUserSettings,
+    AssociateUserSettingsResponse (AssociateUserSettingsResponse'),
+    newAssociateUserSettingsResponse,
+
+    -- ** CreateBrowserSettings
+    CreateBrowserSettings (CreateBrowserSettings'),
+    newCreateBrowserSettings,
+    CreateBrowserSettingsResponse (CreateBrowserSettingsResponse'),
+    newCreateBrowserSettingsResponse,
+
+    -- ** CreateIdentityProvider
+    CreateIdentityProvider (CreateIdentityProvider'),
+    newCreateIdentityProvider,
+    CreateIdentityProviderResponse (CreateIdentityProviderResponse'),
+    newCreateIdentityProviderResponse,
+
+    -- ** CreateNetworkSettings
+    CreateNetworkSettings (CreateNetworkSettings'),
+    newCreateNetworkSettings,
+    CreateNetworkSettingsResponse (CreateNetworkSettingsResponse'),
+    newCreateNetworkSettingsResponse,
+
+    -- ** CreatePortal
+    CreatePortal (CreatePortal'),
+    newCreatePortal,
+    CreatePortalResponse (CreatePortalResponse'),
+    newCreatePortalResponse,
+
+    -- ** CreateTrustStore
+    CreateTrustStore (CreateTrustStore'),
+    newCreateTrustStore,
+    CreateTrustStoreResponse (CreateTrustStoreResponse'),
+    newCreateTrustStoreResponse,
+
+    -- ** CreateUserAccessLoggingSettings
+    CreateUserAccessLoggingSettings (CreateUserAccessLoggingSettings'),
+    newCreateUserAccessLoggingSettings,
+    CreateUserAccessLoggingSettingsResponse (CreateUserAccessLoggingSettingsResponse'),
+    newCreateUserAccessLoggingSettingsResponse,
+
+    -- ** CreateUserSettings
+    CreateUserSettings (CreateUserSettings'),
+    newCreateUserSettings,
+    CreateUserSettingsResponse (CreateUserSettingsResponse'),
+    newCreateUserSettingsResponse,
+
+    -- ** DeleteBrowserSettings
+    DeleteBrowserSettings (DeleteBrowserSettings'),
+    newDeleteBrowserSettings,
+    DeleteBrowserSettingsResponse (DeleteBrowserSettingsResponse'),
+    newDeleteBrowserSettingsResponse,
+
+    -- ** DeleteIdentityProvider
+    DeleteIdentityProvider (DeleteIdentityProvider'),
+    newDeleteIdentityProvider,
+    DeleteIdentityProviderResponse (DeleteIdentityProviderResponse'),
+    newDeleteIdentityProviderResponse,
+
+    -- ** DeleteNetworkSettings
+    DeleteNetworkSettings (DeleteNetworkSettings'),
+    newDeleteNetworkSettings,
+    DeleteNetworkSettingsResponse (DeleteNetworkSettingsResponse'),
+    newDeleteNetworkSettingsResponse,
+
+    -- ** DeletePortal
+    DeletePortal (DeletePortal'),
+    newDeletePortal,
+    DeletePortalResponse (DeletePortalResponse'),
+    newDeletePortalResponse,
+
+    -- ** DeleteTrustStore
+    DeleteTrustStore (DeleteTrustStore'),
+    newDeleteTrustStore,
+    DeleteTrustStoreResponse (DeleteTrustStoreResponse'),
+    newDeleteTrustStoreResponse,
+
+    -- ** DeleteUserAccessLoggingSettings
+    DeleteUserAccessLoggingSettings (DeleteUserAccessLoggingSettings'),
+    newDeleteUserAccessLoggingSettings,
+    DeleteUserAccessLoggingSettingsResponse (DeleteUserAccessLoggingSettingsResponse'),
+    newDeleteUserAccessLoggingSettingsResponse,
+
+    -- ** DeleteUserSettings
+    DeleteUserSettings (DeleteUserSettings'),
+    newDeleteUserSettings,
+    DeleteUserSettingsResponse (DeleteUserSettingsResponse'),
+    newDeleteUserSettingsResponse,
+
+    -- ** DisassociateBrowserSettings
+    DisassociateBrowserSettings (DisassociateBrowserSettings'),
+    newDisassociateBrowserSettings,
+    DisassociateBrowserSettingsResponse (DisassociateBrowserSettingsResponse'),
+    newDisassociateBrowserSettingsResponse,
+
+    -- ** DisassociateNetworkSettings
+    DisassociateNetworkSettings (DisassociateNetworkSettings'),
+    newDisassociateNetworkSettings,
+    DisassociateNetworkSettingsResponse (DisassociateNetworkSettingsResponse'),
+    newDisassociateNetworkSettingsResponse,
+
+    -- ** DisassociateTrustStore
+    DisassociateTrustStore (DisassociateTrustStore'),
+    newDisassociateTrustStore,
+    DisassociateTrustStoreResponse (DisassociateTrustStoreResponse'),
+    newDisassociateTrustStoreResponse,
+
+    -- ** DisassociateUserAccessLoggingSettings
+    DisassociateUserAccessLoggingSettings (DisassociateUserAccessLoggingSettings'),
+    newDisassociateUserAccessLoggingSettings,
+    DisassociateUserAccessLoggingSettingsResponse (DisassociateUserAccessLoggingSettingsResponse'),
+    newDisassociateUserAccessLoggingSettingsResponse,
+
+    -- ** DisassociateUserSettings
+    DisassociateUserSettings (DisassociateUserSettings'),
+    newDisassociateUserSettings,
+    DisassociateUserSettingsResponse (DisassociateUserSettingsResponse'),
+    newDisassociateUserSettingsResponse,
+
+    -- ** GetBrowserSettings
+    GetBrowserSettings (GetBrowserSettings'),
+    newGetBrowserSettings,
+    GetBrowserSettingsResponse (GetBrowserSettingsResponse'),
+    newGetBrowserSettingsResponse,
+
+    -- ** GetIdentityProvider
+    GetIdentityProvider (GetIdentityProvider'),
+    newGetIdentityProvider,
+    GetIdentityProviderResponse (GetIdentityProviderResponse'),
+    newGetIdentityProviderResponse,
+
+    -- ** GetNetworkSettings
+    GetNetworkSettings (GetNetworkSettings'),
+    newGetNetworkSettings,
+    GetNetworkSettingsResponse (GetNetworkSettingsResponse'),
+    newGetNetworkSettingsResponse,
+
+    -- ** GetPortal
+    GetPortal (GetPortal'),
+    newGetPortal,
+    GetPortalResponse (GetPortalResponse'),
+    newGetPortalResponse,
+
+    -- ** GetPortalServiceProviderMetadata
+    GetPortalServiceProviderMetadata (GetPortalServiceProviderMetadata'),
+    newGetPortalServiceProviderMetadata,
+    GetPortalServiceProviderMetadataResponse (GetPortalServiceProviderMetadataResponse'),
+    newGetPortalServiceProviderMetadataResponse,
+
+    -- ** GetTrustStore
+    GetTrustStore (GetTrustStore'),
+    newGetTrustStore,
+    GetTrustStoreResponse (GetTrustStoreResponse'),
+    newGetTrustStoreResponse,
+
+    -- ** GetTrustStoreCertificate
+    GetTrustStoreCertificate (GetTrustStoreCertificate'),
+    newGetTrustStoreCertificate,
+    GetTrustStoreCertificateResponse (GetTrustStoreCertificateResponse'),
+    newGetTrustStoreCertificateResponse,
+
+    -- ** GetUserAccessLoggingSettings
+    GetUserAccessLoggingSettings (GetUserAccessLoggingSettings'),
+    newGetUserAccessLoggingSettings,
+    GetUserAccessLoggingSettingsResponse (GetUserAccessLoggingSettingsResponse'),
+    newGetUserAccessLoggingSettingsResponse,
+
+    -- ** GetUserSettings
+    GetUserSettings (GetUserSettings'),
+    newGetUserSettings,
+    GetUserSettingsResponse (GetUserSettingsResponse'),
+    newGetUserSettingsResponse,
+
+    -- ** ListBrowserSettings
+    ListBrowserSettings (ListBrowserSettings'),
+    newListBrowserSettings,
+    ListBrowserSettingsResponse (ListBrowserSettingsResponse'),
+    newListBrowserSettingsResponse,
+
+    -- ** ListIdentityProviders
+    ListIdentityProviders (ListIdentityProviders'),
+    newListIdentityProviders,
+    ListIdentityProvidersResponse (ListIdentityProvidersResponse'),
+    newListIdentityProvidersResponse,
+
+    -- ** ListNetworkSettings
+    ListNetworkSettings (ListNetworkSettings'),
+    newListNetworkSettings,
+    ListNetworkSettingsResponse (ListNetworkSettingsResponse'),
+    newListNetworkSettingsResponse,
+
+    -- ** ListPortals
+    ListPortals (ListPortals'),
+    newListPortals,
+    ListPortalsResponse (ListPortalsResponse'),
+    newListPortalsResponse,
+
+    -- ** ListTagsForResource
+    ListTagsForResource (ListTagsForResource'),
+    newListTagsForResource,
+    ListTagsForResourceResponse (ListTagsForResourceResponse'),
+    newListTagsForResourceResponse,
+
+    -- ** ListTrustStoreCertificates
+    ListTrustStoreCertificates (ListTrustStoreCertificates'),
+    newListTrustStoreCertificates,
+    ListTrustStoreCertificatesResponse (ListTrustStoreCertificatesResponse'),
+    newListTrustStoreCertificatesResponse,
+
+    -- ** ListTrustStores
+    ListTrustStores (ListTrustStores'),
+    newListTrustStores,
+    ListTrustStoresResponse (ListTrustStoresResponse'),
+    newListTrustStoresResponse,
+
+    -- ** ListUserAccessLoggingSettings
+    ListUserAccessLoggingSettings (ListUserAccessLoggingSettings'),
+    newListUserAccessLoggingSettings,
+    ListUserAccessLoggingSettingsResponse (ListUserAccessLoggingSettingsResponse'),
+    newListUserAccessLoggingSettingsResponse,
+
+    -- ** ListUserSettings
+    ListUserSettings (ListUserSettings'),
+    newListUserSettings,
+    ListUserSettingsResponse (ListUserSettingsResponse'),
+    newListUserSettingsResponse,
+
+    -- ** TagResource
+    TagResource (TagResource'),
+    newTagResource,
+    TagResourceResponse (TagResourceResponse'),
+    newTagResourceResponse,
+
+    -- ** UntagResource
+    UntagResource (UntagResource'),
+    newUntagResource,
+    UntagResourceResponse (UntagResourceResponse'),
+    newUntagResourceResponse,
+
+    -- ** UpdateBrowserSettings
+    UpdateBrowserSettings (UpdateBrowserSettings'),
+    newUpdateBrowserSettings,
+    UpdateBrowserSettingsResponse (UpdateBrowserSettingsResponse'),
+    newUpdateBrowserSettingsResponse,
+
+    -- ** UpdateIdentityProvider
+    UpdateIdentityProvider (UpdateIdentityProvider'),
+    newUpdateIdentityProvider,
+    UpdateIdentityProviderResponse (UpdateIdentityProviderResponse'),
+    newUpdateIdentityProviderResponse,
+
+    -- ** UpdateNetworkSettings
+    UpdateNetworkSettings (UpdateNetworkSettings'),
+    newUpdateNetworkSettings,
+    UpdateNetworkSettingsResponse (UpdateNetworkSettingsResponse'),
+    newUpdateNetworkSettingsResponse,
+
+    -- ** UpdatePortal
+    UpdatePortal (UpdatePortal'),
+    newUpdatePortal,
+    UpdatePortalResponse (UpdatePortalResponse'),
+    newUpdatePortalResponse,
+
+    -- ** UpdateTrustStore
+    UpdateTrustStore (UpdateTrustStore'),
+    newUpdateTrustStore,
+    UpdateTrustStoreResponse (UpdateTrustStoreResponse'),
+    newUpdateTrustStoreResponse,
+
+    -- ** UpdateUserAccessLoggingSettings
+    UpdateUserAccessLoggingSettings (UpdateUserAccessLoggingSettings'),
+    newUpdateUserAccessLoggingSettings,
+    UpdateUserAccessLoggingSettingsResponse (UpdateUserAccessLoggingSettingsResponse'),
+    newUpdateUserAccessLoggingSettingsResponse,
+
+    -- ** UpdateUserSettings
+    UpdateUserSettings (UpdateUserSettings'),
+    newUpdateUserSettings,
+    UpdateUserSettingsResponse (UpdateUserSettingsResponse'),
+    newUpdateUserSettingsResponse,
+
+    -- * Types
+
+    -- ** BrowserType
+    BrowserType (..),
+
+    -- ** EnabledType
+    EnabledType (..),
+
+    -- ** IdentityProviderType
+    IdentityProviderType (..),
+
+    -- ** PortalStatus
+    PortalStatus (..),
+
+    -- ** RendererType
+    RendererType (..),
+
+    -- ** BrowserSettings
+    BrowserSettings (BrowserSettings'),
+    newBrowserSettings,
+
+    -- ** BrowserSettingsSummary
+    BrowserSettingsSummary (BrowserSettingsSummary'),
+    newBrowserSettingsSummary,
+
+    -- ** Certificate
+    Certificate (Certificate'),
+    newCertificate,
+
+    -- ** CertificateSummary
+    CertificateSummary (CertificateSummary'),
+    newCertificateSummary,
+
+    -- ** IdentityProvider
+    IdentityProvider (IdentityProvider'),
+    newIdentityProvider,
+
+    -- ** IdentityProviderSummary
+    IdentityProviderSummary (IdentityProviderSummary'),
+    newIdentityProviderSummary,
+
+    -- ** NetworkSettings
+    NetworkSettings (NetworkSettings'),
+    newNetworkSettings,
+
+    -- ** NetworkSettingsSummary
+    NetworkSettingsSummary (NetworkSettingsSummary'),
+    newNetworkSettingsSummary,
+
+    -- ** Portal
+    Portal (Portal'),
+    newPortal,
+
+    -- ** PortalSummary
+    PortalSummary (PortalSummary'),
+    newPortalSummary,
+
+    -- ** Tag
+    Tag (Tag'),
+    newTag,
+
+    -- ** TrustStore
+    TrustStore (TrustStore'),
+    newTrustStore,
+
+    -- ** TrustStoreSummary
+    TrustStoreSummary (TrustStoreSummary'),
+    newTrustStoreSummary,
+
+    -- ** UserAccessLoggingSettings
+    UserAccessLoggingSettings (UserAccessLoggingSettings'),
+    newUserAccessLoggingSettings,
+
+    -- ** UserAccessLoggingSettingsSummary
+    UserAccessLoggingSettingsSummary (UserAccessLoggingSettingsSummary'),
+    newUserAccessLoggingSettingsSummary,
+
+    -- ** UserSettings
+    UserSettings (UserSettings'),
+    newUserSettings,
+
+    -- ** UserSettingsSummary
+    UserSettingsSummary (UserSettingsSummary'),
+    newUserSettingsSummary,
+  )
+where
+
+import Amazonka.WorkSpacesWeb.AssociateBrowserSettings
+import Amazonka.WorkSpacesWeb.AssociateNetworkSettings
+import Amazonka.WorkSpacesWeb.AssociateTrustStore
+import Amazonka.WorkSpacesWeb.AssociateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.AssociateUserSettings
+import Amazonka.WorkSpacesWeb.CreateBrowserSettings
+import Amazonka.WorkSpacesWeb.CreateIdentityProvider
+import Amazonka.WorkSpacesWeb.CreateNetworkSettings
+import Amazonka.WorkSpacesWeb.CreatePortal
+import Amazonka.WorkSpacesWeb.CreateTrustStore
+import Amazonka.WorkSpacesWeb.CreateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.CreateUserSettings
+import Amazonka.WorkSpacesWeb.DeleteBrowserSettings
+import Amazonka.WorkSpacesWeb.DeleteIdentityProvider
+import Amazonka.WorkSpacesWeb.DeleteNetworkSettings
+import Amazonka.WorkSpacesWeb.DeletePortal
+import Amazonka.WorkSpacesWeb.DeleteTrustStore
+import Amazonka.WorkSpacesWeb.DeleteUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.DeleteUserSettings
+import Amazonka.WorkSpacesWeb.DisassociateBrowserSettings
+import Amazonka.WorkSpacesWeb.DisassociateNetworkSettings
+import Amazonka.WorkSpacesWeb.DisassociateTrustStore
+import Amazonka.WorkSpacesWeb.DisassociateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.DisassociateUserSettings
+import Amazonka.WorkSpacesWeb.GetBrowserSettings
+import Amazonka.WorkSpacesWeb.GetIdentityProvider
+import Amazonka.WorkSpacesWeb.GetNetworkSettings
+import Amazonka.WorkSpacesWeb.GetPortal
+import Amazonka.WorkSpacesWeb.GetPortalServiceProviderMetadata
+import Amazonka.WorkSpacesWeb.GetTrustStore
+import Amazonka.WorkSpacesWeb.GetTrustStoreCertificate
+import Amazonka.WorkSpacesWeb.GetUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.GetUserSettings
+import Amazonka.WorkSpacesWeb.Lens
+import Amazonka.WorkSpacesWeb.ListBrowserSettings
+import Amazonka.WorkSpacesWeb.ListIdentityProviders
+import Amazonka.WorkSpacesWeb.ListNetworkSettings
+import Amazonka.WorkSpacesWeb.ListPortals
+import Amazonka.WorkSpacesWeb.ListTagsForResource
+import Amazonka.WorkSpacesWeb.ListTrustStoreCertificates
+import Amazonka.WorkSpacesWeb.ListTrustStores
+import Amazonka.WorkSpacesWeb.ListUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.ListUserSettings
+import Amazonka.WorkSpacesWeb.TagResource
+import Amazonka.WorkSpacesWeb.Types
+import Amazonka.WorkSpacesWeb.UntagResource
+import Amazonka.WorkSpacesWeb.UpdateBrowserSettings
+import Amazonka.WorkSpacesWeb.UpdateIdentityProvider
+import Amazonka.WorkSpacesWeb.UpdateNetworkSettings
+import Amazonka.WorkSpacesWeb.UpdatePortal
+import Amazonka.WorkSpacesWeb.UpdateTrustStore
+import Amazonka.WorkSpacesWeb.UpdateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.UpdateUserSettings
+import Amazonka.WorkSpacesWeb.Waiters
+
+-- $errors
+-- Error matchers are designed for use with the functions provided by
+-- <http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>.
+-- This allows catching (and rethrowing) service specific errors returned
+-- by 'WorkSpacesWeb'.
+
+-- $operations
+-- Some AWS operations return results that are incomplete and require subsequent
+-- requests in order to obtain the entire result set. The process of sending
+-- subsequent requests to continue where a previous request left off is called
+-- pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to
+-- 1000 objects at a time, and you must send subsequent requests with the
+-- appropriate Marker in order to retrieve the next page of results.
+--
+-- Operations that have an 'AWSPager' instance can transparently perform subsequent
+-- requests, correctly setting Markers and other request facets to iterate through
+-- the entire result set of a truncated API operation. Operations which support
+-- this have an additional note in the documentation.
+--
+-- Many operations have the ability to filter results on the server side. See the
+-- individual operation parameters for details.
+
+-- $waiters
+-- Waiters poll by repeatedly sending a request until some remote success condition
+-- configured by the 'Wait' specification is fulfilled. The 'Wait' specification
+-- determines how many attempts should be made, in addition to delay and retry strategies.
diff --git a/gen/Amazonka/WorkSpacesWeb/AssociateBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/AssociateBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/AssociateBrowserSettings.hs
@@ -0,0 +1,210 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.AssociateBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a browser settings resource with a web portal.
+module Amazonka.WorkSpacesWeb.AssociateBrowserSettings
+  ( -- * Creating a Request
+    AssociateBrowserSettings (..),
+    newAssociateBrowserSettings,
+
+    -- * Request Lenses
+    associateBrowserSettings_browserSettingsArn,
+    associateBrowserSettings_portalArn,
+
+    -- * Destructuring the Response
+    AssociateBrowserSettingsResponse (..),
+    newAssociateBrowserSettingsResponse,
+
+    -- * Response Lenses
+    associateBrowserSettingsResponse_httpStatus,
+    associateBrowserSettingsResponse_browserSettingsArn,
+    associateBrowserSettingsResponse_portalArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newAssociateBrowserSettings' smart constructor.
+data AssociateBrowserSettings = AssociateBrowserSettings'
+  { -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettingsArn', 'associateBrowserSettings_browserSettingsArn' - The ARN of the browser settings.
+--
+-- 'portalArn', 'associateBrowserSettings_portalArn' - The ARN of the web portal.
+newAssociateBrowserSettings ::
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  AssociateBrowserSettings
+newAssociateBrowserSettings
+  pBrowserSettingsArn_
+  pPortalArn_ =
+    AssociateBrowserSettings'
+      { browserSettingsArn =
+          pBrowserSettingsArn_,
+        portalArn = pPortalArn_
+      }
+
+-- | The ARN of the browser settings.
+associateBrowserSettings_browserSettingsArn :: Lens.Lens' AssociateBrowserSettings Prelude.Text
+associateBrowserSettings_browserSettingsArn = Lens.lens (\AssociateBrowserSettings' {browserSettingsArn} -> browserSettingsArn) (\s@AssociateBrowserSettings' {} a -> s {browserSettingsArn = a} :: AssociateBrowserSettings)
+
+-- | The ARN of the web portal.
+associateBrowserSettings_portalArn :: Lens.Lens' AssociateBrowserSettings Prelude.Text
+associateBrowserSettings_portalArn = Lens.lens (\AssociateBrowserSettings' {portalArn} -> portalArn) (\s@AssociateBrowserSettings' {} a -> s {portalArn = a} :: AssociateBrowserSettings)
+
+instance Core.AWSRequest AssociateBrowserSettings where
+  type
+    AWSResponse AssociateBrowserSettings =
+      AssociateBrowserSettingsResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          AssociateBrowserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "browserSettingsArn")
+            Prelude.<*> (x Data..:> "portalArn")
+      )
+
+instance Prelude.Hashable AssociateBrowserSettings where
+  hashWithSalt _salt AssociateBrowserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` browserSettingsArn
+      `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData AssociateBrowserSettings where
+  rnf AssociateBrowserSettings' {..} =
+    Prelude.rnf browserSettingsArn
+      `Prelude.seq` Prelude.rnf portalArn
+
+instance Data.ToHeaders AssociateBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON AssociateBrowserSettings where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AssociateBrowserSettings where
+  toPath AssociateBrowserSettings' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/browserSettings"
+      ]
+
+instance Data.ToQuery AssociateBrowserSettings where
+  toQuery AssociateBrowserSettings' {..} =
+    Prelude.mconcat
+      ["browserSettingsArn" Data.=: browserSettingsArn]
+
+-- | /See:/ 'newAssociateBrowserSettingsResponse' smart constructor.
+data AssociateBrowserSettingsResponse = AssociateBrowserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'associateBrowserSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'browserSettingsArn', 'associateBrowserSettingsResponse_browserSettingsArn' - The ARN of the browser settings.
+--
+-- 'portalArn', 'associateBrowserSettingsResponse_portalArn' - The ARN of the web portal.
+newAssociateBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  AssociateBrowserSettingsResponse
+newAssociateBrowserSettingsResponse
+  pHttpStatus_
+  pBrowserSettingsArn_
+  pPortalArn_ =
+    AssociateBrowserSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        browserSettingsArn = pBrowserSettingsArn_,
+        portalArn = pPortalArn_
+      }
+
+-- | The response's http status code.
+associateBrowserSettingsResponse_httpStatus :: Lens.Lens' AssociateBrowserSettingsResponse Prelude.Int
+associateBrowserSettingsResponse_httpStatus = Lens.lens (\AssociateBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@AssociateBrowserSettingsResponse' {} a -> s {httpStatus = a} :: AssociateBrowserSettingsResponse)
+
+-- | The ARN of the browser settings.
+associateBrowserSettingsResponse_browserSettingsArn :: Lens.Lens' AssociateBrowserSettingsResponse Prelude.Text
+associateBrowserSettingsResponse_browserSettingsArn = Lens.lens (\AssociateBrowserSettingsResponse' {browserSettingsArn} -> browserSettingsArn) (\s@AssociateBrowserSettingsResponse' {} a -> s {browserSettingsArn = a} :: AssociateBrowserSettingsResponse)
+
+-- | The ARN of the web portal.
+associateBrowserSettingsResponse_portalArn :: Lens.Lens' AssociateBrowserSettingsResponse Prelude.Text
+associateBrowserSettingsResponse_portalArn = Lens.lens (\AssociateBrowserSettingsResponse' {portalArn} -> portalArn) (\s@AssociateBrowserSettingsResponse' {} a -> s {portalArn = a} :: AssociateBrowserSettingsResponse)
+
+instance
+  Prelude.NFData
+    AssociateBrowserSettingsResponse
+  where
+  rnf AssociateBrowserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf browserSettingsArn
+      `Prelude.seq` Prelude.rnf portalArn
diff --git a/gen/Amazonka/WorkSpacesWeb/AssociateNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/AssociateNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/AssociateNetworkSettings.hs
@@ -0,0 +1,210 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.AssociateNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a network settings resource with a web portal.
+module Amazonka.WorkSpacesWeb.AssociateNetworkSettings
+  ( -- * Creating a Request
+    AssociateNetworkSettings (..),
+    newAssociateNetworkSettings,
+
+    -- * Request Lenses
+    associateNetworkSettings_networkSettingsArn,
+    associateNetworkSettings_portalArn,
+
+    -- * Destructuring the Response
+    AssociateNetworkSettingsResponse (..),
+    newAssociateNetworkSettingsResponse,
+
+    -- * Response Lenses
+    associateNetworkSettingsResponse_httpStatus,
+    associateNetworkSettingsResponse_networkSettingsArn,
+    associateNetworkSettingsResponse_portalArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newAssociateNetworkSettings' smart constructor.
+data AssociateNetworkSettings = AssociateNetworkSettings'
+  { -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'networkSettingsArn', 'associateNetworkSettings_networkSettingsArn' - The ARN of the network settings.
+--
+-- 'portalArn', 'associateNetworkSettings_portalArn' - The ARN of the web portal.
+newAssociateNetworkSettings ::
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  AssociateNetworkSettings
+newAssociateNetworkSettings
+  pNetworkSettingsArn_
+  pPortalArn_ =
+    AssociateNetworkSettings'
+      { networkSettingsArn =
+          pNetworkSettingsArn_,
+        portalArn = pPortalArn_
+      }
+
+-- | The ARN of the network settings.
+associateNetworkSettings_networkSettingsArn :: Lens.Lens' AssociateNetworkSettings Prelude.Text
+associateNetworkSettings_networkSettingsArn = Lens.lens (\AssociateNetworkSettings' {networkSettingsArn} -> networkSettingsArn) (\s@AssociateNetworkSettings' {} a -> s {networkSettingsArn = a} :: AssociateNetworkSettings)
+
+-- | The ARN of the web portal.
+associateNetworkSettings_portalArn :: Lens.Lens' AssociateNetworkSettings Prelude.Text
+associateNetworkSettings_portalArn = Lens.lens (\AssociateNetworkSettings' {portalArn} -> portalArn) (\s@AssociateNetworkSettings' {} a -> s {portalArn = a} :: AssociateNetworkSettings)
+
+instance Core.AWSRequest AssociateNetworkSettings where
+  type
+    AWSResponse AssociateNetworkSettings =
+      AssociateNetworkSettingsResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          AssociateNetworkSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "networkSettingsArn")
+            Prelude.<*> (x Data..:> "portalArn")
+      )
+
+instance Prelude.Hashable AssociateNetworkSettings where
+  hashWithSalt _salt AssociateNetworkSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` networkSettingsArn
+      `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData AssociateNetworkSettings where
+  rnf AssociateNetworkSettings' {..} =
+    Prelude.rnf networkSettingsArn
+      `Prelude.seq` Prelude.rnf portalArn
+
+instance Data.ToHeaders AssociateNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON AssociateNetworkSettings where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AssociateNetworkSettings where
+  toPath AssociateNetworkSettings' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/networkSettings"
+      ]
+
+instance Data.ToQuery AssociateNetworkSettings where
+  toQuery AssociateNetworkSettings' {..} =
+    Prelude.mconcat
+      ["networkSettingsArn" Data.=: networkSettingsArn]
+
+-- | /See:/ 'newAssociateNetworkSettingsResponse' smart constructor.
+data AssociateNetworkSettingsResponse = AssociateNetworkSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'associateNetworkSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'networkSettingsArn', 'associateNetworkSettingsResponse_networkSettingsArn' - The ARN of the network settings.
+--
+-- 'portalArn', 'associateNetworkSettingsResponse_portalArn' - The ARN of the web portal.
+newAssociateNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  AssociateNetworkSettingsResponse
+newAssociateNetworkSettingsResponse
+  pHttpStatus_
+  pNetworkSettingsArn_
+  pPortalArn_ =
+    AssociateNetworkSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        networkSettingsArn = pNetworkSettingsArn_,
+        portalArn = pPortalArn_
+      }
+
+-- | The response's http status code.
+associateNetworkSettingsResponse_httpStatus :: Lens.Lens' AssociateNetworkSettingsResponse Prelude.Int
+associateNetworkSettingsResponse_httpStatus = Lens.lens (\AssociateNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@AssociateNetworkSettingsResponse' {} a -> s {httpStatus = a} :: AssociateNetworkSettingsResponse)
+
+-- | The ARN of the network settings.
+associateNetworkSettingsResponse_networkSettingsArn :: Lens.Lens' AssociateNetworkSettingsResponse Prelude.Text
+associateNetworkSettingsResponse_networkSettingsArn = Lens.lens (\AssociateNetworkSettingsResponse' {networkSettingsArn} -> networkSettingsArn) (\s@AssociateNetworkSettingsResponse' {} a -> s {networkSettingsArn = a} :: AssociateNetworkSettingsResponse)
+
+-- | The ARN of the web portal.
+associateNetworkSettingsResponse_portalArn :: Lens.Lens' AssociateNetworkSettingsResponse Prelude.Text
+associateNetworkSettingsResponse_portalArn = Lens.lens (\AssociateNetworkSettingsResponse' {portalArn} -> portalArn) (\s@AssociateNetworkSettingsResponse' {} a -> s {portalArn = a} :: AssociateNetworkSettingsResponse)
+
+instance
+  Prelude.NFData
+    AssociateNetworkSettingsResponse
+  where
+  rnf AssociateNetworkSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf networkSettingsArn
+      `Prelude.seq` Prelude.rnf portalArn
diff --git a/gen/Amazonka/WorkSpacesWeb/AssociateTrustStore.hs b/gen/Amazonka/WorkSpacesWeb/AssociateTrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/AssociateTrustStore.hs
@@ -0,0 +1,201 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.AssociateTrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a trust store with a web portal.
+module Amazonka.WorkSpacesWeb.AssociateTrustStore
+  ( -- * Creating a Request
+    AssociateTrustStore (..),
+    newAssociateTrustStore,
+
+    -- * Request Lenses
+    associateTrustStore_portalArn,
+    associateTrustStore_trustStoreArn,
+
+    -- * Destructuring the Response
+    AssociateTrustStoreResponse (..),
+    newAssociateTrustStoreResponse,
+
+    -- * Response Lenses
+    associateTrustStoreResponse_httpStatus,
+    associateTrustStoreResponse_portalArn,
+    associateTrustStoreResponse_trustStoreArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newAssociateTrustStore' smart constructor.
+data AssociateTrustStore = AssociateTrustStore'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateTrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'associateTrustStore_portalArn' - The ARN of the web portal.
+--
+-- 'trustStoreArn', 'associateTrustStore_trustStoreArn' - The ARN of the trust store.
+newAssociateTrustStore ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  AssociateTrustStore
+newAssociateTrustStore pPortalArn_ pTrustStoreArn_ =
+  AssociateTrustStore'
+    { portalArn = pPortalArn_,
+      trustStoreArn = pTrustStoreArn_
+    }
+
+-- | The ARN of the web portal.
+associateTrustStore_portalArn :: Lens.Lens' AssociateTrustStore Prelude.Text
+associateTrustStore_portalArn = Lens.lens (\AssociateTrustStore' {portalArn} -> portalArn) (\s@AssociateTrustStore' {} a -> s {portalArn = a} :: AssociateTrustStore)
+
+-- | The ARN of the trust store.
+associateTrustStore_trustStoreArn :: Lens.Lens' AssociateTrustStore Prelude.Text
+associateTrustStore_trustStoreArn = Lens.lens (\AssociateTrustStore' {trustStoreArn} -> trustStoreArn) (\s@AssociateTrustStore' {} a -> s {trustStoreArn = a} :: AssociateTrustStore)
+
+instance Core.AWSRequest AssociateTrustStore where
+  type
+    AWSResponse AssociateTrustStore =
+      AssociateTrustStoreResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          AssociateTrustStoreResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "portalArn")
+            Prelude.<*> (x Data..:> "trustStoreArn")
+      )
+
+instance Prelude.Hashable AssociateTrustStore where
+  hashWithSalt _salt AssociateTrustStore' {..} =
+    _salt
+      `Prelude.hashWithSalt` portalArn
+      `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData AssociateTrustStore where
+  rnf AssociateTrustStore' {..} =
+    Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf trustStoreArn
+
+instance Data.ToHeaders AssociateTrustStore where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON AssociateTrustStore where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AssociateTrustStore where
+  toPath AssociateTrustStore' {..} =
+    Prelude.mconcat
+      ["/portals/", Data.toBS portalArn, "/trustStores"]
+
+instance Data.ToQuery AssociateTrustStore where
+  toQuery AssociateTrustStore' {..} =
+    Prelude.mconcat
+      ["trustStoreArn" Data.=: trustStoreArn]
+
+-- | /See:/ 'newAssociateTrustStoreResponse' smart constructor.
+data AssociateTrustStoreResponse = AssociateTrustStoreResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateTrustStoreResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'associateTrustStoreResponse_httpStatus' - The response's http status code.
+--
+-- 'portalArn', 'associateTrustStoreResponse_portalArn' - The ARN of the web portal.
+--
+-- 'trustStoreArn', 'associateTrustStoreResponse_trustStoreArn' - The ARN of the trust store.
+newAssociateTrustStoreResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  AssociateTrustStoreResponse
+newAssociateTrustStoreResponse
+  pHttpStatus_
+  pPortalArn_
+  pTrustStoreArn_ =
+    AssociateTrustStoreResponse'
+      { httpStatus =
+          pHttpStatus_,
+        portalArn = pPortalArn_,
+        trustStoreArn = pTrustStoreArn_
+      }
+
+-- | The response's http status code.
+associateTrustStoreResponse_httpStatus :: Lens.Lens' AssociateTrustStoreResponse Prelude.Int
+associateTrustStoreResponse_httpStatus = Lens.lens (\AssociateTrustStoreResponse' {httpStatus} -> httpStatus) (\s@AssociateTrustStoreResponse' {} a -> s {httpStatus = a} :: AssociateTrustStoreResponse)
+
+-- | The ARN of the web portal.
+associateTrustStoreResponse_portalArn :: Lens.Lens' AssociateTrustStoreResponse Prelude.Text
+associateTrustStoreResponse_portalArn = Lens.lens (\AssociateTrustStoreResponse' {portalArn} -> portalArn) (\s@AssociateTrustStoreResponse' {} a -> s {portalArn = a} :: AssociateTrustStoreResponse)
+
+-- | The ARN of the trust store.
+associateTrustStoreResponse_trustStoreArn :: Lens.Lens' AssociateTrustStoreResponse Prelude.Text
+associateTrustStoreResponse_trustStoreArn = Lens.lens (\AssociateTrustStoreResponse' {trustStoreArn} -> trustStoreArn) (\s@AssociateTrustStoreResponse' {} a -> s {trustStoreArn = a} :: AssociateTrustStoreResponse)
+
+instance Prelude.NFData AssociateTrustStoreResponse where
+  rnf AssociateTrustStoreResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf trustStoreArn
diff --git a/gen/Amazonka/WorkSpacesWeb/AssociateUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/AssociateUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/AssociateUserAccessLoggingSettings.hs
@@ -0,0 +1,237 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.AssociateUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a user access logging settings resource with a web portal.
+module Amazonka.WorkSpacesWeb.AssociateUserAccessLoggingSettings
+  ( -- * Creating a Request
+    AssociateUserAccessLoggingSettings (..),
+    newAssociateUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    associateUserAccessLoggingSettings_portalArn,
+    associateUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+
+    -- * Destructuring the Response
+    AssociateUserAccessLoggingSettingsResponse (..),
+    newAssociateUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    associateUserAccessLoggingSettingsResponse_httpStatus,
+    associateUserAccessLoggingSettingsResponse_portalArn,
+    associateUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newAssociateUserAccessLoggingSettings' smart constructor.
+data AssociateUserAccessLoggingSettings = AssociateUserAccessLoggingSettings'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'associateUserAccessLoggingSettings_portalArn' - The ARN of the web portal.
+--
+-- 'userAccessLoggingSettingsArn', 'associateUserAccessLoggingSettings_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newAssociateUserAccessLoggingSettings ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  AssociateUserAccessLoggingSettings
+newAssociateUserAccessLoggingSettings
+  pPortalArn_
+  pUserAccessLoggingSettingsArn_ =
+    AssociateUserAccessLoggingSettings'
+      { portalArn =
+          pPortalArn_,
+        userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | The ARN of the web portal.
+associateUserAccessLoggingSettings_portalArn :: Lens.Lens' AssociateUserAccessLoggingSettings Prelude.Text
+associateUserAccessLoggingSettings_portalArn = Lens.lens (\AssociateUserAccessLoggingSettings' {portalArn} -> portalArn) (\s@AssociateUserAccessLoggingSettings' {} a -> s {portalArn = a} :: AssociateUserAccessLoggingSettings)
+
+-- | The ARN of the user access logging settings.
+associateUserAccessLoggingSettings_userAccessLoggingSettingsArn :: Lens.Lens' AssociateUserAccessLoggingSettings Prelude.Text
+associateUserAccessLoggingSettings_userAccessLoggingSettingsArn = Lens.lens (\AssociateUserAccessLoggingSettings' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@AssociateUserAccessLoggingSettings' {} a -> s {userAccessLoggingSettingsArn = a} :: AssociateUserAccessLoggingSettings)
+
+instance
+  Core.AWSRequest
+    AssociateUserAccessLoggingSettings
+  where
+  type
+    AWSResponse AssociateUserAccessLoggingSettings =
+      AssociateUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          AssociateUserAccessLoggingSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "portalArn")
+            Prelude.<*> (x Data..:> "userAccessLoggingSettingsArn")
+      )
+
+instance
+  Prelude.Hashable
+    AssociateUserAccessLoggingSettings
+  where
+  hashWithSalt
+    _salt
+    AssociateUserAccessLoggingSettings' {..} =
+      _salt
+        `Prelude.hashWithSalt` portalArn
+        `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+
+instance
+  Prelude.NFData
+    AssociateUserAccessLoggingSettings
+  where
+  rnf AssociateUserAccessLoggingSettings' {..} =
+    Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
+
+instance
+  Data.ToHeaders
+    AssociateUserAccessLoggingSettings
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToJSON
+    AssociateUserAccessLoggingSettings
+  where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance
+  Data.ToPath
+    AssociateUserAccessLoggingSettings
+  where
+  toPath AssociateUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/userAccessLoggingSettings"
+      ]
+
+instance
+  Data.ToQuery
+    AssociateUserAccessLoggingSettings
+  where
+  toQuery AssociateUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "userAccessLoggingSettingsArn"
+          Data.=: userAccessLoggingSettingsArn
+      ]
+
+-- | /See:/ 'newAssociateUserAccessLoggingSettingsResponse' smart constructor.
+data AssociateUserAccessLoggingSettingsResponse = AssociateUserAccessLoggingSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'associateUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'portalArn', 'associateUserAccessLoggingSettingsResponse_portalArn' - The ARN of the web portal.
+--
+-- 'userAccessLoggingSettingsArn', 'associateUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newAssociateUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  AssociateUserAccessLoggingSettingsResponse
+newAssociateUserAccessLoggingSettingsResponse
+  pHttpStatus_
+  pPortalArn_
+  pUserAccessLoggingSettingsArn_ =
+    AssociateUserAccessLoggingSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        portalArn = pPortalArn_,
+        userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | The response's http status code.
+associateUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' AssociateUserAccessLoggingSettingsResponse Prelude.Int
+associateUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\AssociateUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@AssociateUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: AssociateUserAccessLoggingSettingsResponse)
+
+-- | The ARN of the web portal.
+associateUserAccessLoggingSettingsResponse_portalArn :: Lens.Lens' AssociateUserAccessLoggingSettingsResponse Prelude.Text
+associateUserAccessLoggingSettingsResponse_portalArn = Lens.lens (\AssociateUserAccessLoggingSettingsResponse' {portalArn} -> portalArn) (\s@AssociateUserAccessLoggingSettingsResponse' {} a -> s {portalArn = a} :: AssociateUserAccessLoggingSettingsResponse)
+
+-- | The ARN of the user access logging settings.
+associateUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn :: Lens.Lens' AssociateUserAccessLoggingSettingsResponse Prelude.Text
+associateUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn = Lens.lens (\AssociateUserAccessLoggingSettingsResponse' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@AssociateUserAccessLoggingSettingsResponse' {} a -> s {userAccessLoggingSettingsArn = a} :: AssociateUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    AssociateUserAccessLoggingSettingsResponse
+  where
+  rnf AssociateUserAccessLoggingSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/AssociateUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/AssociateUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/AssociateUserSettings.hs
@@ -0,0 +1,203 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.AssociateUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Associates a user settings resource with a web portal.
+module Amazonka.WorkSpacesWeb.AssociateUserSettings
+  ( -- * Creating a Request
+    AssociateUserSettings (..),
+    newAssociateUserSettings,
+
+    -- * Request Lenses
+    associateUserSettings_portalArn,
+    associateUserSettings_userSettingsArn,
+
+    -- * Destructuring the Response
+    AssociateUserSettingsResponse (..),
+    newAssociateUserSettingsResponse,
+
+    -- * Response Lenses
+    associateUserSettingsResponse_httpStatus,
+    associateUserSettingsResponse_portalArn,
+    associateUserSettingsResponse_userSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newAssociateUserSettings' smart constructor.
+data AssociateUserSettings = AssociateUserSettings'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'associateUserSettings_portalArn' - The ARN of the web portal.
+--
+-- 'userSettingsArn', 'associateUserSettings_userSettingsArn' - The ARN of the user settings.
+newAssociateUserSettings ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  AssociateUserSettings
+newAssociateUserSettings
+  pPortalArn_
+  pUserSettingsArn_ =
+    AssociateUserSettings'
+      { portalArn = pPortalArn_,
+        userSettingsArn = pUserSettingsArn_
+      }
+
+-- | The ARN of the web portal.
+associateUserSettings_portalArn :: Lens.Lens' AssociateUserSettings Prelude.Text
+associateUserSettings_portalArn = Lens.lens (\AssociateUserSettings' {portalArn} -> portalArn) (\s@AssociateUserSettings' {} a -> s {portalArn = a} :: AssociateUserSettings)
+
+-- | The ARN of the user settings.
+associateUserSettings_userSettingsArn :: Lens.Lens' AssociateUserSettings Prelude.Text
+associateUserSettings_userSettingsArn = Lens.lens (\AssociateUserSettings' {userSettingsArn} -> userSettingsArn) (\s@AssociateUserSettings' {} a -> s {userSettingsArn = a} :: AssociateUserSettings)
+
+instance Core.AWSRequest AssociateUserSettings where
+  type
+    AWSResponse AssociateUserSettings =
+      AssociateUserSettingsResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          AssociateUserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "portalArn")
+            Prelude.<*> (x Data..:> "userSettingsArn")
+      )
+
+instance Prelude.Hashable AssociateUserSettings where
+  hashWithSalt _salt AssociateUserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` portalArn
+      `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData AssociateUserSettings where
+  rnf AssociateUserSettings' {..} =
+    Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf userSettingsArn
+
+instance Data.ToHeaders AssociateUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON AssociateUserSettings where
+  toJSON = Prelude.const (Data.Object Prelude.mempty)
+
+instance Data.ToPath AssociateUserSettings where
+  toPath AssociateUserSettings' {..} =
+    Prelude.mconcat
+      ["/portals/", Data.toBS portalArn, "/userSettings"]
+
+instance Data.ToQuery AssociateUserSettings where
+  toQuery AssociateUserSettings' {..} =
+    Prelude.mconcat
+      ["userSettingsArn" Data.=: userSettingsArn]
+
+-- | /See:/ 'newAssociateUserSettingsResponse' smart constructor.
+data AssociateUserSettingsResponse = AssociateUserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'AssociateUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'associateUserSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'portalArn', 'associateUserSettingsResponse_portalArn' - The ARN of the web portal.
+--
+-- 'userSettingsArn', 'associateUserSettingsResponse_userSettingsArn' - The ARN of the user settings.
+newAssociateUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  AssociateUserSettingsResponse
+newAssociateUserSettingsResponse
+  pHttpStatus_
+  pPortalArn_
+  pUserSettingsArn_ =
+    AssociateUserSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        portalArn = pPortalArn_,
+        userSettingsArn = pUserSettingsArn_
+      }
+
+-- | The response's http status code.
+associateUserSettingsResponse_httpStatus :: Lens.Lens' AssociateUserSettingsResponse Prelude.Int
+associateUserSettingsResponse_httpStatus = Lens.lens (\AssociateUserSettingsResponse' {httpStatus} -> httpStatus) (\s@AssociateUserSettingsResponse' {} a -> s {httpStatus = a} :: AssociateUserSettingsResponse)
+
+-- | The ARN of the web portal.
+associateUserSettingsResponse_portalArn :: Lens.Lens' AssociateUserSettingsResponse Prelude.Text
+associateUserSettingsResponse_portalArn = Lens.lens (\AssociateUserSettingsResponse' {portalArn} -> portalArn) (\s@AssociateUserSettingsResponse' {} a -> s {portalArn = a} :: AssociateUserSettingsResponse)
+
+-- | The ARN of the user settings.
+associateUserSettingsResponse_userSettingsArn :: Lens.Lens' AssociateUserSettingsResponse Prelude.Text
+associateUserSettingsResponse_userSettingsArn = Lens.lens (\AssociateUserSettingsResponse' {userSettingsArn} -> userSettingsArn) (\s@AssociateUserSettingsResponse' {} a -> s {userSettingsArn = a} :: AssociateUserSettingsResponse)
+
+instance Prelude.NFData AssociateUserSettingsResponse where
+  rnf AssociateUserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf userSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/CreateBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/CreateBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreateBrowserSettings.hs
@@ -0,0 +1,260 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreateBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a browser settings resource that can be associated with a web
+-- portal. Once associated with a web portal, browser settings control how
+-- the browser will behave once a user starts a streaming session for the
+-- web portal.
+module Amazonka.WorkSpacesWeb.CreateBrowserSettings
+  ( -- * Creating a Request
+    CreateBrowserSettings (..),
+    newCreateBrowserSettings,
+
+    -- * Request Lenses
+    createBrowserSettings_additionalEncryptionContext,
+    createBrowserSettings_clientToken,
+    createBrowserSettings_customerManagedKey,
+    createBrowserSettings_tags,
+    createBrowserSettings_browserPolicy,
+
+    -- * Destructuring the Response
+    CreateBrowserSettingsResponse (..),
+    newCreateBrowserSettingsResponse,
+
+    -- * Response Lenses
+    createBrowserSettingsResponse_httpStatus,
+    createBrowserSettingsResponse_browserSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreateBrowserSettings' smart constructor.
+data CreateBrowserSettings = CreateBrowserSettings'
+  { -- | Additional encryption context of the browser settings.
+    additionalEncryptionContext :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The custom managed key of the browser settings.
+    customerManagedKey :: Prelude.Maybe Prelude.Text,
+    -- | The tags to add to the browser settings resource. A tag is a key-value
+    -- pair.
+    tags :: Prelude.Maybe [Data.Sensitive Tag],
+    -- | A JSON string containing Chrome Enterprise policies that will be applied
+    -- to all streaming sessions.
+    browserPolicy :: Data.Sensitive Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalEncryptionContext', 'createBrowserSettings_additionalEncryptionContext' - Additional encryption context of the browser settings.
+--
+-- 'clientToken', 'createBrowserSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'customerManagedKey', 'createBrowserSettings_customerManagedKey' - The custom managed key of the browser settings.
+--
+-- 'tags', 'createBrowserSettings_tags' - The tags to add to the browser settings resource. A tag is a key-value
+-- pair.
+--
+-- 'browserPolicy', 'createBrowserSettings_browserPolicy' - A JSON string containing Chrome Enterprise policies that will be applied
+-- to all streaming sessions.
+newCreateBrowserSettings ::
+  -- | 'browserPolicy'
+  Prelude.Text ->
+  CreateBrowserSettings
+newCreateBrowserSettings pBrowserPolicy_ =
+  CreateBrowserSettings'
+    { additionalEncryptionContext =
+        Prelude.Nothing,
+      clientToken = Prelude.Nothing,
+      customerManagedKey = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      browserPolicy =
+        Data._Sensitive Lens.# pBrowserPolicy_
+    }
+
+-- | Additional encryption context of the browser settings.
+createBrowserSettings_additionalEncryptionContext :: Lens.Lens' CreateBrowserSettings (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+createBrowserSettings_additionalEncryptionContext = Lens.lens (\CreateBrowserSettings' {additionalEncryptionContext} -> additionalEncryptionContext) (\s@CreateBrowserSettings' {} a -> s {additionalEncryptionContext = a} :: CreateBrowserSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createBrowserSettings_clientToken :: Lens.Lens' CreateBrowserSettings (Prelude.Maybe Prelude.Text)
+createBrowserSettings_clientToken = Lens.lens (\CreateBrowserSettings' {clientToken} -> clientToken) (\s@CreateBrowserSettings' {} a -> s {clientToken = a} :: CreateBrowserSettings)
+
+-- | The custom managed key of the browser settings.
+createBrowserSettings_customerManagedKey :: Lens.Lens' CreateBrowserSettings (Prelude.Maybe Prelude.Text)
+createBrowserSettings_customerManagedKey = Lens.lens (\CreateBrowserSettings' {customerManagedKey} -> customerManagedKey) (\s@CreateBrowserSettings' {} a -> s {customerManagedKey = a} :: CreateBrowserSettings)
+
+-- | The tags to add to the browser settings resource. A tag is a key-value
+-- pair.
+createBrowserSettings_tags :: Lens.Lens' CreateBrowserSettings (Prelude.Maybe [Tag])
+createBrowserSettings_tags = Lens.lens (\CreateBrowserSettings' {tags} -> tags) (\s@CreateBrowserSettings' {} a -> s {tags = a} :: CreateBrowserSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | A JSON string containing Chrome Enterprise policies that will be applied
+-- to all streaming sessions.
+createBrowserSettings_browserPolicy :: Lens.Lens' CreateBrowserSettings Prelude.Text
+createBrowserSettings_browserPolicy = Lens.lens (\CreateBrowserSettings' {browserPolicy} -> browserPolicy) (\s@CreateBrowserSettings' {} a -> s {browserPolicy = a} :: CreateBrowserSettings) Prelude.. Data._Sensitive
+
+instance Core.AWSRequest CreateBrowserSettings where
+  type
+    AWSResponse CreateBrowserSettings =
+      CreateBrowserSettingsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateBrowserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "browserSettingsArn")
+      )
+
+instance Prelude.Hashable CreateBrowserSettings where
+  hashWithSalt _salt CreateBrowserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalEncryptionContext
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` customerManagedKey
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` browserPolicy
+
+instance Prelude.NFData CreateBrowserSettings where
+  rnf CreateBrowserSettings' {..} =
+    Prelude.rnf additionalEncryptionContext
+      `Prelude.seq` Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf customerManagedKey
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf browserPolicy
+
+instance Data.ToHeaders CreateBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateBrowserSettings where
+  toJSON CreateBrowserSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("additionalEncryptionContext" Data..=)
+              Prelude.<$> additionalEncryptionContext,
+            ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("customerManagedKey" Data..=)
+              Prelude.<$> customerManagedKey,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just
+              ("browserPolicy" Data..= browserPolicy)
+          ]
+      )
+
+instance Data.ToPath CreateBrowserSettings where
+  toPath = Prelude.const "/browserSettings"
+
+instance Data.ToQuery CreateBrowserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateBrowserSettingsResponse' smart constructor.
+data CreateBrowserSettingsResponse = CreateBrowserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createBrowserSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'browserSettingsArn', 'createBrowserSettingsResponse_browserSettingsArn' - The ARN of the browser settings.
+newCreateBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  CreateBrowserSettingsResponse
+newCreateBrowserSettingsResponse
+  pHttpStatus_
+  pBrowserSettingsArn_ =
+    CreateBrowserSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        browserSettingsArn = pBrowserSettingsArn_
+      }
+
+-- | The response's http status code.
+createBrowserSettingsResponse_httpStatus :: Lens.Lens' CreateBrowserSettingsResponse Prelude.Int
+createBrowserSettingsResponse_httpStatus = Lens.lens (\CreateBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@CreateBrowserSettingsResponse' {} a -> s {httpStatus = a} :: CreateBrowserSettingsResponse)
+
+-- | The ARN of the browser settings.
+createBrowserSettingsResponse_browserSettingsArn :: Lens.Lens' CreateBrowserSettingsResponse Prelude.Text
+createBrowserSettingsResponse_browserSettingsArn = Lens.lens (\CreateBrowserSettingsResponse' {browserSettingsArn} -> browserSettingsArn) (\s@CreateBrowserSettingsResponse' {} a -> s {browserSettingsArn = a} :: CreateBrowserSettingsResponse)
+
+instance Prelude.NFData CreateBrowserSettingsResponse where
+  rnf CreateBrowserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf browserSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/CreateIdentityProvider.hs b/gen/Amazonka/WorkSpacesWeb/CreateIdentityProvider.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreateIdentityProvider.hs
@@ -0,0 +1,451 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreateIdentityProvider
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates an identity provider resource that is then associated with a web
+-- portal.
+module Amazonka.WorkSpacesWeb.CreateIdentityProvider
+  ( -- * Creating a Request
+    CreateIdentityProvider (..),
+    newCreateIdentityProvider,
+
+    -- * Request Lenses
+    createIdentityProvider_clientToken,
+    createIdentityProvider_identityProviderDetails,
+    createIdentityProvider_identityProviderName,
+    createIdentityProvider_identityProviderType,
+    createIdentityProvider_portalArn,
+
+    -- * Destructuring the Response
+    CreateIdentityProviderResponse (..),
+    newCreateIdentityProviderResponse,
+
+    -- * Response Lenses
+    createIdentityProviderResponse_httpStatus,
+    createIdentityProviderResponse_identityProviderArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreateIdentityProvider' smart constructor.
+data CreateIdentityProvider = CreateIdentityProvider'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The identity provider details. The following list describes the provider
+    -- detail keys for each identity provider type.
+    --
+    -- -   For Google and Login with Amazon:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @authorize_scopes@
+    --
+    -- -   For Facebook:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @authorize_scopes@
+    --
+    --     -   @api_version@
+    --
+    -- -   For Sign in with Apple:
+    --
+    --     -   @client_id@
+    --
+    --     -   @team_id@
+    --
+    --     -   @key_id@
+    --
+    --     -   @private_key@
+    --
+    --     -   @authorize_scopes@
+    --
+    -- -   For OIDC providers:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @attributes_request_method@
+    --
+    --     -   @oidc_issuer@
+    --
+    --     -   @authorize_scopes@
+    --
+    --     -   @authorize_url@ /if not available from discovery URL specified
+    --         by @oidc_issuer@ key/
+    --
+    --     -   @token_url@ /if not available from discovery URL specified by
+    --         @oidc_issuer@ key/
+    --
+    --     -   @attributes_url@ /if not available from discovery URL specified
+    --         by @oidc_issuer@ key/
+    --
+    --     -   @jwks_uri@ /if not available from discovery URL specified by
+    --         @oidc_issuer@ key/
+    --
+    -- -   For SAML providers:
+    --
+    --     -   @MetadataFile@ OR @MetadataURL@
+    --
+    --     -   @IDPSignout@ (boolean) /optional/
+    identityProviderDetails :: Data.Sensitive (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | The identity provider name.
+    identityProviderName :: Data.Sensitive Prelude.Text,
+    -- | The identity provider type.
+    identityProviderType :: IdentityProviderType,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateIdentityProvider' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'createIdentityProvider_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'identityProviderDetails', 'createIdentityProvider_identityProviderDetails' - The identity provider details. The following list describes the provider
+-- detail keys for each identity provider type.
+--
+-- -   For Google and Login with Amazon:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+-- -   For Facebook:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+--     -   @api_version@
+--
+-- -   For Sign in with Apple:
+--
+--     -   @client_id@
+--
+--     -   @team_id@
+--
+--     -   @key_id@
+--
+--     -   @private_key@
+--
+--     -   @authorize_scopes@
+--
+-- -   For OIDC providers:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @attributes_request_method@
+--
+--     -   @oidc_issuer@
+--
+--     -   @authorize_scopes@
+--
+--     -   @authorize_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @token_url@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+--     -   @attributes_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @jwks_uri@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+-- -   For SAML providers:
+--
+--     -   @MetadataFile@ OR @MetadataURL@
+--
+--     -   @IDPSignout@ (boolean) /optional/
+--
+-- 'identityProviderName', 'createIdentityProvider_identityProviderName' - The identity provider name.
+--
+-- 'identityProviderType', 'createIdentityProvider_identityProviderType' - The identity provider type.
+--
+-- 'portalArn', 'createIdentityProvider_portalArn' - The ARN of the web portal.
+newCreateIdentityProvider ::
+  -- | 'identityProviderName'
+  Prelude.Text ->
+  -- | 'identityProviderType'
+  IdentityProviderType ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  CreateIdentityProvider
+newCreateIdentityProvider
+  pIdentityProviderName_
+  pIdentityProviderType_
+  pPortalArn_ =
+    CreateIdentityProvider'
+      { clientToken =
+          Prelude.Nothing,
+        identityProviderDetails = Prelude.mempty,
+        identityProviderName =
+          Data._Sensitive Lens.# pIdentityProviderName_,
+        identityProviderType = pIdentityProviderType_,
+        portalArn = pPortalArn_
+      }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createIdentityProvider_clientToken :: Lens.Lens' CreateIdentityProvider (Prelude.Maybe Prelude.Text)
+createIdentityProvider_clientToken = Lens.lens (\CreateIdentityProvider' {clientToken} -> clientToken) (\s@CreateIdentityProvider' {} a -> s {clientToken = a} :: CreateIdentityProvider)
+
+-- | The identity provider details. The following list describes the provider
+-- detail keys for each identity provider type.
+--
+-- -   For Google and Login with Amazon:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+-- -   For Facebook:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+--     -   @api_version@
+--
+-- -   For Sign in with Apple:
+--
+--     -   @client_id@
+--
+--     -   @team_id@
+--
+--     -   @key_id@
+--
+--     -   @private_key@
+--
+--     -   @authorize_scopes@
+--
+-- -   For OIDC providers:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @attributes_request_method@
+--
+--     -   @oidc_issuer@
+--
+--     -   @authorize_scopes@
+--
+--     -   @authorize_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @token_url@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+--     -   @attributes_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @jwks_uri@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+-- -   For SAML providers:
+--
+--     -   @MetadataFile@ OR @MetadataURL@
+--
+--     -   @IDPSignout@ (boolean) /optional/
+createIdentityProvider_identityProviderDetails :: Lens.Lens' CreateIdentityProvider (Prelude.HashMap Prelude.Text Prelude.Text)
+createIdentityProvider_identityProviderDetails = Lens.lens (\CreateIdentityProvider' {identityProviderDetails} -> identityProviderDetails) (\s@CreateIdentityProvider' {} a -> s {identityProviderDetails = a} :: CreateIdentityProvider) Prelude.. Data._Sensitive Prelude.. Lens.coerced
+
+-- | The identity provider name.
+createIdentityProvider_identityProviderName :: Lens.Lens' CreateIdentityProvider Prelude.Text
+createIdentityProvider_identityProviderName = Lens.lens (\CreateIdentityProvider' {identityProviderName} -> identityProviderName) (\s@CreateIdentityProvider' {} a -> s {identityProviderName = a} :: CreateIdentityProvider) Prelude.. Data._Sensitive
+
+-- | The identity provider type.
+createIdentityProvider_identityProviderType :: Lens.Lens' CreateIdentityProvider IdentityProviderType
+createIdentityProvider_identityProviderType = Lens.lens (\CreateIdentityProvider' {identityProviderType} -> identityProviderType) (\s@CreateIdentityProvider' {} a -> s {identityProviderType = a} :: CreateIdentityProvider)
+
+-- | The ARN of the web portal.
+createIdentityProvider_portalArn :: Lens.Lens' CreateIdentityProvider Prelude.Text
+createIdentityProvider_portalArn = Lens.lens (\CreateIdentityProvider' {portalArn} -> portalArn) (\s@CreateIdentityProvider' {} a -> s {portalArn = a} :: CreateIdentityProvider)
+
+instance Core.AWSRequest CreateIdentityProvider where
+  type
+    AWSResponse CreateIdentityProvider =
+      CreateIdentityProviderResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateIdentityProviderResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "identityProviderArn")
+      )
+
+instance Prelude.Hashable CreateIdentityProvider where
+  hashWithSalt _salt CreateIdentityProvider' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` identityProviderDetails
+      `Prelude.hashWithSalt` identityProviderName
+      `Prelude.hashWithSalt` identityProviderType
+      `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData CreateIdentityProvider where
+  rnf CreateIdentityProvider' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf identityProviderDetails
+      `Prelude.seq` Prelude.rnf identityProviderName
+      `Prelude.seq` Prelude.rnf identityProviderType
+      `Prelude.seq` Prelude.rnf portalArn
+
+instance Data.ToHeaders CreateIdentityProvider where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateIdentityProvider where
+  toJSON CreateIdentityProvider' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            Prelude.Just
+              ( "identityProviderDetails"
+                  Data..= identityProviderDetails
+              ),
+            Prelude.Just
+              ( "identityProviderName"
+                  Data..= identityProviderName
+              ),
+            Prelude.Just
+              ( "identityProviderType"
+                  Data..= identityProviderType
+              ),
+            Prelude.Just ("portalArn" Data..= portalArn)
+          ]
+      )
+
+instance Data.ToPath CreateIdentityProvider where
+  toPath = Prelude.const "/identityProviders"
+
+instance Data.ToQuery CreateIdentityProvider where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateIdentityProviderResponse' smart constructor.
+data CreateIdentityProviderResponse = CreateIdentityProviderResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the identity provider.
+    identityProviderArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateIdentityProviderResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createIdentityProviderResponse_httpStatus' - The response's http status code.
+--
+-- 'identityProviderArn', 'createIdentityProviderResponse_identityProviderArn' - The ARN of the identity provider.
+newCreateIdentityProviderResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'identityProviderArn'
+  Prelude.Text ->
+  CreateIdentityProviderResponse
+newCreateIdentityProviderResponse
+  pHttpStatus_
+  pIdentityProviderArn_ =
+    CreateIdentityProviderResponse'
+      { httpStatus =
+          pHttpStatus_,
+        identityProviderArn = pIdentityProviderArn_
+      }
+
+-- | The response's http status code.
+createIdentityProviderResponse_httpStatus :: Lens.Lens' CreateIdentityProviderResponse Prelude.Int
+createIdentityProviderResponse_httpStatus = Lens.lens (\CreateIdentityProviderResponse' {httpStatus} -> httpStatus) (\s@CreateIdentityProviderResponse' {} a -> s {httpStatus = a} :: CreateIdentityProviderResponse)
+
+-- | The ARN of the identity provider.
+createIdentityProviderResponse_identityProviderArn :: Lens.Lens' CreateIdentityProviderResponse Prelude.Text
+createIdentityProviderResponse_identityProviderArn = Lens.lens (\CreateIdentityProviderResponse' {identityProviderArn} -> identityProviderArn) (\s@CreateIdentityProviderResponse' {} a -> s {identityProviderArn = a} :: CreateIdentityProviderResponse)
+
+instance
+  Prelude.NFData
+    CreateIdentityProviderResponse
+  where
+  rnf CreateIdentityProviderResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf identityProviderArn
diff --git a/gen/Amazonka/WorkSpacesWeb/CreateNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/CreateNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreateNetworkSettings.hs
@@ -0,0 +1,270 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreateNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a network settings resource that can be associated with a web
+-- portal. Once associated with a web portal, network settings define how
+-- streaming instances will connect with your specified VPC.
+module Amazonka.WorkSpacesWeb.CreateNetworkSettings
+  ( -- * Creating a Request
+    CreateNetworkSettings (..),
+    newCreateNetworkSettings,
+
+    -- * Request Lenses
+    createNetworkSettings_clientToken,
+    createNetworkSettings_tags,
+    createNetworkSettings_securityGroupIds,
+    createNetworkSettings_subnetIds,
+    createNetworkSettings_vpcId,
+
+    -- * Destructuring the Response
+    CreateNetworkSettingsResponse (..),
+    newCreateNetworkSettingsResponse,
+
+    -- * Response Lenses
+    createNetworkSettingsResponse_httpStatus,
+    createNetworkSettingsResponse_networkSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreateNetworkSettings' smart constructor.
+data CreateNetworkSettings = CreateNetworkSettings'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The tags to add to the network settings resource. A tag is a key-value
+    -- pair.
+    tags :: Prelude.Maybe [Data.Sensitive Tag],
+    -- | One or more security groups used to control access from streaming
+    -- instances to your VPC.
+    securityGroupIds :: Prelude.NonEmpty Prelude.Text,
+    -- | The subnets in which network interfaces are created to connect streaming
+    -- instances to your VPC. At least two of these subnets must be in
+    -- different availability zones.
+    subnetIds :: Prelude.NonEmpty Prelude.Text,
+    -- | The VPC that streaming instances will connect to.
+    vpcId :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'createNetworkSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'tags', 'createNetworkSettings_tags' - The tags to add to the network settings resource. A tag is a key-value
+-- pair.
+--
+-- 'securityGroupIds', 'createNetworkSettings_securityGroupIds' - One or more security groups used to control access from streaming
+-- instances to your VPC.
+--
+-- 'subnetIds', 'createNetworkSettings_subnetIds' - The subnets in which network interfaces are created to connect streaming
+-- instances to your VPC. At least two of these subnets must be in
+-- different availability zones.
+--
+-- 'vpcId', 'createNetworkSettings_vpcId' - The VPC that streaming instances will connect to.
+newCreateNetworkSettings ::
+  -- | 'securityGroupIds'
+  Prelude.NonEmpty Prelude.Text ->
+  -- | 'subnetIds'
+  Prelude.NonEmpty Prelude.Text ->
+  -- | 'vpcId'
+  Prelude.Text ->
+  CreateNetworkSettings
+newCreateNetworkSettings
+  pSecurityGroupIds_
+  pSubnetIds_
+  pVpcId_ =
+    CreateNetworkSettings'
+      { clientToken =
+          Prelude.Nothing,
+        tags = Prelude.Nothing,
+        securityGroupIds =
+          Lens.coerced Lens.# pSecurityGroupIds_,
+        subnetIds = Lens.coerced Lens.# pSubnetIds_,
+        vpcId = pVpcId_
+      }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createNetworkSettings_clientToken :: Lens.Lens' CreateNetworkSettings (Prelude.Maybe Prelude.Text)
+createNetworkSettings_clientToken = Lens.lens (\CreateNetworkSettings' {clientToken} -> clientToken) (\s@CreateNetworkSettings' {} a -> s {clientToken = a} :: CreateNetworkSettings)
+
+-- | The tags to add to the network settings resource. A tag is a key-value
+-- pair.
+createNetworkSettings_tags :: Lens.Lens' CreateNetworkSettings (Prelude.Maybe [Tag])
+createNetworkSettings_tags = Lens.lens (\CreateNetworkSettings' {tags} -> tags) (\s@CreateNetworkSettings' {} a -> s {tags = a} :: CreateNetworkSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | One or more security groups used to control access from streaming
+-- instances to your VPC.
+createNetworkSettings_securityGroupIds :: Lens.Lens' CreateNetworkSettings (Prelude.NonEmpty Prelude.Text)
+createNetworkSettings_securityGroupIds = Lens.lens (\CreateNetworkSettings' {securityGroupIds} -> securityGroupIds) (\s@CreateNetworkSettings' {} a -> s {securityGroupIds = a} :: CreateNetworkSettings) Prelude.. Lens.coerced
+
+-- | The subnets in which network interfaces are created to connect streaming
+-- instances to your VPC. At least two of these subnets must be in
+-- different availability zones.
+createNetworkSettings_subnetIds :: Lens.Lens' CreateNetworkSettings (Prelude.NonEmpty Prelude.Text)
+createNetworkSettings_subnetIds = Lens.lens (\CreateNetworkSettings' {subnetIds} -> subnetIds) (\s@CreateNetworkSettings' {} a -> s {subnetIds = a} :: CreateNetworkSettings) Prelude.. Lens.coerced
+
+-- | The VPC that streaming instances will connect to.
+createNetworkSettings_vpcId :: Lens.Lens' CreateNetworkSettings Prelude.Text
+createNetworkSettings_vpcId = Lens.lens (\CreateNetworkSettings' {vpcId} -> vpcId) (\s@CreateNetworkSettings' {} a -> s {vpcId = a} :: CreateNetworkSettings)
+
+instance Core.AWSRequest CreateNetworkSettings where
+  type
+    AWSResponse CreateNetworkSettings =
+      CreateNetworkSettingsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateNetworkSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "networkSettingsArn")
+      )
+
+instance Prelude.Hashable CreateNetworkSettings where
+  hashWithSalt _salt CreateNetworkSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` securityGroupIds
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcId
+
+instance Prelude.NFData CreateNetworkSettings where
+  rnf CreateNetworkSettings' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf securityGroupIds
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcId
+
+instance Data.ToHeaders CreateNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateNetworkSettings where
+  toJSON CreateNetworkSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just
+              ("securityGroupIds" Data..= securityGroupIds),
+            Prelude.Just ("subnetIds" Data..= subnetIds),
+            Prelude.Just ("vpcId" Data..= vpcId)
+          ]
+      )
+
+instance Data.ToPath CreateNetworkSettings where
+  toPath = Prelude.const "/networkSettings"
+
+instance Data.ToQuery CreateNetworkSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateNetworkSettingsResponse' smart constructor.
+data CreateNetworkSettingsResponse = CreateNetworkSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createNetworkSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'networkSettingsArn', 'createNetworkSettingsResponse_networkSettingsArn' - The ARN of the network settings.
+newCreateNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  CreateNetworkSettingsResponse
+newCreateNetworkSettingsResponse
+  pHttpStatus_
+  pNetworkSettingsArn_ =
+    CreateNetworkSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        networkSettingsArn = pNetworkSettingsArn_
+      }
+
+-- | The response's http status code.
+createNetworkSettingsResponse_httpStatus :: Lens.Lens' CreateNetworkSettingsResponse Prelude.Int
+createNetworkSettingsResponse_httpStatus = Lens.lens (\CreateNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@CreateNetworkSettingsResponse' {} a -> s {httpStatus = a} :: CreateNetworkSettingsResponse)
+
+-- | The ARN of the network settings.
+createNetworkSettingsResponse_networkSettingsArn :: Lens.Lens' CreateNetworkSettingsResponse Prelude.Text
+createNetworkSettingsResponse_networkSettingsArn = Lens.lens (\CreateNetworkSettingsResponse' {networkSettingsArn} -> networkSettingsArn) (\s@CreateNetworkSettingsResponse' {} a -> s {networkSettingsArn = a} :: CreateNetworkSettingsResponse)
+
+instance Prelude.NFData CreateNetworkSettingsResponse where
+  rnf CreateNetworkSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf networkSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/CreatePortal.hs b/gen/Amazonka/WorkSpacesWeb/CreatePortal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreatePortal.hs
@@ -0,0 +1,265 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreatePortal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a web portal.
+module Amazonka.WorkSpacesWeb.CreatePortal
+  ( -- * Creating a Request
+    CreatePortal (..),
+    newCreatePortal,
+
+    -- * Request Lenses
+    createPortal_additionalEncryptionContext,
+    createPortal_clientToken,
+    createPortal_customerManagedKey,
+    createPortal_displayName,
+    createPortal_tags,
+
+    -- * Destructuring the Response
+    CreatePortalResponse (..),
+    newCreatePortalResponse,
+
+    -- * Response Lenses
+    createPortalResponse_httpStatus,
+    createPortalResponse_portalArn,
+    createPortalResponse_portalEndpoint,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreatePortal' smart constructor.
+data CreatePortal = CreatePortal'
+  { -- | The additional encryption context of the portal.
+    additionalEncryptionContext :: Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text),
+    -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The customer managed key of the web portal.
+    customerManagedKey :: Prelude.Maybe Prelude.Text,
+    -- | The name of the web portal. This is not visible to users who log into
+    -- the web portal.
+    displayName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The tags to add to the web portal. A tag is a key-value pair.
+    tags :: Prelude.Maybe [Data.Sensitive Tag]
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreatePortal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'additionalEncryptionContext', 'createPortal_additionalEncryptionContext' - The additional encryption context of the portal.
+--
+-- 'clientToken', 'createPortal_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'customerManagedKey', 'createPortal_customerManagedKey' - The customer managed key of the web portal.
+--
+-- 'displayName', 'createPortal_displayName' - The name of the web portal. This is not visible to users who log into
+-- the web portal.
+--
+-- 'tags', 'createPortal_tags' - The tags to add to the web portal. A tag is a key-value pair.
+newCreatePortal ::
+  CreatePortal
+newCreatePortal =
+  CreatePortal'
+    { additionalEncryptionContext =
+        Prelude.Nothing,
+      clientToken = Prelude.Nothing,
+      customerManagedKey = Prelude.Nothing,
+      displayName = Prelude.Nothing,
+      tags = Prelude.Nothing
+    }
+
+-- | The additional encryption context of the portal.
+createPortal_additionalEncryptionContext :: Lens.Lens' CreatePortal (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+createPortal_additionalEncryptionContext = Lens.lens (\CreatePortal' {additionalEncryptionContext} -> additionalEncryptionContext) (\s@CreatePortal' {} a -> s {additionalEncryptionContext = a} :: CreatePortal) Prelude.. Lens.mapping Lens.coerced
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createPortal_clientToken :: Lens.Lens' CreatePortal (Prelude.Maybe Prelude.Text)
+createPortal_clientToken = Lens.lens (\CreatePortal' {clientToken} -> clientToken) (\s@CreatePortal' {} a -> s {clientToken = a} :: CreatePortal)
+
+-- | The customer managed key of the web portal.
+createPortal_customerManagedKey :: Lens.Lens' CreatePortal (Prelude.Maybe Prelude.Text)
+createPortal_customerManagedKey = Lens.lens (\CreatePortal' {customerManagedKey} -> customerManagedKey) (\s@CreatePortal' {} a -> s {customerManagedKey = a} :: CreatePortal)
+
+-- | The name of the web portal. This is not visible to users who log into
+-- the web portal.
+createPortal_displayName :: Lens.Lens' CreatePortal (Prelude.Maybe Prelude.Text)
+createPortal_displayName = Lens.lens (\CreatePortal' {displayName} -> displayName) (\s@CreatePortal' {} a -> s {displayName = a} :: CreatePortal) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The tags to add to the web portal. A tag is a key-value pair.
+createPortal_tags :: Lens.Lens' CreatePortal (Prelude.Maybe [Tag])
+createPortal_tags = Lens.lens (\CreatePortal' {tags} -> tags) (\s@CreatePortal' {} a -> s {tags = a} :: CreatePortal) Prelude.. Lens.mapping Lens.coerced
+
+instance Core.AWSRequest CreatePortal where
+  type AWSResponse CreatePortal = CreatePortalResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreatePortalResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "portalArn")
+            Prelude.<*> (x Data..:> "portalEndpoint")
+      )
+
+instance Prelude.Hashable CreatePortal where
+  hashWithSalt _salt CreatePortal' {..} =
+    _salt
+      `Prelude.hashWithSalt` additionalEncryptionContext
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` customerManagedKey
+      `Prelude.hashWithSalt` displayName
+      `Prelude.hashWithSalt` tags
+
+instance Prelude.NFData CreatePortal where
+  rnf CreatePortal' {..} =
+    Prelude.rnf additionalEncryptionContext
+      `Prelude.seq` Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf customerManagedKey
+      `Prelude.seq` Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf tags
+
+instance Data.ToHeaders CreatePortal where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreatePortal where
+  toJSON CreatePortal' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("additionalEncryptionContext" Data..=)
+              Prelude.<$> additionalEncryptionContext,
+            ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("customerManagedKey" Data..=)
+              Prelude.<$> customerManagedKey,
+            ("displayName" Data..=) Prelude.<$> displayName,
+            ("tags" Data..=) Prelude.<$> tags
+          ]
+      )
+
+instance Data.ToPath CreatePortal where
+  toPath = Prelude.const "/portals"
+
+instance Data.ToQuery CreatePortal where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreatePortalResponse' smart constructor.
+data CreatePortalResponse = CreatePortalResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text,
+    -- | The endpoint URL of the web portal that users access in order to start
+    -- streaming sessions.
+    portalEndpoint :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreatePortalResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createPortalResponse_httpStatus' - The response's http status code.
+--
+-- 'portalArn', 'createPortalResponse_portalArn' - The ARN of the web portal.
+--
+-- 'portalEndpoint', 'createPortalResponse_portalEndpoint' - The endpoint URL of the web portal that users access in order to start
+-- streaming sessions.
+newCreatePortalResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  -- | 'portalEndpoint'
+  Prelude.Text ->
+  CreatePortalResponse
+newCreatePortalResponse
+  pHttpStatus_
+  pPortalArn_
+  pPortalEndpoint_ =
+    CreatePortalResponse'
+      { httpStatus = pHttpStatus_,
+        portalArn = pPortalArn_,
+        portalEndpoint = pPortalEndpoint_
+      }
+
+-- | The response's http status code.
+createPortalResponse_httpStatus :: Lens.Lens' CreatePortalResponse Prelude.Int
+createPortalResponse_httpStatus = Lens.lens (\CreatePortalResponse' {httpStatus} -> httpStatus) (\s@CreatePortalResponse' {} a -> s {httpStatus = a} :: CreatePortalResponse)
+
+-- | The ARN of the web portal.
+createPortalResponse_portalArn :: Lens.Lens' CreatePortalResponse Prelude.Text
+createPortalResponse_portalArn = Lens.lens (\CreatePortalResponse' {portalArn} -> portalArn) (\s@CreatePortalResponse' {} a -> s {portalArn = a} :: CreatePortalResponse)
+
+-- | The endpoint URL of the web portal that users access in order to start
+-- streaming sessions.
+createPortalResponse_portalEndpoint :: Lens.Lens' CreatePortalResponse Prelude.Text
+createPortalResponse_portalEndpoint = Lens.lens (\CreatePortalResponse' {portalEndpoint} -> portalEndpoint) (\s@CreatePortalResponse' {} a -> s {portalEndpoint = a} :: CreatePortalResponse)
+
+instance Prelude.NFData CreatePortalResponse where
+  rnf CreatePortalResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf portalEndpoint
diff --git a/gen/Amazonka/WorkSpacesWeb/CreateTrustStore.hs b/gen/Amazonka/WorkSpacesWeb/CreateTrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreateTrustStore.hs
@@ -0,0 +1,225 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreateTrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a trust store that can be associated with a web portal. A trust
+-- store contains certificate authority (CA) certificates. Once associated
+-- with a web portal, the browser in a streaming session will recognize
+-- certificates that have been issued using any of the CAs in the trust
+-- store. If your organization has internal websites that use certificates
+-- issued by private CAs, you should add the private CA certificate to the
+-- trust store.
+module Amazonka.WorkSpacesWeb.CreateTrustStore
+  ( -- * Creating a Request
+    CreateTrustStore (..),
+    newCreateTrustStore,
+
+    -- * Request Lenses
+    createTrustStore_clientToken,
+    createTrustStore_tags,
+    createTrustStore_certificateList,
+
+    -- * Destructuring the Response
+    CreateTrustStoreResponse (..),
+    newCreateTrustStoreResponse,
+
+    -- * Response Lenses
+    createTrustStoreResponse_httpStatus,
+    createTrustStoreResponse_trustStoreArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreateTrustStore' smart constructor.
+data CreateTrustStore = CreateTrustStore'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The tags to add to the trust store. A tag is a key-value pair.
+    tags :: Prelude.Maybe [Data.Sensitive Tag],
+    -- | A list of CA certificates to be added to the trust store.
+    certificateList :: [Data.Base64]
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateTrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'createTrustStore_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'tags', 'createTrustStore_tags' - The tags to add to the trust store. A tag is a key-value pair.
+--
+-- 'certificateList', 'createTrustStore_certificateList' - A list of CA certificates to be added to the trust store.
+newCreateTrustStore ::
+  CreateTrustStore
+newCreateTrustStore =
+  CreateTrustStore'
+    { clientToken = Prelude.Nothing,
+      tags = Prelude.Nothing,
+      certificateList = Prelude.mempty
+    }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createTrustStore_clientToken :: Lens.Lens' CreateTrustStore (Prelude.Maybe Prelude.Text)
+createTrustStore_clientToken = Lens.lens (\CreateTrustStore' {clientToken} -> clientToken) (\s@CreateTrustStore' {} a -> s {clientToken = a} :: CreateTrustStore)
+
+-- | The tags to add to the trust store. A tag is a key-value pair.
+createTrustStore_tags :: Lens.Lens' CreateTrustStore (Prelude.Maybe [Tag])
+createTrustStore_tags = Lens.lens (\CreateTrustStore' {tags} -> tags) (\s@CreateTrustStore' {} a -> s {tags = a} :: CreateTrustStore) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of CA certificates to be added to the trust store.
+createTrustStore_certificateList :: Lens.Lens' CreateTrustStore [Prelude.ByteString]
+createTrustStore_certificateList = Lens.lens (\CreateTrustStore' {certificateList} -> certificateList) (\s@CreateTrustStore' {} a -> s {certificateList = a} :: CreateTrustStore) Prelude.. Lens.coerced
+
+instance Core.AWSRequest CreateTrustStore where
+  type
+    AWSResponse CreateTrustStore =
+      CreateTrustStoreResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateTrustStoreResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "trustStoreArn")
+      )
+
+instance Prelude.Hashable CreateTrustStore where
+  hashWithSalt _salt CreateTrustStore' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` certificateList
+
+instance Prelude.NFData CreateTrustStore where
+  rnf CreateTrustStore' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf certificateList
+
+instance Data.ToHeaders CreateTrustStore where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateTrustStore where
+  toJSON CreateTrustStore' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just
+              ("certificateList" Data..= certificateList)
+          ]
+      )
+
+instance Data.ToPath CreateTrustStore where
+  toPath = Prelude.const "/trustStores"
+
+instance Data.ToQuery CreateTrustStore where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateTrustStoreResponse' smart constructor.
+data CreateTrustStoreResponse = CreateTrustStoreResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateTrustStoreResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createTrustStoreResponse_httpStatus' - The response's http status code.
+--
+-- 'trustStoreArn', 'createTrustStoreResponse_trustStoreArn' - The ARN of the trust store.
+newCreateTrustStoreResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  CreateTrustStoreResponse
+newCreateTrustStoreResponse
+  pHttpStatus_
+  pTrustStoreArn_ =
+    CreateTrustStoreResponse'
+      { httpStatus =
+          pHttpStatus_,
+        trustStoreArn = pTrustStoreArn_
+      }
+
+-- | The response's http status code.
+createTrustStoreResponse_httpStatus :: Lens.Lens' CreateTrustStoreResponse Prelude.Int
+createTrustStoreResponse_httpStatus = Lens.lens (\CreateTrustStoreResponse' {httpStatus} -> httpStatus) (\s@CreateTrustStoreResponse' {} a -> s {httpStatus = a} :: CreateTrustStoreResponse)
+
+-- | The ARN of the trust store.
+createTrustStoreResponse_trustStoreArn :: Lens.Lens' CreateTrustStoreResponse Prelude.Text
+createTrustStoreResponse_trustStoreArn = Lens.lens (\CreateTrustStoreResponse' {trustStoreArn} -> trustStoreArn) (\s@CreateTrustStoreResponse' {} a -> s {trustStoreArn = a} :: CreateTrustStoreResponse)
+
+instance Prelude.NFData CreateTrustStoreResponse where
+  rnf CreateTrustStoreResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf trustStoreArn
diff --git a/gen/Amazonka/WorkSpacesWeb/CreateUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/CreateUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreateUserAccessLoggingSettings.hs
@@ -0,0 +1,244 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreateUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a user access logging settings resource that can be associated
+-- with a web portal.
+module Amazonka.WorkSpacesWeb.CreateUserAccessLoggingSettings
+  ( -- * Creating a Request
+    CreateUserAccessLoggingSettings (..),
+    newCreateUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    createUserAccessLoggingSettings_clientToken,
+    createUserAccessLoggingSettings_tags,
+    createUserAccessLoggingSettings_kinesisStreamArn,
+
+    -- * Destructuring the Response
+    CreateUserAccessLoggingSettingsResponse (..),
+    newCreateUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    createUserAccessLoggingSettingsResponse_httpStatus,
+    createUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreateUserAccessLoggingSettings' smart constructor.
+data CreateUserAccessLoggingSettings = CreateUserAccessLoggingSettings'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The tags to add to the user settings resource. A tag is a key-value
+    -- pair.
+    tags :: Prelude.Maybe [Data.Sensitive Tag],
+    -- | The ARN of the Kinesis stream.
+    kinesisStreamArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'createUserAccessLoggingSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'tags', 'createUserAccessLoggingSettings_tags' - The tags to add to the user settings resource. A tag is a key-value
+-- pair.
+--
+-- 'kinesisStreamArn', 'createUserAccessLoggingSettings_kinesisStreamArn' - The ARN of the Kinesis stream.
+newCreateUserAccessLoggingSettings ::
+  -- | 'kinesisStreamArn'
+  Prelude.Text ->
+  CreateUserAccessLoggingSettings
+newCreateUserAccessLoggingSettings pKinesisStreamArn_ =
+  CreateUserAccessLoggingSettings'
+    { clientToken =
+        Prelude.Nothing,
+      tags = Prelude.Nothing,
+      kinesisStreamArn = pKinesisStreamArn_
+    }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createUserAccessLoggingSettings_clientToken :: Lens.Lens' CreateUserAccessLoggingSettings (Prelude.Maybe Prelude.Text)
+createUserAccessLoggingSettings_clientToken = Lens.lens (\CreateUserAccessLoggingSettings' {clientToken} -> clientToken) (\s@CreateUserAccessLoggingSettings' {} a -> s {clientToken = a} :: CreateUserAccessLoggingSettings)
+
+-- | The tags to add to the user settings resource. A tag is a key-value
+-- pair.
+createUserAccessLoggingSettings_tags :: Lens.Lens' CreateUserAccessLoggingSettings (Prelude.Maybe [Tag])
+createUserAccessLoggingSettings_tags = Lens.lens (\CreateUserAccessLoggingSettings' {tags} -> tags) (\s@CreateUserAccessLoggingSettings' {} a -> s {tags = a} :: CreateUserAccessLoggingSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ARN of the Kinesis stream.
+createUserAccessLoggingSettings_kinesisStreamArn :: Lens.Lens' CreateUserAccessLoggingSettings Prelude.Text
+createUserAccessLoggingSettings_kinesisStreamArn = Lens.lens (\CreateUserAccessLoggingSettings' {kinesisStreamArn} -> kinesisStreamArn) (\s@CreateUserAccessLoggingSettings' {} a -> s {kinesisStreamArn = a} :: CreateUserAccessLoggingSettings)
+
+instance
+  Core.AWSRequest
+    CreateUserAccessLoggingSettings
+  where
+  type
+    AWSResponse CreateUserAccessLoggingSettings =
+      CreateUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateUserAccessLoggingSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "userAccessLoggingSettingsArn")
+      )
+
+instance
+  Prelude.Hashable
+    CreateUserAccessLoggingSettings
+  where
+  hashWithSalt
+    _salt
+    CreateUserAccessLoggingSettings' {..} =
+      _salt
+        `Prelude.hashWithSalt` clientToken
+        `Prelude.hashWithSalt` tags
+        `Prelude.hashWithSalt` kinesisStreamArn
+
+instance
+  Prelude.NFData
+    CreateUserAccessLoggingSettings
+  where
+  rnf CreateUserAccessLoggingSettings' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf kinesisStreamArn
+
+instance
+  Data.ToHeaders
+    CreateUserAccessLoggingSettings
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateUserAccessLoggingSettings where
+  toJSON CreateUserAccessLoggingSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just
+              ("kinesisStreamArn" Data..= kinesisStreamArn)
+          ]
+      )
+
+instance Data.ToPath CreateUserAccessLoggingSettings where
+  toPath = Prelude.const "/userAccessLoggingSettings"
+
+instance Data.ToQuery CreateUserAccessLoggingSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateUserAccessLoggingSettingsResponse' smart constructor.
+data CreateUserAccessLoggingSettingsResponse = CreateUserAccessLoggingSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'userAccessLoggingSettingsArn', 'createUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newCreateUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  CreateUserAccessLoggingSettingsResponse
+newCreateUserAccessLoggingSettingsResponse
+  pHttpStatus_
+  pUserAccessLoggingSettingsArn_ =
+    CreateUserAccessLoggingSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | The response's http status code.
+createUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' CreateUserAccessLoggingSettingsResponse Prelude.Int
+createUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\CreateUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@CreateUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: CreateUserAccessLoggingSettingsResponse)
+
+-- | The ARN of the user access logging settings.
+createUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn :: Lens.Lens' CreateUserAccessLoggingSettingsResponse Prelude.Text
+createUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn = Lens.lens (\CreateUserAccessLoggingSettingsResponse' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@CreateUserAccessLoggingSettingsResponse' {} a -> s {userAccessLoggingSettingsArn = a} :: CreateUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    CreateUserAccessLoggingSettingsResponse
+  where
+  rnf CreateUserAccessLoggingSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/CreateUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/CreateUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/CreateUserSettings.hs
@@ -0,0 +1,342 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.CreateUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Creates a user settings resource that can be associated with a web
+-- portal. Once associated with a web portal, user settings control how
+-- users can transfer data between a streaming session and the their local
+-- devices.
+module Amazonka.WorkSpacesWeb.CreateUserSettings
+  ( -- * Creating a Request
+    CreateUserSettings (..),
+    newCreateUserSettings,
+
+    -- * Request Lenses
+    createUserSettings_clientToken,
+    createUserSettings_disconnectTimeoutInMinutes,
+    createUserSettings_idleDisconnectTimeoutInMinutes,
+    createUserSettings_tags,
+    createUserSettings_copyAllowed,
+    createUserSettings_downloadAllowed,
+    createUserSettings_pasteAllowed,
+    createUserSettings_printAllowed,
+    createUserSettings_uploadAllowed,
+
+    -- * Destructuring the Response
+    CreateUserSettingsResponse (..),
+    newCreateUserSettingsResponse,
+
+    -- * Response Lenses
+    createUserSettingsResponse_httpStatus,
+    createUserSettingsResponse_userSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newCreateUserSettings' smart constructor.
+data CreateUserSettings = CreateUserSettings'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The amount of time that a streaming session remains active after users
+    -- disconnect.
+    disconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | The amount of time that users can be idle (inactive) before they are
+    -- disconnected from their streaming session and the disconnect timeout
+    -- interval begins.
+    idleDisconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | The tags to add to the user settings resource. A tag is a key-value
+    -- pair.
+    tags :: Prelude.Maybe [Data.Sensitive Tag],
+    -- | Specifies whether the user can copy text from the streaming session to
+    -- the local device.
+    copyAllowed :: EnabledType,
+    -- | Specifies whether the user can download files from the streaming session
+    -- to the local device.
+    downloadAllowed :: EnabledType,
+    -- | Specifies whether the user can paste text from the local device to the
+    -- streaming session.
+    pasteAllowed :: EnabledType,
+    -- | Specifies whether the user can print to the local device.
+    printAllowed :: EnabledType,
+    -- | Specifies whether the user can upload files from the local device to the
+    -- streaming session.
+    uploadAllowed :: EnabledType
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'createUserSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'disconnectTimeoutInMinutes', 'createUserSettings_disconnectTimeoutInMinutes' - The amount of time that a streaming session remains active after users
+-- disconnect.
+--
+-- 'idleDisconnectTimeoutInMinutes', 'createUserSettings_idleDisconnectTimeoutInMinutes' - The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+--
+-- 'tags', 'createUserSettings_tags' - The tags to add to the user settings resource. A tag is a key-value
+-- pair.
+--
+-- 'copyAllowed', 'createUserSettings_copyAllowed' - Specifies whether the user can copy text from the streaming session to
+-- the local device.
+--
+-- 'downloadAllowed', 'createUserSettings_downloadAllowed' - Specifies whether the user can download files from the streaming session
+-- to the local device.
+--
+-- 'pasteAllowed', 'createUserSettings_pasteAllowed' - Specifies whether the user can paste text from the local device to the
+-- streaming session.
+--
+-- 'printAllowed', 'createUserSettings_printAllowed' - Specifies whether the user can print to the local device.
+--
+-- 'uploadAllowed', 'createUserSettings_uploadAllowed' - Specifies whether the user can upload files from the local device to the
+-- streaming session.
+newCreateUserSettings ::
+  -- | 'copyAllowed'
+  EnabledType ->
+  -- | 'downloadAllowed'
+  EnabledType ->
+  -- | 'pasteAllowed'
+  EnabledType ->
+  -- | 'printAllowed'
+  EnabledType ->
+  -- | 'uploadAllowed'
+  EnabledType ->
+  CreateUserSettings
+newCreateUserSettings
+  pCopyAllowed_
+  pDownloadAllowed_
+  pPasteAllowed_
+  pPrintAllowed_
+  pUploadAllowed_ =
+    CreateUserSettings'
+      { clientToken = Prelude.Nothing,
+        disconnectTimeoutInMinutes = Prelude.Nothing,
+        idleDisconnectTimeoutInMinutes = Prelude.Nothing,
+        tags = Prelude.Nothing,
+        copyAllowed = pCopyAllowed_,
+        downloadAllowed = pDownloadAllowed_,
+        pasteAllowed = pPasteAllowed_,
+        printAllowed = pPrintAllowed_,
+        uploadAllowed = pUploadAllowed_
+      }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+createUserSettings_clientToken :: Lens.Lens' CreateUserSettings (Prelude.Maybe Prelude.Text)
+createUserSettings_clientToken = Lens.lens (\CreateUserSettings' {clientToken} -> clientToken) (\s@CreateUserSettings' {} a -> s {clientToken = a} :: CreateUserSettings)
+
+-- | The amount of time that a streaming session remains active after users
+-- disconnect.
+createUserSettings_disconnectTimeoutInMinutes :: Lens.Lens' CreateUserSettings (Prelude.Maybe Prelude.Natural)
+createUserSettings_disconnectTimeoutInMinutes = Lens.lens (\CreateUserSettings' {disconnectTimeoutInMinutes} -> disconnectTimeoutInMinutes) (\s@CreateUserSettings' {} a -> s {disconnectTimeoutInMinutes = a} :: CreateUserSettings)
+
+-- | The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+createUserSettings_idleDisconnectTimeoutInMinutes :: Lens.Lens' CreateUserSettings (Prelude.Maybe Prelude.Natural)
+createUserSettings_idleDisconnectTimeoutInMinutes = Lens.lens (\CreateUserSettings' {idleDisconnectTimeoutInMinutes} -> idleDisconnectTimeoutInMinutes) (\s@CreateUserSettings' {} a -> s {idleDisconnectTimeoutInMinutes = a} :: CreateUserSettings)
+
+-- | The tags to add to the user settings resource. A tag is a key-value
+-- pair.
+createUserSettings_tags :: Lens.Lens' CreateUserSettings (Prelude.Maybe [Tag])
+createUserSettings_tags = Lens.lens (\CreateUserSettings' {tags} -> tags) (\s@CreateUserSettings' {} a -> s {tags = a} :: CreateUserSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether the user can copy text from the streaming session to
+-- the local device.
+createUserSettings_copyAllowed :: Lens.Lens' CreateUserSettings EnabledType
+createUserSettings_copyAllowed = Lens.lens (\CreateUserSettings' {copyAllowed} -> copyAllowed) (\s@CreateUserSettings' {} a -> s {copyAllowed = a} :: CreateUserSettings)
+
+-- | Specifies whether the user can download files from the streaming session
+-- to the local device.
+createUserSettings_downloadAllowed :: Lens.Lens' CreateUserSettings EnabledType
+createUserSettings_downloadAllowed = Lens.lens (\CreateUserSettings' {downloadAllowed} -> downloadAllowed) (\s@CreateUserSettings' {} a -> s {downloadAllowed = a} :: CreateUserSettings)
+
+-- | Specifies whether the user can paste text from the local device to the
+-- streaming session.
+createUserSettings_pasteAllowed :: Lens.Lens' CreateUserSettings EnabledType
+createUserSettings_pasteAllowed = Lens.lens (\CreateUserSettings' {pasteAllowed} -> pasteAllowed) (\s@CreateUserSettings' {} a -> s {pasteAllowed = a} :: CreateUserSettings)
+
+-- | Specifies whether the user can print to the local device.
+createUserSettings_printAllowed :: Lens.Lens' CreateUserSettings EnabledType
+createUserSettings_printAllowed = Lens.lens (\CreateUserSettings' {printAllowed} -> printAllowed) (\s@CreateUserSettings' {} a -> s {printAllowed = a} :: CreateUserSettings)
+
+-- | Specifies whether the user can upload files from the local device to the
+-- streaming session.
+createUserSettings_uploadAllowed :: Lens.Lens' CreateUserSettings EnabledType
+createUserSettings_uploadAllowed = Lens.lens (\CreateUserSettings' {uploadAllowed} -> uploadAllowed) (\s@CreateUserSettings' {} a -> s {uploadAllowed = a} :: CreateUserSettings)
+
+instance Core.AWSRequest CreateUserSettings where
+  type
+    AWSResponse CreateUserSettings =
+      CreateUserSettingsResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          CreateUserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "userSettingsArn")
+      )
+
+instance Prelude.Hashable CreateUserSettings where
+  hashWithSalt _salt CreateUserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` disconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` idleDisconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` tags
+      `Prelude.hashWithSalt` copyAllowed
+      `Prelude.hashWithSalt` downloadAllowed
+      `Prelude.hashWithSalt` pasteAllowed
+      `Prelude.hashWithSalt` printAllowed
+      `Prelude.hashWithSalt` uploadAllowed
+
+instance Prelude.NFData CreateUserSettings where
+  rnf CreateUserSettings' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf disconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf idleDisconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf copyAllowed
+      `Prelude.seq` Prelude.rnf downloadAllowed
+      `Prelude.seq` Prelude.rnf pasteAllowed
+      `Prelude.seq` Prelude.rnf printAllowed
+      `Prelude.seq` Prelude.rnf uploadAllowed
+
+instance Data.ToHeaders CreateUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON CreateUserSettings where
+  toJSON CreateUserSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("disconnectTimeoutInMinutes" Data..=)
+              Prelude.<$> disconnectTimeoutInMinutes,
+            ("idleDisconnectTimeoutInMinutes" Data..=)
+              Prelude.<$> idleDisconnectTimeoutInMinutes,
+            ("tags" Data..=) Prelude.<$> tags,
+            Prelude.Just ("copyAllowed" Data..= copyAllowed),
+            Prelude.Just
+              ("downloadAllowed" Data..= downloadAllowed),
+            Prelude.Just ("pasteAllowed" Data..= pasteAllowed),
+            Prelude.Just ("printAllowed" Data..= printAllowed),
+            Prelude.Just
+              ("uploadAllowed" Data..= uploadAllowed)
+          ]
+      )
+
+instance Data.ToPath CreateUserSettings where
+  toPath = Prelude.const "/userSettings"
+
+instance Data.ToQuery CreateUserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newCreateUserSettingsResponse' smart constructor.
+data CreateUserSettingsResponse = CreateUserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CreateUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'createUserSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'userSettingsArn', 'createUserSettingsResponse_userSettingsArn' - The ARN of the user settings.
+newCreateUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  CreateUserSettingsResponse
+newCreateUserSettingsResponse
+  pHttpStatus_
+  pUserSettingsArn_ =
+    CreateUserSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        userSettingsArn = pUserSettingsArn_
+      }
+
+-- | The response's http status code.
+createUserSettingsResponse_httpStatus :: Lens.Lens' CreateUserSettingsResponse Prelude.Int
+createUserSettingsResponse_httpStatus = Lens.lens (\CreateUserSettingsResponse' {httpStatus} -> httpStatus) (\s@CreateUserSettingsResponse' {} a -> s {httpStatus = a} :: CreateUserSettingsResponse)
+
+-- | The ARN of the user settings.
+createUserSettingsResponse_userSettingsArn :: Lens.Lens' CreateUserSettingsResponse Prelude.Text
+createUserSettingsResponse_userSettingsArn = Lens.lens (\CreateUserSettingsResponse' {userSettingsArn} -> userSettingsArn) (\s@CreateUserSettingsResponse' {} a -> s {userSettingsArn = a} :: CreateUserSettingsResponse)
+
+instance Prelude.NFData CreateUserSettingsResponse where
+  rnf CreateUserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf userSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/DeleteBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/DeleteBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeleteBrowserSettings.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeleteBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes browser settings.
+module Amazonka.WorkSpacesWeb.DeleteBrowserSettings
+  ( -- * Creating a Request
+    DeleteBrowserSettings (..),
+    newDeleteBrowserSettings,
+
+    -- * Request Lenses
+    deleteBrowserSettings_browserSettingsArn,
+
+    -- * Destructuring the Response
+    DeleteBrowserSettingsResponse (..),
+    newDeleteBrowserSettingsResponse,
+
+    -- * Response Lenses
+    deleteBrowserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeleteBrowserSettings' smart constructor.
+data DeleteBrowserSettings = DeleteBrowserSettings'
+  { -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettingsArn', 'deleteBrowserSettings_browserSettingsArn' - The ARN of the browser settings.
+newDeleteBrowserSettings ::
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  DeleteBrowserSettings
+newDeleteBrowserSettings pBrowserSettingsArn_ =
+  DeleteBrowserSettings'
+    { browserSettingsArn =
+        pBrowserSettingsArn_
+    }
+
+-- | The ARN of the browser settings.
+deleteBrowserSettings_browserSettingsArn :: Lens.Lens' DeleteBrowserSettings Prelude.Text
+deleteBrowserSettings_browserSettingsArn = Lens.lens (\DeleteBrowserSettings' {browserSettingsArn} -> browserSettingsArn) (\s@DeleteBrowserSettings' {} a -> s {browserSettingsArn = a} :: DeleteBrowserSettings)
+
+instance Core.AWSRequest DeleteBrowserSettings where
+  type
+    AWSResponse DeleteBrowserSettings =
+      DeleteBrowserSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteBrowserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteBrowserSettings where
+  hashWithSalt _salt DeleteBrowserSettings' {..} =
+    _salt `Prelude.hashWithSalt` browserSettingsArn
+
+instance Prelude.NFData DeleteBrowserSettings where
+  rnf DeleteBrowserSettings' {..} =
+    Prelude.rnf browserSettingsArn
+
+instance Data.ToHeaders DeleteBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteBrowserSettings where
+  toPath DeleteBrowserSettings' {..} =
+    Prelude.mconcat
+      ["/browserSettings/", Data.toBS browserSettingsArn]
+
+instance Data.ToQuery DeleteBrowserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteBrowserSettingsResponse' smart constructor.
+data DeleteBrowserSettingsResponse = DeleteBrowserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteBrowserSettingsResponse_httpStatus' - The response's http status code.
+newDeleteBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteBrowserSettingsResponse
+newDeleteBrowserSettingsResponse pHttpStatus_ =
+  DeleteBrowserSettingsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteBrowserSettingsResponse_httpStatus :: Lens.Lens' DeleteBrowserSettingsResponse Prelude.Int
+deleteBrowserSettingsResponse_httpStatus = Lens.lens (\DeleteBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@DeleteBrowserSettingsResponse' {} a -> s {httpStatus = a} :: DeleteBrowserSettingsResponse)
+
+instance Prelude.NFData DeleteBrowserSettingsResponse where
+  rnf DeleteBrowserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DeleteIdentityProvider.hs b/gen/Amazonka/WorkSpacesWeb/DeleteIdentityProvider.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeleteIdentityProvider.hs
@@ -0,0 +1,156 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeleteIdentityProvider
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the identity provider.
+module Amazonka.WorkSpacesWeb.DeleteIdentityProvider
+  ( -- * Creating a Request
+    DeleteIdentityProvider (..),
+    newDeleteIdentityProvider,
+
+    -- * Request Lenses
+    deleteIdentityProvider_identityProviderArn,
+
+    -- * Destructuring the Response
+    DeleteIdentityProviderResponse (..),
+    newDeleteIdentityProviderResponse,
+
+    -- * Response Lenses
+    deleteIdentityProviderResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeleteIdentityProvider' smart constructor.
+data DeleteIdentityProvider = DeleteIdentityProvider'
+  { -- | The ARN of the identity provider.
+    identityProviderArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteIdentityProvider' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'identityProviderArn', 'deleteIdentityProvider_identityProviderArn' - The ARN of the identity provider.
+newDeleteIdentityProvider ::
+  -- | 'identityProviderArn'
+  Prelude.Text ->
+  DeleteIdentityProvider
+newDeleteIdentityProvider pIdentityProviderArn_ =
+  DeleteIdentityProvider'
+    { identityProviderArn =
+        pIdentityProviderArn_
+    }
+
+-- | The ARN of the identity provider.
+deleteIdentityProvider_identityProviderArn :: Lens.Lens' DeleteIdentityProvider Prelude.Text
+deleteIdentityProvider_identityProviderArn = Lens.lens (\DeleteIdentityProvider' {identityProviderArn} -> identityProviderArn) (\s@DeleteIdentityProvider' {} a -> s {identityProviderArn = a} :: DeleteIdentityProvider)
+
+instance Core.AWSRequest DeleteIdentityProvider where
+  type
+    AWSResponse DeleteIdentityProvider =
+      DeleteIdentityProviderResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteIdentityProviderResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteIdentityProvider where
+  hashWithSalt _salt DeleteIdentityProvider' {..} =
+    _salt `Prelude.hashWithSalt` identityProviderArn
+
+instance Prelude.NFData DeleteIdentityProvider where
+  rnf DeleteIdentityProvider' {..} =
+    Prelude.rnf identityProviderArn
+
+instance Data.ToHeaders DeleteIdentityProvider where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteIdentityProvider where
+  toPath DeleteIdentityProvider' {..} =
+    Prelude.mconcat
+      [ "/identityProviders/",
+        Data.toBS identityProviderArn
+      ]
+
+instance Data.ToQuery DeleteIdentityProvider where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteIdentityProviderResponse' smart constructor.
+data DeleteIdentityProviderResponse = DeleteIdentityProviderResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteIdentityProviderResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteIdentityProviderResponse_httpStatus' - The response's http status code.
+newDeleteIdentityProviderResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteIdentityProviderResponse
+newDeleteIdentityProviderResponse pHttpStatus_ =
+  DeleteIdentityProviderResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteIdentityProviderResponse_httpStatus :: Lens.Lens' DeleteIdentityProviderResponse Prelude.Int
+deleteIdentityProviderResponse_httpStatus = Lens.lens (\DeleteIdentityProviderResponse' {httpStatus} -> httpStatus) (\s@DeleteIdentityProviderResponse' {} a -> s {httpStatus = a} :: DeleteIdentityProviderResponse)
+
+instance
+  Prelude.NFData
+    DeleteIdentityProviderResponse
+  where
+  rnf DeleteIdentityProviderResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DeleteNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/DeleteNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeleteNetworkSettings.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeleteNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes network settings.
+module Amazonka.WorkSpacesWeb.DeleteNetworkSettings
+  ( -- * Creating a Request
+    DeleteNetworkSettings (..),
+    newDeleteNetworkSettings,
+
+    -- * Request Lenses
+    deleteNetworkSettings_networkSettingsArn,
+
+    -- * Destructuring the Response
+    DeleteNetworkSettingsResponse (..),
+    newDeleteNetworkSettingsResponse,
+
+    -- * Response Lenses
+    deleteNetworkSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeleteNetworkSettings' smart constructor.
+data DeleteNetworkSettings = DeleteNetworkSettings'
+  { -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'networkSettingsArn', 'deleteNetworkSettings_networkSettingsArn' - The ARN of the network settings.
+newDeleteNetworkSettings ::
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  DeleteNetworkSettings
+newDeleteNetworkSettings pNetworkSettingsArn_ =
+  DeleteNetworkSettings'
+    { networkSettingsArn =
+        pNetworkSettingsArn_
+    }
+
+-- | The ARN of the network settings.
+deleteNetworkSettings_networkSettingsArn :: Lens.Lens' DeleteNetworkSettings Prelude.Text
+deleteNetworkSettings_networkSettingsArn = Lens.lens (\DeleteNetworkSettings' {networkSettingsArn} -> networkSettingsArn) (\s@DeleteNetworkSettings' {} a -> s {networkSettingsArn = a} :: DeleteNetworkSettings)
+
+instance Core.AWSRequest DeleteNetworkSettings where
+  type
+    AWSResponse DeleteNetworkSettings =
+      DeleteNetworkSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteNetworkSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteNetworkSettings where
+  hashWithSalt _salt DeleteNetworkSettings' {..} =
+    _salt `Prelude.hashWithSalt` networkSettingsArn
+
+instance Prelude.NFData DeleteNetworkSettings where
+  rnf DeleteNetworkSettings' {..} =
+    Prelude.rnf networkSettingsArn
+
+instance Data.ToHeaders DeleteNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteNetworkSettings where
+  toPath DeleteNetworkSettings' {..} =
+    Prelude.mconcat
+      ["/networkSettings/", Data.toBS networkSettingsArn]
+
+instance Data.ToQuery DeleteNetworkSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteNetworkSettingsResponse' smart constructor.
+data DeleteNetworkSettingsResponse = DeleteNetworkSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteNetworkSettingsResponse_httpStatus' - The response's http status code.
+newDeleteNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteNetworkSettingsResponse
+newDeleteNetworkSettingsResponse pHttpStatus_ =
+  DeleteNetworkSettingsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteNetworkSettingsResponse_httpStatus :: Lens.Lens' DeleteNetworkSettingsResponse Prelude.Int
+deleteNetworkSettingsResponse_httpStatus = Lens.lens (\DeleteNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@DeleteNetworkSettingsResponse' {} a -> s {httpStatus = a} :: DeleteNetworkSettingsResponse)
+
+instance Prelude.NFData DeleteNetworkSettingsResponse where
+  rnf DeleteNetworkSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DeletePortal.hs b/gen/Amazonka/WorkSpacesWeb/DeletePortal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeletePortal.hs
@@ -0,0 +1,141 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeletePortal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes a web portal.
+module Amazonka.WorkSpacesWeb.DeletePortal
+  ( -- * Creating a Request
+    DeletePortal (..),
+    newDeletePortal,
+
+    -- * Request Lenses
+    deletePortal_portalArn,
+
+    -- * Destructuring the Response
+    DeletePortalResponse (..),
+    newDeletePortalResponse,
+
+    -- * Response Lenses
+    deletePortalResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeletePortal' smart constructor.
+data DeletePortal = DeletePortal'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeletePortal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'deletePortal_portalArn' - The ARN of the web portal.
+newDeletePortal ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  DeletePortal
+newDeletePortal pPortalArn_ =
+  DeletePortal' {portalArn = pPortalArn_}
+
+-- | The ARN of the web portal.
+deletePortal_portalArn :: Lens.Lens' DeletePortal Prelude.Text
+deletePortal_portalArn = Lens.lens (\DeletePortal' {portalArn} -> portalArn) (\s@DeletePortal' {} a -> s {portalArn = a} :: DeletePortal)
+
+instance Core.AWSRequest DeletePortal where
+  type AWSResponse DeletePortal = DeletePortalResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeletePortalResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeletePortal where
+  hashWithSalt _salt DeletePortal' {..} =
+    _salt `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData DeletePortal where
+  rnf DeletePortal' {..} = Prelude.rnf portalArn
+
+instance Data.ToHeaders DeletePortal where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeletePortal where
+  toPath DeletePortal' {..} =
+    Prelude.mconcat ["/portals/", Data.toBS portalArn]
+
+instance Data.ToQuery DeletePortal where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeletePortalResponse' smart constructor.
+data DeletePortalResponse = DeletePortalResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeletePortalResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deletePortalResponse_httpStatus' - The response's http status code.
+newDeletePortalResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeletePortalResponse
+newDeletePortalResponse pHttpStatus_ =
+  DeletePortalResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+deletePortalResponse_httpStatus :: Lens.Lens' DeletePortalResponse Prelude.Int
+deletePortalResponse_httpStatus = Lens.lens (\DeletePortalResponse' {httpStatus} -> httpStatus) (\s@DeletePortalResponse' {} a -> s {httpStatus = a} :: DeletePortalResponse)
+
+instance Prelude.NFData DeletePortalResponse where
+  rnf DeletePortalResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DeleteTrustStore.hs b/gen/Amazonka/WorkSpacesWeb/DeleteTrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeleteTrustStore.hs
@@ -0,0 +1,147 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeleteTrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes the trust store.
+module Amazonka.WorkSpacesWeb.DeleteTrustStore
+  ( -- * Creating a Request
+    DeleteTrustStore (..),
+    newDeleteTrustStore,
+
+    -- * Request Lenses
+    deleteTrustStore_trustStoreArn,
+
+    -- * Destructuring the Response
+    DeleteTrustStoreResponse (..),
+    newDeleteTrustStoreResponse,
+
+    -- * Response Lenses
+    deleteTrustStoreResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeleteTrustStore' smart constructor.
+data DeleteTrustStore = DeleteTrustStore'
+  { -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteTrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'trustStoreArn', 'deleteTrustStore_trustStoreArn' - The ARN of the trust store.
+newDeleteTrustStore ::
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  DeleteTrustStore
+newDeleteTrustStore pTrustStoreArn_ =
+  DeleteTrustStore' {trustStoreArn = pTrustStoreArn_}
+
+-- | The ARN of the trust store.
+deleteTrustStore_trustStoreArn :: Lens.Lens' DeleteTrustStore Prelude.Text
+deleteTrustStore_trustStoreArn = Lens.lens (\DeleteTrustStore' {trustStoreArn} -> trustStoreArn) (\s@DeleteTrustStore' {} a -> s {trustStoreArn = a} :: DeleteTrustStore)
+
+instance Core.AWSRequest DeleteTrustStore where
+  type
+    AWSResponse DeleteTrustStore =
+      DeleteTrustStoreResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteTrustStoreResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteTrustStore where
+  hashWithSalt _salt DeleteTrustStore' {..} =
+    _salt `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData DeleteTrustStore where
+  rnf DeleteTrustStore' {..} = Prelude.rnf trustStoreArn
+
+instance Data.ToHeaders DeleteTrustStore where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteTrustStore where
+  toPath DeleteTrustStore' {..} =
+    Prelude.mconcat
+      ["/trustStores/", Data.toBS trustStoreArn]
+
+instance Data.ToQuery DeleteTrustStore where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteTrustStoreResponse' smart constructor.
+data DeleteTrustStoreResponse = DeleteTrustStoreResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteTrustStoreResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteTrustStoreResponse_httpStatus' - The response's http status code.
+newDeleteTrustStoreResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteTrustStoreResponse
+newDeleteTrustStoreResponse pHttpStatus_ =
+  DeleteTrustStoreResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteTrustStoreResponse_httpStatus :: Lens.Lens' DeleteTrustStoreResponse Prelude.Int
+deleteTrustStoreResponse_httpStatus = Lens.lens (\DeleteTrustStoreResponse' {httpStatus} -> httpStatus) (\s@DeleteTrustStoreResponse' {} a -> s {httpStatus = a} :: DeleteTrustStoreResponse)
+
+instance Prelude.NFData DeleteTrustStoreResponse where
+  rnf DeleteTrustStoreResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DeleteUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/DeleteUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeleteUserAccessLoggingSettings.hs
@@ -0,0 +1,173 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeleteUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes user access logging settings.
+module Amazonka.WorkSpacesWeb.DeleteUserAccessLoggingSettings
+  ( -- * Creating a Request
+    DeleteUserAccessLoggingSettings (..),
+    newDeleteUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    deleteUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+
+    -- * Destructuring the Response
+    DeleteUserAccessLoggingSettingsResponse (..),
+    newDeleteUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    deleteUserAccessLoggingSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeleteUserAccessLoggingSettings' smart constructor.
+data DeleteUserAccessLoggingSettings = DeleteUserAccessLoggingSettings'
+  { -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userAccessLoggingSettingsArn', 'deleteUserAccessLoggingSettings_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newDeleteUserAccessLoggingSettings ::
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  DeleteUserAccessLoggingSettings
+newDeleteUserAccessLoggingSettings
+  pUserAccessLoggingSettingsArn_ =
+    DeleteUserAccessLoggingSettings'
+      { userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | The ARN of the user access logging settings.
+deleteUserAccessLoggingSettings_userAccessLoggingSettingsArn :: Lens.Lens' DeleteUserAccessLoggingSettings Prelude.Text
+deleteUserAccessLoggingSettings_userAccessLoggingSettingsArn = Lens.lens (\DeleteUserAccessLoggingSettings' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@DeleteUserAccessLoggingSettings' {} a -> s {userAccessLoggingSettingsArn = a} :: DeleteUserAccessLoggingSettings)
+
+instance
+  Core.AWSRequest
+    DeleteUserAccessLoggingSettings
+  where
+  type
+    AWSResponse DeleteUserAccessLoggingSettings =
+      DeleteUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteUserAccessLoggingSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DeleteUserAccessLoggingSettings
+  where
+  hashWithSalt
+    _salt
+    DeleteUserAccessLoggingSettings' {..} =
+      _salt
+        `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+
+instance
+  Prelude.NFData
+    DeleteUserAccessLoggingSettings
+  where
+  rnf DeleteUserAccessLoggingSettings' {..} =
+    Prelude.rnf userAccessLoggingSettingsArn
+
+instance
+  Data.ToHeaders
+    DeleteUserAccessLoggingSettings
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteUserAccessLoggingSettings where
+  toPath DeleteUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "/userAccessLoggingSettings/",
+        Data.toBS userAccessLoggingSettingsArn
+      ]
+
+instance Data.ToQuery DeleteUserAccessLoggingSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteUserAccessLoggingSettingsResponse' smart constructor.
+data DeleteUserAccessLoggingSettingsResponse = DeleteUserAccessLoggingSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+newDeleteUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteUserAccessLoggingSettingsResponse
+newDeleteUserAccessLoggingSettingsResponse
+  pHttpStatus_ =
+    DeleteUserAccessLoggingSettingsResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+deleteUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' DeleteUserAccessLoggingSettingsResponse Prelude.Int
+deleteUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\DeleteUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@DeleteUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: DeleteUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    DeleteUserAccessLoggingSettingsResponse
+  where
+  rnf DeleteUserAccessLoggingSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DeleteUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/DeleteUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DeleteUserSettings.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DeleteUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Deletes user settings.
+module Amazonka.WorkSpacesWeb.DeleteUserSettings
+  ( -- * Creating a Request
+    DeleteUserSettings (..),
+    newDeleteUserSettings,
+
+    -- * Request Lenses
+    deleteUserSettings_userSettingsArn,
+
+    -- * Destructuring the Response
+    DeleteUserSettingsResponse (..),
+    newDeleteUserSettingsResponse,
+
+    -- * Response Lenses
+    deleteUserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDeleteUserSettings' smart constructor.
+data DeleteUserSettings = DeleteUserSettings'
+  { -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userSettingsArn', 'deleteUserSettings_userSettingsArn' - The ARN of the user settings.
+newDeleteUserSettings ::
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  DeleteUserSettings
+newDeleteUserSettings pUserSettingsArn_ =
+  DeleteUserSettings'
+    { userSettingsArn =
+        pUserSettingsArn_
+    }
+
+-- | The ARN of the user settings.
+deleteUserSettings_userSettingsArn :: Lens.Lens' DeleteUserSettings Prelude.Text
+deleteUserSettings_userSettingsArn = Lens.lens (\DeleteUserSettings' {userSettingsArn} -> userSettingsArn) (\s@DeleteUserSettings' {} a -> s {userSettingsArn = a} :: DeleteUserSettings)
+
+instance Core.AWSRequest DeleteUserSettings where
+  type
+    AWSResponse DeleteUserSettings =
+      DeleteUserSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DeleteUserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DeleteUserSettings where
+  hashWithSalt _salt DeleteUserSettings' {..} =
+    _salt `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData DeleteUserSettings where
+  rnf DeleteUserSettings' {..} =
+    Prelude.rnf userSettingsArn
+
+instance Data.ToHeaders DeleteUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DeleteUserSettings where
+  toPath DeleteUserSettings' {..} =
+    Prelude.mconcat
+      ["/userSettings/", Data.toBS userSettingsArn]
+
+instance Data.ToQuery DeleteUserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDeleteUserSettingsResponse' smart constructor.
+data DeleteUserSettingsResponse = DeleteUserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DeleteUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'deleteUserSettingsResponse_httpStatus' - The response's http status code.
+newDeleteUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DeleteUserSettingsResponse
+newDeleteUserSettingsResponse pHttpStatus_ =
+  DeleteUserSettingsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+deleteUserSettingsResponse_httpStatus :: Lens.Lens' DeleteUserSettingsResponse Prelude.Int
+deleteUserSettingsResponse_httpStatus = Lens.lens (\DeleteUserSettingsResponse' {httpStatus} -> httpStatus) (\s@DeleteUserSettingsResponse' {} a -> s {httpStatus = a} :: DeleteUserSettingsResponse)
+
+instance Prelude.NFData DeleteUserSettingsResponse where
+  rnf DeleteUserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DisassociateBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/DisassociateBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DisassociateBrowserSettings.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DisassociateBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disassociates browser settings from a web portal.
+module Amazonka.WorkSpacesWeb.DisassociateBrowserSettings
+  ( -- * Creating a Request
+    DisassociateBrowserSettings (..),
+    newDisassociateBrowserSettings,
+
+    -- * Request Lenses
+    disassociateBrowserSettings_portalArn,
+
+    -- * Destructuring the Response
+    DisassociateBrowserSettingsResponse (..),
+    newDisassociateBrowserSettingsResponse,
+
+    -- * Response Lenses
+    disassociateBrowserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDisassociateBrowserSettings' smart constructor.
+data DisassociateBrowserSettings = DisassociateBrowserSettings'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'disassociateBrowserSettings_portalArn' - The ARN of the web portal.
+newDisassociateBrowserSettings ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  DisassociateBrowserSettings
+newDisassociateBrowserSettings pPortalArn_ =
+  DisassociateBrowserSettings'
+    { portalArn =
+        pPortalArn_
+    }
+
+-- | The ARN of the web portal.
+disassociateBrowserSettings_portalArn :: Lens.Lens' DisassociateBrowserSettings Prelude.Text
+disassociateBrowserSettings_portalArn = Lens.lens (\DisassociateBrowserSettings' {portalArn} -> portalArn) (\s@DisassociateBrowserSettings' {} a -> s {portalArn = a} :: DisassociateBrowserSettings)
+
+instance Core.AWSRequest DisassociateBrowserSettings where
+  type
+    AWSResponse DisassociateBrowserSettings =
+      DisassociateBrowserSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DisassociateBrowserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DisassociateBrowserSettings where
+  hashWithSalt _salt DisassociateBrowserSettings' {..} =
+    _salt `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData DisassociateBrowserSettings where
+  rnf DisassociateBrowserSettings' {..} =
+    Prelude.rnf portalArn
+
+instance Data.ToHeaders DisassociateBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DisassociateBrowserSettings where
+  toPath DisassociateBrowserSettings' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/browserSettings"
+      ]
+
+instance Data.ToQuery DisassociateBrowserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDisassociateBrowserSettingsResponse' smart constructor.
+data DisassociateBrowserSettingsResponse = DisassociateBrowserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'disassociateBrowserSettingsResponse_httpStatus' - The response's http status code.
+newDisassociateBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DisassociateBrowserSettingsResponse
+newDisassociateBrowserSettingsResponse pHttpStatus_ =
+  DisassociateBrowserSettingsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+disassociateBrowserSettingsResponse_httpStatus :: Lens.Lens' DisassociateBrowserSettingsResponse Prelude.Int
+disassociateBrowserSettingsResponse_httpStatus = Lens.lens (\DisassociateBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@DisassociateBrowserSettingsResponse' {} a -> s {httpStatus = a} :: DisassociateBrowserSettingsResponse)
+
+instance
+  Prelude.NFData
+    DisassociateBrowserSettingsResponse
+  where
+  rnf DisassociateBrowserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DisassociateNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/DisassociateNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DisassociateNetworkSettings.hs
@@ -0,0 +1,157 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DisassociateNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disassociates network settings from a web portal.
+module Amazonka.WorkSpacesWeb.DisassociateNetworkSettings
+  ( -- * Creating a Request
+    DisassociateNetworkSettings (..),
+    newDisassociateNetworkSettings,
+
+    -- * Request Lenses
+    disassociateNetworkSettings_portalArn,
+
+    -- * Destructuring the Response
+    DisassociateNetworkSettingsResponse (..),
+    newDisassociateNetworkSettingsResponse,
+
+    -- * Response Lenses
+    disassociateNetworkSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDisassociateNetworkSettings' smart constructor.
+data DisassociateNetworkSettings = DisassociateNetworkSettings'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'disassociateNetworkSettings_portalArn' - The ARN of the web portal.
+newDisassociateNetworkSettings ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  DisassociateNetworkSettings
+newDisassociateNetworkSettings pPortalArn_ =
+  DisassociateNetworkSettings'
+    { portalArn =
+        pPortalArn_
+    }
+
+-- | The ARN of the web portal.
+disassociateNetworkSettings_portalArn :: Lens.Lens' DisassociateNetworkSettings Prelude.Text
+disassociateNetworkSettings_portalArn = Lens.lens (\DisassociateNetworkSettings' {portalArn} -> portalArn) (\s@DisassociateNetworkSettings' {} a -> s {portalArn = a} :: DisassociateNetworkSettings)
+
+instance Core.AWSRequest DisassociateNetworkSettings where
+  type
+    AWSResponse DisassociateNetworkSettings =
+      DisassociateNetworkSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DisassociateNetworkSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DisassociateNetworkSettings where
+  hashWithSalt _salt DisassociateNetworkSettings' {..} =
+    _salt `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData DisassociateNetworkSettings where
+  rnf DisassociateNetworkSettings' {..} =
+    Prelude.rnf portalArn
+
+instance Data.ToHeaders DisassociateNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DisassociateNetworkSettings where
+  toPath DisassociateNetworkSettings' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/networkSettings"
+      ]
+
+instance Data.ToQuery DisassociateNetworkSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDisassociateNetworkSettingsResponse' smart constructor.
+data DisassociateNetworkSettingsResponse = DisassociateNetworkSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'disassociateNetworkSettingsResponse_httpStatus' - The response's http status code.
+newDisassociateNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DisassociateNetworkSettingsResponse
+newDisassociateNetworkSettingsResponse pHttpStatus_ =
+  DisassociateNetworkSettingsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+disassociateNetworkSettingsResponse_httpStatus :: Lens.Lens' DisassociateNetworkSettingsResponse Prelude.Int
+disassociateNetworkSettingsResponse_httpStatus = Lens.lens (\DisassociateNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@DisassociateNetworkSettingsResponse' {} a -> s {httpStatus = a} :: DisassociateNetworkSettingsResponse)
+
+instance
+  Prelude.NFData
+    DisassociateNetworkSettingsResponse
+  where
+  rnf DisassociateNetworkSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DisassociateTrustStore.hs b/gen/Amazonka/WorkSpacesWeb/DisassociateTrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DisassociateTrustStore.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DisassociateTrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disassociates a trust store from a web portal.
+module Amazonka.WorkSpacesWeb.DisassociateTrustStore
+  ( -- * Creating a Request
+    DisassociateTrustStore (..),
+    newDisassociateTrustStore,
+
+    -- * Request Lenses
+    disassociateTrustStore_portalArn,
+
+    -- * Destructuring the Response
+    DisassociateTrustStoreResponse (..),
+    newDisassociateTrustStoreResponse,
+
+    -- * Response Lenses
+    disassociateTrustStoreResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDisassociateTrustStore' smart constructor.
+data DisassociateTrustStore = DisassociateTrustStore'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateTrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'disassociateTrustStore_portalArn' - The ARN of the web portal.
+newDisassociateTrustStore ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  DisassociateTrustStore
+newDisassociateTrustStore pPortalArn_ =
+  DisassociateTrustStore' {portalArn = pPortalArn_}
+
+-- | The ARN of the web portal.
+disassociateTrustStore_portalArn :: Lens.Lens' DisassociateTrustStore Prelude.Text
+disassociateTrustStore_portalArn = Lens.lens (\DisassociateTrustStore' {portalArn} -> portalArn) (\s@DisassociateTrustStore' {} a -> s {portalArn = a} :: DisassociateTrustStore)
+
+instance Core.AWSRequest DisassociateTrustStore where
+  type
+    AWSResponse DisassociateTrustStore =
+      DisassociateTrustStoreResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DisassociateTrustStoreResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DisassociateTrustStore where
+  hashWithSalt _salt DisassociateTrustStore' {..} =
+    _salt `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData DisassociateTrustStore where
+  rnf DisassociateTrustStore' {..} =
+    Prelude.rnf portalArn
+
+instance Data.ToHeaders DisassociateTrustStore where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DisassociateTrustStore where
+  toPath DisassociateTrustStore' {..} =
+    Prelude.mconcat
+      ["/portals/", Data.toBS portalArn, "/trustStores"]
+
+instance Data.ToQuery DisassociateTrustStore where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDisassociateTrustStoreResponse' smart constructor.
+data DisassociateTrustStoreResponse = DisassociateTrustStoreResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateTrustStoreResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'disassociateTrustStoreResponse_httpStatus' - The response's http status code.
+newDisassociateTrustStoreResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DisassociateTrustStoreResponse
+newDisassociateTrustStoreResponse pHttpStatus_ =
+  DisassociateTrustStoreResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+disassociateTrustStoreResponse_httpStatus :: Lens.Lens' DisassociateTrustStoreResponse Prelude.Int
+disassociateTrustStoreResponse_httpStatus = Lens.lens (\DisassociateTrustStoreResponse' {httpStatus} -> httpStatus) (\s@DisassociateTrustStoreResponse' {} a -> s {httpStatus = a} :: DisassociateTrustStoreResponse)
+
+instance
+  Prelude.NFData
+    DisassociateTrustStoreResponse
+  where
+  rnf DisassociateTrustStoreResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DisassociateUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/DisassociateUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DisassociateUserAccessLoggingSettings.hs
@@ -0,0 +1,180 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DisassociateUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disassociates user access logging settings from a web portal.
+module Amazonka.WorkSpacesWeb.DisassociateUserAccessLoggingSettings
+  ( -- * Creating a Request
+    DisassociateUserAccessLoggingSettings (..),
+    newDisassociateUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    disassociateUserAccessLoggingSettings_portalArn,
+
+    -- * Destructuring the Response
+    DisassociateUserAccessLoggingSettingsResponse (..),
+    newDisassociateUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    disassociateUserAccessLoggingSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDisassociateUserAccessLoggingSettings' smart constructor.
+data DisassociateUserAccessLoggingSettings = DisassociateUserAccessLoggingSettings'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'disassociateUserAccessLoggingSettings_portalArn' - The ARN of the web portal.
+newDisassociateUserAccessLoggingSettings ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  DisassociateUserAccessLoggingSettings
+newDisassociateUserAccessLoggingSettings pPortalArn_ =
+  DisassociateUserAccessLoggingSettings'
+    { portalArn =
+        pPortalArn_
+    }
+
+-- | The ARN of the web portal.
+disassociateUserAccessLoggingSettings_portalArn :: Lens.Lens' DisassociateUserAccessLoggingSettings Prelude.Text
+disassociateUserAccessLoggingSettings_portalArn = Lens.lens (\DisassociateUserAccessLoggingSettings' {portalArn} -> portalArn) (\s@DisassociateUserAccessLoggingSettings' {} a -> s {portalArn = a} :: DisassociateUserAccessLoggingSettings)
+
+instance
+  Core.AWSRequest
+    DisassociateUserAccessLoggingSettings
+  where
+  type
+    AWSResponse
+      DisassociateUserAccessLoggingSettings =
+      DisassociateUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DisassociateUserAccessLoggingSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    DisassociateUserAccessLoggingSettings
+  where
+  hashWithSalt
+    _salt
+    DisassociateUserAccessLoggingSettings' {..} =
+      _salt `Prelude.hashWithSalt` portalArn
+
+instance
+  Prelude.NFData
+    DisassociateUserAccessLoggingSettings
+  where
+  rnf DisassociateUserAccessLoggingSettings' {..} =
+    Prelude.rnf portalArn
+
+instance
+  Data.ToHeaders
+    DisassociateUserAccessLoggingSettings
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance
+  Data.ToPath
+    DisassociateUserAccessLoggingSettings
+  where
+  toPath DisassociateUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/userAccessLoggingSettings"
+      ]
+
+instance
+  Data.ToQuery
+    DisassociateUserAccessLoggingSettings
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDisassociateUserAccessLoggingSettingsResponse' smart constructor.
+data DisassociateUserAccessLoggingSettingsResponse = DisassociateUserAccessLoggingSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'disassociateUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+newDisassociateUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DisassociateUserAccessLoggingSettingsResponse
+newDisassociateUserAccessLoggingSettingsResponse
+  pHttpStatus_ =
+    DisassociateUserAccessLoggingSettingsResponse'
+      { httpStatus =
+          pHttpStatus_
+      }
+
+-- | The response's http status code.
+disassociateUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' DisassociateUserAccessLoggingSettingsResponse Prelude.Int
+disassociateUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\DisassociateUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@DisassociateUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: DisassociateUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    DisassociateUserAccessLoggingSettingsResponse
+  where
+  rnf
+    DisassociateUserAccessLoggingSettingsResponse' {..} =
+      Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/DisassociateUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/DisassociateUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/DisassociateUserSettings.hs
@@ -0,0 +1,151 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.DisassociateUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Disassociates user settings from a web portal.
+module Amazonka.WorkSpacesWeb.DisassociateUserSettings
+  ( -- * Creating a Request
+    DisassociateUserSettings (..),
+    newDisassociateUserSettings,
+
+    -- * Request Lenses
+    disassociateUserSettings_portalArn,
+
+    -- * Destructuring the Response
+    DisassociateUserSettingsResponse (..),
+    newDisassociateUserSettingsResponse,
+
+    -- * Response Lenses
+    disassociateUserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newDisassociateUserSettings' smart constructor.
+data DisassociateUserSettings = DisassociateUserSettings'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'disassociateUserSettings_portalArn' - The ARN of the web portal.
+newDisassociateUserSettings ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  DisassociateUserSettings
+newDisassociateUserSettings pPortalArn_ =
+  DisassociateUserSettings' {portalArn = pPortalArn_}
+
+-- | The ARN of the web portal.
+disassociateUserSettings_portalArn :: Lens.Lens' DisassociateUserSettings Prelude.Text
+disassociateUserSettings_portalArn = Lens.lens (\DisassociateUserSettings' {portalArn} -> portalArn) (\s@DisassociateUserSettings' {} a -> s {portalArn = a} :: DisassociateUserSettings)
+
+instance Core.AWSRequest DisassociateUserSettings where
+  type
+    AWSResponse DisassociateUserSettings =
+      DisassociateUserSettingsResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          DisassociateUserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable DisassociateUserSettings where
+  hashWithSalt _salt DisassociateUserSettings' {..} =
+    _salt `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData DisassociateUserSettings where
+  rnf DisassociateUserSettings' {..} =
+    Prelude.rnf portalArn
+
+instance Data.ToHeaders DisassociateUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath DisassociateUserSettings where
+  toPath DisassociateUserSettings' {..} =
+    Prelude.mconcat
+      ["/portals/", Data.toBS portalArn, "/userSettings"]
+
+instance Data.ToQuery DisassociateUserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newDisassociateUserSettingsResponse' smart constructor.
+data DisassociateUserSettingsResponse = DisassociateUserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'DisassociateUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'disassociateUserSettingsResponse_httpStatus' - The response's http status code.
+newDisassociateUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  DisassociateUserSettingsResponse
+newDisassociateUserSettingsResponse pHttpStatus_ =
+  DisassociateUserSettingsResponse'
+    { httpStatus =
+        pHttpStatus_
+    }
+
+-- | The response's http status code.
+disassociateUserSettingsResponse_httpStatus :: Lens.Lens' DisassociateUserSettingsResponse Prelude.Int
+disassociateUserSettingsResponse_httpStatus = Lens.lens (\DisassociateUserSettingsResponse' {httpStatus} -> httpStatus) (\s@DisassociateUserSettingsResponse' {} a -> s {httpStatus = a} :: DisassociateUserSettingsResponse)
+
+instance
+  Prelude.NFData
+    DisassociateUserSettingsResponse
+  where
+  rnf DisassociateUserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/GetBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetBrowserSettings.hs
@@ -0,0 +1,163 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets browser settings.
+module Amazonka.WorkSpacesWeb.GetBrowserSettings
+  ( -- * Creating a Request
+    GetBrowserSettings (..),
+    newGetBrowserSettings,
+
+    -- * Request Lenses
+    getBrowserSettings_browserSettingsArn,
+
+    -- * Destructuring the Response
+    GetBrowserSettingsResponse (..),
+    newGetBrowserSettingsResponse,
+
+    -- * Response Lenses
+    getBrowserSettingsResponse_browserSettings,
+    getBrowserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetBrowserSettings' smart constructor.
+data GetBrowserSettings = GetBrowserSettings'
+  { -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettingsArn', 'getBrowserSettings_browserSettingsArn' - The ARN of the browser settings.
+newGetBrowserSettings ::
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  GetBrowserSettings
+newGetBrowserSettings pBrowserSettingsArn_ =
+  GetBrowserSettings'
+    { browserSettingsArn =
+        pBrowserSettingsArn_
+    }
+
+-- | The ARN of the browser settings.
+getBrowserSettings_browserSettingsArn :: Lens.Lens' GetBrowserSettings Prelude.Text
+getBrowserSettings_browserSettingsArn = Lens.lens (\GetBrowserSettings' {browserSettingsArn} -> browserSettingsArn) (\s@GetBrowserSettings' {} a -> s {browserSettingsArn = a} :: GetBrowserSettings)
+
+instance Core.AWSRequest GetBrowserSettings where
+  type
+    AWSResponse GetBrowserSettings =
+      GetBrowserSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetBrowserSettingsResponse'
+            Prelude.<$> (x Data..?> "browserSettings")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetBrowserSettings where
+  hashWithSalt _salt GetBrowserSettings' {..} =
+    _salt `Prelude.hashWithSalt` browserSettingsArn
+
+instance Prelude.NFData GetBrowserSettings where
+  rnf GetBrowserSettings' {..} =
+    Prelude.rnf browserSettingsArn
+
+instance Data.ToHeaders GetBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetBrowserSettings where
+  toPath GetBrowserSettings' {..} =
+    Prelude.mconcat
+      ["/browserSettings/", Data.toBS browserSettingsArn]
+
+instance Data.ToQuery GetBrowserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetBrowserSettingsResponse' smart constructor.
+data GetBrowserSettingsResponse = GetBrowserSettingsResponse'
+  { -- | The browser settings.
+    browserSettings :: Prelude.Maybe BrowserSettings,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettings', 'getBrowserSettingsResponse_browserSettings' - The browser settings.
+--
+-- 'httpStatus', 'getBrowserSettingsResponse_httpStatus' - The response's http status code.
+newGetBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetBrowserSettingsResponse
+newGetBrowserSettingsResponse pHttpStatus_ =
+  GetBrowserSettingsResponse'
+    { browserSettings =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The browser settings.
+getBrowserSettingsResponse_browserSettings :: Lens.Lens' GetBrowserSettingsResponse (Prelude.Maybe BrowserSettings)
+getBrowserSettingsResponse_browserSettings = Lens.lens (\GetBrowserSettingsResponse' {browserSettings} -> browserSettings) (\s@GetBrowserSettingsResponse' {} a -> s {browserSettings = a} :: GetBrowserSettingsResponse)
+
+-- | The response's http status code.
+getBrowserSettingsResponse_httpStatus :: Lens.Lens' GetBrowserSettingsResponse Prelude.Int
+getBrowserSettingsResponse_httpStatus = Lens.lens (\GetBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@GetBrowserSettingsResponse' {} a -> s {httpStatus = a} :: GetBrowserSettingsResponse)
+
+instance Prelude.NFData GetBrowserSettingsResponse where
+  rnf GetBrowserSettingsResponse' {..} =
+    Prelude.rnf browserSettings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetIdentityProvider.hs b/gen/Amazonka/WorkSpacesWeb/GetIdentityProvider.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetIdentityProvider.hs
@@ -0,0 +1,165 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetIdentityProvider
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the identity provider.
+module Amazonka.WorkSpacesWeb.GetIdentityProvider
+  ( -- * Creating a Request
+    GetIdentityProvider (..),
+    newGetIdentityProvider,
+
+    -- * Request Lenses
+    getIdentityProvider_identityProviderArn,
+
+    -- * Destructuring the Response
+    GetIdentityProviderResponse (..),
+    newGetIdentityProviderResponse,
+
+    -- * Response Lenses
+    getIdentityProviderResponse_identityProvider,
+    getIdentityProviderResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetIdentityProvider' smart constructor.
+data GetIdentityProvider = GetIdentityProvider'
+  { -- | The ARN of the identity provider.
+    identityProviderArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetIdentityProvider' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'identityProviderArn', 'getIdentityProvider_identityProviderArn' - The ARN of the identity provider.
+newGetIdentityProvider ::
+  -- | 'identityProviderArn'
+  Prelude.Text ->
+  GetIdentityProvider
+newGetIdentityProvider pIdentityProviderArn_ =
+  GetIdentityProvider'
+    { identityProviderArn =
+        pIdentityProviderArn_
+    }
+
+-- | The ARN of the identity provider.
+getIdentityProvider_identityProviderArn :: Lens.Lens' GetIdentityProvider Prelude.Text
+getIdentityProvider_identityProviderArn = Lens.lens (\GetIdentityProvider' {identityProviderArn} -> identityProviderArn) (\s@GetIdentityProvider' {} a -> s {identityProviderArn = a} :: GetIdentityProvider)
+
+instance Core.AWSRequest GetIdentityProvider where
+  type
+    AWSResponse GetIdentityProvider =
+      GetIdentityProviderResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetIdentityProviderResponse'
+            Prelude.<$> (x Data..?> "identityProvider")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetIdentityProvider where
+  hashWithSalt _salt GetIdentityProvider' {..} =
+    _salt `Prelude.hashWithSalt` identityProviderArn
+
+instance Prelude.NFData GetIdentityProvider where
+  rnf GetIdentityProvider' {..} =
+    Prelude.rnf identityProviderArn
+
+instance Data.ToHeaders GetIdentityProvider where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetIdentityProvider where
+  toPath GetIdentityProvider' {..} =
+    Prelude.mconcat
+      [ "/identityProviders/",
+        Data.toBS identityProviderArn
+      ]
+
+instance Data.ToQuery GetIdentityProvider where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetIdentityProviderResponse' smart constructor.
+data GetIdentityProviderResponse = GetIdentityProviderResponse'
+  { -- | The identity provider.
+    identityProvider :: Prelude.Maybe IdentityProvider,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetIdentityProviderResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'identityProvider', 'getIdentityProviderResponse_identityProvider' - The identity provider.
+--
+-- 'httpStatus', 'getIdentityProviderResponse_httpStatus' - The response's http status code.
+newGetIdentityProviderResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetIdentityProviderResponse
+newGetIdentityProviderResponse pHttpStatus_ =
+  GetIdentityProviderResponse'
+    { identityProvider =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The identity provider.
+getIdentityProviderResponse_identityProvider :: Lens.Lens' GetIdentityProviderResponse (Prelude.Maybe IdentityProvider)
+getIdentityProviderResponse_identityProvider = Lens.lens (\GetIdentityProviderResponse' {identityProvider} -> identityProvider) (\s@GetIdentityProviderResponse' {} a -> s {identityProvider = a} :: GetIdentityProviderResponse)
+
+-- | The response's http status code.
+getIdentityProviderResponse_httpStatus :: Lens.Lens' GetIdentityProviderResponse Prelude.Int
+getIdentityProviderResponse_httpStatus = Lens.lens (\GetIdentityProviderResponse' {httpStatus} -> httpStatus) (\s@GetIdentityProviderResponse' {} a -> s {httpStatus = a} :: GetIdentityProviderResponse)
+
+instance Prelude.NFData GetIdentityProviderResponse where
+  rnf GetIdentityProviderResponse' {..} =
+    Prelude.rnf identityProvider
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/GetNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetNetworkSettings.hs
@@ -0,0 +1,163 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the network settings.
+module Amazonka.WorkSpacesWeb.GetNetworkSettings
+  ( -- * Creating a Request
+    GetNetworkSettings (..),
+    newGetNetworkSettings,
+
+    -- * Request Lenses
+    getNetworkSettings_networkSettingsArn,
+
+    -- * Destructuring the Response
+    GetNetworkSettingsResponse (..),
+    newGetNetworkSettingsResponse,
+
+    -- * Response Lenses
+    getNetworkSettingsResponse_networkSettings,
+    getNetworkSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetNetworkSettings' smart constructor.
+data GetNetworkSettings = GetNetworkSettings'
+  { -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'networkSettingsArn', 'getNetworkSettings_networkSettingsArn' - The ARN of the network settings.
+newGetNetworkSettings ::
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  GetNetworkSettings
+newGetNetworkSettings pNetworkSettingsArn_ =
+  GetNetworkSettings'
+    { networkSettingsArn =
+        pNetworkSettingsArn_
+    }
+
+-- | The ARN of the network settings.
+getNetworkSettings_networkSettingsArn :: Lens.Lens' GetNetworkSettings Prelude.Text
+getNetworkSettings_networkSettingsArn = Lens.lens (\GetNetworkSettings' {networkSettingsArn} -> networkSettingsArn) (\s@GetNetworkSettings' {} a -> s {networkSettingsArn = a} :: GetNetworkSettings)
+
+instance Core.AWSRequest GetNetworkSettings where
+  type
+    AWSResponse GetNetworkSettings =
+      GetNetworkSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetNetworkSettingsResponse'
+            Prelude.<$> (x Data..?> "networkSettings")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetNetworkSettings where
+  hashWithSalt _salt GetNetworkSettings' {..} =
+    _salt `Prelude.hashWithSalt` networkSettingsArn
+
+instance Prelude.NFData GetNetworkSettings where
+  rnf GetNetworkSettings' {..} =
+    Prelude.rnf networkSettingsArn
+
+instance Data.ToHeaders GetNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetNetworkSettings where
+  toPath GetNetworkSettings' {..} =
+    Prelude.mconcat
+      ["/networkSettings/", Data.toBS networkSettingsArn]
+
+instance Data.ToQuery GetNetworkSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetNetworkSettingsResponse' smart constructor.
+data GetNetworkSettingsResponse = GetNetworkSettingsResponse'
+  { -- | The network settings.
+    networkSettings :: Prelude.Maybe NetworkSettings,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'networkSettings', 'getNetworkSettingsResponse_networkSettings' - The network settings.
+--
+-- 'httpStatus', 'getNetworkSettingsResponse_httpStatus' - The response's http status code.
+newGetNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetNetworkSettingsResponse
+newGetNetworkSettingsResponse pHttpStatus_ =
+  GetNetworkSettingsResponse'
+    { networkSettings =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The network settings.
+getNetworkSettingsResponse_networkSettings :: Lens.Lens' GetNetworkSettingsResponse (Prelude.Maybe NetworkSettings)
+getNetworkSettingsResponse_networkSettings = Lens.lens (\GetNetworkSettingsResponse' {networkSettings} -> networkSettings) (\s@GetNetworkSettingsResponse' {} a -> s {networkSettings = a} :: GetNetworkSettingsResponse)
+
+-- | The response's http status code.
+getNetworkSettingsResponse_httpStatus :: Lens.Lens' GetNetworkSettingsResponse Prelude.Int
+getNetworkSettingsResponse_httpStatus = Lens.lens (\GetNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@GetNetworkSettingsResponse' {} a -> s {httpStatus = a} :: GetNetworkSettingsResponse)
+
+instance Prelude.NFData GetNetworkSettingsResponse where
+  rnf GetNetworkSettingsResponse' {..} =
+    Prelude.rnf networkSettings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetPortal.hs b/gen/Amazonka/WorkSpacesWeb/GetPortal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetPortal.hs
@@ -0,0 +1,155 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetPortal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the web portal.
+module Amazonka.WorkSpacesWeb.GetPortal
+  ( -- * Creating a Request
+    GetPortal (..),
+    newGetPortal,
+
+    -- * Request Lenses
+    getPortal_portalArn,
+
+    -- * Destructuring the Response
+    GetPortalResponse (..),
+    newGetPortalResponse,
+
+    -- * Response Lenses
+    getPortalResponse_portal,
+    getPortalResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetPortal' smart constructor.
+data GetPortal = GetPortal'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPortal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'getPortal_portalArn' - The ARN of the web portal.
+newGetPortal ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  GetPortal
+newGetPortal pPortalArn_ =
+  GetPortal' {portalArn = pPortalArn_}
+
+-- | The ARN of the web portal.
+getPortal_portalArn :: Lens.Lens' GetPortal Prelude.Text
+getPortal_portalArn = Lens.lens (\GetPortal' {portalArn} -> portalArn) (\s@GetPortal' {} a -> s {portalArn = a} :: GetPortal)
+
+instance Core.AWSRequest GetPortal where
+  type AWSResponse GetPortal = GetPortalResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetPortalResponse'
+            Prelude.<$> (x Data..?> "portal")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetPortal where
+  hashWithSalt _salt GetPortal' {..} =
+    _salt `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData GetPortal where
+  rnf GetPortal' {..} = Prelude.rnf portalArn
+
+instance Data.ToHeaders GetPortal where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetPortal where
+  toPath GetPortal' {..} =
+    Prelude.mconcat ["/portals/", Data.toBS portalArn]
+
+instance Data.ToQuery GetPortal where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetPortalResponse' smart constructor.
+data GetPortalResponse = GetPortalResponse'
+  { -- | The web portal.
+    portal :: Prelude.Maybe Portal,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPortalResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portal', 'getPortalResponse_portal' - The web portal.
+--
+-- 'httpStatus', 'getPortalResponse_httpStatus' - The response's http status code.
+newGetPortalResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetPortalResponse
+newGetPortalResponse pHttpStatus_ =
+  GetPortalResponse'
+    { portal = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The web portal.
+getPortalResponse_portal :: Lens.Lens' GetPortalResponse (Prelude.Maybe Portal)
+getPortalResponse_portal = Lens.lens (\GetPortalResponse' {portal} -> portal) (\s@GetPortalResponse' {} a -> s {portal = a} :: GetPortalResponse)
+
+-- | The response's http status code.
+getPortalResponse_httpStatus :: Lens.Lens' GetPortalResponse Prelude.Int
+getPortalResponse_httpStatus = Lens.lens (\GetPortalResponse' {httpStatus} -> httpStatus) (\s@GetPortalResponse' {} a -> s {httpStatus = a} :: GetPortalResponse)
+
+instance Prelude.NFData GetPortalResponse where
+  rnf GetPortalResponse' {..} =
+    Prelude.rnf portal
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetPortalServiceProviderMetadata.hs b/gen/Amazonka/WorkSpacesWeb/GetPortalServiceProviderMetadata.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetPortalServiceProviderMetadata.hs
@@ -0,0 +1,199 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetPortalServiceProviderMetadata
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the service provider metadata.
+module Amazonka.WorkSpacesWeb.GetPortalServiceProviderMetadata
+  ( -- * Creating a Request
+    GetPortalServiceProviderMetadata (..),
+    newGetPortalServiceProviderMetadata,
+
+    -- * Request Lenses
+    getPortalServiceProviderMetadata_portalArn,
+
+    -- * Destructuring the Response
+    GetPortalServiceProviderMetadataResponse (..),
+    newGetPortalServiceProviderMetadataResponse,
+
+    -- * Response Lenses
+    getPortalServiceProviderMetadataResponse_serviceProviderSamlMetadata,
+    getPortalServiceProviderMetadataResponse_httpStatus,
+    getPortalServiceProviderMetadataResponse_portalArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetPortalServiceProviderMetadata' smart constructor.
+data GetPortalServiceProviderMetadata = GetPortalServiceProviderMetadata'
+  { -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPortalServiceProviderMetadata' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portalArn', 'getPortalServiceProviderMetadata_portalArn' - The ARN of the web portal.
+newGetPortalServiceProviderMetadata ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  GetPortalServiceProviderMetadata
+newGetPortalServiceProviderMetadata pPortalArn_ =
+  GetPortalServiceProviderMetadata'
+    { portalArn =
+        pPortalArn_
+    }
+
+-- | The ARN of the web portal.
+getPortalServiceProviderMetadata_portalArn :: Lens.Lens' GetPortalServiceProviderMetadata Prelude.Text
+getPortalServiceProviderMetadata_portalArn = Lens.lens (\GetPortalServiceProviderMetadata' {portalArn} -> portalArn) (\s@GetPortalServiceProviderMetadata' {} a -> s {portalArn = a} :: GetPortalServiceProviderMetadata)
+
+instance
+  Core.AWSRequest
+    GetPortalServiceProviderMetadata
+  where
+  type
+    AWSResponse GetPortalServiceProviderMetadata =
+      GetPortalServiceProviderMetadataResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetPortalServiceProviderMetadataResponse'
+            Prelude.<$> (x Data..?> "serviceProviderSamlMetadata")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "portalArn")
+      )
+
+instance
+  Prelude.Hashable
+    GetPortalServiceProviderMetadata
+  where
+  hashWithSalt
+    _salt
+    GetPortalServiceProviderMetadata' {..} =
+      _salt `Prelude.hashWithSalt` portalArn
+
+instance
+  Prelude.NFData
+    GetPortalServiceProviderMetadata
+  where
+  rnf GetPortalServiceProviderMetadata' {..} =
+    Prelude.rnf portalArn
+
+instance
+  Data.ToHeaders
+    GetPortalServiceProviderMetadata
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetPortalServiceProviderMetadata where
+  toPath GetPortalServiceProviderMetadata' {..} =
+    Prelude.mconcat
+      ["/portalIdp/", Data.toBS portalArn]
+
+instance
+  Data.ToQuery
+    GetPortalServiceProviderMetadata
+  where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetPortalServiceProviderMetadataResponse' smart constructor.
+data GetPortalServiceProviderMetadataResponse = GetPortalServiceProviderMetadataResponse'
+  { -- | The service provider SAML metadata.
+    serviceProviderSamlMetadata :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetPortalServiceProviderMetadataResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'serviceProviderSamlMetadata', 'getPortalServiceProviderMetadataResponse_serviceProviderSamlMetadata' - The service provider SAML metadata.
+--
+-- 'httpStatus', 'getPortalServiceProviderMetadataResponse_httpStatus' - The response's http status code.
+--
+-- 'portalArn', 'getPortalServiceProviderMetadataResponse_portalArn' - The ARN of the web portal.
+newGetPortalServiceProviderMetadataResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'portalArn'
+  Prelude.Text ->
+  GetPortalServiceProviderMetadataResponse
+newGetPortalServiceProviderMetadataResponse
+  pHttpStatus_
+  pPortalArn_ =
+    GetPortalServiceProviderMetadataResponse'
+      { serviceProviderSamlMetadata =
+          Prelude.Nothing,
+        httpStatus = pHttpStatus_,
+        portalArn = pPortalArn_
+      }
+
+-- | The service provider SAML metadata.
+getPortalServiceProviderMetadataResponse_serviceProviderSamlMetadata :: Lens.Lens' GetPortalServiceProviderMetadataResponse (Prelude.Maybe Prelude.Text)
+getPortalServiceProviderMetadataResponse_serviceProviderSamlMetadata = Lens.lens (\GetPortalServiceProviderMetadataResponse' {serviceProviderSamlMetadata} -> serviceProviderSamlMetadata) (\s@GetPortalServiceProviderMetadataResponse' {} a -> s {serviceProviderSamlMetadata = a} :: GetPortalServiceProviderMetadataResponse)
+
+-- | The response's http status code.
+getPortalServiceProviderMetadataResponse_httpStatus :: Lens.Lens' GetPortalServiceProviderMetadataResponse Prelude.Int
+getPortalServiceProviderMetadataResponse_httpStatus = Lens.lens (\GetPortalServiceProviderMetadataResponse' {httpStatus} -> httpStatus) (\s@GetPortalServiceProviderMetadataResponse' {} a -> s {httpStatus = a} :: GetPortalServiceProviderMetadataResponse)
+
+-- | The ARN of the web portal.
+getPortalServiceProviderMetadataResponse_portalArn :: Lens.Lens' GetPortalServiceProviderMetadataResponse Prelude.Text
+getPortalServiceProviderMetadataResponse_portalArn = Lens.lens (\GetPortalServiceProviderMetadataResponse' {portalArn} -> portalArn) (\s@GetPortalServiceProviderMetadataResponse' {} a -> s {portalArn = a} :: GetPortalServiceProviderMetadataResponse)
+
+instance
+  Prelude.NFData
+    GetPortalServiceProviderMetadataResponse
+  where
+  rnf GetPortalServiceProviderMetadataResponse' {..} =
+    Prelude.rnf serviceProviderSamlMetadata
+      `Prelude.seq` Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf portalArn
diff --git a/gen/Amazonka/WorkSpacesWeb/GetTrustStore.hs b/gen/Amazonka/WorkSpacesWeb/GetTrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetTrustStore.hs
@@ -0,0 +1,159 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetTrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the trust store.
+module Amazonka.WorkSpacesWeb.GetTrustStore
+  ( -- * Creating a Request
+    GetTrustStore (..),
+    newGetTrustStore,
+
+    -- * Request Lenses
+    getTrustStore_trustStoreArn,
+
+    -- * Destructuring the Response
+    GetTrustStoreResponse (..),
+    newGetTrustStoreResponse,
+
+    -- * Response Lenses
+    getTrustStoreResponse_trustStore,
+    getTrustStoreResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetTrustStore' smart constructor.
+data GetTrustStore = GetTrustStore'
+  { -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'trustStoreArn', 'getTrustStore_trustStoreArn' - The ARN of the trust store.
+newGetTrustStore ::
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  GetTrustStore
+newGetTrustStore pTrustStoreArn_ =
+  GetTrustStore' {trustStoreArn = pTrustStoreArn_}
+
+-- | The ARN of the trust store.
+getTrustStore_trustStoreArn :: Lens.Lens' GetTrustStore Prelude.Text
+getTrustStore_trustStoreArn = Lens.lens (\GetTrustStore' {trustStoreArn} -> trustStoreArn) (\s@GetTrustStore' {} a -> s {trustStoreArn = a} :: GetTrustStore)
+
+instance Core.AWSRequest GetTrustStore where
+  type
+    AWSResponse GetTrustStore =
+      GetTrustStoreResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetTrustStoreResponse'
+            Prelude.<$> (x Data..?> "trustStore")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetTrustStore where
+  hashWithSalt _salt GetTrustStore' {..} =
+    _salt `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData GetTrustStore where
+  rnf GetTrustStore' {..} = Prelude.rnf trustStoreArn
+
+instance Data.ToHeaders GetTrustStore where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetTrustStore where
+  toPath GetTrustStore' {..} =
+    Prelude.mconcat
+      ["/trustStores/", Data.toBS trustStoreArn]
+
+instance Data.ToQuery GetTrustStore where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetTrustStoreResponse' smart constructor.
+data GetTrustStoreResponse = GetTrustStoreResponse'
+  { -- | The trust store.
+    trustStore :: Prelude.Maybe TrustStore,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTrustStoreResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'trustStore', 'getTrustStoreResponse_trustStore' - The trust store.
+--
+-- 'httpStatus', 'getTrustStoreResponse_httpStatus' - The response's http status code.
+newGetTrustStoreResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetTrustStoreResponse
+newGetTrustStoreResponse pHttpStatus_ =
+  GetTrustStoreResponse'
+    { trustStore =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The trust store.
+getTrustStoreResponse_trustStore :: Lens.Lens' GetTrustStoreResponse (Prelude.Maybe TrustStore)
+getTrustStoreResponse_trustStore = Lens.lens (\GetTrustStoreResponse' {trustStore} -> trustStore) (\s@GetTrustStoreResponse' {} a -> s {trustStore = a} :: GetTrustStoreResponse)
+
+-- | The response's http status code.
+getTrustStoreResponse_httpStatus :: Lens.Lens' GetTrustStoreResponse Prelude.Int
+getTrustStoreResponse_httpStatus = Lens.lens (\GetTrustStoreResponse' {httpStatus} -> httpStatus) (\s@GetTrustStoreResponse' {} a -> s {httpStatus = a} :: GetTrustStoreResponse)
+
+instance Prelude.NFData GetTrustStoreResponse where
+  rnf GetTrustStoreResponse' {..} =
+    Prelude.rnf trustStore
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetTrustStoreCertificate.hs b/gen/Amazonka/WorkSpacesWeb/GetTrustStoreCertificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetTrustStoreCertificate.hs
@@ -0,0 +1,199 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetTrustStoreCertificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets the trust store certificate.
+module Amazonka.WorkSpacesWeb.GetTrustStoreCertificate
+  ( -- * Creating a Request
+    GetTrustStoreCertificate (..),
+    newGetTrustStoreCertificate,
+
+    -- * Request Lenses
+    getTrustStoreCertificate_thumbprint,
+    getTrustStoreCertificate_trustStoreArn,
+
+    -- * Destructuring the Response
+    GetTrustStoreCertificateResponse (..),
+    newGetTrustStoreCertificateResponse,
+
+    -- * Response Lenses
+    getTrustStoreCertificateResponse_certificate,
+    getTrustStoreCertificateResponse_trustStoreArn,
+    getTrustStoreCertificateResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetTrustStoreCertificate' smart constructor.
+data GetTrustStoreCertificate = GetTrustStoreCertificate'
+  { -- | The thumbprint of the trust store certificate.
+    thumbprint :: Prelude.Text,
+    -- | The ARN of the trust store certificate.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTrustStoreCertificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'thumbprint', 'getTrustStoreCertificate_thumbprint' - The thumbprint of the trust store certificate.
+--
+-- 'trustStoreArn', 'getTrustStoreCertificate_trustStoreArn' - The ARN of the trust store certificate.
+newGetTrustStoreCertificate ::
+  -- | 'thumbprint'
+  Prelude.Text ->
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  GetTrustStoreCertificate
+newGetTrustStoreCertificate
+  pThumbprint_
+  pTrustStoreArn_ =
+    GetTrustStoreCertificate'
+      { thumbprint =
+          pThumbprint_,
+        trustStoreArn = pTrustStoreArn_
+      }
+
+-- | The thumbprint of the trust store certificate.
+getTrustStoreCertificate_thumbprint :: Lens.Lens' GetTrustStoreCertificate Prelude.Text
+getTrustStoreCertificate_thumbprint = Lens.lens (\GetTrustStoreCertificate' {thumbprint} -> thumbprint) (\s@GetTrustStoreCertificate' {} a -> s {thumbprint = a} :: GetTrustStoreCertificate)
+
+-- | The ARN of the trust store certificate.
+getTrustStoreCertificate_trustStoreArn :: Lens.Lens' GetTrustStoreCertificate Prelude.Text
+getTrustStoreCertificate_trustStoreArn = Lens.lens (\GetTrustStoreCertificate' {trustStoreArn} -> trustStoreArn) (\s@GetTrustStoreCertificate' {} a -> s {trustStoreArn = a} :: GetTrustStoreCertificate)
+
+instance Core.AWSRequest GetTrustStoreCertificate where
+  type
+    AWSResponse GetTrustStoreCertificate =
+      GetTrustStoreCertificateResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetTrustStoreCertificateResponse'
+            Prelude.<$> (x Data..?> "certificate")
+            Prelude.<*> (x Data..?> "trustStoreArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetTrustStoreCertificate where
+  hashWithSalt _salt GetTrustStoreCertificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` thumbprint
+      `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData GetTrustStoreCertificate where
+  rnf GetTrustStoreCertificate' {..} =
+    Prelude.rnf thumbprint
+      `Prelude.seq` Prelude.rnf trustStoreArn
+
+instance Data.ToHeaders GetTrustStoreCertificate where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetTrustStoreCertificate where
+  toPath GetTrustStoreCertificate' {..} =
+    Prelude.mconcat
+      [ "/trustStores/",
+        Data.toBS trustStoreArn,
+        "/certificate"
+      ]
+
+instance Data.ToQuery GetTrustStoreCertificate where
+  toQuery GetTrustStoreCertificate' {..} =
+    Prelude.mconcat ["thumbprint" Data.=: thumbprint]
+
+-- | /See:/ 'newGetTrustStoreCertificateResponse' smart constructor.
+data GetTrustStoreCertificateResponse = GetTrustStoreCertificateResponse'
+  { -- | The certificate of the trust store certificate.
+    certificate :: Prelude.Maybe Certificate,
+    -- | The ARN of the trust store certificate.
+    trustStoreArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetTrustStoreCertificateResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificate', 'getTrustStoreCertificateResponse_certificate' - The certificate of the trust store certificate.
+--
+-- 'trustStoreArn', 'getTrustStoreCertificateResponse_trustStoreArn' - The ARN of the trust store certificate.
+--
+-- 'httpStatus', 'getTrustStoreCertificateResponse_httpStatus' - The response's http status code.
+newGetTrustStoreCertificateResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetTrustStoreCertificateResponse
+newGetTrustStoreCertificateResponse pHttpStatus_ =
+  GetTrustStoreCertificateResponse'
+    { certificate =
+        Prelude.Nothing,
+      trustStoreArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The certificate of the trust store certificate.
+getTrustStoreCertificateResponse_certificate :: Lens.Lens' GetTrustStoreCertificateResponse (Prelude.Maybe Certificate)
+getTrustStoreCertificateResponse_certificate = Lens.lens (\GetTrustStoreCertificateResponse' {certificate} -> certificate) (\s@GetTrustStoreCertificateResponse' {} a -> s {certificate = a} :: GetTrustStoreCertificateResponse)
+
+-- | The ARN of the trust store certificate.
+getTrustStoreCertificateResponse_trustStoreArn :: Lens.Lens' GetTrustStoreCertificateResponse (Prelude.Maybe Prelude.Text)
+getTrustStoreCertificateResponse_trustStoreArn = Lens.lens (\GetTrustStoreCertificateResponse' {trustStoreArn} -> trustStoreArn) (\s@GetTrustStoreCertificateResponse' {} a -> s {trustStoreArn = a} :: GetTrustStoreCertificateResponse)
+
+-- | The response's http status code.
+getTrustStoreCertificateResponse_httpStatus :: Lens.Lens' GetTrustStoreCertificateResponse Prelude.Int
+getTrustStoreCertificateResponse_httpStatus = Lens.lens (\GetTrustStoreCertificateResponse' {httpStatus} -> httpStatus) (\s@GetTrustStoreCertificateResponse' {} a -> s {httpStatus = a} :: GetTrustStoreCertificateResponse)
+
+instance
+  Prelude.NFData
+    GetTrustStoreCertificateResponse
+  where
+  rnf GetTrustStoreCertificateResponse' {..} =
+    Prelude.rnf certificate
+      `Prelude.seq` Prelude.rnf trustStoreArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/GetUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetUserAccessLoggingSettings.hs
@@ -0,0 +1,173 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets user access logging settings.
+module Amazonka.WorkSpacesWeb.GetUserAccessLoggingSettings
+  ( -- * Creating a Request
+    GetUserAccessLoggingSettings (..),
+    newGetUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    getUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+
+    -- * Destructuring the Response
+    GetUserAccessLoggingSettingsResponse (..),
+    newGetUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    getUserAccessLoggingSettingsResponse_userAccessLoggingSettings,
+    getUserAccessLoggingSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetUserAccessLoggingSettings' smart constructor.
+data GetUserAccessLoggingSettings = GetUserAccessLoggingSettings'
+  { -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userAccessLoggingSettingsArn', 'getUserAccessLoggingSettings_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newGetUserAccessLoggingSettings ::
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  GetUserAccessLoggingSettings
+newGetUserAccessLoggingSettings
+  pUserAccessLoggingSettingsArn_ =
+    GetUserAccessLoggingSettings'
+      { userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | The ARN of the user access logging settings.
+getUserAccessLoggingSettings_userAccessLoggingSettingsArn :: Lens.Lens' GetUserAccessLoggingSettings Prelude.Text
+getUserAccessLoggingSettings_userAccessLoggingSettingsArn = Lens.lens (\GetUserAccessLoggingSettings' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@GetUserAccessLoggingSettings' {} a -> s {userAccessLoggingSettingsArn = a} :: GetUserAccessLoggingSettings)
+
+instance Core.AWSRequest GetUserAccessLoggingSettings where
+  type
+    AWSResponse GetUserAccessLoggingSettings =
+      GetUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetUserAccessLoggingSettingsResponse'
+            Prelude.<$> (x Data..?> "userAccessLoggingSettings")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    GetUserAccessLoggingSettings
+  where
+  hashWithSalt _salt GetUserAccessLoggingSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+
+instance Prelude.NFData GetUserAccessLoggingSettings where
+  rnf GetUserAccessLoggingSettings' {..} =
+    Prelude.rnf userAccessLoggingSettingsArn
+
+instance Data.ToHeaders GetUserAccessLoggingSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetUserAccessLoggingSettings where
+  toPath GetUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "/userAccessLoggingSettings/",
+        Data.toBS userAccessLoggingSettingsArn
+      ]
+
+instance Data.ToQuery GetUserAccessLoggingSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetUserAccessLoggingSettingsResponse' smart constructor.
+data GetUserAccessLoggingSettingsResponse = GetUserAccessLoggingSettingsResponse'
+  { -- | The user access logging settings.
+    userAccessLoggingSettings :: Prelude.Maybe UserAccessLoggingSettings,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userAccessLoggingSettings', 'getUserAccessLoggingSettingsResponse_userAccessLoggingSettings' - The user access logging settings.
+--
+-- 'httpStatus', 'getUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+newGetUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetUserAccessLoggingSettingsResponse
+newGetUserAccessLoggingSettingsResponse pHttpStatus_ =
+  GetUserAccessLoggingSettingsResponse'
+    { userAccessLoggingSettings =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The user access logging settings.
+getUserAccessLoggingSettingsResponse_userAccessLoggingSettings :: Lens.Lens' GetUserAccessLoggingSettingsResponse (Prelude.Maybe UserAccessLoggingSettings)
+getUserAccessLoggingSettingsResponse_userAccessLoggingSettings = Lens.lens (\GetUserAccessLoggingSettingsResponse' {userAccessLoggingSettings} -> userAccessLoggingSettings) (\s@GetUserAccessLoggingSettingsResponse' {} a -> s {userAccessLoggingSettings = a} :: GetUserAccessLoggingSettingsResponse)
+
+-- | The response's http status code.
+getUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' GetUserAccessLoggingSettingsResponse Prelude.Int
+getUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\GetUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@GetUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: GetUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    GetUserAccessLoggingSettingsResponse
+  where
+  rnf GetUserAccessLoggingSettingsResponse' {..} =
+    Prelude.rnf userAccessLoggingSettings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/GetUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/GetUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/GetUserSettings.hs
@@ -0,0 +1,163 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.GetUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Gets user settings.
+module Amazonka.WorkSpacesWeb.GetUserSettings
+  ( -- * Creating a Request
+    GetUserSettings (..),
+    newGetUserSettings,
+
+    -- * Request Lenses
+    getUserSettings_userSettingsArn,
+
+    -- * Destructuring the Response
+    GetUserSettingsResponse (..),
+    newGetUserSettingsResponse,
+
+    -- * Response Lenses
+    getUserSettingsResponse_userSettings,
+    getUserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newGetUserSettings' smart constructor.
+data GetUserSettings = GetUserSettings'
+  { -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userSettingsArn', 'getUserSettings_userSettingsArn' - The ARN of the user settings.
+newGetUserSettings ::
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  GetUserSettings
+newGetUserSettings pUserSettingsArn_ =
+  GetUserSettings'
+    { userSettingsArn =
+        pUserSettingsArn_
+    }
+
+-- | The ARN of the user settings.
+getUserSettings_userSettingsArn :: Lens.Lens' GetUserSettings Prelude.Text
+getUserSettings_userSettingsArn = Lens.lens (\GetUserSettings' {userSettingsArn} -> userSettingsArn) (\s@GetUserSettings' {} a -> s {userSettingsArn = a} :: GetUserSettings)
+
+instance Core.AWSRequest GetUserSettings where
+  type
+    AWSResponse GetUserSettings =
+      GetUserSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          GetUserSettingsResponse'
+            Prelude.<$> (x Data..?> "userSettings")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable GetUserSettings where
+  hashWithSalt _salt GetUserSettings' {..} =
+    _salt `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData GetUserSettings where
+  rnf GetUserSettings' {..} =
+    Prelude.rnf userSettingsArn
+
+instance Data.ToHeaders GetUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath GetUserSettings where
+  toPath GetUserSettings' {..} =
+    Prelude.mconcat
+      ["/userSettings/", Data.toBS userSettingsArn]
+
+instance Data.ToQuery GetUserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newGetUserSettingsResponse' smart constructor.
+data GetUserSettingsResponse = GetUserSettingsResponse'
+  { -- | The user settings.
+    userSettings :: Prelude.Maybe UserSettings,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'GetUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'userSettings', 'getUserSettingsResponse_userSettings' - The user settings.
+--
+-- 'httpStatus', 'getUserSettingsResponse_httpStatus' - The response's http status code.
+newGetUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  GetUserSettingsResponse
+newGetUserSettingsResponse pHttpStatus_ =
+  GetUserSettingsResponse'
+    { userSettings =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The user settings.
+getUserSettingsResponse_userSettings :: Lens.Lens' GetUserSettingsResponse (Prelude.Maybe UserSettings)
+getUserSettingsResponse_userSettings = Lens.lens (\GetUserSettingsResponse' {userSettings} -> userSettings) (\s@GetUserSettingsResponse' {} a -> s {userSettings = a} :: GetUserSettingsResponse)
+
+-- | The response's http status code.
+getUserSettingsResponse_httpStatus :: Lens.Lens' GetUserSettingsResponse Prelude.Int
+getUserSettingsResponse_httpStatus = Lens.lens (\GetUserSettingsResponse' {httpStatus} -> httpStatus) (\s@GetUserSettingsResponse' {} a -> s {httpStatus = a} :: GetUserSettingsResponse)
+
+instance Prelude.NFData GetUserSettingsResponse where
+  rnf GetUserSettingsResponse' {..} =
+    Prelude.rnf userSettings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/Lens.hs b/gen/Amazonka/WorkSpacesWeb/Lens.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Lens.hs
@@ -0,0 +1,532 @@
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-duplicate-exports #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Lens
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Lens
+  ( -- * Operations
+
+    -- ** AssociateBrowserSettings
+    associateBrowserSettings_browserSettingsArn,
+    associateBrowserSettings_portalArn,
+    associateBrowserSettingsResponse_httpStatus,
+    associateBrowserSettingsResponse_browserSettingsArn,
+    associateBrowserSettingsResponse_portalArn,
+
+    -- ** AssociateNetworkSettings
+    associateNetworkSettings_networkSettingsArn,
+    associateNetworkSettings_portalArn,
+    associateNetworkSettingsResponse_httpStatus,
+    associateNetworkSettingsResponse_networkSettingsArn,
+    associateNetworkSettingsResponse_portalArn,
+
+    -- ** AssociateTrustStore
+    associateTrustStore_portalArn,
+    associateTrustStore_trustStoreArn,
+    associateTrustStoreResponse_httpStatus,
+    associateTrustStoreResponse_portalArn,
+    associateTrustStoreResponse_trustStoreArn,
+
+    -- ** AssociateUserAccessLoggingSettings
+    associateUserAccessLoggingSettings_portalArn,
+    associateUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+    associateUserAccessLoggingSettingsResponse_httpStatus,
+    associateUserAccessLoggingSettingsResponse_portalArn,
+    associateUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn,
+
+    -- ** AssociateUserSettings
+    associateUserSettings_portalArn,
+    associateUserSettings_userSettingsArn,
+    associateUserSettingsResponse_httpStatus,
+    associateUserSettingsResponse_portalArn,
+    associateUserSettingsResponse_userSettingsArn,
+
+    -- ** CreateBrowserSettings
+    createBrowserSettings_additionalEncryptionContext,
+    createBrowserSettings_clientToken,
+    createBrowserSettings_customerManagedKey,
+    createBrowserSettings_tags,
+    createBrowserSettings_browserPolicy,
+    createBrowserSettingsResponse_httpStatus,
+    createBrowserSettingsResponse_browserSettingsArn,
+
+    -- ** CreateIdentityProvider
+    createIdentityProvider_clientToken,
+    createIdentityProvider_identityProviderDetails,
+    createIdentityProvider_identityProviderName,
+    createIdentityProvider_identityProviderType,
+    createIdentityProvider_portalArn,
+    createIdentityProviderResponse_httpStatus,
+    createIdentityProviderResponse_identityProviderArn,
+
+    -- ** CreateNetworkSettings
+    createNetworkSettings_clientToken,
+    createNetworkSettings_tags,
+    createNetworkSettings_securityGroupIds,
+    createNetworkSettings_subnetIds,
+    createNetworkSettings_vpcId,
+    createNetworkSettingsResponse_httpStatus,
+    createNetworkSettingsResponse_networkSettingsArn,
+
+    -- ** CreatePortal
+    createPortal_additionalEncryptionContext,
+    createPortal_clientToken,
+    createPortal_customerManagedKey,
+    createPortal_displayName,
+    createPortal_tags,
+    createPortalResponse_httpStatus,
+    createPortalResponse_portalArn,
+    createPortalResponse_portalEndpoint,
+
+    -- ** CreateTrustStore
+    createTrustStore_clientToken,
+    createTrustStore_tags,
+    createTrustStore_certificateList,
+    createTrustStoreResponse_httpStatus,
+    createTrustStoreResponse_trustStoreArn,
+
+    -- ** CreateUserAccessLoggingSettings
+    createUserAccessLoggingSettings_clientToken,
+    createUserAccessLoggingSettings_tags,
+    createUserAccessLoggingSettings_kinesisStreamArn,
+    createUserAccessLoggingSettingsResponse_httpStatus,
+    createUserAccessLoggingSettingsResponse_userAccessLoggingSettingsArn,
+
+    -- ** CreateUserSettings
+    createUserSettings_clientToken,
+    createUserSettings_disconnectTimeoutInMinutes,
+    createUserSettings_idleDisconnectTimeoutInMinutes,
+    createUserSettings_tags,
+    createUserSettings_copyAllowed,
+    createUserSettings_downloadAllowed,
+    createUserSettings_pasteAllowed,
+    createUserSettings_printAllowed,
+    createUserSettings_uploadAllowed,
+    createUserSettingsResponse_httpStatus,
+    createUserSettingsResponse_userSettingsArn,
+
+    -- ** DeleteBrowserSettings
+    deleteBrowserSettings_browserSettingsArn,
+    deleteBrowserSettingsResponse_httpStatus,
+
+    -- ** DeleteIdentityProvider
+    deleteIdentityProvider_identityProviderArn,
+    deleteIdentityProviderResponse_httpStatus,
+
+    -- ** DeleteNetworkSettings
+    deleteNetworkSettings_networkSettingsArn,
+    deleteNetworkSettingsResponse_httpStatus,
+
+    -- ** DeletePortal
+    deletePortal_portalArn,
+    deletePortalResponse_httpStatus,
+
+    -- ** DeleteTrustStore
+    deleteTrustStore_trustStoreArn,
+    deleteTrustStoreResponse_httpStatus,
+
+    -- ** DeleteUserAccessLoggingSettings
+    deleteUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+    deleteUserAccessLoggingSettingsResponse_httpStatus,
+
+    -- ** DeleteUserSettings
+    deleteUserSettings_userSettingsArn,
+    deleteUserSettingsResponse_httpStatus,
+
+    -- ** DisassociateBrowserSettings
+    disassociateBrowserSettings_portalArn,
+    disassociateBrowserSettingsResponse_httpStatus,
+
+    -- ** DisassociateNetworkSettings
+    disassociateNetworkSettings_portalArn,
+    disassociateNetworkSettingsResponse_httpStatus,
+
+    -- ** DisassociateTrustStore
+    disassociateTrustStore_portalArn,
+    disassociateTrustStoreResponse_httpStatus,
+
+    -- ** DisassociateUserAccessLoggingSettings
+    disassociateUserAccessLoggingSettings_portalArn,
+    disassociateUserAccessLoggingSettingsResponse_httpStatus,
+
+    -- ** DisassociateUserSettings
+    disassociateUserSettings_portalArn,
+    disassociateUserSettingsResponse_httpStatus,
+
+    -- ** GetBrowserSettings
+    getBrowserSettings_browserSettingsArn,
+    getBrowserSettingsResponse_browserSettings,
+    getBrowserSettingsResponse_httpStatus,
+
+    -- ** GetIdentityProvider
+    getIdentityProvider_identityProviderArn,
+    getIdentityProviderResponse_identityProvider,
+    getIdentityProviderResponse_httpStatus,
+
+    -- ** GetNetworkSettings
+    getNetworkSettings_networkSettingsArn,
+    getNetworkSettingsResponse_networkSettings,
+    getNetworkSettingsResponse_httpStatus,
+
+    -- ** GetPortal
+    getPortal_portalArn,
+    getPortalResponse_portal,
+    getPortalResponse_httpStatus,
+
+    -- ** GetPortalServiceProviderMetadata
+    getPortalServiceProviderMetadata_portalArn,
+    getPortalServiceProviderMetadataResponse_serviceProviderSamlMetadata,
+    getPortalServiceProviderMetadataResponse_httpStatus,
+    getPortalServiceProviderMetadataResponse_portalArn,
+
+    -- ** GetTrustStore
+    getTrustStore_trustStoreArn,
+    getTrustStoreResponse_trustStore,
+    getTrustStoreResponse_httpStatus,
+
+    -- ** GetTrustStoreCertificate
+    getTrustStoreCertificate_thumbprint,
+    getTrustStoreCertificate_trustStoreArn,
+    getTrustStoreCertificateResponse_certificate,
+    getTrustStoreCertificateResponse_trustStoreArn,
+    getTrustStoreCertificateResponse_httpStatus,
+
+    -- ** GetUserAccessLoggingSettings
+    getUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+    getUserAccessLoggingSettingsResponse_userAccessLoggingSettings,
+    getUserAccessLoggingSettingsResponse_httpStatus,
+
+    -- ** GetUserSettings
+    getUserSettings_userSettingsArn,
+    getUserSettingsResponse_userSettings,
+    getUserSettingsResponse_httpStatus,
+
+    -- ** ListBrowserSettings
+    listBrowserSettings_maxResults,
+    listBrowserSettings_nextToken,
+    listBrowserSettingsResponse_browserSettings,
+    listBrowserSettingsResponse_nextToken,
+    listBrowserSettingsResponse_httpStatus,
+
+    -- ** ListIdentityProviders
+    listIdentityProviders_maxResults,
+    listIdentityProviders_nextToken,
+    listIdentityProviders_portalArn,
+    listIdentityProvidersResponse_identityProviders,
+    listIdentityProvidersResponse_nextToken,
+    listIdentityProvidersResponse_httpStatus,
+
+    -- ** ListNetworkSettings
+    listNetworkSettings_maxResults,
+    listNetworkSettings_nextToken,
+    listNetworkSettingsResponse_networkSettings,
+    listNetworkSettingsResponse_nextToken,
+    listNetworkSettingsResponse_httpStatus,
+
+    -- ** ListPortals
+    listPortals_maxResults,
+    listPortals_nextToken,
+    listPortalsResponse_nextToken,
+    listPortalsResponse_portals,
+    listPortalsResponse_httpStatus,
+
+    -- ** ListTagsForResource
+    listTagsForResource_resourceArn,
+    listTagsForResourceResponse_tags,
+    listTagsForResourceResponse_httpStatus,
+
+    -- ** ListTrustStoreCertificates
+    listTrustStoreCertificates_maxResults,
+    listTrustStoreCertificates_nextToken,
+    listTrustStoreCertificates_trustStoreArn,
+    listTrustStoreCertificatesResponse_certificateList,
+    listTrustStoreCertificatesResponse_nextToken,
+    listTrustStoreCertificatesResponse_trustStoreArn,
+    listTrustStoreCertificatesResponse_httpStatus,
+
+    -- ** ListTrustStores
+    listTrustStores_maxResults,
+    listTrustStores_nextToken,
+    listTrustStoresResponse_nextToken,
+    listTrustStoresResponse_trustStores,
+    listTrustStoresResponse_httpStatus,
+
+    -- ** ListUserAccessLoggingSettings
+    listUserAccessLoggingSettings_maxResults,
+    listUserAccessLoggingSettings_nextToken,
+    listUserAccessLoggingSettingsResponse_nextToken,
+    listUserAccessLoggingSettingsResponse_userAccessLoggingSettings,
+    listUserAccessLoggingSettingsResponse_httpStatus,
+
+    -- ** ListUserSettings
+    listUserSettings_maxResults,
+    listUserSettings_nextToken,
+    listUserSettingsResponse_nextToken,
+    listUserSettingsResponse_userSettings,
+    listUserSettingsResponse_httpStatus,
+
+    -- ** TagResource
+    tagResource_clientToken,
+    tagResource_resourceArn,
+    tagResource_tags,
+    tagResourceResponse_httpStatus,
+
+    -- ** UntagResource
+    untagResource_resourceArn,
+    untagResource_tagKeys,
+    untagResourceResponse_httpStatus,
+
+    -- ** UpdateBrowserSettings
+    updateBrowserSettings_browserPolicy,
+    updateBrowserSettings_clientToken,
+    updateBrowserSettings_browserSettingsArn,
+    updateBrowserSettingsResponse_httpStatus,
+    updateBrowserSettingsResponse_browserSettings,
+
+    -- ** UpdateIdentityProvider
+    updateIdentityProvider_clientToken,
+    updateIdentityProvider_identityProviderDetails,
+    updateIdentityProvider_identityProviderName,
+    updateIdentityProvider_identityProviderType,
+    updateIdentityProvider_identityProviderArn,
+    updateIdentityProviderResponse_httpStatus,
+    updateIdentityProviderResponse_identityProvider,
+
+    -- ** UpdateNetworkSettings
+    updateNetworkSettings_clientToken,
+    updateNetworkSettings_securityGroupIds,
+    updateNetworkSettings_subnetIds,
+    updateNetworkSettings_vpcId,
+    updateNetworkSettings_networkSettingsArn,
+    updateNetworkSettingsResponse_httpStatus,
+    updateNetworkSettingsResponse_networkSettings,
+
+    -- ** UpdatePortal
+    updatePortal_displayName,
+    updatePortal_portalArn,
+    updatePortalResponse_portal,
+    updatePortalResponse_httpStatus,
+
+    -- ** UpdateTrustStore
+    updateTrustStore_certificatesToAdd,
+    updateTrustStore_certificatesToDelete,
+    updateTrustStore_clientToken,
+    updateTrustStore_trustStoreArn,
+    updateTrustStoreResponse_httpStatus,
+    updateTrustStoreResponse_trustStoreArn,
+
+    -- ** UpdateUserAccessLoggingSettings
+    updateUserAccessLoggingSettings_clientToken,
+    updateUserAccessLoggingSettings_kinesisStreamArn,
+    updateUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+    updateUserAccessLoggingSettingsResponse_httpStatus,
+    updateUserAccessLoggingSettingsResponse_userAccessLoggingSettings,
+
+    -- ** UpdateUserSettings
+    updateUserSettings_clientToken,
+    updateUserSettings_copyAllowed,
+    updateUserSettings_disconnectTimeoutInMinutes,
+    updateUserSettings_downloadAllowed,
+    updateUserSettings_idleDisconnectTimeoutInMinutes,
+    updateUserSettings_pasteAllowed,
+    updateUserSettings_printAllowed,
+    updateUserSettings_uploadAllowed,
+    updateUserSettings_userSettingsArn,
+    updateUserSettingsResponse_httpStatus,
+    updateUserSettingsResponse_userSettings,
+
+    -- * Types
+
+    -- ** BrowserSettings
+    browserSettings_associatedPortalArns,
+    browserSettings_browserPolicy,
+    browserSettings_browserSettingsArn,
+
+    -- ** BrowserSettingsSummary
+    browserSettingsSummary_browserSettingsArn,
+
+    -- ** Certificate
+    certificate_body,
+    certificate_issuer,
+    certificate_notValidAfter,
+    certificate_notValidBefore,
+    certificate_subject,
+    certificate_thumbprint,
+
+    -- ** CertificateSummary
+    certificateSummary_issuer,
+    certificateSummary_notValidAfter,
+    certificateSummary_notValidBefore,
+    certificateSummary_subject,
+    certificateSummary_thumbprint,
+
+    -- ** IdentityProvider
+    identityProvider_identityProviderDetails,
+    identityProvider_identityProviderName,
+    identityProvider_identityProviderType,
+    identityProvider_identityProviderArn,
+
+    -- ** IdentityProviderSummary
+    identityProviderSummary_identityProviderArn,
+    identityProviderSummary_identityProviderName,
+    identityProviderSummary_identityProviderType,
+
+    -- ** NetworkSettings
+    networkSettings_associatedPortalArns,
+    networkSettings_securityGroupIds,
+    networkSettings_subnetIds,
+    networkSettings_vpcId,
+    networkSettings_networkSettingsArn,
+
+    -- ** NetworkSettingsSummary
+    networkSettingsSummary_networkSettingsArn,
+    networkSettingsSummary_vpcId,
+
+    -- ** Portal
+    portal_browserSettingsArn,
+    portal_browserType,
+    portal_creationDate,
+    portal_displayName,
+    portal_networkSettingsArn,
+    portal_portalArn,
+    portal_portalEndpoint,
+    portal_portalStatus,
+    portal_rendererType,
+    portal_statusReason,
+    portal_trustStoreArn,
+    portal_userAccessLoggingSettingsArn,
+    portal_userSettingsArn,
+
+    -- ** PortalSummary
+    portalSummary_browserSettingsArn,
+    portalSummary_browserType,
+    portalSummary_creationDate,
+    portalSummary_displayName,
+    portalSummary_networkSettingsArn,
+    portalSummary_portalArn,
+    portalSummary_portalEndpoint,
+    portalSummary_portalStatus,
+    portalSummary_rendererType,
+    portalSummary_trustStoreArn,
+    portalSummary_userAccessLoggingSettingsArn,
+    portalSummary_userSettingsArn,
+
+    -- ** Tag
+    tag_key,
+    tag_value,
+
+    -- ** TrustStore
+    trustStore_associatedPortalArns,
+    trustStore_trustStoreArn,
+
+    -- ** TrustStoreSummary
+    trustStoreSummary_trustStoreArn,
+
+    -- ** UserAccessLoggingSettings
+    userAccessLoggingSettings_associatedPortalArns,
+    userAccessLoggingSettings_kinesisStreamArn,
+    userAccessLoggingSettings_userAccessLoggingSettingsArn,
+
+    -- ** UserAccessLoggingSettingsSummary
+    userAccessLoggingSettingsSummary_kinesisStreamArn,
+    userAccessLoggingSettingsSummary_userAccessLoggingSettingsArn,
+
+    -- ** UserSettings
+    userSettings_associatedPortalArns,
+    userSettings_copyAllowed,
+    userSettings_disconnectTimeoutInMinutes,
+    userSettings_downloadAllowed,
+    userSettings_idleDisconnectTimeoutInMinutes,
+    userSettings_pasteAllowed,
+    userSettings_printAllowed,
+    userSettings_uploadAllowed,
+    userSettings_userSettingsArn,
+
+    -- ** UserSettingsSummary
+    userSettingsSummary_copyAllowed,
+    userSettingsSummary_disconnectTimeoutInMinutes,
+    userSettingsSummary_downloadAllowed,
+    userSettingsSummary_idleDisconnectTimeoutInMinutes,
+    userSettingsSummary_pasteAllowed,
+    userSettingsSummary_printAllowed,
+    userSettingsSummary_uploadAllowed,
+    userSettingsSummary_userSettingsArn,
+  )
+where
+
+import Amazonka.WorkSpacesWeb.AssociateBrowserSettings
+import Amazonka.WorkSpacesWeb.AssociateNetworkSettings
+import Amazonka.WorkSpacesWeb.AssociateTrustStore
+import Amazonka.WorkSpacesWeb.AssociateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.AssociateUserSettings
+import Amazonka.WorkSpacesWeb.CreateBrowserSettings
+import Amazonka.WorkSpacesWeb.CreateIdentityProvider
+import Amazonka.WorkSpacesWeb.CreateNetworkSettings
+import Amazonka.WorkSpacesWeb.CreatePortal
+import Amazonka.WorkSpacesWeb.CreateTrustStore
+import Amazonka.WorkSpacesWeb.CreateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.CreateUserSettings
+import Amazonka.WorkSpacesWeb.DeleteBrowserSettings
+import Amazonka.WorkSpacesWeb.DeleteIdentityProvider
+import Amazonka.WorkSpacesWeb.DeleteNetworkSettings
+import Amazonka.WorkSpacesWeb.DeletePortal
+import Amazonka.WorkSpacesWeb.DeleteTrustStore
+import Amazonka.WorkSpacesWeb.DeleteUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.DeleteUserSettings
+import Amazonka.WorkSpacesWeb.DisassociateBrowserSettings
+import Amazonka.WorkSpacesWeb.DisassociateNetworkSettings
+import Amazonka.WorkSpacesWeb.DisassociateTrustStore
+import Amazonka.WorkSpacesWeb.DisassociateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.DisassociateUserSettings
+import Amazonka.WorkSpacesWeb.GetBrowserSettings
+import Amazonka.WorkSpacesWeb.GetIdentityProvider
+import Amazonka.WorkSpacesWeb.GetNetworkSettings
+import Amazonka.WorkSpacesWeb.GetPortal
+import Amazonka.WorkSpacesWeb.GetPortalServiceProviderMetadata
+import Amazonka.WorkSpacesWeb.GetTrustStore
+import Amazonka.WorkSpacesWeb.GetTrustStoreCertificate
+import Amazonka.WorkSpacesWeb.GetUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.GetUserSettings
+import Amazonka.WorkSpacesWeb.ListBrowserSettings
+import Amazonka.WorkSpacesWeb.ListIdentityProviders
+import Amazonka.WorkSpacesWeb.ListNetworkSettings
+import Amazonka.WorkSpacesWeb.ListPortals
+import Amazonka.WorkSpacesWeb.ListTagsForResource
+import Amazonka.WorkSpacesWeb.ListTrustStoreCertificates
+import Amazonka.WorkSpacesWeb.ListTrustStores
+import Amazonka.WorkSpacesWeb.ListUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.ListUserSettings
+import Amazonka.WorkSpacesWeb.TagResource
+import Amazonka.WorkSpacesWeb.Types.BrowserSettings
+import Amazonka.WorkSpacesWeb.Types.BrowserSettingsSummary
+import Amazonka.WorkSpacesWeb.Types.Certificate
+import Amazonka.WorkSpacesWeb.Types.CertificateSummary
+import Amazonka.WorkSpacesWeb.Types.IdentityProvider
+import Amazonka.WorkSpacesWeb.Types.IdentityProviderSummary
+import Amazonka.WorkSpacesWeb.Types.NetworkSettings
+import Amazonka.WorkSpacesWeb.Types.NetworkSettingsSummary
+import Amazonka.WorkSpacesWeb.Types.Portal
+import Amazonka.WorkSpacesWeb.Types.PortalSummary
+import Amazonka.WorkSpacesWeb.Types.Tag
+import Amazonka.WorkSpacesWeb.Types.TrustStore
+import Amazonka.WorkSpacesWeb.Types.TrustStoreSummary
+import Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettingsSummary
+import Amazonka.WorkSpacesWeb.Types.UserSettings
+import Amazonka.WorkSpacesWeb.Types.UserSettingsSummary
+import Amazonka.WorkSpacesWeb.UntagResource
+import Amazonka.WorkSpacesWeb.UpdateBrowserSettings
+import Amazonka.WorkSpacesWeb.UpdateIdentityProvider
+import Amazonka.WorkSpacesWeb.UpdateNetworkSettings
+import Amazonka.WorkSpacesWeb.UpdatePortal
+import Amazonka.WorkSpacesWeb.UpdateTrustStore
+import Amazonka.WorkSpacesWeb.UpdateUserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.UpdateUserSettings
diff --git a/gen/Amazonka/WorkSpacesWeb/ListBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/ListBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListBrowserSettings.hs
@@ -0,0 +1,196 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of browser settings.
+module Amazonka.WorkSpacesWeb.ListBrowserSettings
+  ( -- * Creating a Request
+    ListBrowserSettings (..),
+    newListBrowserSettings,
+
+    -- * Request Lenses
+    listBrowserSettings_maxResults,
+    listBrowserSettings_nextToken,
+
+    -- * Destructuring the Response
+    ListBrowserSettingsResponse (..),
+    newListBrowserSettingsResponse,
+
+    -- * Response Lenses
+    listBrowserSettingsResponse_browserSettings,
+    listBrowserSettingsResponse_nextToken,
+    listBrowserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListBrowserSettings' smart constructor.
+data ListBrowserSettings = ListBrowserSettings'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listBrowserSettings_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listBrowserSettings_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+newListBrowserSettings ::
+  ListBrowserSettings
+newListBrowserSettings =
+  ListBrowserSettings'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to be included in the next page.
+listBrowserSettings_maxResults :: Lens.Lens' ListBrowserSettings (Prelude.Maybe Prelude.Natural)
+listBrowserSettings_maxResults = Lens.lens (\ListBrowserSettings' {maxResults} -> maxResults) (\s@ListBrowserSettings' {} a -> s {maxResults = a} :: ListBrowserSettings)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listBrowserSettings_nextToken :: Lens.Lens' ListBrowserSettings (Prelude.Maybe Prelude.Text)
+listBrowserSettings_nextToken = Lens.lens (\ListBrowserSettings' {nextToken} -> nextToken) (\s@ListBrowserSettings' {} a -> s {nextToken = a} :: ListBrowserSettings)
+
+instance Core.AWSRequest ListBrowserSettings where
+  type
+    AWSResponse ListBrowserSettings =
+      ListBrowserSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListBrowserSettingsResponse'
+            Prelude.<$> ( x
+                            Data..?> "browserSettings"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListBrowserSettings where
+  hashWithSalt _salt ListBrowserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListBrowserSettings where
+  rnf ListBrowserSettings' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListBrowserSettings where
+  toPath = Prelude.const "/browserSettings"
+
+instance Data.ToQuery ListBrowserSettings where
+  toQuery ListBrowserSettings' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListBrowserSettingsResponse' smart constructor.
+data ListBrowserSettingsResponse = ListBrowserSettingsResponse'
+  { -- | The browser settings.
+    browserSettings :: Prelude.Maybe [BrowserSettingsSummary],
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettings', 'listBrowserSettingsResponse_browserSettings' - The browser settings.
+--
+-- 'nextToken', 'listBrowserSettingsResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'httpStatus', 'listBrowserSettingsResponse_httpStatus' - The response's http status code.
+newListBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListBrowserSettingsResponse
+newListBrowserSettingsResponse pHttpStatus_ =
+  ListBrowserSettingsResponse'
+    { browserSettings =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The browser settings.
+listBrowserSettingsResponse_browserSettings :: Lens.Lens' ListBrowserSettingsResponse (Prelude.Maybe [BrowserSettingsSummary])
+listBrowserSettingsResponse_browserSettings = Lens.lens (\ListBrowserSettingsResponse' {browserSettings} -> browserSettings) (\s@ListBrowserSettingsResponse' {} a -> s {browserSettings = a} :: ListBrowserSettingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listBrowserSettingsResponse_nextToken :: Lens.Lens' ListBrowserSettingsResponse (Prelude.Maybe Prelude.Text)
+listBrowserSettingsResponse_nextToken = Lens.lens (\ListBrowserSettingsResponse' {nextToken} -> nextToken) (\s@ListBrowserSettingsResponse' {} a -> s {nextToken = a} :: ListBrowserSettingsResponse)
+
+-- | The response's http status code.
+listBrowserSettingsResponse_httpStatus :: Lens.Lens' ListBrowserSettingsResponse Prelude.Int
+listBrowserSettingsResponse_httpStatus = Lens.lens (\ListBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@ListBrowserSettingsResponse' {} a -> s {httpStatus = a} :: ListBrowserSettingsResponse)
+
+instance Prelude.NFData ListBrowserSettingsResponse where
+  rnf ListBrowserSettingsResponse' {..} =
+    Prelude.rnf browserSettings
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListIdentityProviders.hs b/gen/Amazonka/WorkSpacesWeb/ListIdentityProviders.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListIdentityProviders.hs
@@ -0,0 +1,216 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListIdentityProviders
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of identity providers for a specific web portal.
+module Amazonka.WorkSpacesWeb.ListIdentityProviders
+  ( -- * Creating a Request
+    ListIdentityProviders (..),
+    newListIdentityProviders,
+
+    -- * Request Lenses
+    listIdentityProviders_maxResults,
+    listIdentityProviders_nextToken,
+    listIdentityProviders_portalArn,
+
+    -- * Destructuring the Response
+    ListIdentityProvidersResponse (..),
+    newListIdentityProvidersResponse,
+
+    -- * Response Lenses
+    listIdentityProvidersResponse_identityProviders,
+    listIdentityProvidersResponse_nextToken,
+    listIdentityProvidersResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListIdentityProviders' smart constructor.
+data ListIdentityProviders = ListIdentityProviders'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListIdentityProviders' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listIdentityProviders_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listIdentityProviders_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'portalArn', 'listIdentityProviders_portalArn' - The ARN of the web portal.
+newListIdentityProviders ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  ListIdentityProviders
+newListIdentityProviders pPortalArn_ =
+  ListIdentityProviders'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      portalArn = pPortalArn_
+    }
+
+-- | The maximum number of results to be included in the next page.
+listIdentityProviders_maxResults :: Lens.Lens' ListIdentityProviders (Prelude.Maybe Prelude.Natural)
+listIdentityProviders_maxResults = Lens.lens (\ListIdentityProviders' {maxResults} -> maxResults) (\s@ListIdentityProviders' {} a -> s {maxResults = a} :: ListIdentityProviders)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listIdentityProviders_nextToken :: Lens.Lens' ListIdentityProviders (Prelude.Maybe Prelude.Text)
+listIdentityProviders_nextToken = Lens.lens (\ListIdentityProviders' {nextToken} -> nextToken) (\s@ListIdentityProviders' {} a -> s {nextToken = a} :: ListIdentityProviders)
+
+-- | The ARN of the web portal.
+listIdentityProviders_portalArn :: Lens.Lens' ListIdentityProviders Prelude.Text
+listIdentityProviders_portalArn = Lens.lens (\ListIdentityProviders' {portalArn} -> portalArn) (\s@ListIdentityProviders' {} a -> s {portalArn = a} :: ListIdentityProviders)
+
+instance Core.AWSRequest ListIdentityProviders where
+  type
+    AWSResponse ListIdentityProviders =
+      ListIdentityProvidersResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListIdentityProvidersResponse'
+            Prelude.<$> ( x
+                            Data..?> "identityProviders"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListIdentityProviders where
+  hashWithSalt _salt ListIdentityProviders' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData ListIdentityProviders where
+  rnf ListIdentityProviders' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf portalArn
+
+instance Data.ToHeaders ListIdentityProviders where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListIdentityProviders where
+  toPath ListIdentityProviders' {..} =
+    Prelude.mconcat
+      [ "/portals/",
+        Data.toBS portalArn,
+        "/identityProviders"
+      ]
+
+instance Data.ToQuery ListIdentityProviders where
+  toQuery ListIdentityProviders' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListIdentityProvidersResponse' smart constructor.
+data ListIdentityProvidersResponse = ListIdentityProvidersResponse'
+  { -- | The identity providers.
+    identityProviders :: Prelude.Maybe [IdentityProviderSummary],
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListIdentityProvidersResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'identityProviders', 'listIdentityProvidersResponse_identityProviders' - The identity providers.
+--
+-- 'nextToken', 'listIdentityProvidersResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'httpStatus', 'listIdentityProvidersResponse_httpStatus' - The response's http status code.
+newListIdentityProvidersResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListIdentityProvidersResponse
+newListIdentityProvidersResponse pHttpStatus_ =
+  ListIdentityProvidersResponse'
+    { identityProviders =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The identity providers.
+listIdentityProvidersResponse_identityProviders :: Lens.Lens' ListIdentityProvidersResponse (Prelude.Maybe [IdentityProviderSummary])
+listIdentityProvidersResponse_identityProviders = Lens.lens (\ListIdentityProvidersResponse' {identityProviders} -> identityProviders) (\s@ListIdentityProvidersResponse' {} a -> s {identityProviders = a} :: ListIdentityProvidersResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listIdentityProvidersResponse_nextToken :: Lens.Lens' ListIdentityProvidersResponse (Prelude.Maybe Prelude.Text)
+listIdentityProvidersResponse_nextToken = Lens.lens (\ListIdentityProvidersResponse' {nextToken} -> nextToken) (\s@ListIdentityProvidersResponse' {} a -> s {nextToken = a} :: ListIdentityProvidersResponse)
+
+-- | The response's http status code.
+listIdentityProvidersResponse_httpStatus :: Lens.Lens' ListIdentityProvidersResponse Prelude.Int
+listIdentityProvidersResponse_httpStatus = Lens.lens (\ListIdentityProvidersResponse' {httpStatus} -> httpStatus) (\s@ListIdentityProvidersResponse' {} a -> s {httpStatus = a} :: ListIdentityProvidersResponse)
+
+instance Prelude.NFData ListIdentityProvidersResponse where
+  rnf ListIdentityProvidersResponse' {..} =
+    Prelude.rnf identityProviders
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/ListNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListNetworkSettings.hs
@@ -0,0 +1,196 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of network settings.
+module Amazonka.WorkSpacesWeb.ListNetworkSettings
+  ( -- * Creating a Request
+    ListNetworkSettings (..),
+    newListNetworkSettings,
+
+    -- * Request Lenses
+    listNetworkSettings_maxResults,
+    listNetworkSettings_nextToken,
+
+    -- * Destructuring the Response
+    ListNetworkSettingsResponse (..),
+    newListNetworkSettingsResponse,
+
+    -- * Response Lenses
+    listNetworkSettingsResponse_networkSettings,
+    listNetworkSettingsResponse_nextToken,
+    listNetworkSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListNetworkSettings' smart constructor.
+data ListNetworkSettings = ListNetworkSettings'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listNetworkSettings_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listNetworkSettings_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+newListNetworkSettings ::
+  ListNetworkSettings
+newListNetworkSettings =
+  ListNetworkSettings'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to be included in the next page.
+listNetworkSettings_maxResults :: Lens.Lens' ListNetworkSettings (Prelude.Maybe Prelude.Natural)
+listNetworkSettings_maxResults = Lens.lens (\ListNetworkSettings' {maxResults} -> maxResults) (\s@ListNetworkSettings' {} a -> s {maxResults = a} :: ListNetworkSettings)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listNetworkSettings_nextToken :: Lens.Lens' ListNetworkSettings (Prelude.Maybe Prelude.Text)
+listNetworkSettings_nextToken = Lens.lens (\ListNetworkSettings' {nextToken} -> nextToken) (\s@ListNetworkSettings' {} a -> s {nextToken = a} :: ListNetworkSettings)
+
+instance Core.AWSRequest ListNetworkSettings where
+  type
+    AWSResponse ListNetworkSettings =
+      ListNetworkSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListNetworkSettingsResponse'
+            Prelude.<$> ( x
+                            Data..?> "networkSettings"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListNetworkSettings where
+  hashWithSalt _salt ListNetworkSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListNetworkSettings where
+  rnf ListNetworkSettings' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListNetworkSettings where
+  toPath = Prelude.const "/networkSettings"
+
+instance Data.ToQuery ListNetworkSettings where
+  toQuery ListNetworkSettings' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListNetworkSettingsResponse' smart constructor.
+data ListNetworkSettingsResponse = ListNetworkSettingsResponse'
+  { -- | The network settings.
+    networkSettings :: Prelude.Maybe [NetworkSettingsSummary],
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'networkSettings', 'listNetworkSettingsResponse_networkSettings' - The network settings.
+--
+-- 'nextToken', 'listNetworkSettingsResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'httpStatus', 'listNetworkSettingsResponse_httpStatus' - The response's http status code.
+newListNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListNetworkSettingsResponse
+newListNetworkSettingsResponse pHttpStatus_ =
+  ListNetworkSettingsResponse'
+    { networkSettings =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The network settings.
+listNetworkSettingsResponse_networkSettings :: Lens.Lens' ListNetworkSettingsResponse (Prelude.Maybe [NetworkSettingsSummary])
+listNetworkSettingsResponse_networkSettings = Lens.lens (\ListNetworkSettingsResponse' {networkSettings} -> networkSettings) (\s@ListNetworkSettingsResponse' {} a -> s {networkSettings = a} :: ListNetworkSettingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listNetworkSettingsResponse_nextToken :: Lens.Lens' ListNetworkSettingsResponse (Prelude.Maybe Prelude.Text)
+listNetworkSettingsResponse_nextToken = Lens.lens (\ListNetworkSettingsResponse' {nextToken} -> nextToken) (\s@ListNetworkSettingsResponse' {} a -> s {nextToken = a} :: ListNetworkSettingsResponse)
+
+-- | The response's http status code.
+listNetworkSettingsResponse_httpStatus :: Lens.Lens' ListNetworkSettingsResponse Prelude.Int
+listNetworkSettingsResponse_httpStatus = Lens.lens (\ListNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@ListNetworkSettingsResponse' {} a -> s {httpStatus = a} :: ListNetworkSettingsResponse)
+
+instance Prelude.NFData ListNetworkSettingsResponse where
+  rnf ListNetworkSettingsResponse' {..} =
+    Prelude.rnf networkSettings
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListPortals.hs b/gen/Amazonka/WorkSpacesWeb/ListPortals.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListPortals.hs
@@ -0,0 +1,190 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListPortals
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list or web portals.
+module Amazonka.WorkSpacesWeb.ListPortals
+  ( -- * Creating a Request
+    ListPortals (..),
+    newListPortals,
+
+    -- * Request Lenses
+    listPortals_maxResults,
+    listPortals_nextToken,
+
+    -- * Destructuring the Response
+    ListPortalsResponse (..),
+    newListPortalsResponse,
+
+    -- * Response Lenses
+    listPortalsResponse_nextToken,
+    listPortalsResponse_portals,
+    listPortalsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListPortals' smart constructor.
+data ListPortals = ListPortals'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPortals' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listPortals_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listPortals_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+newListPortals ::
+  ListPortals
+newListPortals =
+  ListPortals'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to be included in the next page.
+listPortals_maxResults :: Lens.Lens' ListPortals (Prelude.Maybe Prelude.Natural)
+listPortals_maxResults = Lens.lens (\ListPortals' {maxResults} -> maxResults) (\s@ListPortals' {} a -> s {maxResults = a} :: ListPortals)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listPortals_nextToken :: Lens.Lens' ListPortals (Prelude.Maybe Prelude.Text)
+listPortals_nextToken = Lens.lens (\ListPortals' {nextToken} -> nextToken) (\s@ListPortals' {} a -> s {nextToken = a} :: ListPortals)
+
+instance Core.AWSRequest ListPortals where
+  type AWSResponse ListPortals = ListPortalsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListPortalsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "portals" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListPortals where
+  hashWithSalt _salt ListPortals' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListPortals where
+  rnf ListPortals' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListPortals where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListPortals where
+  toPath = Prelude.const "/portals"
+
+instance Data.ToQuery ListPortals where
+  toQuery ListPortals' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListPortalsResponse' smart constructor.
+data ListPortalsResponse = ListPortalsResponse'
+  { -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The portals in the list.
+    portals :: Prelude.Maybe [PortalSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListPortalsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listPortalsResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'portals', 'listPortalsResponse_portals' - The portals in the list.
+--
+-- 'httpStatus', 'listPortalsResponse_httpStatus' - The response's http status code.
+newListPortalsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListPortalsResponse
+newListPortalsResponse pHttpStatus_ =
+  ListPortalsResponse'
+    { nextToken = Prelude.Nothing,
+      portals = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listPortalsResponse_nextToken :: Lens.Lens' ListPortalsResponse (Prelude.Maybe Prelude.Text)
+listPortalsResponse_nextToken = Lens.lens (\ListPortalsResponse' {nextToken} -> nextToken) (\s@ListPortalsResponse' {} a -> s {nextToken = a} :: ListPortalsResponse)
+
+-- | The portals in the list.
+listPortalsResponse_portals :: Lens.Lens' ListPortalsResponse (Prelude.Maybe [PortalSummary])
+listPortalsResponse_portals = Lens.lens (\ListPortalsResponse' {portals} -> portals) (\s@ListPortalsResponse' {} a -> s {portals = a} :: ListPortalsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listPortalsResponse_httpStatus :: Lens.Lens' ListPortalsResponse Prelude.Int
+listPortalsResponse_httpStatus = Lens.lens (\ListPortalsResponse' {httpStatus} -> httpStatus) (\s@ListPortalsResponse' {} a -> s {httpStatus = a} :: ListPortalsResponse)
+
+instance Prelude.NFData ListPortalsResponse where
+  rnf ListPortalsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf portals
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListTagsForResource.hs b/gen/Amazonka/WorkSpacesWeb/ListTagsForResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListTagsForResource.hs
@@ -0,0 +1,159 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListTagsForResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of tags for a resource.
+module Amazonka.WorkSpacesWeb.ListTagsForResource
+  ( -- * Creating a Request
+    ListTagsForResource (..),
+    newListTagsForResource,
+
+    -- * Request Lenses
+    listTagsForResource_resourceArn,
+
+    -- * Destructuring the Response
+    ListTagsForResourceResponse (..),
+    newListTagsForResourceResponse,
+
+    -- * Response Lenses
+    listTagsForResourceResponse_tags,
+    listTagsForResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListTagsForResource' smart constructor.
+data ListTagsForResource = ListTagsForResource'
+  { -- | The ARN of the resource.
+    resourceArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTagsForResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'resourceArn', 'listTagsForResource_resourceArn' - The ARN of the resource.
+newListTagsForResource ::
+  -- | 'resourceArn'
+  Prelude.Text ->
+  ListTagsForResource
+newListTagsForResource pResourceArn_ =
+  ListTagsForResource' {resourceArn = pResourceArn_}
+
+-- | The ARN of the resource.
+listTagsForResource_resourceArn :: Lens.Lens' ListTagsForResource Prelude.Text
+listTagsForResource_resourceArn = Lens.lens (\ListTagsForResource' {resourceArn} -> resourceArn) (\s@ListTagsForResource' {} a -> s {resourceArn = a} :: ListTagsForResource)
+
+instance Core.AWSRequest ListTagsForResource where
+  type
+    AWSResponse ListTagsForResource =
+      ListTagsForResourceResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTagsForResourceResponse'
+            Prelude.<$> (x Data..?> "tags" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTagsForResource where
+  hashWithSalt _salt ListTagsForResource' {..} =
+    _salt `Prelude.hashWithSalt` resourceArn
+
+instance Prelude.NFData ListTagsForResource where
+  rnf ListTagsForResource' {..} =
+    Prelude.rnf resourceArn
+
+instance Data.ToHeaders ListTagsForResource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListTagsForResource where
+  toPath ListTagsForResource' {..} =
+    Prelude.mconcat ["/tags/", Data.toBS resourceArn]
+
+instance Data.ToQuery ListTagsForResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newListTagsForResourceResponse' smart constructor.
+data ListTagsForResourceResponse = ListTagsForResourceResponse'
+  { -- | The tags of the resource.
+    tags :: Prelude.Maybe [Data.Sensitive Tag],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTagsForResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'tags', 'listTagsForResourceResponse_tags' - The tags of the resource.
+--
+-- 'httpStatus', 'listTagsForResourceResponse_httpStatus' - The response's http status code.
+newListTagsForResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTagsForResourceResponse
+newListTagsForResourceResponse pHttpStatus_ =
+  ListTagsForResourceResponse'
+    { tags =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The tags of the resource.
+listTagsForResourceResponse_tags :: Lens.Lens' ListTagsForResourceResponse (Prelude.Maybe [Tag])
+listTagsForResourceResponse_tags = Lens.lens (\ListTagsForResourceResponse' {tags} -> tags) (\s@ListTagsForResourceResponse' {} a -> s {tags = a} :: ListTagsForResourceResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTagsForResourceResponse_httpStatus :: Lens.Lens' ListTagsForResourceResponse Prelude.Int
+listTagsForResourceResponse_httpStatus = Lens.lens (\ListTagsForResourceResponse' {httpStatus} -> httpStatus) (\s@ListTagsForResourceResponse' {} a -> s {httpStatus = a} :: ListTagsForResourceResponse)
+
+instance Prelude.NFData ListTagsForResourceResponse where
+  rnf ListTagsForResourceResponse' {..} =
+    Prelude.rnf tags
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListTrustStoreCertificates.hs b/gen/Amazonka/WorkSpacesWeb/ListTrustStoreCertificates.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListTrustStoreCertificates.hs
@@ -0,0 +1,231 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListTrustStoreCertificates
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of trust store certificates.
+module Amazonka.WorkSpacesWeb.ListTrustStoreCertificates
+  ( -- * Creating a Request
+    ListTrustStoreCertificates (..),
+    newListTrustStoreCertificates,
+
+    -- * Request Lenses
+    listTrustStoreCertificates_maxResults,
+    listTrustStoreCertificates_nextToken,
+    listTrustStoreCertificates_trustStoreArn,
+
+    -- * Destructuring the Response
+    ListTrustStoreCertificatesResponse (..),
+    newListTrustStoreCertificatesResponse,
+
+    -- * Response Lenses
+    listTrustStoreCertificatesResponse_certificateList,
+    listTrustStoreCertificatesResponse_nextToken,
+    listTrustStoreCertificatesResponse_trustStoreArn,
+    listTrustStoreCertificatesResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListTrustStoreCertificates' smart constructor.
+data ListTrustStoreCertificates = ListTrustStoreCertificates'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the trust store
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTrustStoreCertificates' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listTrustStoreCertificates_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listTrustStoreCertificates_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'trustStoreArn', 'listTrustStoreCertificates_trustStoreArn' - The ARN of the trust store
+newListTrustStoreCertificates ::
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  ListTrustStoreCertificates
+newListTrustStoreCertificates pTrustStoreArn_ =
+  ListTrustStoreCertificates'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      trustStoreArn = pTrustStoreArn_
+    }
+
+-- | The maximum number of results to be included in the next page.
+listTrustStoreCertificates_maxResults :: Lens.Lens' ListTrustStoreCertificates (Prelude.Maybe Prelude.Natural)
+listTrustStoreCertificates_maxResults = Lens.lens (\ListTrustStoreCertificates' {maxResults} -> maxResults) (\s@ListTrustStoreCertificates' {} a -> s {maxResults = a} :: ListTrustStoreCertificates)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listTrustStoreCertificates_nextToken :: Lens.Lens' ListTrustStoreCertificates (Prelude.Maybe Prelude.Text)
+listTrustStoreCertificates_nextToken = Lens.lens (\ListTrustStoreCertificates' {nextToken} -> nextToken) (\s@ListTrustStoreCertificates' {} a -> s {nextToken = a} :: ListTrustStoreCertificates)
+
+-- | The ARN of the trust store
+listTrustStoreCertificates_trustStoreArn :: Lens.Lens' ListTrustStoreCertificates Prelude.Text
+listTrustStoreCertificates_trustStoreArn = Lens.lens (\ListTrustStoreCertificates' {trustStoreArn} -> trustStoreArn) (\s@ListTrustStoreCertificates' {} a -> s {trustStoreArn = a} :: ListTrustStoreCertificates)
+
+instance Core.AWSRequest ListTrustStoreCertificates where
+  type
+    AWSResponse ListTrustStoreCertificates =
+      ListTrustStoreCertificatesResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTrustStoreCertificatesResponse'
+            Prelude.<$> ( x
+                            Data..?> "certificateList"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "trustStoreArn")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTrustStoreCertificates where
+  hashWithSalt _salt ListTrustStoreCertificates' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+      `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData ListTrustStoreCertificates where
+  rnf ListTrustStoreCertificates' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf trustStoreArn
+
+instance Data.ToHeaders ListTrustStoreCertificates where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListTrustStoreCertificates where
+  toPath ListTrustStoreCertificates' {..} =
+    Prelude.mconcat
+      [ "/trustStores/",
+        Data.toBS trustStoreArn,
+        "/certificates"
+      ]
+
+instance Data.ToQuery ListTrustStoreCertificates where
+  toQuery ListTrustStoreCertificates' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListTrustStoreCertificatesResponse' smart constructor.
+data ListTrustStoreCertificatesResponse = ListTrustStoreCertificatesResponse'
+  { -- | The certificate list.
+    certificateList :: Prelude.Maybe [CertificateSummary],
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.>
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Maybe Prelude.Text,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTrustStoreCertificatesResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificateList', 'listTrustStoreCertificatesResponse_certificateList' - The certificate list.
+--
+-- 'nextToken', 'listTrustStoreCertificatesResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.>
+--
+-- 'trustStoreArn', 'listTrustStoreCertificatesResponse_trustStoreArn' - The ARN of the trust store.
+--
+-- 'httpStatus', 'listTrustStoreCertificatesResponse_httpStatus' - The response's http status code.
+newListTrustStoreCertificatesResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTrustStoreCertificatesResponse
+newListTrustStoreCertificatesResponse pHttpStatus_ =
+  ListTrustStoreCertificatesResponse'
+    { certificateList =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing,
+      trustStoreArn = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The certificate list.
+listTrustStoreCertificatesResponse_certificateList :: Lens.Lens' ListTrustStoreCertificatesResponse (Prelude.Maybe [CertificateSummary])
+listTrustStoreCertificatesResponse_certificateList = Lens.lens (\ListTrustStoreCertificatesResponse' {certificateList} -> certificateList) (\s@ListTrustStoreCertificatesResponse' {} a -> s {certificateList = a} :: ListTrustStoreCertificatesResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.>
+listTrustStoreCertificatesResponse_nextToken :: Lens.Lens' ListTrustStoreCertificatesResponse (Prelude.Maybe Prelude.Text)
+listTrustStoreCertificatesResponse_nextToken = Lens.lens (\ListTrustStoreCertificatesResponse' {nextToken} -> nextToken) (\s@ListTrustStoreCertificatesResponse' {} a -> s {nextToken = a} :: ListTrustStoreCertificatesResponse)
+
+-- | The ARN of the trust store.
+listTrustStoreCertificatesResponse_trustStoreArn :: Lens.Lens' ListTrustStoreCertificatesResponse (Prelude.Maybe Prelude.Text)
+listTrustStoreCertificatesResponse_trustStoreArn = Lens.lens (\ListTrustStoreCertificatesResponse' {trustStoreArn} -> trustStoreArn) (\s@ListTrustStoreCertificatesResponse' {} a -> s {trustStoreArn = a} :: ListTrustStoreCertificatesResponse)
+
+-- | The response's http status code.
+listTrustStoreCertificatesResponse_httpStatus :: Lens.Lens' ListTrustStoreCertificatesResponse Prelude.Int
+listTrustStoreCertificatesResponse_httpStatus = Lens.lens (\ListTrustStoreCertificatesResponse' {httpStatus} -> httpStatus) (\s@ListTrustStoreCertificatesResponse' {} a -> s {httpStatus = a} :: ListTrustStoreCertificatesResponse)
+
+instance
+  Prelude.NFData
+    ListTrustStoreCertificatesResponse
+  where
+  rnf ListTrustStoreCertificatesResponse' {..} =
+    Prelude.rnf certificateList
+      `Prelude.seq` Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf trustStoreArn
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListTrustStores.hs b/gen/Amazonka/WorkSpacesWeb/ListTrustStores.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListTrustStores.hs
@@ -0,0 +1,193 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListTrustStores
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of trust stores.
+module Amazonka.WorkSpacesWeb.ListTrustStores
+  ( -- * Creating a Request
+    ListTrustStores (..),
+    newListTrustStores,
+
+    -- * Request Lenses
+    listTrustStores_maxResults,
+    listTrustStores_nextToken,
+
+    -- * Destructuring the Response
+    ListTrustStoresResponse (..),
+    newListTrustStoresResponse,
+
+    -- * Response Lenses
+    listTrustStoresResponse_nextToken,
+    listTrustStoresResponse_trustStores,
+    listTrustStoresResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListTrustStores' smart constructor.
+data ListTrustStores = ListTrustStores'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTrustStores' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listTrustStores_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listTrustStores_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+newListTrustStores ::
+  ListTrustStores
+newListTrustStores =
+  ListTrustStores'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to be included in the next page.
+listTrustStores_maxResults :: Lens.Lens' ListTrustStores (Prelude.Maybe Prelude.Natural)
+listTrustStores_maxResults = Lens.lens (\ListTrustStores' {maxResults} -> maxResults) (\s@ListTrustStores' {} a -> s {maxResults = a} :: ListTrustStores)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listTrustStores_nextToken :: Lens.Lens' ListTrustStores (Prelude.Maybe Prelude.Text)
+listTrustStores_nextToken = Lens.lens (\ListTrustStores' {nextToken} -> nextToken) (\s@ListTrustStores' {} a -> s {nextToken = a} :: ListTrustStores)
+
+instance Core.AWSRequest ListTrustStores where
+  type
+    AWSResponse ListTrustStores =
+      ListTrustStoresResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListTrustStoresResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "trustStores" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListTrustStores where
+  hashWithSalt _salt ListTrustStores' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListTrustStores where
+  rnf ListTrustStores' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListTrustStores where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListTrustStores where
+  toPath = Prelude.const "/trustStores"
+
+instance Data.ToQuery ListTrustStores where
+  toQuery ListTrustStores' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListTrustStoresResponse' smart constructor.
+data ListTrustStoresResponse = ListTrustStoresResponse'
+  { -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The trust stores.
+    trustStores :: Prelude.Maybe [TrustStoreSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListTrustStoresResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listTrustStoresResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'trustStores', 'listTrustStoresResponse_trustStores' - The trust stores.
+--
+-- 'httpStatus', 'listTrustStoresResponse_httpStatus' - The response's http status code.
+newListTrustStoresResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListTrustStoresResponse
+newListTrustStoresResponse pHttpStatus_ =
+  ListTrustStoresResponse'
+    { nextToken =
+        Prelude.Nothing,
+      trustStores = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listTrustStoresResponse_nextToken :: Lens.Lens' ListTrustStoresResponse (Prelude.Maybe Prelude.Text)
+listTrustStoresResponse_nextToken = Lens.lens (\ListTrustStoresResponse' {nextToken} -> nextToken) (\s@ListTrustStoresResponse' {} a -> s {nextToken = a} :: ListTrustStoresResponse)
+
+-- | The trust stores.
+listTrustStoresResponse_trustStores :: Lens.Lens' ListTrustStoresResponse (Prelude.Maybe [TrustStoreSummary])
+listTrustStoresResponse_trustStores = Lens.lens (\ListTrustStoresResponse' {trustStores} -> trustStores) (\s@ListTrustStoresResponse' {} a -> s {trustStores = a} :: ListTrustStoresResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listTrustStoresResponse_httpStatus :: Lens.Lens' ListTrustStoresResponse Prelude.Int
+listTrustStoresResponse_httpStatus = Lens.lens (\ListTrustStoresResponse' {httpStatus} -> httpStatus) (\s@ListTrustStoresResponse' {} a -> s {httpStatus = a} :: ListTrustStoresResponse)
+
+instance Prelude.NFData ListTrustStoresResponse where
+  rnf ListTrustStoresResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf trustStores
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/ListUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListUserAccessLoggingSettings.hs
@@ -0,0 +1,207 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of user access logging settings.
+module Amazonka.WorkSpacesWeb.ListUserAccessLoggingSettings
+  ( -- * Creating a Request
+    ListUserAccessLoggingSettings (..),
+    newListUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    listUserAccessLoggingSettings_maxResults,
+    listUserAccessLoggingSettings_nextToken,
+
+    -- * Destructuring the Response
+    ListUserAccessLoggingSettingsResponse (..),
+    newListUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    listUserAccessLoggingSettingsResponse_nextToken,
+    listUserAccessLoggingSettingsResponse_userAccessLoggingSettings,
+    listUserAccessLoggingSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListUserAccessLoggingSettings' smart constructor.
+data ListUserAccessLoggingSettings = ListUserAccessLoggingSettings'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listUserAccessLoggingSettings_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listUserAccessLoggingSettings_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+newListUserAccessLoggingSettings ::
+  ListUserAccessLoggingSettings
+newListUserAccessLoggingSettings =
+  ListUserAccessLoggingSettings'
+    { maxResults =
+        Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to be included in the next page.
+listUserAccessLoggingSettings_maxResults :: Lens.Lens' ListUserAccessLoggingSettings (Prelude.Maybe Prelude.Natural)
+listUserAccessLoggingSettings_maxResults = Lens.lens (\ListUserAccessLoggingSettings' {maxResults} -> maxResults) (\s@ListUserAccessLoggingSettings' {} a -> s {maxResults = a} :: ListUserAccessLoggingSettings)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listUserAccessLoggingSettings_nextToken :: Lens.Lens' ListUserAccessLoggingSettings (Prelude.Maybe Prelude.Text)
+listUserAccessLoggingSettings_nextToken = Lens.lens (\ListUserAccessLoggingSettings' {nextToken} -> nextToken) (\s@ListUserAccessLoggingSettings' {} a -> s {nextToken = a} :: ListUserAccessLoggingSettings)
+
+instance
+  Core.AWSRequest
+    ListUserAccessLoggingSettings
+  where
+  type
+    AWSResponse ListUserAccessLoggingSettings =
+      ListUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListUserAccessLoggingSettingsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> ( x
+                            Data..?> "userAccessLoggingSettings"
+                            Core..!@ Prelude.mempty
+                        )
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance
+  Prelude.Hashable
+    ListUserAccessLoggingSettings
+  where
+  hashWithSalt _salt ListUserAccessLoggingSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListUserAccessLoggingSettings where
+  rnf ListUserAccessLoggingSettings' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListUserAccessLoggingSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListUserAccessLoggingSettings where
+  toPath = Prelude.const "/userAccessLoggingSettings"
+
+instance Data.ToQuery ListUserAccessLoggingSettings where
+  toQuery ListUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListUserAccessLoggingSettingsResponse' smart constructor.
+data ListUserAccessLoggingSettingsResponse = ListUserAccessLoggingSettingsResponse'
+  { -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The user access logging settings.
+    userAccessLoggingSettings :: Prelude.Maybe [UserAccessLoggingSettingsSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listUserAccessLoggingSettingsResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'userAccessLoggingSettings', 'listUserAccessLoggingSettingsResponse_userAccessLoggingSettings' - The user access logging settings.
+--
+-- 'httpStatus', 'listUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+newListUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListUserAccessLoggingSettingsResponse
+newListUserAccessLoggingSettingsResponse pHttpStatus_ =
+  ListUserAccessLoggingSettingsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      userAccessLoggingSettings =
+        Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listUserAccessLoggingSettingsResponse_nextToken :: Lens.Lens' ListUserAccessLoggingSettingsResponse (Prelude.Maybe Prelude.Text)
+listUserAccessLoggingSettingsResponse_nextToken = Lens.lens (\ListUserAccessLoggingSettingsResponse' {nextToken} -> nextToken) (\s@ListUserAccessLoggingSettingsResponse' {} a -> s {nextToken = a} :: ListUserAccessLoggingSettingsResponse)
+
+-- | The user access logging settings.
+listUserAccessLoggingSettingsResponse_userAccessLoggingSettings :: Lens.Lens' ListUserAccessLoggingSettingsResponse (Prelude.Maybe [UserAccessLoggingSettingsSummary])
+listUserAccessLoggingSettingsResponse_userAccessLoggingSettings = Lens.lens (\ListUserAccessLoggingSettingsResponse' {userAccessLoggingSettings} -> userAccessLoggingSettings) (\s@ListUserAccessLoggingSettingsResponse' {} a -> s {userAccessLoggingSettings = a} :: ListUserAccessLoggingSettingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' ListUserAccessLoggingSettingsResponse Prelude.Int
+listUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\ListUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@ListUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: ListUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    ListUserAccessLoggingSettingsResponse
+  where
+  rnf ListUserAccessLoggingSettingsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/ListUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/ListUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/ListUserSettings.hs
@@ -0,0 +1,193 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.ListUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Retrieves a list of user settings.
+module Amazonka.WorkSpacesWeb.ListUserSettings
+  ( -- * Creating a Request
+    ListUserSettings (..),
+    newListUserSettings,
+
+    -- * Request Lenses
+    listUserSettings_maxResults,
+    listUserSettings_nextToken,
+
+    -- * Destructuring the Response
+    ListUserSettingsResponse (..),
+    newListUserSettingsResponse,
+
+    -- * Response Lenses
+    listUserSettingsResponse_nextToken,
+    listUserSettingsResponse_userSettings,
+    listUserSettingsResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newListUserSettings' smart constructor.
+data ListUserSettings = ListUserSettings'
+  { -- | The maximum number of results to be included in the next page.
+    maxResults :: Prelude.Maybe Prelude.Natural,
+    -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'maxResults', 'listUserSettings_maxResults' - The maximum number of results to be included in the next page.
+--
+-- 'nextToken', 'listUserSettings_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+newListUserSettings ::
+  ListUserSettings
+newListUserSettings =
+  ListUserSettings'
+    { maxResults = Prelude.Nothing,
+      nextToken = Prelude.Nothing
+    }
+
+-- | The maximum number of results to be included in the next page.
+listUserSettings_maxResults :: Lens.Lens' ListUserSettings (Prelude.Maybe Prelude.Natural)
+listUserSettings_maxResults = Lens.lens (\ListUserSettings' {maxResults} -> maxResults) (\s@ListUserSettings' {} a -> s {maxResults = a} :: ListUserSettings)
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listUserSettings_nextToken :: Lens.Lens' ListUserSettings (Prelude.Maybe Prelude.Text)
+listUserSettings_nextToken = Lens.lens (\ListUserSettings' {nextToken} -> nextToken) (\s@ListUserSettings' {} a -> s {nextToken = a} :: ListUserSettings)
+
+instance Core.AWSRequest ListUserSettings where
+  type
+    AWSResponse ListUserSettings =
+      ListUserSettingsResponse
+  request overrides =
+    Request.get (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          ListUserSettingsResponse'
+            Prelude.<$> (x Data..?> "nextToken")
+            Prelude.<*> (x Data..?> "userSettings" Core..!@ Prelude.mempty)
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable ListUserSettings where
+  hashWithSalt _salt ListUserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` maxResults
+      `Prelude.hashWithSalt` nextToken
+
+instance Prelude.NFData ListUserSettings where
+  rnf ListUserSettings' {..} =
+    Prelude.rnf maxResults
+      `Prelude.seq` Prelude.rnf nextToken
+
+instance Data.ToHeaders ListUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath ListUserSettings where
+  toPath = Prelude.const "/userSettings"
+
+instance Data.ToQuery ListUserSettings where
+  toQuery ListUserSettings' {..} =
+    Prelude.mconcat
+      [ "maxResults" Data.=: maxResults,
+        "nextToken" Data.=: nextToken
+      ]
+
+-- | /See:/ 'newListUserSettingsResponse' smart constructor.
+data ListUserSettingsResponse = ListUserSettingsResponse'
+  { -- | The pagination token used to retrieve the next page of results for this
+    -- operation.
+    nextToken :: Prelude.Maybe Prelude.Text,
+    -- | The user settings.
+    userSettings :: Prelude.Maybe [UserSettingsSummary],
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'ListUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'nextToken', 'listUserSettingsResponse_nextToken' - The pagination token used to retrieve the next page of results for this
+-- operation.
+--
+-- 'userSettings', 'listUserSettingsResponse_userSettings' - The user settings.
+--
+-- 'httpStatus', 'listUserSettingsResponse_httpStatus' - The response's http status code.
+newListUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  ListUserSettingsResponse
+newListUserSettingsResponse pHttpStatus_ =
+  ListUserSettingsResponse'
+    { nextToken =
+        Prelude.Nothing,
+      userSettings = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The pagination token used to retrieve the next page of results for this
+-- operation.
+listUserSettingsResponse_nextToken :: Lens.Lens' ListUserSettingsResponse (Prelude.Maybe Prelude.Text)
+listUserSettingsResponse_nextToken = Lens.lens (\ListUserSettingsResponse' {nextToken} -> nextToken) (\s@ListUserSettingsResponse' {} a -> s {nextToken = a} :: ListUserSettingsResponse)
+
+-- | The user settings.
+listUserSettingsResponse_userSettings :: Lens.Lens' ListUserSettingsResponse (Prelude.Maybe [UserSettingsSummary])
+listUserSettingsResponse_userSettings = Lens.lens (\ListUserSettingsResponse' {userSettings} -> userSettings) (\s@ListUserSettingsResponse' {} a -> s {userSettings = a} :: ListUserSettingsResponse) Prelude.. Lens.mapping Lens.coerced
+
+-- | The response's http status code.
+listUserSettingsResponse_httpStatus :: Lens.Lens' ListUserSettingsResponse Prelude.Int
+listUserSettingsResponse_httpStatus = Lens.lens (\ListUserSettingsResponse' {httpStatus} -> httpStatus) (\s@ListUserSettingsResponse' {} a -> s {httpStatus = a} :: ListUserSettingsResponse)
+
+instance Prelude.NFData ListUserSettingsResponse where
+  rnf ListUserSettingsResponse' {..} =
+    Prelude.rnf nextToken
+      `Prelude.seq` Prelude.rnf userSettings
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/TagResource.hs b/gen/Amazonka/WorkSpacesWeb/TagResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/TagResource.hs
@@ -0,0 +1,198 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.TagResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Adds or overwrites one or more tags for the specified resource.
+module Amazonka.WorkSpacesWeb.TagResource
+  ( -- * Creating a Request
+    TagResource (..),
+    newTagResource,
+
+    -- * Request Lenses
+    tagResource_clientToken,
+    tagResource_resourceArn,
+    tagResource_tags,
+
+    -- * Destructuring the Response
+    TagResourceResponse (..),
+    newTagResourceResponse,
+
+    -- * Response Lenses
+    tagResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newTagResource' smart constructor.
+data TagResource = TagResource'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- returns the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the resource.
+    resourceArn :: Prelude.Text,
+    -- | The tags of the resource.
+    tags :: [Data.Sensitive Tag]
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'tagResource_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'resourceArn', 'tagResource_resourceArn' - The ARN of the resource.
+--
+-- 'tags', 'tagResource_tags' - The tags of the resource.
+newTagResource ::
+  -- | 'resourceArn'
+  Prelude.Text ->
+  TagResource
+newTagResource pResourceArn_ =
+  TagResource'
+    { clientToken = Prelude.Nothing,
+      resourceArn = pResourceArn_,
+      tags = Prelude.mempty
+    }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- returns the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+tagResource_clientToken :: Lens.Lens' TagResource (Prelude.Maybe Prelude.Text)
+tagResource_clientToken = Lens.lens (\TagResource' {clientToken} -> clientToken) (\s@TagResource' {} a -> s {clientToken = a} :: TagResource)
+
+-- | The ARN of the resource.
+tagResource_resourceArn :: Lens.Lens' TagResource Prelude.Text
+tagResource_resourceArn = Lens.lens (\TagResource' {resourceArn} -> resourceArn) (\s@TagResource' {} a -> s {resourceArn = a} :: TagResource)
+
+-- | The tags of the resource.
+tagResource_tags :: Lens.Lens' TagResource [Tag]
+tagResource_tags = Lens.lens (\TagResource' {tags} -> tags) (\s@TagResource' {} a -> s {tags = a} :: TagResource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest TagResource where
+  type AWSResponse TagResource = TagResourceResponse
+  request overrides =
+    Request.postJSON (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          TagResourceResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable TagResource where
+  hashWithSalt _salt TagResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` resourceArn
+      `Prelude.hashWithSalt` tags
+
+instance Prelude.NFData TagResource where
+  rnf TagResource' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf resourceArn
+      `Prelude.seq` Prelude.rnf tags
+
+instance Data.ToHeaders TagResource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON TagResource where
+  toJSON TagResource' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            Prelude.Just ("tags" Data..= tags)
+          ]
+      )
+
+instance Data.ToPath TagResource where
+  toPath TagResource' {..} =
+    Prelude.mconcat ["/tags/", Data.toBS resourceArn]
+
+instance Data.ToQuery TagResource where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newTagResourceResponse' smart constructor.
+data TagResourceResponse = TagResourceResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TagResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'tagResourceResponse_httpStatus' - The response's http status code.
+newTagResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  TagResourceResponse
+newTagResourceResponse pHttpStatus_ =
+  TagResourceResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+tagResourceResponse_httpStatus :: Lens.Lens' TagResourceResponse Prelude.Int
+tagResourceResponse_httpStatus = Lens.lens (\TagResourceResponse' {httpStatus} -> httpStatus) (\s@TagResourceResponse' {} a -> s {httpStatus = a} :: TagResourceResponse)
+
+instance Prelude.NFData TagResourceResponse where
+  rnf TagResourceResponse' {..} = Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/Types.hs b/gen/Amazonka/WorkSpacesWeb/Types.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types.hs
@@ -0,0 +1,355 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types
+  ( -- * Service Configuration
+    defaultService,
+
+    -- * Errors
+    _AccessDeniedException,
+    _ConflictException,
+    _InternalServerException,
+    _ResourceNotFoundException,
+    _ServiceQuotaExceededException,
+    _ThrottlingException,
+    _TooManyTagsException,
+    _ValidationException,
+
+    -- * BrowserType
+    BrowserType (..),
+
+    -- * EnabledType
+    EnabledType (..),
+
+    -- * IdentityProviderType
+    IdentityProviderType (..),
+
+    -- * PortalStatus
+    PortalStatus (..),
+
+    -- * RendererType
+    RendererType (..),
+
+    -- * BrowserSettings
+    BrowserSettings (..),
+    newBrowserSettings,
+    browserSettings_associatedPortalArns,
+    browserSettings_browserPolicy,
+    browserSettings_browserSettingsArn,
+
+    -- * BrowserSettingsSummary
+    BrowserSettingsSummary (..),
+    newBrowserSettingsSummary,
+    browserSettingsSummary_browserSettingsArn,
+
+    -- * Certificate
+    Certificate (..),
+    newCertificate,
+    certificate_body,
+    certificate_issuer,
+    certificate_notValidAfter,
+    certificate_notValidBefore,
+    certificate_subject,
+    certificate_thumbprint,
+
+    -- * CertificateSummary
+    CertificateSummary (..),
+    newCertificateSummary,
+    certificateSummary_issuer,
+    certificateSummary_notValidAfter,
+    certificateSummary_notValidBefore,
+    certificateSummary_subject,
+    certificateSummary_thumbprint,
+
+    -- * IdentityProvider
+    IdentityProvider (..),
+    newIdentityProvider,
+    identityProvider_identityProviderDetails,
+    identityProvider_identityProviderName,
+    identityProvider_identityProviderType,
+    identityProvider_identityProviderArn,
+
+    -- * IdentityProviderSummary
+    IdentityProviderSummary (..),
+    newIdentityProviderSummary,
+    identityProviderSummary_identityProviderArn,
+    identityProviderSummary_identityProviderName,
+    identityProviderSummary_identityProviderType,
+
+    -- * NetworkSettings
+    NetworkSettings (..),
+    newNetworkSettings,
+    networkSettings_associatedPortalArns,
+    networkSettings_securityGroupIds,
+    networkSettings_subnetIds,
+    networkSettings_vpcId,
+    networkSettings_networkSettingsArn,
+
+    -- * NetworkSettingsSummary
+    NetworkSettingsSummary (..),
+    newNetworkSettingsSummary,
+    networkSettingsSummary_networkSettingsArn,
+    networkSettingsSummary_vpcId,
+
+    -- * Portal
+    Portal (..),
+    newPortal,
+    portal_browserSettingsArn,
+    portal_browserType,
+    portal_creationDate,
+    portal_displayName,
+    portal_networkSettingsArn,
+    portal_portalArn,
+    portal_portalEndpoint,
+    portal_portalStatus,
+    portal_rendererType,
+    portal_statusReason,
+    portal_trustStoreArn,
+    portal_userAccessLoggingSettingsArn,
+    portal_userSettingsArn,
+
+    -- * PortalSummary
+    PortalSummary (..),
+    newPortalSummary,
+    portalSummary_browserSettingsArn,
+    portalSummary_browserType,
+    portalSummary_creationDate,
+    portalSummary_displayName,
+    portalSummary_networkSettingsArn,
+    portalSummary_portalArn,
+    portalSummary_portalEndpoint,
+    portalSummary_portalStatus,
+    portalSummary_rendererType,
+    portalSummary_trustStoreArn,
+    portalSummary_userAccessLoggingSettingsArn,
+    portalSummary_userSettingsArn,
+
+    -- * Tag
+    Tag (..),
+    newTag,
+    tag_key,
+    tag_value,
+
+    -- * TrustStore
+    TrustStore (..),
+    newTrustStore,
+    trustStore_associatedPortalArns,
+    trustStore_trustStoreArn,
+
+    -- * TrustStoreSummary
+    TrustStoreSummary (..),
+    newTrustStoreSummary,
+    trustStoreSummary_trustStoreArn,
+
+    -- * UserAccessLoggingSettings
+    UserAccessLoggingSettings (..),
+    newUserAccessLoggingSettings,
+    userAccessLoggingSettings_associatedPortalArns,
+    userAccessLoggingSettings_kinesisStreamArn,
+    userAccessLoggingSettings_userAccessLoggingSettingsArn,
+
+    -- * UserAccessLoggingSettingsSummary
+    UserAccessLoggingSettingsSummary (..),
+    newUserAccessLoggingSettingsSummary,
+    userAccessLoggingSettingsSummary_kinesisStreamArn,
+    userAccessLoggingSettingsSummary_userAccessLoggingSettingsArn,
+
+    -- * UserSettings
+    UserSettings (..),
+    newUserSettings,
+    userSettings_associatedPortalArns,
+    userSettings_copyAllowed,
+    userSettings_disconnectTimeoutInMinutes,
+    userSettings_downloadAllowed,
+    userSettings_idleDisconnectTimeoutInMinutes,
+    userSettings_pasteAllowed,
+    userSettings_printAllowed,
+    userSettings_uploadAllowed,
+    userSettings_userSettingsArn,
+
+    -- * UserSettingsSummary
+    UserSettingsSummary (..),
+    newUserSettingsSummary,
+    userSettingsSummary_copyAllowed,
+    userSettingsSummary_disconnectTimeoutInMinutes,
+    userSettingsSummary_downloadAllowed,
+    userSettingsSummary_idleDisconnectTimeoutInMinutes,
+    userSettingsSummary_pasteAllowed,
+    userSettingsSummary_printAllowed,
+    userSettingsSummary_uploadAllowed,
+    userSettingsSummary_userSettingsArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Sign.V4 as Sign
+import Amazonka.WorkSpacesWeb.Types.BrowserSettings
+import Amazonka.WorkSpacesWeb.Types.BrowserSettingsSummary
+import Amazonka.WorkSpacesWeb.Types.BrowserType
+import Amazonka.WorkSpacesWeb.Types.Certificate
+import Amazonka.WorkSpacesWeb.Types.CertificateSummary
+import Amazonka.WorkSpacesWeb.Types.EnabledType
+import Amazonka.WorkSpacesWeb.Types.IdentityProvider
+import Amazonka.WorkSpacesWeb.Types.IdentityProviderSummary
+import Amazonka.WorkSpacesWeb.Types.IdentityProviderType
+import Amazonka.WorkSpacesWeb.Types.NetworkSettings
+import Amazonka.WorkSpacesWeb.Types.NetworkSettingsSummary
+import Amazonka.WorkSpacesWeb.Types.Portal
+import Amazonka.WorkSpacesWeb.Types.PortalStatus
+import Amazonka.WorkSpacesWeb.Types.PortalSummary
+import Amazonka.WorkSpacesWeb.Types.RendererType
+import Amazonka.WorkSpacesWeb.Types.Tag
+import Amazonka.WorkSpacesWeb.Types.TrustStore
+import Amazonka.WorkSpacesWeb.Types.TrustStoreSummary
+import Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettings
+import Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettingsSummary
+import Amazonka.WorkSpacesWeb.Types.UserSettings
+import Amazonka.WorkSpacesWeb.Types.UserSettingsSummary
+
+-- | API version @2020-07-08@ of the Amazon WorkSpaces Web SDK configuration.
+defaultService :: Core.Service
+defaultService =
+  Core.Service
+    { Core.abbrev = "WorkSpacesWeb",
+      Core.signer = Sign.v4,
+      Core.endpointPrefix = "workspaces-web",
+      Core.signingName = "workspaces-web",
+      Core.version = "2020-07-08",
+      Core.s3AddressingStyle = Core.S3AddressingStyleAuto,
+      Core.endpoint = Core.defaultEndpoint defaultService,
+      Core.timeout = Prelude.Just 70,
+      Core.check = Core.statusSuccess,
+      Core.error = Core.parseJSONError "WorkSpacesWeb",
+      Core.retry = retry
+    }
+  where
+    retry =
+      Core.Exponential
+        { Core.base = 5.0e-2,
+          Core.growth = 2,
+          Core.attempts = 5,
+          Core.check = check
+        }
+    check e
+      | Lens.has (Core.hasStatus 502) e =
+          Prelude.Just "bad_gateway"
+      | Lens.has (Core.hasStatus 504) e =
+          Prelude.Just "gateway_timeout"
+      | Lens.has (Core.hasStatus 500) e =
+          Prelude.Just "general_server_error"
+      | Lens.has (Core.hasStatus 509) e =
+          Prelude.Just "limit_exceeded"
+      | Lens.has
+          ( Core.hasCode "RequestThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "request_throttled_exception"
+      | Lens.has (Core.hasStatus 503) e =
+          Prelude.Just "service_unavailable"
+      | Lens.has
+          ( Core.hasCode "ThrottledException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttled_exception"
+      | Lens.has
+          ( Core.hasCode "Throttling"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling"
+      | Lens.has
+          ( Core.hasCode "ThrottlingException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throttling_exception"
+      | Lens.has
+          ( Core.hasCode
+              "ProvisionedThroughputExceededException"
+              Prelude.. Core.hasStatus 400
+          )
+          e =
+          Prelude.Just "throughput_exceeded"
+      | Lens.has (Core.hasStatus 429) e =
+          Prelude.Just "too_many_requests"
+      | Prelude.otherwise = Prelude.Nothing
+
+-- | Access is denied.
+_AccessDeniedException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_AccessDeniedException =
+  Core._MatchServiceError
+    defaultService
+    "AccessDeniedException"
+    Prelude.. Core.hasStatus 403
+
+-- | There is a conflict.
+_ConflictException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ConflictException =
+  Core._MatchServiceError
+    defaultService
+    "ConflictException"
+    Prelude.. Core.hasStatus 409
+
+-- | There is an internal server error.
+_InternalServerException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_InternalServerException =
+  Core._MatchServiceError
+    defaultService
+    "InternalServerException"
+    Prelude.. Core.hasStatus 500
+
+-- | The resource cannot be found.
+_ResourceNotFoundException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ResourceNotFoundException =
+  Core._MatchServiceError
+    defaultService
+    "ResourceNotFoundException"
+    Prelude.. Core.hasStatus 404
+
+-- | The service quota has been exceeded.
+_ServiceQuotaExceededException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ServiceQuotaExceededException =
+  Core._MatchServiceError
+    defaultService
+    "ServiceQuotaExceededException"
+    Prelude.. Core.hasStatus 402
+
+-- | There is a throttling error.
+_ThrottlingException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ThrottlingException =
+  Core._MatchServiceError
+    defaultService
+    "ThrottlingException"
+    Prelude.. Core.hasStatus 429
+
+-- | There are too many tags.
+_TooManyTagsException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_TooManyTagsException =
+  Core._MatchServiceError
+    defaultService
+    "TooManyTagsException"
+    Prelude.. Core.hasStatus 400
+
+-- | There is a validation error.
+_ValidationException :: (Core.AsError a) => Lens.Fold a Core.ServiceError
+_ValidationException =
+  Core._MatchServiceError
+    defaultService
+    "ValidationException"
+    Prelude.. Core.hasStatus 400
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/BrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/Types/BrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/BrowserSettings.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.BrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.BrowserSettings where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The browser settings resource that can be associated with a web portal.
+-- Once associated with a web portal, browser settings control how the
+-- browser will behave once a user starts a streaming session for the web
+-- portal.
+--
+-- /See:/ 'newBrowserSettings' smart constructor.
+data BrowserSettings = BrowserSettings'
+  { -- | A list of web portal ARNs that this browser settings is associated with.
+    associatedPortalArns :: Prelude.Maybe [Prelude.Text],
+    -- | A JSON string containing Chrome Enterprise policies that will be applied
+    -- to all streaming sessions.
+    browserPolicy :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'associatedPortalArns', 'browserSettings_associatedPortalArns' - A list of web portal ARNs that this browser settings is associated with.
+--
+-- 'browserPolicy', 'browserSettings_browserPolicy' - A JSON string containing Chrome Enterprise policies that will be applied
+-- to all streaming sessions.
+--
+-- 'browserSettingsArn', 'browserSettings_browserSettingsArn' - The ARN of the browser settings.
+newBrowserSettings ::
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  BrowserSettings
+newBrowserSettings pBrowserSettingsArn_ =
+  BrowserSettings'
+    { associatedPortalArns =
+        Prelude.Nothing,
+      browserPolicy = Prelude.Nothing,
+      browserSettingsArn = pBrowserSettingsArn_
+    }
+
+-- | A list of web portal ARNs that this browser settings is associated with.
+browserSettings_associatedPortalArns :: Lens.Lens' BrowserSettings (Prelude.Maybe [Prelude.Text])
+browserSettings_associatedPortalArns = Lens.lens (\BrowserSettings' {associatedPortalArns} -> associatedPortalArns) (\s@BrowserSettings' {} a -> s {associatedPortalArns = a} :: BrowserSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | A JSON string containing Chrome Enterprise policies that will be applied
+-- to all streaming sessions.
+browserSettings_browserPolicy :: Lens.Lens' BrowserSettings (Prelude.Maybe Prelude.Text)
+browserSettings_browserPolicy = Lens.lens (\BrowserSettings' {browserPolicy} -> browserPolicy) (\s@BrowserSettings' {} a -> s {browserPolicy = a} :: BrowserSettings) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The ARN of the browser settings.
+browserSettings_browserSettingsArn :: Lens.Lens' BrowserSettings Prelude.Text
+browserSettings_browserSettingsArn = Lens.lens (\BrowserSettings' {browserSettingsArn} -> browserSettingsArn) (\s@BrowserSettings' {} a -> s {browserSettingsArn = a} :: BrowserSettings)
+
+instance Data.FromJSON BrowserSettings where
+  parseJSON =
+    Data.withObject
+      "BrowserSettings"
+      ( \x ->
+          BrowserSettings'
+            Prelude.<$> ( x
+                            Data..:? "associatedPortalArns"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "browserPolicy")
+            Prelude.<*> (x Data..: "browserSettingsArn")
+      )
+
+instance Prelude.Hashable BrowserSettings where
+  hashWithSalt _salt BrowserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` associatedPortalArns
+      `Prelude.hashWithSalt` browserPolicy
+      `Prelude.hashWithSalt` browserSettingsArn
+
+instance Prelude.NFData BrowserSettings where
+  rnf BrowserSettings' {..} =
+    Prelude.rnf associatedPortalArns
+      `Prelude.seq` Prelude.rnf browserPolicy
+      `Prelude.seq` Prelude.rnf browserSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/BrowserSettingsSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/BrowserSettingsSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/BrowserSettingsSummary.hs
@@ -0,0 +1,72 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.BrowserSettingsSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.BrowserSettingsSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary for browser settings.
+--
+-- /See:/ 'newBrowserSettingsSummary' smart constructor.
+data BrowserSettingsSummary = BrowserSettingsSummary'
+  { -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'BrowserSettingsSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettingsArn', 'browserSettingsSummary_browserSettingsArn' - The ARN of the browser settings.
+newBrowserSettingsSummary ::
+  BrowserSettingsSummary
+newBrowserSettingsSummary =
+  BrowserSettingsSummary'
+    { browserSettingsArn =
+        Prelude.Nothing
+    }
+
+-- | The ARN of the browser settings.
+browserSettingsSummary_browserSettingsArn :: Lens.Lens' BrowserSettingsSummary (Prelude.Maybe Prelude.Text)
+browserSettingsSummary_browserSettingsArn = Lens.lens (\BrowserSettingsSummary' {browserSettingsArn} -> browserSettingsArn) (\s@BrowserSettingsSummary' {} a -> s {browserSettingsArn = a} :: BrowserSettingsSummary)
+
+instance Data.FromJSON BrowserSettingsSummary where
+  parseJSON =
+    Data.withObject
+      "BrowserSettingsSummary"
+      ( \x ->
+          BrowserSettingsSummary'
+            Prelude.<$> (x Data..:? "browserSettingsArn")
+      )
+
+instance Prelude.Hashable BrowserSettingsSummary where
+  hashWithSalt _salt BrowserSettingsSummary' {..} =
+    _salt `Prelude.hashWithSalt` browserSettingsArn
+
+instance Prelude.NFData BrowserSettingsSummary where
+  rnf BrowserSettingsSummary' {..} =
+    Prelude.rnf browserSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/BrowserType.hs b/gen/Amazonka/WorkSpacesWeb/Types/BrowserType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/BrowserType.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.BrowserType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.BrowserType
+  ( BrowserType
+      ( ..,
+        BrowserType_Chrome
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype BrowserType = BrowserType'
+  { fromBrowserType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern BrowserType_Chrome :: BrowserType
+pattern BrowserType_Chrome = BrowserType' "Chrome"
+
+{-# COMPLETE
+  BrowserType_Chrome,
+  BrowserType'
+  #-}
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/Certificate.hs b/gen/Amazonka/WorkSpacesWeb/Types/Certificate.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/Certificate.hs
@@ -0,0 +1,140 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.Certificate
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.Certificate where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The certificate.
+--
+-- /See:/ 'newCertificate' smart constructor.
+data Certificate = Certificate'
+  { -- | The body of the certificate.
+    body :: Prelude.Maybe Data.Base64,
+    -- | The entity that issued the certificate.
+    issuer :: Prelude.Maybe Prelude.Text,
+    -- | The certificate is not valid after this date.
+    notValidAfter :: Prelude.Maybe Data.POSIX,
+    -- | The certificate is not valid before this date.
+    notValidBefore :: Prelude.Maybe Data.POSIX,
+    -- | The entity the certificate belongs to.
+    subject :: Prelude.Maybe Prelude.Text,
+    -- | A hexadecimal identifier for the certificate.
+    thumbprint :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Certificate' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'body', 'certificate_body' - The body of the certificate.--
+-- -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data.
+-- -- The underlying isomorphism will encode to Base64 representation during
+-- -- serialisation, and decode from Base64 representation during deserialisation.
+-- -- This 'Lens' accepts and returns only raw unencoded data.
+--
+-- 'issuer', 'certificate_issuer' - The entity that issued the certificate.
+--
+-- 'notValidAfter', 'certificate_notValidAfter' - The certificate is not valid after this date.
+--
+-- 'notValidBefore', 'certificate_notValidBefore' - The certificate is not valid before this date.
+--
+-- 'subject', 'certificate_subject' - The entity the certificate belongs to.
+--
+-- 'thumbprint', 'certificate_thumbprint' - A hexadecimal identifier for the certificate.
+newCertificate ::
+  Certificate
+newCertificate =
+  Certificate'
+    { body = Prelude.Nothing,
+      issuer = Prelude.Nothing,
+      notValidAfter = Prelude.Nothing,
+      notValidBefore = Prelude.Nothing,
+      subject = Prelude.Nothing,
+      thumbprint = Prelude.Nothing
+    }
+
+-- | The body of the certificate.--
+-- -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data.
+-- -- The underlying isomorphism will encode to Base64 representation during
+-- -- serialisation, and decode from Base64 representation during deserialisation.
+-- -- This 'Lens' accepts and returns only raw unencoded data.
+certificate_body :: Lens.Lens' Certificate (Prelude.Maybe Prelude.ByteString)
+certificate_body = Lens.lens (\Certificate' {body} -> body) (\s@Certificate' {} a -> s {body = a} :: Certificate) Prelude.. Lens.mapping Data._Base64
+
+-- | The entity that issued the certificate.
+certificate_issuer :: Lens.Lens' Certificate (Prelude.Maybe Prelude.Text)
+certificate_issuer = Lens.lens (\Certificate' {issuer} -> issuer) (\s@Certificate' {} a -> s {issuer = a} :: Certificate)
+
+-- | The certificate is not valid after this date.
+certificate_notValidAfter :: Lens.Lens' Certificate (Prelude.Maybe Prelude.UTCTime)
+certificate_notValidAfter = Lens.lens (\Certificate' {notValidAfter} -> notValidAfter) (\s@Certificate' {} a -> s {notValidAfter = a} :: Certificate) Prelude.. Lens.mapping Data._Time
+
+-- | The certificate is not valid before this date.
+certificate_notValidBefore :: Lens.Lens' Certificate (Prelude.Maybe Prelude.UTCTime)
+certificate_notValidBefore = Lens.lens (\Certificate' {notValidBefore} -> notValidBefore) (\s@Certificate' {} a -> s {notValidBefore = a} :: Certificate) Prelude.. Lens.mapping Data._Time
+
+-- | The entity the certificate belongs to.
+certificate_subject :: Lens.Lens' Certificate (Prelude.Maybe Prelude.Text)
+certificate_subject = Lens.lens (\Certificate' {subject} -> subject) (\s@Certificate' {} a -> s {subject = a} :: Certificate)
+
+-- | A hexadecimal identifier for the certificate.
+certificate_thumbprint :: Lens.Lens' Certificate (Prelude.Maybe Prelude.Text)
+certificate_thumbprint = Lens.lens (\Certificate' {thumbprint} -> thumbprint) (\s@Certificate' {} a -> s {thumbprint = a} :: Certificate)
+
+instance Data.FromJSON Certificate where
+  parseJSON =
+    Data.withObject
+      "Certificate"
+      ( \x ->
+          Certificate'
+            Prelude.<$> (x Data..:? "body")
+            Prelude.<*> (x Data..:? "issuer")
+            Prelude.<*> (x Data..:? "notValidAfter")
+            Prelude.<*> (x Data..:? "notValidBefore")
+            Prelude.<*> (x Data..:? "subject")
+            Prelude.<*> (x Data..:? "thumbprint")
+      )
+
+instance Prelude.Hashable Certificate where
+  hashWithSalt _salt Certificate' {..} =
+    _salt
+      `Prelude.hashWithSalt` body
+      `Prelude.hashWithSalt` issuer
+      `Prelude.hashWithSalt` notValidAfter
+      `Prelude.hashWithSalt` notValidBefore
+      `Prelude.hashWithSalt` subject
+      `Prelude.hashWithSalt` thumbprint
+
+instance Prelude.NFData Certificate where
+  rnf Certificate' {..} =
+    Prelude.rnf body
+      `Prelude.seq` Prelude.rnf issuer
+      `Prelude.seq` Prelude.rnf notValidAfter
+      `Prelude.seq` Prelude.rnf notValidBefore
+      `Prelude.seq` Prelude.rnf subject
+      `Prelude.seq` Prelude.rnf thumbprint
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/CertificateSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/CertificateSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/CertificateSummary.hs
@@ -0,0 +1,120 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.CertificateSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.CertificateSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of the certificate.
+--
+-- /See:/ 'newCertificateSummary' smart constructor.
+data CertificateSummary = CertificateSummary'
+  { -- | The entity that issued the certificate.
+    issuer :: Prelude.Maybe Prelude.Text,
+    -- | The certificate is not valid after this date.
+    notValidAfter :: Prelude.Maybe Data.POSIX,
+    -- | The certificate is not valid before this date.
+    notValidBefore :: Prelude.Maybe Data.POSIX,
+    -- | The entity the certificate belongs to.
+    subject :: Prelude.Maybe Prelude.Text,
+    -- | A hexadecimal identifier for the certificate.
+    thumbprint :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'CertificateSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'issuer', 'certificateSummary_issuer' - The entity that issued the certificate.
+--
+-- 'notValidAfter', 'certificateSummary_notValidAfter' - The certificate is not valid after this date.
+--
+-- 'notValidBefore', 'certificateSummary_notValidBefore' - The certificate is not valid before this date.
+--
+-- 'subject', 'certificateSummary_subject' - The entity the certificate belongs to.
+--
+-- 'thumbprint', 'certificateSummary_thumbprint' - A hexadecimal identifier for the certificate.
+newCertificateSummary ::
+  CertificateSummary
+newCertificateSummary =
+  CertificateSummary'
+    { issuer = Prelude.Nothing,
+      notValidAfter = Prelude.Nothing,
+      notValidBefore = Prelude.Nothing,
+      subject = Prelude.Nothing,
+      thumbprint = Prelude.Nothing
+    }
+
+-- | The entity that issued the certificate.
+certificateSummary_issuer :: Lens.Lens' CertificateSummary (Prelude.Maybe Prelude.Text)
+certificateSummary_issuer = Lens.lens (\CertificateSummary' {issuer} -> issuer) (\s@CertificateSummary' {} a -> s {issuer = a} :: CertificateSummary)
+
+-- | The certificate is not valid after this date.
+certificateSummary_notValidAfter :: Lens.Lens' CertificateSummary (Prelude.Maybe Prelude.UTCTime)
+certificateSummary_notValidAfter = Lens.lens (\CertificateSummary' {notValidAfter} -> notValidAfter) (\s@CertificateSummary' {} a -> s {notValidAfter = a} :: CertificateSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The certificate is not valid before this date.
+certificateSummary_notValidBefore :: Lens.Lens' CertificateSummary (Prelude.Maybe Prelude.UTCTime)
+certificateSummary_notValidBefore = Lens.lens (\CertificateSummary' {notValidBefore} -> notValidBefore) (\s@CertificateSummary' {} a -> s {notValidBefore = a} :: CertificateSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The entity the certificate belongs to.
+certificateSummary_subject :: Lens.Lens' CertificateSummary (Prelude.Maybe Prelude.Text)
+certificateSummary_subject = Lens.lens (\CertificateSummary' {subject} -> subject) (\s@CertificateSummary' {} a -> s {subject = a} :: CertificateSummary)
+
+-- | A hexadecimal identifier for the certificate.
+certificateSummary_thumbprint :: Lens.Lens' CertificateSummary (Prelude.Maybe Prelude.Text)
+certificateSummary_thumbprint = Lens.lens (\CertificateSummary' {thumbprint} -> thumbprint) (\s@CertificateSummary' {} a -> s {thumbprint = a} :: CertificateSummary)
+
+instance Data.FromJSON CertificateSummary where
+  parseJSON =
+    Data.withObject
+      "CertificateSummary"
+      ( \x ->
+          CertificateSummary'
+            Prelude.<$> (x Data..:? "issuer")
+            Prelude.<*> (x Data..:? "notValidAfter")
+            Prelude.<*> (x Data..:? "notValidBefore")
+            Prelude.<*> (x Data..:? "subject")
+            Prelude.<*> (x Data..:? "thumbprint")
+      )
+
+instance Prelude.Hashable CertificateSummary where
+  hashWithSalt _salt CertificateSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` issuer
+      `Prelude.hashWithSalt` notValidAfter
+      `Prelude.hashWithSalt` notValidBefore
+      `Prelude.hashWithSalt` subject
+      `Prelude.hashWithSalt` thumbprint
+
+instance Prelude.NFData CertificateSummary where
+  rnf CertificateSummary' {..} =
+    Prelude.rnf issuer
+      `Prelude.seq` Prelude.rnf notValidAfter
+      `Prelude.seq` Prelude.rnf notValidBefore
+      `Prelude.seq` Prelude.rnf subject
+      `Prelude.seq` Prelude.rnf thumbprint
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/EnabledType.hs b/gen/Amazonka/WorkSpacesWeb/Types/EnabledType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/EnabledType.hs
@@ -0,0 +1,71 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.EnabledType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.EnabledType
+  ( EnabledType
+      ( ..,
+        EnabledType_Disabled,
+        EnabledType_Enabled
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype EnabledType = EnabledType'
+  { fromEnabledType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern EnabledType_Disabled :: EnabledType
+pattern EnabledType_Disabled = EnabledType' "Disabled"
+
+pattern EnabledType_Enabled :: EnabledType
+pattern EnabledType_Enabled = EnabledType' "Enabled"
+
+{-# COMPLETE
+  EnabledType_Disabled,
+  EnabledType_Enabled,
+  EnabledType'
+  #-}
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/IdentityProvider.hs b/gen/Amazonka/WorkSpacesWeb/Types/IdentityProvider.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/IdentityProvider.hs
@@ -0,0 +1,298 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.IdentityProvider
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.IdentityProvider where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Types.IdentityProviderType
+
+-- | The identity provider.
+--
+-- /See:/ 'newIdentityProvider' smart constructor.
+data IdentityProvider = IdentityProvider'
+  { -- | The identity provider details. The following list describes the provider
+    -- detail keys for each identity provider type.
+    --
+    -- -   For Google and Login with Amazon:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @authorize_scopes@
+    --
+    -- -   For Facebook:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @authorize_scopes@
+    --
+    --     -   @api_version@
+    --
+    -- -   For Sign in with Apple:
+    --
+    --     -   @client_id@
+    --
+    --     -   @team_id@
+    --
+    --     -   @key_id@
+    --
+    --     -   @private_key@
+    --
+    --     -   @authorize_scopes@
+    --
+    -- -   For OIDC providers:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @attributes_request_method@
+    --
+    --     -   @oidc_issuer@
+    --
+    --     -   @authorize_scopes@
+    --
+    --     -   @authorize_url@ /if not available from discovery URL specified
+    --         by oidc_issuer key/
+    --
+    --     -   @token_url@ /if not available from discovery URL specified by
+    --         oidc_issuer key/
+    --
+    --     -   @attributes_url@ /if not available from discovery URL specified
+    --         by oidc_issuer key/
+    --
+    --     -   @jwks_uri@ /if not available from discovery URL specified by
+    --         oidc_issuer key/
+    --
+    -- -   For SAML providers:
+    --
+    --     -   @MetadataFile@ OR @MetadataURL@
+    --
+    --     -   @IDPSignout@ /optional/
+    identityProviderDetails :: Prelude.Maybe (Data.Sensitive (Prelude.HashMap Prelude.Text Prelude.Text)),
+    -- | The identity provider name.
+    identityProviderName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The identity provider type.
+    identityProviderType :: Prelude.Maybe IdentityProviderType,
+    -- | The ARN of the identity provider.
+    identityProviderArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IdentityProvider' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'identityProviderDetails', 'identityProvider_identityProviderDetails' - The identity provider details. The following list describes the provider
+-- detail keys for each identity provider type.
+--
+-- -   For Google and Login with Amazon:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+-- -   For Facebook:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+--     -   @api_version@
+--
+-- -   For Sign in with Apple:
+--
+--     -   @client_id@
+--
+--     -   @team_id@
+--
+--     -   @key_id@
+--
+--     -   @private_key@
+--
+--     -   @authorize_scopes@
+--
+-- -   For OIDC providers:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @attributes_request_method@
+--
+--     -   @oidc_issuer@
+--
+--     -   @authorize_scopes@
+--
+--     -   @authorize_url@ /if not available from discovery URL specified
+--         by oidc_issuer key/
+--
+--     -   @token_url@ /if not available from discovery URL specified by
+--         oidc_issuer key/
+--
+--     -   @attributes_url@ /if not available from discovery URL specified
+--         by oidc_issuer key/
+--
+--     -   @jwks_uri@ /if not available from discovery URL specified by
+--         oidc_issuer key/
+--
+-- -   For SAML providers:
+--
+--     -   @MetadataFile@ OR @MetadataURL@
+--
+--     -   @IDPSignout@ /optional/
+--
+-- 'identityProviderName', 'identityProvider_identityProviderName' - The identity provider name.
+--
+-- 'identityProviderType', 'identityProvider_identityProviderType' - The identity provider type.
+--
+-- 'identityProviderArn', 'identityProvider_identityProviderArn' - The ARN of the identity provider.
+newIdentityProvider ::
+  -- | 'identityProviderArn'
+  Prelude.Text ->
+  IdentityProvider
+newIdentityProvider pIdentityProviderArn_ =
+  IdentityProvider'
+    { identityProviderDetails =
+        Prelude.Nothing,
+      identityProviderName = Prelude.Nothing,
+      identityProviderType = Prelude.Nothing,
+      identityProviderArn = pIdentityProviderArn_
+    }
+
+-- | The identity provider details. The following list describes the provider
+-- detail keys for each identity provider type.
+--
+-- -   For Google and Login with Amazon:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+-- -   For Facebook:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+--     -   @api_version@
+--
+-- -   For Sign in with Apple:
+--
+--     -   @client_id@
+--
+--     -   @team_id@
+--
+--     -   @key_id@
+--
+--     -   @private_key@
+--
+--     -   @authorize_scopes@
+--
+-- -   For OIDC providers:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @attributes_request_method@
+--
+--     -   @oidc_issuer@
+--
+--     -   @authorize_scopes@
+--
+--     -   @authorize_url@ /if not available from discovery URL specified
+--         by oidc_issuer key/
+--
+--     -   @token_url@ /if not available from discovery URL specified by
+--         oidc_issuer key/
+--
+--     -   @attributes_url@ /if not available from discovery URL specified
+--         by oidc_issuer key/
+--
+--     -   @jwks_uri@ /if not available from discovery URL specified by
+--         oidc_issuer key/
+--
+-- -   For SAML providers:
+--
+--     -   @MetadataFile@ OR @MetadataURL@
+--
+--     -   @IDPSignout@ /optional/
+identityProvider_identityProviderDetails :: Lens.Lens' IdentityProvider (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+identityProvider_identityProviderDetails = Lens.lens (\IdentityProvider' {identityProviderDetails} -> identityProviderDetails) (\s@IdentityProvider' {} a -> s {identityProviderDetails = a} :: IdentityProvider) Prelude.. Lens.mapping (Data._Sensitive Prelude.. Lens.coerced)
+
+-- | The identity provider name.
+identityProvider_identityProviderName :: Lens.Lens' IdentityProvider (Prelude.Maybe Prelude.Text)
+identityProvider_identityProviderName = Lens.lens (\IdentityProvider' {identityProviderName} -> identityProviderName) (\s@IdentityProvider' {} a -> s {identityProviderName = a} :: IdentityProvider) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The identity provider type.
+identityProvider_identityProviderType :: Lens.Lens' IdentityProvider (Prelude.Maybe IdentityProviderType)
+identityProvider_identityProviderType = Lens.lens (\IdentityProvider' {identityProviderType} -> identityProviderType) (\s@IdentityProvider' {} a -> s {identityProviderType = a} :: IdentityProvider)
+
+-- | The ARN of the identity provider.
+identityProvider_identityProviderArn :: Lens.Lens' IdentityProvider Prelude.Text
+identityProvider_identityProviderArn = Lens.lens (\IdentityProvider' {identityProviderArn} -> identityProviderArn) (\s@IdentityProvider' {} a -> s {identityProviderArn = a} :: IdentityProvider)
+
+instance Data.FromJSON IdentityProvider where
+  parseJSON =
+    Data.withObject
+      "IdentityProvider"
+      ( \x ->
+          IdentityProvider'
+            Prelude.<$> ( x
+                            Data..:? "identityProviderDetails"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "identityProviderName")
+            Prelude.<*> (x Data..:? "identityProviderType")
+            Prelude.<*> (x Data..: "identityProviderArn")
+      )
+
+instance Prelude.Hashable IdentityProvider where
+  hashWithSalt _salt IdentityProvider' {..} =
+    _salt
+      `Prelude.hashWithSalt` identityProviderDetails
+      `Prelude.hashWithSalt` identityProviderName
+      `Prelude.hashWithSalt` identityProviderType
+      `Prelude.hashWithSalt` identityProviderArn
+
+instance Prelude.NFData IdentityProvider where
+  rnf IdentityProvider' {..} =
+    Prelude.rnf identityProviderDetails
+      `Prelude.seq` Prelude.rnf identityProviderName
+      `Prelude.seq` Prelude.rnf identityProviderType
+      `Prelude.seq` Prelude.rnf identityProviderArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/IdentityProviderSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/IdentityProviderSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/IdentityProviderSummary.hs
@@ -0,0 +1,98 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.IdentityProviderSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.IdentityProviderSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Types.IdentityProviderType
+
+-- | The summary of the identity provider.
+--
+-- /See:/ 'newIdentityProviderSummary' smart constructor.
+data IdentityProviderSummary = IdentityProviderSummary'
+  { -- | The ARN of the identity provider.
+    identityProviderArn :: Prelude.Maybe Prelude.Text,
+    -- | The identity provider name.
+    identityProviderName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The identity provider type.
+    identityProviderType :: Prelude.Maybe IdentityProviderType
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'IdentityProviderSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'identityProviderArn', 'identityProviderSummary_identityProviderArn' - The ARN of the identity provider.
+--
+-- 'identityProviderName', 'identityProviderSummary_identityProviderName' - The identity provider name.
+--
+-- 'identityProviderType', 'identityProviderSummary_identityProviderType' - The identity provider type.
+newIdentityProviderSummary ::
+  IdentityProviderSummary
+newIdentityProviderSummary =
+  IdentityProviderSummary'
+    { identityProviderArn =
+        Prelude.Nothing,
+      identityProviderName = Prelude.Nothing,
+      identityProviderType = Prelude.Nothing
+    }
+
+-- | The ARN of the identity provider.
+identityProviderSummary_identityProviderArn :: Lens.Lens' IdentityProviderSummary (Prelude.Maybe Prelude.Text)
+identityProviderSummary_identityProviderArn = Lens.lens (\IdentityProviderSummary' {identityProviderArn} -> identityProviderArn) (\s@IdentityProviderSummary' {} a -> s {identityProviderArn = a} :: IdentityProviderSummary)
+
+-- | The identity provider name.
+identityProviderSummary_identityProviderName :: Lens.Lens' IdentityProviderSummary (Prelude.Maybe Prelude.Text)
+identityProviderSummary_identityProviderName = Lens.lens (\IdentityProviderSummary' {identityProviderName} -> identityProviderName) (\s@IdentityProviderSummary' {} a -> s {identityProviderName = a} :: IdentityProviderSummary) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The identity provider type.
+identityProviderSummary_identityProviderType :: Lens.Lens' IdentityProviderSummary (Prelude.Maybe IdentityProviderType)
+identityProviderSummary_identityProviderType = Lens.lens (\IdentityProviderSummary' {identityProviderType} -> identityProviderType) (\s@IdentityProviderSummary' {} a -> s {identityProviderType = a} :: IdentityProviderSummary)
+
+instance Data.FromJSON IdentityProviderSummary where
+  parseJSON =
+    Data.withObject
+      "IdentityProviderSummary"
+      ( \x ->
+          IdentityProviderSummary'
+            Prelude.<$> (x Data..:? "identityProviderArn")
+            Prelude.<*> (x Data..:? "identityProviderName")
+            Prelude.<*> (x Data..:? "identityProviderType")
+      )
+
+instance Prelude.Hashable IdentityProviderSummary where
+  hashWithSalt _salt IdentityProviderSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` identityProviderArn
+      `Prelude.hashWithSalt` identityProviderName
+      `Prelude.hashWithSalt` identityProviderType
+
+instance Prelude.NFData IdentityProviderSummary where
+  rnf IdentityProviderSummary' {..} =
+    Prelude.rnf identityProviderArn
+      `Prelude.seq` Prelude.rnf identityProviderName
+      `Prelude.seq` Prelude.rnf identityProviderType
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/IdentityProviderType.hs b/gen/Amazonka/WorkSpacesWeb/Types/IdentityProviderType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/IdentityProviderType.hs
@@ -0,0 +1,91 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.IdentityProviderType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.IdentityProviderType
+  ( IdentityProviderType
+      ( ..,
+        IdentityProviderType_Facebook,
+        IdentityProviderType_Google,
+        IdentityProviderType_LoginWithAmazon,
+        IdentityProviderType_OIDC,
+        IdentityProviderType_SAML,
+        IdentityProviderType_SignInWithApple
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype IdentityProviderType = IdentityProviderType'
+  { fromIdentityProviderType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern IdentityProviderType_Facebook :: IdentityProviderType
+pattern IdentityProviderType_Facebook = IdentityProviderType' "Facebook"
+
+pattern IdentityProviderType_Google :: IdentityProviderType
+pattern IdentityProviderType_Google = IdentityProviderType' "Google"
+
+pattern IdentityProviderType_LoginWithAmazon :: IdentityProviderType
+pattern IdentityProviderType_LoginWithAmazon = IdentityProviderType' "LoginWithAmazon"
+
+pattern IdentityProviderType_OIDC :: IdentityProviderType
+pattern IdentityProviderType_OIDC = IdentityProviderType' "OIDC"
+
+pattern IdentityProviderType_SAML :: IdentityProviderType
+pattern IdentityProviderType_SAML = IdentityProviderType' "SAML"
+
+pattern IdentityProviderType_SignInWithApple :: IdentityProviderType
+pattern IdentityProviderType_SignInWithApple = IdentityProviderType' "SignInWithApple"
+
+{-# COMPLETE
+  IdentityProviderType_Facebook,
+  IdentityProviderType_Google,
+  IdentityProviderType_LoginWithAmazon,
+  IdentityProviderType_OIDC,
+  IdentityProviderType_SAML,
+  IdentityProviderType_SignInWithApple,
+  IdentityProviderType'
+  #-}
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/NetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/Types/NetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/NetworkSettings.hs
@@ -0,0 +1,137 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.NetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.NetworkSettings where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A network settings resource that can be associated with a web portal.
+-- Once associated with a web portal, network settings define how streaming
+-- instances will connect with your specified VPC.
+--
+-- /See:/ 'newNetworkSettings' smart constructor.
+data NetworkSettings = NetworkSettings'
+  { -- | A list of web portal ARNs that this network settings is associated with.
+    associatedPortalArns :: Prelude.Maybe [Prelude.Text],
+    -- | One or more security groups used to control access from streaming
+    -- instances to your VPC.
+    securityGroupIds :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | The subnets in which network interfaces are created to connect streaming
+    -- instances to your VPC. At least two of these subnets must be in
+    -- different availability zones.
+    subnetIds :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | The VPC that streaming instances will connect to.
+    vpcId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'NetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'associatedPortalArns', 'networkSettings_associatedPortalArns' - A list of web portal ARNs that this network settings is associated with.
+--
+-- 'securityGroupIds', 'networkSettings_securityGroupIds' - One or more security groups used to control access from streaming
+-- instances to your VPC.
+--
+-- 'subnetIds', 'networkSettings_subnetIds' - The subnets in which network interfaces are created to connect streaming
+-- instances to your VPC. At least two of these subnets must be in
+-- different availability zones.
+--
+-- 'vpcId', 'networkSettings_vpcId' - The VPC that streaming instances will connect to.
+--
+-- 'networkSettingsArn', 'networkSettings_networkSettingsArn' - The ARN of the network settings.
+newNetworkSettings ::
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  NetworkSettings
+newNetworkSettings pNetworkSettingsArn_ =
+  NetworkSettings'
+    { associatedPortalArns =
+        Prelude.Nothing,
+      securityGroupIds = Prelude.Nothing,
+      subnetIds = Prelude.Nothing,
+      vpcId = Prelude.Nothing,
+      networkSettingsArn = pNetworkSettingsArn_
+    }
+
+-- | A list of web portal ARNs that this network settings is associated with.
+networkSettings_associatedPortalArns :: Lens.Lens' NetworkSettings (Prelude.Maybe [Prelude.Text])
+networkSettings_associatedPortalArns = Lens.lens (\NetworkSettings' {associatedPortalArns} -> associatedPortalArns) (\s@NetworkSettings' {} a -> s {associatedPortalArns = a} :: NetworkSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | One or more security groups used to control access from streaming
+-- instances to your VPC.
+networkSettings_securityGroupIds :: Lens.Lens' NetworkSettings (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+networkSettings_securityGroupIds = Lens.lens (\NetworkSettings' {securityGroupIds} -> securityGroupIds) (\s@NetworkSettings' {} a -> s {securityGroupIds = a} :: NetworkSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | The subnets in which network interfaces are created to connect streaming
+-- instances to your VPC. At least two of these subnets must be in
+-- different availability zones.
+networkSettings_subnetIds :: Lens.Lens' NetworkSettings (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+networkSettings_subnetIds = Lens.lens (\NetworkSettings' {subnetIds} -> subnetIds) (\s@NetworkSettings' {} a -> s {subnetIds = a} :: NetworkSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | The VPC that streaming instances will connect to.
+networkSettings_vpcId :: Lens.Lens' NetworkSettings (Prelude.Maybe Prelude.Text)
+networkSettings_vpcId = Lens.lens (\NetworkSettings' {vpcId} -> vpcId) (\s@NetworkSettings' {} a -> s {vpcId = a} :: NetworkSettings)
+
+-- | The ARN of the network settings.
+networkSettings_networkSettingsArn :: Lens.Lens' NetworkSettings Prelude.Text
+networkSettings_networkSettingsArn = Lens.lens (\NetworkSettings' {networkSettingsArn} -> networkSettingsArn) (\s@NetworkSettings' {} a -> s {networkSettingsArn = a} :: NetworkSettings)
+
+instance Data.FromJSON NetworkSettings where
+  parseJSON =
+    Data.withObject
+      "NetworkSettings"
+      ( \x ->
+          NetworkSettings'
+            Prelude.<$> ( x
+                            Data..:? "associatedPortalArns"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "securityGroupIds")
+            Prelude.<*> (x Data..:? "subnetIds")
+            Prelude.<*> (x Data..:? "vpcId")
+            Prelude.<*> (x Data..: "networkSettingsArn")
+      )
+
+instance Prelude.Hashable NetworkSettings where
+  hashWithSalt _salt NetworkSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` associatedPortalArns
+      `Prelude.hashWithSalt` securityGroupIds
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcId
+      `Prelude.hashWithSalt` networkSettingsArn
+
+instance Prelude.NFData NetworkSettings where
+  rnf NetworkSettings' {..} =
+    Prelude.rnf associatedPortalArns
+      `Prelude.seq` Prelude.rnf securityGroupIds
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcId
+      `Prelude.seq` Prelude.rnf networkSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/NetworkSettingsSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/NetworkSettingsSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/NetworkSettingsSummary.hs
@@ -0,0 +1,85 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.NetworkSettingsSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.NetworkSettingsSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of network settings.
+--
+-- /See:/ 'newNetworkSettingsSummary' smart constructor.
+data NetworkSettingsSummary = NetworkSettingsSummary'
+  { -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The VPC ID of the network settings.
+    vpcId :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'NetworkSettingsSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'networkSettingsArn', 'networkSettingsSummary_networkSettingsArn' - The ARN of the network settings.
+--
+-- 'vpcId', 'networkSettingsSummary_vpcId' - The VPC ID of the network settings.
+newNetworkSettingsSummary ::
+  NetworkSettingsSummary
+newNetworkSettingsSummary =
+  NetworkSettingsSummary'
+    { networkSettingsArn =
+        Prelude.Nothing,
+      vpcId = Prelude.Nothing
+    }
+
+-- | The ARN of the network settings.
+networkSettingsSummary_networkSettingsArn :: Lens.Lens' NetworkSettingsSummary (Prelude.Maybe Prelude.Text)
+networkSettingsSummary_networkSettingsArn = Lens.lens (\NetworkSettingsSummary' {networkSettingsArn} -> networkSettingsArn) (\s@NetworkSettingsSummary' {} a -> s {networkSettingsArn = a} :: NetworkSettingsSummary)
+
+-- | The VPC ID of the network settings.
+networkSettingsSummary_vpcId :: Lens.Lens' NetworkSettingsSummary (Prelude.Maybe Prelude.Text)
+networkSettingsSummary_vpcId = Lens.lens (\NetworkSettingsSummary' {vpcId} -> vpcId) (\s@NetworkSettingsSummary' {} a -> s {vpcId = a} :: NetworkSettingsSummary)
+
+instance Data.FromJSON NetworkSettingsSummary where
+  parseJSON =
+    Data.withObject
+      "NetworkSettingsSummary"
+      ( \x ->
+          NetworkSettingsSummary'
+            Prelude.<$> (x Data..:? "networkSettingsArn")
+            Prelude.<*> (x Data..:? "vpcId")
+      )
+
+instance Prelude.Hashable NetworkSettingsSummary where
+  hashWithSalt _salt NetworkSettingsSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` networkSettingsArn
+      `Prelude.hashWithSalt` vpcId
+
+instance Prelude.NFData NetworkSettingsSummary where
+  rnf NetworkSettingsSummary' {..} =
+    Prelude.rnf networkSettingsArn
+      `Prelude.seq` Prelude.rnf vpcId
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/Portal.hs b/gen/Amazonka/WorkSpacesWeb/Types/Portal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/Portal.hs
@@ -0,0 +1,225 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.Portal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.Portal where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Types.BrowserType
+import Amazonka.WorkSpacesWeb.Types.PortalStatus
+import Amazonka.WorkSpacesWeb.Types.RendererType
+
+-- | The web portal.
+--
+-- /See:/ 'newPortal' smart constructor.
+data Portal = Portal'
+  { -- | The ARN of the browser settings that is associated with this web portal.
+    browserSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The browser that users see when using a streaming session.
+    browserType :: Prelude.Maybe BrowserType,
+    -- | The creation date of the web portal.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The name of the web portal.
+    displayName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The ARN of the network settings that is associated with the web portal.
+    networkSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Maybe Prelude.Text,
+    -- | The endpoint URL of the web portal that users access in order to start
+    -- streaming sessions.
+    portalEndpoint :: Prelude.Maybe Prelude.Text,
+    -- | The status of the web portal.
+    portalStatus :: Prelude.Maybe PortalStatus,
+    -- | The renderer that is used in streaming sessions.
+    rendererType :: Prelude.Maybe RendererType,
+    -- | A message that explains why the web portal is in its current status.
+    statusReason :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the trust store that is associated with the web portal.
+    trustStoreArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user access logging settings that is associated with the
+    -- web portal.
+    userAccessLoggingSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user settings that is associated with the web portal.
+    userSettingsArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Portal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettingsArn', 'portal_browserSettingsArn' - The ARN of the browser settings that is associated with this web portal.
+--
+-- 'browserType', 'portal_browserType' - The browser that users see when using a streaming session.
+--
+-- 'creationDate', 'portal_creationDate' - The creation date of the web portal.
+--
+-- 'displayName', 'portal_displayName' - The name of the web portal.
+--
+-- 'networkSettingsArn', 'portal_networkSettingsArn' - The ARN of the network settings that is associated with the web portal.
+--
+-- 'portalArn', 'portal_portalArn' - The ARN of the web portal.
+--
+-- 'portalEndpoint', 'portal_portalEndpoint' - The endpoint URL of the web portal that users access in order to start
+-- streaming sessions.
+--
+-- 'portalStatus', 'portal_portalStatus' - The status of the web portal.
+--
+-- 'rendererType', 'portal_rendererType' - The renderer that is used in streaming sessions.
+--
+-- 'statusReason', 'portal_statusReason' - A message that explains why the web portal is in its current status.
+--
+-- 'trustStoreArn', 'portal_trustStoreArn' - The ARN of the trust store that is associated with the web portal.
+--
+-- 'userAccessLoggingSettingsArn', 'portal_userAccessLoggingSettingsArn' - The ARN of the user access logging settings that is associated with the
+-- web portal.
+--
+-- 'userSettingsArn', 'portal_userSettingsArn' - The ARN of the user settings that is associated with the web portal.
+newPortal ::
+  Portal
+newPortal =
+  Portal'
+    { browserSettingsArn = Prelude.Nothing,
+      browserType = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      displayName = Prelude.Nothing,
+      networkSettingsArn = Prelude.Nothing,
+      portalArn = Prelude.Nothing,
+      portalEndpoint = Prelude.Nothing,
+      portalStatus = Prelude.Nothing,
+      rendererType = Prelude.Nothing,
+      statusReason = Prelude.Nothing,
+      trustStoreArn = Prelude.Nothing,
+      userAccessLoggingSettingsArn = Prelude.Nothing,
+      userSettingsArn = Prelude.Nothing
+    }
+
+-- | The ARN of the browser settings that is associated with this web portal.
+portal_browserSettingsArn :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_browserSettingsArn = Lens.lens (\Portal' {browserSettingsArn} -> browserSettingsArn) (\s@Portal' {} a -> s {browserSettingsArn = a} :: Portal)
+
+-- | The browser that users see when using a streaming session.
+portal_browserType :: Lens.Lens' Portal (Prelude.Maybe BrowserType)
+portal_browserType = Lens.lens (\Portal' {browserType} -> browserType) (\s@Portal' {} a -> s {browserType = a} :: Portal)
+
+-- | The creation date of the web portal.
+portal_creationDate :: Lens.Lens' Portal (Prelude.Maybe Prelude.UTCTime)
+portal_creationDate = Lens.lens (\Portal' {creationDate} -> creationDate) (\s@Portal' {} a -> s {creationDate = a} :: Portal) Prelude.. Lens.mapping Data._Time
+
+-- | The name of the web portal.
+portal_displayName :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_displayName = Lens.lens (\Portal' {displayName} -> displayName) (\s@Portal' {} a -> s {displayName = a} :: Portal) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The ARN of the network settings that is associated with the web portal.
+portal_networkSettingsArn :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_networkSettingsArn = Lens.lens (\Portal' {networkSettingsArn} -> networkSettingsArn) (\s@Portal' {} a -> s {networkSettingsArn = a} :: Portal)
+
+-- | The ARN of the web portal.
+portal_portalArn :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_portalArn = Lens.lens (\Portal' {portalArn} -> portalArn) (\s@Portal' {} a -> s {portalArn = a} :: Portal)
+
+-- | The endpoint URL of the web portal that users access in order to start
+-- streaming sessions.
+portal_portalEndpoint :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_portalEndpoint = Lens.lens (\Portal' {portalEndpoint} -> portalEndpoint) (\s@Portal' {} a -> s {portalEndpoint = a} :: Portal)
+
+-- | The status of the web portal.
+portal_portalStatus :: Lens.Lens' Portal (Prelude.Maybe PortalStatus)
+portal_portalStatus = Lens.lens (\Portal' {portalStatus} -> portalStatus) (\s@Portal' {} a -> s {portalStatus = a} :: Portal)
+
+-- | The renderer that is used in streaming sessions.
+portal_rendererType :: Lens.Lens' Portal (Prelude.Maybe RendererType)
+portal_rendererType = Lens.lens (\Portal' {rendererType} -> rendererType) (\s@Portal' {} a -> s {rendererType = a} :: Portal)
+
+-- | A message that explains why the web portal is in its current status.
+portal_statusReason :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_statusReason = Lens.lens (\Portal' {statusReason} -> statusReason) (\s@Portal' {} a -> s {statusReason = a} :: Portal)
+
+-- | The ARN of the trust store that is associated with the web portal.
+portal_trustStoreArn :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_trustStoreArn = Lens.lens (\Portal' {trustStoreArn} -> trustStoreArn) (\s@Portal' {} a -> s {trustStoreArn = a} :: Portal)
+
+-- | The ARN of the user access logging settings that is associated with the
+-- web portal.
+portal_userAccessLoggingSettingsArn :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_userAccessLoggingSettingsArn = Lens.lens (\Portal' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@Portal' {} a -> s {userAccessLoggingSettingsArn = a} :: Portal)
+
+-- | The ARN of the user settings that is associated with the web portal.
+portal_userSettingsArn :: Lens.Lens' Portal (Prelude.Maybe Prelude.Text)
+portal_userSettingsArn = Lens.lens (\Portal' {userSettingsArn} -> userSettingsArn) (\s@Portal' {} a -> s {userSettingsArn = a} :: Portal)
+
+instance Data.FromJSON Portal where
+  parseJSON =
+    Data.withObject
+      "Portal"
+      ( \x ->
+          Portal'
+            Prelude.<$> (x Data..:? "browserSettingsArn")
+            Prelude.<*> (x Data..:? "browserType")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "displayName")
+            Prelude.<*> (x Data..:? "networkSettingsArn")
+            Prelude.<*> (x Data..:? "portalArn")
+            Prelude.<*> (x Data..:? "portalEndpoint")
+            Prelude.<*> (x Data..:? "portalStatus")
+            Prelude.<*> (x Data..:? "rendererType")
+            Prelude.<*> (x Data..:? "statusReason")
+            Prelude.<*> (x Data..:? "trustStoreArn")
+            Prelude.<*> (x Data..:? "userAccessLoggingSettingsArn")
+            Prelude.<*> (x Data..:? "userSettingsArn")
+      )
+
+instance Prelude.Hashable Portal where
+  hashWithSalt _salt Portal' {..} =
+    _salt
+      `Prelude.hashWithSalt` browserSettingsArn
+      `Prelude.hashWithSalt` browserType
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` displayName
+      `Prelude.hashWithSalt` networkSettingsArn
+      `Prelude.hashWithSalt` portalArn
+      `Prelude.hashWithSalt` portalEndpoint
+      `Prelude.hashWithSalt` portalStatus
+      `Prelude.hashWithSalt` rendererType
+      `Prelude.hashWithSalt` statusReason
+      `Prelude.hashWithSalt` trustStoreArn
+      `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+      `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData Portal where
+  rnf Portal' {..} =
+    Prelude.rnf browserSettingsArn
+      `Prelude.seq` Prelude.rnf browserType
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf networkSettingsArn
+      `Prelude.seq` Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf portalEndpoint
+      `Prelude.seq` Prelude.rnf portalStatus
+      `Prelude.seq` Prelude.rnf rendererType
+      `Prelude.seq` Prelude.rnf statusReason
+      `Prelude.seq` Prelude.rnf trustStoreArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
+      `Prelude.seq` Prelude.rnf userSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/PortalStatus.hs b/gen/Amazonka/WorkSpacesWeb/Types/PortalStatus.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/PortalStatus.hs
@@ -0,0 +1,76 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.PortalStatus
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.PortalStatus
+  ( PortalStatus
+      ( ..,
+        PortalStatus_Active,
+        PortalStatus_Incomplete,
+        PortalStatus_Pending
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype PortalStatus = PortalStatus'
+  { fromPortalStatus ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern PortalStatus_Active :: PortalStatus
+pattern PortalStatus_Active = PortalStatus' "Active"
+
+pattern PortalStatus_Incomplete :: PortalStatus
+pattern PortalStatus_Incomplete = PortalStatus' "Incomplete"
+
+pattern PortalStatus_Pending :: PortalStatus
+pattern PortalStatus_Pending = PortalStatus' "Pending"
+
+{-# COMPLETE
+  PortalStatus_Active,
+  PortalStatus_Incomplete,
+  PortalStatus_Pending,
+  PortalStatus'
+  #-}
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/PortalSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/PortalSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/PortalSummary.hs
@@ -0,0 +1,214 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.PortalSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.PortalSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Types.BrowserType
+import Amazonka.WorkSpacesWeb.Types.PortalStatus
+import Amazonka.WorkSpacesWeb.Types.RendererType
+
+-- | The summary of the portal.
+--
+-- /See:/ 'newPortalSummary' smart constructor.
+data PortalSummary = PortalSummary'
+  { -- | The ARN of the browser settings that is associated with the web portal.
+    browserSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The browser type of the web portal.
+    browserType :: Prelude.Maybe BrowserType,
+    -- | The creation date of the web portal.
+    creationDate :: Prelude.Maybe Data.POSIX,
+    -- | The name of the web portal.
+    displayName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The ARN of the network settings that is associated with the web portal.
+    networkSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Maybe Prelude.Text,
+    -- | The endpoint URL of the web portal that users access in order to start
+    -- streaming sessions.
+    portalEndpoint :: Prelude.Maybe Prelude.Text,
+    -- | The status of the web portal.
+    portalStatus :: Prelude.Maybe PortalStatus,
+    -- | The renderer that is used in streaming sessions.
+    rendererType :: Prelude.Maybe RendererType,
+    -- | The ARN of the trust that is associated with this web portal.
+    trustStoreArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user access logging settings that is associated with the
+    -- web portal.
+    userAccessLoggingSettingsArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user settings that is associated with the web portal.
+    userSettingsArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'PortalSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserSettingsArn', 'portalSummary_browserSettingsArn' - The ARN of the browser settings that is associated with the web portal.
+--
+-- 'browserType', 'portalSummary_browserType' - The browser type of the web portal.
+--
+-- 'creationDate', 'portalSummary_creationDate' - The creation date of the web portal.
+--
+-- 'displayName', 'portalSummary_displayName' - The name of the web portal.
+--
+-- 'networkSettingsArn', 'portalSummary_networkSettingsArn' - The ARN of the network settings that is associated with the web portal.
+--
+-- 'portalArn', 'portalSummary_portalArn' - The ARN of the web portal.
+--
+-- 'portalEndpoint', 'portalSummary_portalEndpoint' - The endpoint URL of the web portal that users access in order to start
+-- streaming sessions.
+--
+-- 'portalStatus', 'portalSummary_portalStatus' - The status of the web portal.
+--
+-- 'rendererType', 'portalSummary_rendererType' - The renderer that is used in streaming sessions.
+--
+-- 'trustStoreArn', 'portalSummary_trustStoreArn' - The ARN of the trust that is associated with this web portal.
+--
+-- 'userAccessLoggingSettingsArn', 'portalSummary_userAccessLoggingSettingsArn' - The ARN of the user access logging settings that is associated with the
+-- web portal.
+--
+-- 'userSettingsArn', 'portalSummary_userSettingsArn' - The ARN of the user settings that is associated with the web portal.
+newPortalSummary ::
+  PortalSummary
+newPortalSummary =
+  PortalSummary'
+    { browserSettingsArn =
+        Prelude.Nothing,
+      browserType = Prelude.Nothing,
+      creationDate = Prelude.Nothing,
+      displayName = Prelude.Nothing,
+      networkSettingsArn = Prelude.Nothing,
+      portalArn = Prelude.Nothing,
+      portalEndpoint = Prelude.Nothing,
+      portalStatus = Prelude.Nothing,
+      rendererType = Prelude.Nothing,
+      trustStoreArn = Prelude.Nothing,
+      userAccessLoggingSettingsArn = Prelude.Nothing,
+      userSettingsArn = Prelude.Nothing
+    }
+
+-- | The ARN of the browser settings that is associated with the web portal.
+portalSummary_browserSettingsArn :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_browserSettingsArn = Lens.lens (\PortalSummary' {browserSettingsArn} -> browserSettingsArn) (\s@PortalSummary' {} a -> s {browserSettingsArn = a} :: PortalSummary)
+
+-- | The browser type of the web portal.
+portalSummary_browserType :: Lens.Lens' PortalSummary (Prelude.Maybe BrowserType)
+portalSummary_browserType = Lens.lens (\PortalSummary' {browserType} -> browserType) (\s@PortalSummary' {} a -> s {browserType = a} :: PortalSummary)
+
+-- | The creation date of the web portal.
+portalSummary_creationDate :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.UTCTime)
+portalSummary_creationDate = Lens.lens (\PortalSummary' {creationDate} -> creationDate) (\s@PortalSummary' {} a -> s {creationDate = a} :: PortalSummary) Prelude.. Lens.mapping Data._Time
+
+-- | The name of the web portal.
+portalSummary_displayName :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_displayName = Lens.lens (\PortalSummary' {displayName} -> displayName) (\s@PortalSummary' {} a -> s {displayName = a} :: PortalSummary) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The ARN of the network settings that is associated with the web portal.
+portalSummary_networkSettingsArn :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_networkSettingsArn = Lens.lens (\PortalSummary' {networkSettingsArn} -> networkSettingsArn) (\s@PortalSummary' {} a -> s {networkSettingsArn = a} :: PortalSummary)
+
+-- | The ARN of the web portal.
+portalSummary_portalArn :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_portalArn = Lens.lens (\PortalSummary' {portalArn} -> portalArn) (\s@PortalSummary' {} a -> s {portalArn = a} :: PortalSummary)
+
+-- | The endpoint URL of the web portal that users access in order to start
+-- streaming sessions.
+portalSummary_portalEndpoint :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_portalEndpoint = Lens.lens (\PortalSummary' {portalEndpoint} -> portalEndpoint) (\s@PortalSummary' {} a -> s {portalEndpoint = a} :: PortalSummary)
+
+-- | The status of the web portal.
+portalSummary_portalStatus :: Lens.Lens' PortalSummary (Prelude.Maybe PortalStatus)
+portalSummary_portalStatus = Lens.lens (\PortalSummary' {portalStatus} -> portalStatus) (\s@PortalSummary' {} a -> s {portalStatus = a} :: PortalSummary)
+
+-- | The renderer that is used in streaming sessions.
+portalSummary_rendererType :: Lens.Lens' PortalSummary (Prelude.Maybe RendererType)
+portalSummary_rendererType = Lens.lens (\PortalSummary' {rendererType} -> rendererType) (\s@PortalSummary' {} a -> s {rendererType = a} :: PortalSummary)
+
+-- | The ARN of the trust that is associated with this web portal.
+portalSummary_trustStoreArn :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_trustStoreArn = Lens.lens (\PortalSummary' {trustStoreArn} -> trustStoreArn) (\s@PortalSummary' {} a -> s {trustStoreArn = a} :: PortalSummary)
+
+-- | The ARN of the user access logging settings that is associated with the
+-- web portal.
+portalSummary_userAccessLoggingSettingsArn :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_userAccessLoggingSettingsArn = Lens.lens (\PortalSummary' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@PortalSummary' {} a -> s {userAccessLoggingSettingsArn = a} :: PortalSummary)
+
+-- | The ARN of the user settings that is associated with the web portal.
+portalSummary_userSettingsArn :: Lens.Lens' PortalSummary (Prelude.Maybe Prelude.Text)
+portalSummary_userSettingsArn = Lens.lens (\PortalSummary' {userSettingsArn} -> userSettingsArn) (\s@PortalSummary' {} a -> s {userSettingsArn = a} :: PortalSummary)
+
+instance Data.FromJSON PortalSummary where
+  parseJSON =
+    Data.withObject
+      "PortalSummary"
+      ( \x ->
+          PortalSummary'
+            Prelude.<$> (x Data..:? "browserSettingsArn")
+            Prelude.<*> (x Data..:? "browserType")
+            Prelude.<*> (x Data..:? "creationDate")
+            Prelude.<*> (x Data..:? "displayName")
+            Prelude.<*> (x Data..:? "networkSettingsArn")
+            Prelude.<*> (x Data..:? "portalArn")
+            Prelude.<*> (x Data..:? "portalEndpoint")
+            Prelude.<*> (x Data..:? "portalStatus")
+            Prelude.<*> (x Data..:? "rendererType")
+            Prelude.<*> (x Data..:? "trustStoreArn")
+            Prelude.<*> (x Data..:? "userAccessLoggingSettingsArn")
+            Prelude.<*> (x Data..:? "userSettingsArn")
+      )
+
+instance Prelude.Hashable PortalSummary where
+  hashWithSalt _salt PortalSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` browserSettingsArn
+      `Prelude.hashWithSalt` browserType
+      `Prelude.hashWithSalt` creationDate
+      `Prelude.hashWithSalt` displayName
+      `Prelude.hashWithSalt` networkSettingsArn
+      `Prelude.hashWithSalt` portalArn
+      `Prelude.hashWithSalt` portalEndpoint
+      `Prelude.hashWithSalt` portalStatus
+      `Prelude.hashWithSalt` rendererType
+      `Prelude.hashWithSalt` trustStoreArn
+      `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+      `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData PortalSummary where
+  rnf PortalSummary' {..} =
+    Prelude.rnf browserSettingsArn
+      `Prelude.seq` Prelude.rnf browserType
+      `Prelude.seq` Prelude.rnf creationDate
+      `Prelude.seq` Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf networkSettingsArn
+      `Prelude.seq` Prelude.rnf portalArn
+      `Prelude.seq` Prelude.rnf portalEndpoint
+      `Prelude.seq` Prelude.rnf portalStatus
+      `Prelude.seq` Prelude.rnf rendererType
+      `Prelude.seq` Prelude.rnf trustStoreArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
+      `Prelude.seq` Prelude.rnf userSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/RendererType.hs b/gen/Amazonka/WorkSpacesWeb/Types/RendererType.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/RendererType.hs
@@ -0,0 +1,66 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DerivingStrategies #-}
+{-# LANGUAGE GeneralizedNewtypeDeriving #-}
+{-# LANGUAGE LambdaCase #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE PatternSynonyms #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.RendererType
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.RendererType
+  ( RendererType
+      ( ..,
+        RendererType_AppStream
+      ),
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+newtype RendererType = RendererType'
+  { fromRendererType ::
+      Data.Text
+  }
+  deriving stock
+    ( Prelude.Show,
+      Prelude.Read,
+      Prelude.Eq,
+      Prelude.Ord,
+      Prelude.Generic
+    )
+  deriving newtype
+    ( Prelude.Hashable,
+      Prelude.NFData,
+      Data.FromText,
+      Data.ToText,
+      Data.ToByteString,
+      Data.ToLog,
+      Data.ToHeader,
+      Data.ToQuery,
+      Data.FromJSON,
+      Data.FromJSONKey,
+      Data.ToJSON,
+      Data.ToJSONKey,
+      Data.FromXML,
+      Data.ToXML
+    )
+
+pattern RendererType_AppStream :: RendererType
+pattern RendererType_AppStream = RendererType' "AppStream"
+
+{-# COMPLETE
+  RendererType_AppStream,
+  RendererType'
+  #-}
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/Tag.hs b/gen/Amazonka/WorkSpacesWeb/Types/Tag.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/Tag.hs
@@ -0,0 +1,96 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.Tag
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.Tag where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The tag.
+--
+-- /See:/ 'newTag' smart constructor.
+data Tag = Tag'
+  { -- | The key of the tag.
+    key :: Data.Sensitive Prelude.Text,
+    -- | The value of the tag
+    value :: Data.Sensitive Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'Tag' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'key', 'tag_key' - The key of the tag.
+--
+-- 'value', 'tag_value' - The value of the tag
+newTag ::
+  -- | 'key'
+  Prelude.Text ->
+  -- | 'value'
+  Prelude.Text ->
+  Tag
+newTag pKey_ pValue_ =
+  Tag'
+    { key = Data._Sensitive Lens.# pKey_,
+      value = Data._Sensitive Lens.# pValue_
+    }
+
+-- | The key of the tag.
+tag_key :: Lens.Lens' Tag Prelude.Text
+tag_key = Lens.lens (\Tag' {key} -> key) (\s@Tag' {} a -> s {key = a} :: Tag) Prelude.. Data._Sensitive
+
+-- | The value of the tag
+tag_value :: Lens.Lens' Tag Prelude.Text
+tag_value = Lens.lens (\Tag' {value} -> value) (\s@Tag' {} a -> s {value = a} :: Tag) Prelude.. Data._Sensitive
+
+instance Data.FromJSON Tag where
+  parseJSON =
+    Data.withObject
+      "Tag"
+      ( \x ->
+          Tag'
+            Prelude.<$> (x Data..: "Key")
+            Prelude.<*> (x Data..: "Value")
+      )
+
+instance Prelude.Hashable Tag where
+  hashWithSalt _salt Tag' {..} =
+    _salt
+      `Prelude.hashWithSalt` key
+      `Prelude.hashWithSalt` value
+
+instance Prelude.NFData Tag where
+  rnf Tag' {..} =
+    Prelude.rnf key `Prelude.seq` Prelude.rnf value
+
+instance Data.ToJSON Tag where
+  toJSON Tag' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ Prelude.Just ("Key" Data..= key),
+            Prelude.Just ("Value" Data..= value)
+          ]
+      )
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/TrustStore.hs b/gen/Amazonka/WorkSpacesWeb/Types/TrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/TrustStore.hs
@@ -0,0 +1,93 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.TrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.TrustStore where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A trust store that can be associated with a web portal. A trust store
+-- contains certificate authority (CA) certificates. Once associated with a
+-- web portal, the browser in a streaming session will recognize
+-- certificates that have been issued using any of the CAs in the trust
+-- store. If your organization has internal websites that use certificates
+-- issued by private CAs, you should add the private CA certificate to the
+-- trust store.
+--
+-- /See:/ 'newTrustStore' smart constructor.
+data TrustStore = TrustStore'
+  { -- | A list of web portal ARNs that this trust store is associated with.
+    associatedPortalArns :: Prelude.Maybe [Prelude.Text],
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'associatedPortalArns', 'trustStore_associatedPortalArns' - A list of web portal ARNs that this trust store is associated with.
+--
+-- 'trustStoreArn', 'trustStore_trustStoreArn' - The ARN of the trust store.
+newTrustStore ::
+  TrustStore
+newTrustStore =
+  TrustStore'
+    { associatedPortalArns = Prelude.Nothing,
+      trustStoreArn = Prelude.Nothing
+    }
+
+-- | A list of web portal ARNs that this trust store is associated with.
+trustStore_associatedPortalArns :: Lens.Lens' TrustStore (Prelude.Maybe [Prelude.Text])
+trustStore_associatedPortalArns = Lens.lens (\TrustStore' {associatedPortalArns} -> associatedPortalArns) (\s@TrustStore' {} a -> s {associatedPortalArns = a} :: TrustStore) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ARN of the trust store.
+trustStore_trustStoreArn :: Lens.Lens' TrustStore (Prelude.Maybe Prelude.Text)
+trustStore_trustStoreArn = Lens.lens (\TrustStore' {trustStoreArn} -> trustStoreArn) (\s@TrustStore' {} a -> s {trustStoreArn = a} :: TrustStore)
+
+instance Data.FromJSON TrustStore where
+  parseJSON =
+    Data.withObject
+      "TrustStore"
+      ( \x ->
+          TrustStore'
+            Prelude.<$> ( x
+                            Data..:? "associatedPortalArns"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "trustStoreArn")
+      )
+
+instance Prelude.Hashable TrustStore where
+  hashWithSalt _salt TrustStore' {..} =
+    _salt
+      `Prelude.hashWithSalt` associatedPortalArns
+      `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData TrustStore where
+  rnf TrustStore' {..} =
+    Prelude.rnf associatedPortalArns
+      `Prelude.seq` Prelude.rnf trustStoreArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/TrustStoreSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/TrustStoreSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/TrustStoreSummary.hs
@@ -0,0 +1,69 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.TrustStoreSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.TrustStoreSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of the trust store.
+--
+-- /See:/ 'newTrustStoreSummary' smart constructor.
+data TrustStoreSummary = TrustStoreSummary'
+  { -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'TrustStoreSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'trustStoreArn', 'trustStoreSummary_trustStoreArn' - The ARN of the trust store.
+newTrustStoreSummary ::
+  TrustStoreSummary
+newTrustStoreSummary =
+  TrustStoreSummary' {trustStoreArn = Prelude.Nothing}
+
+-- | The ARN of the trust store.
+trustStoreSummary_trustStoreArn :: Lens.Lens' TrustStoreSummary (Prelude.Maybe Prelude.Text)
+trustStoreSummary_trustStoreArn = Lens.lens (\TrustStoreSummary' {trustStoreArn} -> trustStoreArn) (\s@TrustStoreSummary' {} a -> s {trustStoreArn = a} :: TrustStoreSummary)
+
+instance Data.FromJSON TrustStoreSummary where
+  parseJSON =
+    Data.withObject
+      "TrustStoreSummary"
+      ( \x ->
+          TrustStoreSummary'
+            Prelude.<$> (x Data..:? "trustStoreArn")
+      )
+
+instance Prelude.Hashable TrustStoreSummary where
+  hashWithSalt _salt TrustStoreSummary' {..} =
+    _salt `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData TrustStoreSummary where
+  rnf TrustStoreSummary' {..} =
+    Prelude.rnf trustStoreArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/UserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/Types/UserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/UserAccessLoggingSettings.hs
@@ -0,0 +1,108 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettings where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | A user access logging settings resource that can be associated with a
+-- web portal.
+--
+-- /See:/ 'newUserAccessLoggingSettings' smart constructor.
+data UserAccessLoggingSettings = UserAccessLoggingSettings'
+  { -- | A list of web portal ARNs that this user access logging settings is
+    -- associated with.
+    associatedPortalArns :: Prelude.Maybe [Prelude.Text],
+    -- | The ARN of the Kinesis stream.
+    kinesisStreamArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'associatedPortalArns', 'userAccessLoggingSettings_associatedPortalArns' - A list of web portal ARNs that this user access logging settings is
+-- associated with.
+--
+-- 'kinesisStreamArn', 'userAccessLoggingSettings_kinesisStreamArn' - The ARN of the Kinesis stream.
+--
+-- 'userAccessLoggingSettingsArn', 'userAccessLoggingSettings_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newUserAccessLoggingSettings ::
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  UserAccessLoggingSettings
+newUserAccessLoggingSettings
+  pUserAccessLoggingSettingsArn_ =
+    UserAccessLoggingSettings'
+      { associatedPortalArns =
+          Prelude.Nothing,
+        kinesisStreamArn = Prelude.Nothing,
+        userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | A list of web portal ARNs that this user access logging settings is
+-- associated with.
+userAccessLoggingSettings_associatedPortalArns :: Lens.Lens' UserAccessLoggingSettings (Prelude.Maybe [Prelude.Text])
+userAccessLoggingSettings_associatedPortalArns = Lens.lens (\UserAccessLoggingSettings' {associatedPortalArns} -> associatedPortalArns) (\s@UserAccessLoggingSettings' {} a -> s {associatedPortalArns = a} :: UserAccessLoggingSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | The ARN of the Kinesis stream.
+userAccessLoggingSettings_kinesisStreamArn :: Lens.Lens' UserAccessLoggingSettings (Prelude.Maybe Prelude.Text)
+userAccessLoggingSettings_kinesisStreamArn = Lens.lens (\UserAccessLoggingSettings' {kinesisStreamArn} -> kinesisStreamArn) (\s@UserAccessLoggingSettings' {} a -> s {kinesisStreamArn = a} :: UserAccessLoggingSettings)
+
+-- | The ARN of the user access logging settings.
+userAccessLoggingSettings_userAccessLoggingSettingsArn :: Lens.Lens' UserAccessLoggingSettings Prelude.Text
+userAccessLoggingSettings_userAccessLoggingSettingsArn = Lens.lens (\UserAccessLoggingSettings' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@UserAccessLoggingSettings' {} a -> s {userAccessLoggingSettingsArn = a} :: UserAccessLoggingSettings)
+
+instance Data.FromJSON UserAccessLoggingSettings where
+  parseJSON =
+    Data.withObject
+      "UserAccessLoggingSettings"
+      ( \x ->
+          UserAccessLoggingSettings'
+            Prelude.<$> ( x
+                            Data..:? "associatedPortalArns"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "kinesisStreamArn")
+            Prelude.<*> (x Data..: "userAccessLoggingSettingsArn")
+      )
+
+instance Prelude.Hashable UserAccessLoggingSettings where
+  hashWithSalt _salt UserAccessLoggingSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` associatedPortalArns
+      `Prelude.hashWithSalt` kinesisStreamArn
+      `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+
+instance Prelude.NFData UserAccessLoggingSettings where
+  rnf UserAccessLoggingSettings' {..} =
+    Prelude.rnf associatedPortalArns
+      `Prelude.seq` Prelude.rnf kinesisStreamArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/UserAccessLoggingSettingsSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/UserAccessLoggingSettingsSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/UserAccessLoggingSettingsSummary.hs
@@ -0,0 +1,97 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettingsSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.UserAccessLoggingSettingsSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+
+-- | The summary of user access logging settings.
+--
+-- /See:/ 'newUserAccessLoggingSettingsSummary' smart constructor.
+data UserAccessLoggingSettingsSummary = UserAccessLoggingSettingsSummary'
+  { -- | The ARN of the Kinesis stream.
+    kinesisStreamArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UserAccessLoggingSettingsSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'kinesisStreamArn', 'userAccessLoggingSettingsSummary_kinesisStreamArn' - The ARN of the Kinesis stream.
+--
+-- 'userAccessLoggingSettingsArn', 'userAccessLoggingSettingsSummary_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newUserAccessLoggingSettingsSummary ::
+  UserAccessLoggingSettingsSummary
+newUserAccessLoggingSettingsSummary =
+  UserAccessLoggingSettingsSummary'
+    { kinesisStreamArn =
+        Prelude.Nothing,
+      userAccessLoggingSettingsArn =
+        Prelude.Nothing
+    }
+
+-- | The ARN of the Kinesis stream.
+userAccessLoggingSettingsSummary_kinesisStreamArn :: Lens.Lens' UserAccessLoggingSettingsSummary (Prelude.Maybe Prelude.Text)
+userAccessLoggingSettingsSummary_kinesisStreamArn = Lens.lens (\UserAccessLoggingSettingsSummary' {kinesisStreamArn} -> kinesisStreamArn) (\s@UserAccessLoggingSettingsSummary' {} a -> s {kinesisStreamArn = a} :: UserAccessLoggingSettingsSummary)
+
+-- | The ARN of the user access logging settings.
+userAccessLoggingSettingsSummary_userAccessLoggingSettingsArn :: Lens.Lens' UserAccessLoggingSettingsSummary (Prelude.Maybe Prelude.Text)
+userAccessLoggingSettingsSummary_userAccessLoggingSettingsArn = Lens.lens (\UserAccessLoggingSettingsSummary' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@UserAccessLoggingSettingsSummary' {} a -> s {userAccessLoggingSettingsArn = a} :: UserAccessLoggingSettingsSummary)
+
+instance
+  Data.FromJSON
+    UserAccessLoggingSettingsSummary
+  where
+  parseJSON =
+    Data.withObject
+      "UserAccessLoggingSettingsSummary"
+      ( \x ->
+          UserAccessLoggingSettingsSummary'
+            Prelude.<$> (x Data..:? "kinesisStreamArn")
+            Prelude.<*> (x Data..:? "userAccessLoggingSettingsArn")
+      )
+
+instance
+  Prelude.Hashable
+    UserAccessLoggingSettingsSummary
+  where
+  hashWithSalt
+    _salt
+    UserAccessLoggingSettingsSummary' {..} =
+      _salt
+        `Prelude.hashWithSalt` kinesisStreamArn
+        `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+
+instance
+  Prelude.NFData
+    UserAccessLoggingSettingsSummary
+  where
+  rnf UserAccessLoggingSettingsSummary' {..} =
+    Prelude.rnf kinesisStreamArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/UserSettings.hs b/gen/Amazonka/WorkSpacesWeb/Types/UserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/UserSettings.hs
@@ -0,0 +1,198 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.UserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.UserSettings where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Types.EnabledType
+
+-- | A user settings resource that can be associated with a web portal. Once
+-- associated with a web portal, user settings control how users can
+-- transfer data between a streaming session and the their local devices.
+--
+-- /See:/ 'newUserSettings' smart constructor.
+data UserSettings = UserSettings'
+  { -- | A list of web portal ARNs that this user settings is associated with.
+    associatedPortalArns :: Prelude.Maybe [Prelude.Text],
+    -- | Specifies whether the user can copy text from the streaming session to
+    -- the local device.
+    copyAllowed :: Prelude.Maybe EnabledType,
+    -- | The amount of time that a streaming session remains active after users
+    -- disconnect.
+    disconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | Specifies whether the user can download files from the streaming session
+    -- to the local device.
+    downloadAllowed :: Prelude.Maybe EnabledType,
+    -- | The amount of time that users can be idle (inactive) before they are
+    -- disconnected from their streaming session and the disconnect timeout
+    -- interval begins.
+    idleDisconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | Specifies whether the user can paste text from the local device to the
+    -- streaming session.
+    pasteAllowed :: Prelude.Maybe EnabledType,
+    -- | Specifies whether the user can print to the local device.
+    printAllowed :: Prelude.Maybe EnabledType,
+    -- | Specifies whether the user can upload files from the local device to the
+    -- streaming session.
+    uploadAllowed :: Prelude.Maybe EnabledType,
+    -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'associatedPortalArns', 'userSettings_associatedPortalArns' - A list of web portal ARNs that this user settings is associated with.
+--
+-- 'copyAllowed', 'userSettings_copyAllowed' - Specifies whether the user can copy text from the streaming session to
+-- the local device.
+--
+-- 'disconnectTimeoutInMinutes', 'userSettings_disconnectTimeoutInMinutes' - The amount of time that a streaming session remains active after users
+-- disconnect.
+--
+-- 'downloadAllowed', 'userSettings_downloadAllowed' - Specifies whether the user can download files from the streaming session
+-- to the local device.
+--
+-- 'idleDisconnectTimeoutInMinutes', 'userSettings_idleDisconnectTimeoutInMinutes' - The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+--
+-- 'pasteAllowed', 'userSettings_pasteAllowed' - Specifies whether the user can paste text from the local device to the
+-- streaming session.
+--
+-- 'printAllowed', 'userSettings_printAllowed' - Specifies whether the user can print to the local device.
+--
+-- 'uploadAllowed', 'userSettings_uploadAllowed' - Specifies whether the user can upload files from the local device to the
+-- streaming session.
+--
+-- 'userSettingsArn', 'userSettings_userSettingsArn' - The ARN of the user settings.
+newUserSettings ::
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  UserSettings
+newUserSettings pUserSettingsArn_ =
+  UserSettings'
+    { associatedPortalArns =
+        Prelude.Nothing,
+      copyAllowed = Prelude.Nothing,
+      disconnectTimeoutInMinutes = Prelude.Nothing,
+      downloadAllowed = Prelude.Nothing,
+      idleDisconnectTimeoutInMinutes = Prelude.Nothing,
+      pasteAllowed = Prelude.Nothing,
+      printAllowed = Prelude.Nothing,
+      uploadAllowed = Prelude.Nothing,
+      userSettingsArn = pUserSettingsArn_
+    }
+
+-- | A list of web portal ARNs that this user settings is associated with.
+userSettings_associatedPortalArns :: Lens.Lens' UserSettings (Prelude.Maybe [Prelude.Text])
+userSettings_associatedPortalArns = Lens.lens (\UserSettings' {associatedPortalArns} -> associatedPortalArns) (\s@UserSettings' {} a -> s {associatedPortalArns = a} :: UserSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | Specifies whether the user can copy text from the streaming session to
+-- the local device.
+userSettings_copyAllowed :: Lens.Lens' UserSettings (Prelude.Maybe EnabledType)
+userSettings_copyAllowed = Lens.lens (\UserSettings' {copyAllowed} -> copyAllowed) (\s@UserSettings' {} a -> s {copyAllowed = a} :: UserSettings)
+
+-- | The amount of time that a streaming session remains active after users
+-- disconnect.
+userSettings_disconnectTimeoutInMinutes :: Lens.Lens' UserSettings (Prelude.Maybe Prelude.Natural)
+userSettings_disconnectTimeoutInMinutes = Lens.lens (\UserSettings' {disconnectTimeoutInMinutes} -> disconnectTimeoutInMinutes) (\s@UserSettings' {} a -> s {disconnectTimeoutInMinutes = a} :: UserSettings)
+
+-- | Specifies whether the user can download files from the streaming session
+-- to the local device.
+userSettings_downloadAllowed :: Lens.Lens' UserSettings (Prelude.Maybe EnabledType)
+userSettings_downloadAllowed = Lens.lens (\UserSettings' {downloadAllowed} -> downloadAllowed) (\s@UserSettings' {} a -> s {downloadAllowed = a} :: UserSettings)
+
+-- | The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+userSettings_idleDisconnectTimeoutInMinutes :: Lens.Lens' UserSettings (Prelude.Maybe Prelude.Natural)
+userSettings_idleDisconnectTimeoutInMinutes = Lens.lens (\UserSettings' {idleDisconnectTimeoutInMinutes} -> idleDisconnectTimeoutInMinutes) (\s@UserSettings' {} a -> s {idleDisconnectTimeoutInMinutes = a} :: UserSettings)
+
+-- | Specifies whether the user can paste text from the local device to the
+-- streaming session.
+userSettings_pasteAllowed :: Lens.Lens' UserSettings (Prelude.Maybe EnabledType)
+userSettings_pasteAllowed = Lens.lens (\UserSettings' {pasteAllowed} -> pasteAllowed) (\s@UserSettings' {} a -> s {pasteAllowed = a} :: UserSettings)
+
+-- | Specifies whether the user can print to the local device.
+userSettings_printAllowed :: Lens.Lens' UserSettings (Prelude.Maybe EnabledType)
+userSettings_printAllowed = Lens.lens (\UserSettings' {printAllowed} -> printAllowed) (\s@UserSettings' {} a -> s {printAllowed = a} :: UserSettings)
+
+-- | Specifies whether the user can upload files from the local device to the
+-- streaming session.
+userSettings_uploadAllowed :: Lens.Lens' UserSettings (Prelude.Maybe EnabledType)
+userSettings_uploadAllowed = Lens.lens (\UserSettings' {uploadAllowed} -> uploadAllowed) (\s@UserSettings' {} a -> s {uploadAllowed = a} :: UserSettings)
+
+-- | The ARN of the user settings.
+userSettings_userSettingsArn :: Lens.Lens' UserSettings Prelude.Text
+userSettings_userSettingsArn = Lens.lens (\UserSettings' {userSettingsArn} -> userSettingsArn) (\s@UserSettings' {} a -> s {userSettingsArn = a} :: UserSettings)
+
+instance Data.FromJSON UserSettings where
+  parseJSON =
+    Data.withObject
+      "UserSettings"
+      ( \x ->
+          UserSettings'
+            Prelude.<$> ( x
+                            Data..:? "associatedPortalArns"
+                            Data..!= Prelude.mempty
+                        )
+            Prelude.<*> (x Data..:? "copyAllowed")
+            Prelude.<*> (x Data..:? "disconnectTimeoutInMinutes")
+            Prelude.<*> (x Data..:? "downloadAllowed")
+            Prelude.<*> (x Data..:? "idleDisconnectTimeoutInMinutes")
+            Prelude.<*> (x Data..:? "pasteAllowed")
+            Prelude.<*> (x Data..:? "printAllowed")
+            Prelude.<*> (x Data..:? "uploadAllowed")
+            Prelude.<*> (x Data..: "userSettingsArn")
+      )
+
+instance Prelude.Hashable UserSettings where
+  hashWithSalt _salt UserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` associatedPortalArns
+      `Prelude.hashWithSalt` copyAllowed
+      `Prelude.hashWithSalt` disconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` downloadAllowed
+      `Prelude.hashWithSalt` idleDisconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` pasteAllowed
+      `Prelude.hashWithSalt` printAllowed
+      `Prelude.hashWithSalt` uploadAllowed
+      `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData UserSettings where
+  rnf UserSettings' {..} =
+    Prelude.rnf associatedPortalArns
+      `Prelude.seq` Prelude.rnf copyAllowed
+      `Prelude.seq` Prelude.rnf disconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf downloadAllowed
+      `Prelude.seq` Prelude.rnf idleDisconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf pasteAllowed
+      `Prelude.seq` Prelude.rnf printAllowed
+      `Prelude.seq` Prelude.rnf uploadAllowed
+      `Prelude.seq` Prelude.rnf userSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/Types/UserSettingsSummary.hs b/gen/Amazonka/WorkSpacesWeb/Types/UserSettingsSummary.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Types/UserSettingsSummary.hs
@@ -0,0 +1,178 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Types.UserSettingsSummary
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Types.UserSettingsSummary where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Types.EnabledType
+
+-- | The summary of user settings.
+--
+-- /See:/ 'newUserSettingsSummary' smart constructor.
+data UserSettingsSummary = UserSettingsSummary'
+  { -- | Specifies whether the user can copy text from the streaming session to
+    -- the local device.
+    copyAllowed :: Prelude.Maybe EnabledType,
+    -- | The amount of time that a streaming session remains active after users
+    -- disconnect.
+    disconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | Specifies whether the user can download files from the streaming session
+    -- to the local device.
+    downloadAllowed :: Prelude.Maybe EnabledType,
+    -- | The amount of time that users can be idle (inactive) before they are
+    -- disconnected from their streaming session and the disconnect timeout
+    -- interval begins.
+    idleDisconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | Specifies whether the user can paste text from the local device to the
+    -- streaming session.
+    pasteAllowed :: Prelude.Maybe EnabledType,
+    -- | Specifies whether the user can print to the local device.
+    printAllowed :: Prelude.Maybe EnabledType,
+    -- | Specifies whether the user can upload files from the local device to the
+    -- streaming session.
+    uploadAllowed :: Prelude.Maybe EnabledType,
+    -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Maybe Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UserSettingsSummary' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'copyAllowed', 'userSettingsSummary_copyAllowed' - Specifies whether the user can copy text from the streaming session to
+-- the local device.
+--
+-- 'disconnectTimeoutInMinutes', 'userSettingsSummary_disconnectTimeoutInMinutes' - The amount of time that a streaming session remains active after users
+-- disconnect.
+--
+-- 'downloadAllowed', 'userSettingsSummary_downloadAllowed' - Specifies whether the user can download files from the streaming session
+-- to the local device.
+--
+-- 'idleDisconnectTimeoutInMinutes', 'userSettingsSummary_idleDisconnectTimeoutInMinutes' - The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+--
+-- 'pasteAllowed', 'userSettingsSummary_pasteAllowed' - Specifies whether the user can paste text from the local device to the
+-- streaming session.
+--
+-- 'printAllowed', 'userSettingsSummary_printAllowed' - Specifies whether the user can print to the local device.
+--
+-- 'uploadAllowed', 'userSettingsSummary_uploadAllowed' - Specifies whether the user can upload files from the local device to the
+-- streaming session.
+--
+-- 'userSettingsArn', 'userSettingsSummary_userSettingsArn' - The ARN of the user settings.
+newUserSettingsSummary ::
+  UserSettingsSummary
+newUserSettingsSummary =
+  UserSettingsSummary'
+    { copyAllowed = Prelude.Nothing,
+      disconnectTimeoutInMinutes = Prelude.Nothing,
+      downloadAllowed = Prelude.Nothing,
+      idleDisconnectTimeoutInMinutes = Prelude.Nothing,
+      pasteAllowed = Prelude.Nothing,
+      printAllowed = Prelude.Nothing,
+      uploadAllowed = Prelude.Nothing,
+      userSettingsArn = Prelude.Nothing
+    }
+
+-- | Specifies whether the user can copy text from the streaming session to
+-- the local device.
+userSettingsSummary_copyAllowed :: Lens.Lens' UserSettingsSummary (Prelude.Maybe EnabledType)
+userSettingsSummary_copyAllowed = Lens.lens (\UserSettingsSummary' {copyAllowed} -> copyAllowed) (\s@UserSettingsSummary' {} a -> s {copyAllowed = a} :: UserSettingsSummary)
+
+-- | The amount of time that a streaming session remains active after users
+-- disconnect.
+userSettingsSummary_disconnectTimeoutInMinutes :: Lens.Lens' UserSettingsSummary (Prelude.Maybe Prelude.Natural)
+userSettingsSummary_disconnectTimeoutInMinutes = Lens.lens (\UserSettingsSummary' {disconnectTimeoutInMinutes} -> disconnectTimeoutInMinutes) (\s@UserSettingsSummary' {} a -> s {disconnectTimeoutInMinutes = a} :: UserSettingsSummary)
+
+-- | Specifies whether the user can download files from the streaming session
+-- to the local device.
+userSettingsSummary_downloadAllowed :: Lens.Lens' UserSettingsSummary (Prelude.Maybe EnabledType)
+userSettingsSummary_downloadAllowed = Lens.lens (\UserSettingsSummary' {downloadAllowed} -> downloadAllowed) (\s@UserSettingsSummary' {} a -> s {downloadAllowed = a} :: UserSettingsSummary)
+
+-- | The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+userSettingsSummary_idleDisconnectTimeoutInMinutes :: Lens.Lens' UserSettingsSummary (Prelude.Maybe Prelude.Natural)
+userSettingsSummary_idleDisconnectTimeoutInMinutes = Lens.lens (\UserSettingsSummary' {idleDisconnectTimeoutInMinutes} -> idleDisconnectTimeoutInMinutes) (\s@UserSettingsSummary' {} a -> s {idleDisconnectTimeoutInMinutes = a} :: UserSettingsSummary)
+
+-- | Specifies whether the user can paste text from the local device to the
+-- streaming session.
+userSettingsSummary_pasteAllowed :: Lens.Lens' UserSettingsSummary (Prelude.Maybe EnabledType)
+userSettingsSummary_pasteAllowed = Lens.lens (\UserSettingsSummary' {pasteAllowed} -> pasteAllowed) (\s@UserSettingsSummary' {} a -> s {pasteAllowed = a} :: UserSettingsSummary)
+
+-- | Specifies whether the user can print to the local device.
+userSettingsSummary_printAllowed :: Lens.Lens' UserSettingsSummary (Prelude.Maybe EnabledType)
+userSettingsSummary_printAllowed = Lens.lens (\UserSettingsSummary' {printAllowed} -> printAllowed) (\s@UserSettingsSummary' {} a -> s {printAllowed = a} :: UserSettingsSummary)
+
+-- | Specifies whether the user can upload files from the local device to the
+-- streaming session.
+userSettingsSummary_uploadAllowed :: Lens.Lens' UserSettingsSummary (Prelude.Maybe EnabledType)
+userSettingsSummary_uploadAllowed = Lens.lens (\UserSettingsSummary' {uploadAllowed} -> uploadAllowed) (\s@UserSettingsSummary' {} a -> s {uploadAllowed = a} :: UserSettingsSummary)
+
+-- | The ARN of the user settings.
+userSettingsSummary_userSettingsArn :: Lens.Lens' UserSettingsSummary (Prelude.Maybe Prelude.Text)
+userSettingsSummary_userSettingsArn = Lens.lens (\UserSettingsSummary' {userSettingsArn} -> userSettingsArn) (\s@UserSettingsSummary' {} a -> s {userSettingsArn = a} :: UserSettingsSummary)
+
+instance Data.FromJSON UserSettingsSummary where
+  parseJSON =
+    Data.withObject
+      "UserSettingsSummary"
+      ( \x ->
+          UserSettingsSummary'
+            Prelude.<$> (x Data..:? "copyAllowed")
+            Prelude.<*> (x Data..:? "disconnectTimeoutInMinutes")
+            Prelude.<*> (x Data..:? "downloadAllowed")
+            Prelude.<*> (x Data..:? "idleDisconnectTimeoutInMinutes")
+            Prelude.<*> (x Data..:? "pasteAllowed")
+            Prelude.<*> (x Data..:? "printAllowed")
+            Prelude.<*> (x Data..:? "uploadAllowed")
+            Prelude.<*> (x Data..:? "userSettingsArn")
+      )
+
+instance Prelude.Hashable UserSettingsSummary where
+  hashWithSalt _salt UserSettingsSummary' {..} =
+    _salt
+      `Prelude.hashWithSalt` copyAllowed
+      `Prelude.hashWithSalt` disconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` downloadAllowed
+      `Prelude.hashWithSalt` idleDisconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` pasteAllowed
+      `Prelude.hashWithSalt` printAllowed
+      `Prelude.hashWithSalt` uploadAllowed
+      `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData UserSettingsSummary where
+  rnf UserSettingsSummary' {..} =
+    Prelude.rnf copyAllowed
+      `Prelude.seq` Prelude.rnf disconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf downloadAllowed
+      `Prelude.seq` Prelude.rnf idleDisconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf pasteAllowed
+      `Prelude.seq` Prelude.rnf printAllowed
+      `Prelude.seq` Prelude.rnf uploadAllowed
+      `Prelude.seq` Prelude.rnf userSettingsArn
diff --git a/gen/Amazonka/WorkSpacesWeb/UntagResource.hs b/gen/Amazonka/WorkSpacesWeb/UntagResource.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UntagResource.hs
@@ -0,0 +1,161 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UntagResource
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Removes one or more tags from the specified resource.
+module Amazonka.WorkSpacesWeb.UntagResource
+  ( -- * Creating a Request
+    UntagResource (..),
+    newUntagResource,
+
+    -- * Request Lenses
+    untagResource_resourceArn,
+    untagResource_tagKeys,
+
+    -- * Destructuring the Response
+    UntagResourceResponse (..),
+    newUntagResourceResponse,
+
+    -- * Response Lenses
+    untagResourceResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUntagResource' smart constructor.
+data UntagResource = UntagResource'
+  { -- | The ARN of the resource.
+    resourceArn :: Prelude.Text,
+    -- | The list of tag keys to remove from the resource.
+    tagKeys :: [Data.Sensitive Prelude.Text]
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UntagResource' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'resourceArn', 'untagResource_resourceArn' - The ARN of the resource.
+--
+-- 'tagKeys', 'untagResource_tagKeys' - The list of tag keys to remove from the resource.
+newUntagResource ::
+  -- | 'resourceArn'
+  Prelude.Text ->
+  UntagResource
+newUntagResource pResourceArn_ =
+  UntagResource'
+    { resourceArn = pResourceArn_,
+      tagKeys = Prelude.mempty
+    }
+
+-- | The ARN of the resource.
+untagResource_resourceArn :: Lens.Lens' UntagResource Prelude.Text
+untagResource_resourceArn = Lens.lens (\UntagResource' {resourceArn} -> resourceArn) (\s@UntagResource' {} a -> s {resourceArn = a} :: UntagResource)
+
+-- | The list of tag keys to remove from the resource.
+untagResource_tagKeys :: Lens.Lens' UntagResource [Prelude.Text]
+untagResource_tagKeys = Lens.lens (\UntagResource' {tagKeys} -> tagKeys) (\s@UntagResource' {} a -> s {tagKeys = a} :: UntagResource) Prelude.. Lens.coerced
+
+instance Core.AWSRequest UntagResource where
+  type
+    AWSResponse UntagResource =
+      UntagResourceResponse
+  request overrides =
+    Request.delete (overrides defaultService)
+  response =
+    Response.receiveEmpty
+      ( \s h x ->
+          UntagResourceResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UntagResource where
+  hashWithSalt _salt UntagResource' {..} =
+    _salt
+      `Prelude.hashWithSalt` resourceArn
+      `Prelude.hashWithSalt` tagKeys
+
+instance Prelude.NFData UntagResource where
+  rnf UntagResource' {..} =
+    Prelude.rnf resourceArn
+      `Prelude.seq` Prelude.rnf tagKeys
+
+instance Data.ToHeaders UntagResource where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToPath UntagResource where
+  toPath UntagResource' {..} =
+    Prelude.mconcat ["/tags/", Data.toBS resourceArn]
+
+instance Data.ToQuery UntagResource where
+  toQuery UntagResource' {..} =
+    Prelude.mconcat
+      ["tagKeys" Data.=: Data.toQueryList "member" tagKeys]
+
+-- | /See:/ 'newUntagResourceResponse' smart constructor.
+data UntagResourceResponse = UntagResourceResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UntagResourceResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'untagResourceResponse_httpStatus' - The response's http status code.
+newUntagResourceResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UntagResourceResponse
+newUntagResourceResponse pHttpStatus_ =
+  UntagResourceResponse' {httpStatus = pHttpStatus_}
+
+-- | The response's http status code.
+untagResourceResponse_httpStatus :: Lens.Lens' UntagResourceResponse Prelude.Int
+untagResourceResponse_httpStatus = Lens.lens (\UntagResourceResponse' {httpStatus} -> httpStatus) (\s@UntagResourceResponse' {} a -> s {httpStatus = a} :: UntagResourceResponse)
+
+instance Prelude.NFData UntagResourceResponse where
+  rnf UntagResourceResponse' {..} =
+    Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdateBrowserSettings.hs b/gen/Amazonka/WorkSpacesWeb/UpdateBrowserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdateBrowserSettings.hs
@@ -0,0 +1,225 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdateBrowserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates browser settings.
+module Amazonka.WorkSpacesWeb.UpdateBrowserSettings
+  ( -- * Creating a Request
+    UpdateBrowserSettings (..),
+    newUpdateBrowserSettings,
+
+    -- * Request Lenses
+    updateBrowserSettings_browserPolicy,
+    updateBrowserSettings_clientToken,
+    updateBrowserSettings_browserSettingsArn,
+
+    -- * Destructuring the Response
+    UpdateBrowserSettingsResponse (..),
+    newUpdateBrowserSettingsResponse,
+
+    -- * Response Lenses
+    updateBrowserSettingsResponse_httpStatus,
+    updateBrowserSettingsResponse_browserSettings,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdateBrowserSettings' smart constructor.
+data UpdateBrowserSettings = UpdateBrowserSettings'
+  { -- | A JSON string containing Chrome Enterprise policies that will be applied
+    -- to all streaming sessions.
+    browserPolicy :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- return the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the browser settings.
+    browserSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateBrowserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'browserPolicy', 'updateBrowserSettings_browserPolicy' - A JSON string containing Chrome Enterprise policies that will be applied
+-- to all streaming sessions.
+--
+-- 'clientToken', 'updateBrowserSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'browserSettingsArn', 'updateBrowserSettings_browserSettingsArn' - The ARN of the browser settings.
+newUpdateBrowserSettings ::
+  -- | 'browserSettingsArn'
+  Prelude.Text ->
+  UpdateBrowserSettings
+newUpdateBrowserSettings pBrowserSettingsArn_ =
+  UpdateBrowserSettings'
+    { browserPolicy =
+        Prelude.Nothing,
+      clientToken = Prelude.Nothing,
+      browserSettingsArn = pBrowserSettingsArn_
+    }
+
+-- | A JSON string containing Chrome Enterprise policies that will be applied
+-- to all streaming sessions.
+updateBrowserSettings_browserPolicy :: Lens.Lens' UpdateBrowserSettings (Prelude.Maybe Prelude.Text)
+updateBrowserSettings_browserPolicy = Lens.lens (\UpdateBrowserSettings' {browserPolicy} -> browserPolicy) (\s@UpdateBrowserSettings' {} a -> s {browserPolicy = a} :: UpdateBrowserSettings) Prelude.. Lens.mapping Data._Sensitive
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+updateBrowserSettings_clientToken :: Lens.Lens' UpdateBrowserSettings (Prelude.Maybe Prelude.Text)
+updateBrowserSettings_clientToken = Lens.lens (\UpdateBrowserSettings' {clientToken} -> clientToken) (\s@UpdateBrowserSettings' {} a -> s {clientToken = a} :: UpdateBrowserSettings)
+
+-- | The ARN of the browser settings.
+updateBrowserSettings_browserSettingsArn :: Lens.Lens' UpdateBrowserSettings Prelude.Text
+updateBrowserSettings_browserSettingsArn = Lens.lens (\UpdateBrowserSettings' {browserSettingsArn} -> browserSettingsArn) (\s@UpdateBrowserSettings' {} a -> s {browserSettingsArn = a} :: UpdateBrowserSettings)
+
+instance Core.AWSRequest UpdateBrowserSettings where
+  type
+    AWSResponse UpdateBrowserSettings =
+      UpdateBrowserSettingsResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateBrowserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "browserSettings")
+      )
+
+instance Prelude.Hashable UpdateBrowserSettings where
+  hashWithSalt _salt UpdateBrowserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` browserPolicy
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` browserSettingsArn
+
+instance Prelude.NFData UpdateBrowserSettings where
+  rnf UpdateBrowserSettings' {..} =
+    Prelude.rnf browserPolicy
+      `Prelude.seq` Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf browserSettingsArn
+
+instance Data.ToHeaders UpdateBrowserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateBrowserSettings where
+  toJSON UpdateBrowserSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("browserPolicy" Data..=) Prelude.<$> browserPolicy,
+            ("clientToken" Data..=) Prelude.<$> clientToken
+          ]
+      )
+
+instance Data.ToPath UpdateBrowserSettings where
+  toPath UpdateBrowserSettings' {..} =
+    Prelude.mconcat
+      ["/browserSettings/", Data.toBS browserSettingsArn]
+
+instance Data.ToQuery UpdateBrowserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateBrowserSettingsResponse' smart constructor.
+data UpdateBrowserSettingsResponse = UpdateBrowserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The browser settings.
+    browserSettings :: BrowserSettings
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateBrowserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateBrowserSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'browserSettings', 'updateBrowserSettingsResponse_browserSettings' - The browser settings.
+newUpdateBrowserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'browserSettings'
+  BrowserSettings ->
+  UpdateBrowserSettingsResponse
+newUpdateBrowserSettingsResponse
+  pHttpStatus_
+  pBrowserSettings_ =
+    UpdateBrowserSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        browserSettings = pBrowserSettings_
+      }
+
+-- | The response's http status code.
+updateBrowserSettingsResponse_httpStatus :: Lens.Lens' UpdateBrowserSettingsResponse Prelude.Int
+updateBrowserSettingsResponse_httpStatus = Lens.lens (\UpdateBrowserSettingsResponse' {httpStatus} -> httpStatus) (\s@UpdateBrowserSettingsResponse' {} a -> s {httpStatus = a} :: UpdateBrowserSettingsResponse)
+
+-- | The browser settings.
+updateBrowserSettingsResponse_browserSettings :: Lens.Lens' UpdateBrowserSettingsResponse BrowserSettings
+updateBrowserSettingsResponse_browserSettings = Lens.lens (\UpdateBrowserSettingsResponse' {browserSettings} -> browserSettings) (\s@UpdateBrowserSettingsResponse' {} a -> s {browserSettings = a} :: UpdateBrowserSettingsResponse)
+
+instance Prelude.NFData UpdateBrowserSettingsResponse where
+  rnf UpdateBrowserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf browserSettings
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdateIdentityProvider.hs b/gen/Amazonka/WorkSpacesWeb/UpdateIdentityProvider.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdateIdentityProvider.hs
@@ -0,0 +1,439 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdateIdentityProvider
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the identity provider.
+module Amazonka.WorkSpacesWeb.UpdateIdentityProvider
+  ( -- * Creating a Request
+    UpdateIdentityProvider (..),
+    newUpdateIdentityProvider,
+
+    -- * Request Lenses
+    updateIdentityProvider_clientToken,
+    updateIdentityProvider_identityProviderDetails,
+    updateIdentityProvider_identityProviderName,
+    updateIdentityProvider_identityProviderType,
+    updateIdentityProvider_identityProviderArn,
+
+    -- * Destructuring the Response
+    UpdateIdentityProviderResponse (..),
+    newUpdateIdentityProviderResponse,
+
+    -- * Response Lenses
+    updateIdentityProviderResponse_httpStatus,
+    updateIdentityProviderResponse_identityProvider,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdateIdentityProvider' smart constructor.
+data UpdateIdentityProvider = UpdateIdentityProvider'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- return the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The details of the identity provider. The following list describes the
+    -- provider detail keys for each identity provider type.
+    --
+    -- -   For Google and Login with Amazon:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @authorize_scopes@
+    --
+    -- -   For Facebook:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @authorize_scopes@
+    --
+    --     -   @api_version@
+    --
+    -- -   For Sign in with Apple:
+    --
+    --     -   @client_id@
+    --
+    --     -   @team_id@
+    --
+    --     -   @key_id@
+    --
+    --     -   @private_key@
+    --
+    --     -   @authorize_scopes@
+    --
+    -- -   For OIDC providers:
+    --
+    --     -   @client_id@
+    --
+    --     -   @client_secret@
+    --
+    --     -   @attributes_request_method@
+    --
+    --     -   @oidc_issuer@
+    --
+    --     -   @authorize_scopes@
+    --
+    --     -   @authorize_url@ /if not available from discovery URL specified
+    --         by @oidc_issuer@ key/
+    --
+    --     -   @token_url@ /if not available from discovery URL specified by
+    --         @oidc_issuer@ key/
+    --
+    --     -   @attributes_url@ /if not available from discovery URL specified
+    --         by @oidc_issuer@ key/
+    --
+    --     -   @jwks_uri@ /if not available from discovery URL specified by
+    --         @oidc_issuer@ key/
+    --
+    -- -   For SAML providers:
+    --
+    --     -   @MetadataFile@ OR @MetadataURL@
+    --
+    --     -   @IDPSignout@ (boolean) /optional/
+    identityProviderDetails :: Prelude.Maybe (Data.Sensitive (Prelude.HashMap Prelude.Text Prelude.Text)),
+    -- | The name of the identity provider.
+    identityProviderName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The type of the identity provider.
+    identityProviderType :: Prelude.Maybe IdentityProviderType,
+    -- | The ARN of the identity provider.
+    identityProviderArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateIdentityProvider' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'updateIdentityProvider_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'identityProviderDetails', 'updateIdentityProvider_identityProviderDetails' - The details of the identity provider. The following list describes the
+-- provider detail keys for each identity provider type.
+--
+-- -   For Google and Login with Amazon:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+-- -   For Facebook:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+--     -   @api_version@
+--
+-- -   For Sign in with Apple:
+--
+--     -   @client_id@
+--
+--     -   @team_id@
+--
+--     -   @key_id@
+--
+--     -   @private_key@
+--
+--     -   @authorize_scopes@
+--
+-- -   For OIDC providers:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @attributes_request_method@
+--
+--     -   @oidc_issuer@
+--
+--     -   @authorize_scopes@
+--
+--     -   @authorize_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @token_url@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+--     -   @attributes_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @jwks_uri@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+-- -   For SAML providers:
+--
+--     -   @MetadataFile@ OR @MetadataURL@
+--
+--     -   @IDPSignout@ (boolean) /optional/
+--
+-- 'identityProviderName', 'updateIdentityProvider_identityProviderName' - The name of the identity provider.
+--
+-- 'identityProviderType', 'updateIdentityProvider_identityProviderType' - The type of the identity provider.
+--
+-- 'identityProviderArn', 'updateIdentityProvider_identityProviderArn' - The ARN of the identity provider.
+newUpdateIdentityProvider ::
+  -- | 'identityProviderArn'
+  Prelude.Text ->
+  UpdateIdentityProvider
+newUpdateIdentityProvider pIdentityProviderArn_ =
+  UpdateIdentityProvider'
+    { clientToken =
+        Prelude.Nothing,
+      identityProviderDetails = Prelude.Nothing,
+      identityProviderName = Prelude.Nothing,
+      identityProviderType = Prelude.Nothing,
+      identityProviderArn = pIdentityProviderArn_
+    }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+updateIdentityProvider_clientToken :: Lens.Lens' UpdateIdentityProvider (Prelude.Maybe Prelude.Text)
+updateIdentityProvider_clientToken = Lens.lens (\UpdateIdentityProvider' {clientToken} -> clientToken) (\s@UpdateIdentityProvider' {} a -> s {clientToken = a} :: UpdateIdentityProvider)
+
+-- | The details of the identity provider. The following list describes the
+-- provider detail keys for each identity provider type.
+--
+-- -   For Google and Login with Amazon:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+-- -   For Facebook:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @authorize_scopes@
+--
+--     -   @api_version@
+--
+-- -   For Sign in with Apple:
+--
+--     -   @client_id@
+--
+--     -   @team_id@
+--
+--     -   @key_id@
+--
+--     -   @private_key@
+--
+--     -   @authorize_scopes@
+--
+-- -   For OIDC providers:
+--
+--     -   @client_id@
+--
+--     -   @client_secret@
+--
+--     -   @attributes_request_method@
+--
+--     -   @oidc_issuer@
+--
+--     -   @authorize_scopes@
+--
+--     -   @authorize_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @token_url@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+--     -   @attributes_url@ /if not available from discovery URL specified
+--         by @oidc_issuer@ key/
+--
+--     -   @jwks_uri@ /if not available from discovery URL specified by
+--         @oidc_issuer@ key/
+--
+-- -   For SAML providers:
+--
+--     -   @MetadataFile@ OR @MetadataURL@
+--
+--     -   @IDPSignout@ (boolean) /optional/
+updateIdentityProvider_identityProviderDetails :: Lens.Lens' UpdateIdentityProvider (Prelude.Maybe (Prelude.HashMap Prelude.Text Prelude.Text))
+updateIdentityProvider_identityProviderDetails = Lens.lens (\UpdateIdentityProvider' {identityProviderDetails} -> identityProviderDetails) (\s@UpdateIdentityProvider' {} a -> s {identityProviderDetails = a} :: UpdateIdentityProvider) Prelude.. Lens.mapping (Data._Sensitive Prelude.. Lens.coerced)
+
+-- | The name of the identity provider.
+updateIdentityProvider_identityProviderName :: Lens.Lens' UpdateIdentityProvider (Prelude.Maybe Prelude.Text)
+updateIdentityProvider_identityProviderName = Lens.lens (\UpdateIdentityProvider' {identityProviderName} -> identityProviderName) (\s@UpdateIdentityProvider' {} a -> s {identityProviderName = a} :: UpdateIdentityProvider) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The type of the identity provider.
+updateIdentityProvider_identityProviderType :: Lens.Lens' UpdateIdentityProvider (Prelude.Maybe IdentityProviderType)
+updateIdentityProvider_identityProviderType = Lens.lens (\UpdateIdentityProvider' {identityProviderType} -> identityProviderType) (\s@UpdateIdentityProvider' {} a -> s {identityProviderType = a} :: UpdateIdentityProvider)
+
+-- | The ARN of the identity provider.
+updateIdentityProvider_identityProviderArn :: Lens.Lens' UpdateIdentityProvider Prelude.Text
+updateIdentityProvider_identityProviderArn = Lens.lens (\UpdateIdentityProvider' {identityProviderArn} -> identityProviderArn) (\s@UpdateIdentityProvider' {} a -> s {identityProviderArn = a} :: UpdateIdentityProvider)
+
+instance Core.AWSRequest UpdateIdentityProvider where
+  type
+    AWSResponse UpdateIdentityProvider =
+      UpdateIdentityProviderResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateIdentityProviderResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "identityProvider")
+      )
+
+instance Prelude.Hashable UpdateIdentityProvider where
+  hashWithSalt _salt UpdateIdentityProvider' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` identityProviderDetails
+      `Prelude.hashWithSalt` identityProviderName
+      `Prelude.hashWithSalt` identityProviderType
+      `Prelude.hashWithSalt` identityProviderArn
+
+instance Prelude.NFData UpdateIdentityProvider where
+  rnf UpdateIdentityProvider' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf identityProviderDetails
+      `Prelude.seq` Prelude.rnf identityProviderName
+      `Prelude.seq` Prelude.rnf identityProviderType
+      `Prelude.seq` Prelude.rnf identityProviderArn
+
+instance Data.ToHeaders UpdateIdentityProvider where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateIdentityProvider where
+  toJSON UpdateIdentityProvider' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("identityProviderDetails" Data..=)
+              Prelude.<$> identityProviderDetails,
+            ("identityProviderName" Data..=)
+              Prelude.<$> identityProviderName,
+            ("identityProviderType" Data..=)
+              Prelude.<$> identityProviderType
+          ]
+      )
+
+instance Data.ToPath UpdateIdentityProvider where
+  toPath UpdateIdentityProvider' {..} =
+    Prelude.mconcat
+      [ "/identityProviders/",
+        Data.toBS identityProviderArn
+      ]
+
+instance Data.ToQuery UpdateIdentityProvider where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateIdentityProviderResponse' smart constructor.
+data UpdateIdentityProviderResponse = UpdateIdentityProviderResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The identity provider.
+    identityProvider :: IdentityProvider
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateIdentityProviderResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateIdentityProviderResponse_httpStatus' - The response's http status code.
+--
+-- 'identityProvider', 'updateIdentityProviderResponse_identityProvider' - The identity provider.
+newUpdateIdentityProviderResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'identityProvider'
+  IdentityProvider ->
+  UpdateIdentityProviderResponse
+newUpdateIdentityProviderResponse
+  pHttpStatus_
+  pIdentityProvider_ =
+    UpdateIdentityProviderResponse'
+      { httpStatus =
+          pHttpStatus_,
+        identityProvider = pIdentityProvider_
+      }
+
+-- | The response's http status code.
+updateIdentityProviderResponse_httpStatus :: Lens.Lens' UpdateIdentityProviderResponse Prelude.Int
+updateIdentityProviderResponse_httpStatus = Lens.lens (\UpdateIdentityProviderResponse' {httpStatus} -> httpStatus) (\s@UpdateIdentityProviderResponse' {} a -> s {httpStatus = a} :: UpdateIdentityProviderResponse)
+
+-- | The identity provider.
+updateIdentityProviderResponse_identityProvider :: Lens.Lens' UpdateIdentityProviderResponse IdentityProvider
+updateIdentityProviderResponse_identityProvider = Lens.lens (\UpdateIdentityProviderResponse' {identityProvider} -> identityProvider) (\s@UpdateIdentityProviderResponse' {} a -> s {identityProvider = a} :: UpdateIdentityProviderResponse)
+
+instance
+  Prelude.NFData
+    UpdateIdentityProviderResponse
+  where
+  rnf UpdateIdentityProviderResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf identityProvider
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdateNetworkSettings.hs b/gen/Amazonka/WorkSpacesWeb/UpdateNetworkSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdateNetworkSettings.hs
@@ -0,0 +1,258 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdateNetworkSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates network settings.
+module Amazonka.WorkSpacesWeb.UpdateNetworkSettings
+  ( -- * Creating a Request
+    UpdateNetworkSettings (..),
+    newUpdateNetworkSettings,
+
+    -- * Request Lenses
+    updateNetworkSettings_clientToken,
+    updateNetworkSettings_securityGroupIds,
+    updateNetworkSettings_subnetIds,
+    updateNetworkSettings_vpcId,
+    updateNetworkSettings_networkSettingsArn,
+
+    -- * Destructuring the Response
+    UpdateNetworkSettingsResponse (..),
+    newUpdateNetworkSettingsResponse,
+
+    -- * Response Lenses
+    updateNetworkSettingsResponse_httpStatus,
+    updateNetworkSettingsResponse_networkSettings,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdateNetworkSettings' smart constructor.
+data UpdateNetworkSettings = UpdateNetworkSettings'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- return the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | One or more security groups used to control access from streaming
+    -- instances to your VPC.
+    securityGroupIds :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | The subnets in which network interfaces are created to connect streaming
+    -- instances to your VPC. At least two of these subnets must be in
+    -- different availability zones.
+    subnetIds :: Prelude.Maybe (Prelude.NonEmpty Prelude.Text),
+    -- | The VPC that streaming instances will connect to.
+    vpcId :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the network settings.
+    networkSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateNetworkSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'updateNetworkSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'securityGroupIds', 'updateNetworkSettings_securityGroupIds' - One or more security groups used to control access from streaming
+-- instances to your VPC.
+--
+-- 'subnetIds', 'updateNetworkSettings_subnetIds' - The subnets in which network interfaces are created to connect streaming
+-- instances to your VPC. At least two of these subnets must be in
+-- different availability zones.
+--
+-- 'vpcId', 'updateNetworkSettings_vpcId' - The VPC that streaming instances will connect to.
+--
+-- 'networkSettingsArn', 'updateNetworkSettings_networkSettingsArn' - The ARN of the network settings.
+newUpdateNetworkSettings ::
+  -- | 'networkSettingsArn'
+  Prelude.Text ->
+  UpdateNetworkSettings
+newUpdateNetworkSettings pNetworkSettingsArn_ =
+  UpdateNetworkSettings'
+    { clientToken =
+        Prelude.Nothing,
+      securityGroupIds = Prelude.Nothing,
+      subnetIds = Prelude.Nothing,
+      vpcId = Prelude.Nothing,
+      networkSettingsArn = pNetworkSettingsArn_
+    }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+updateNetworkSettings_clientToken :: Lens.Lens' UpdateNetworkSettings (Prelude.Maybe Prelude.Text)
+updateNetworkSettings_clientToken = Lens.lens (\UpdateNetworkSettings' {clientToken} -> clientToken) (\s@UpdateNetworkSettings' {} a -> s {clientToken = a} :: UpdateNetworkSettings)
+
+-- | One or more security groups used to control access from streaming
+-- instances to your VPC.
+updateNetworkSettings_securityGroupIds :: Lens.Lens' UpdateNetworkSettings (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+updateNetworkSettings_securityGroupIds = Lens.lens (\UpdateNetworkSettings' {securityGroupIds} -> securityGroupIds) (\s@UpdateNetworkSettings' {} a -> s {securityGroupIds = a} :: UpdateNetworkSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | The subnets in which network interfaces are created to connect streaming
+-- instances to your VPC. At least two of these subnets must be in
+-- different availability zones.
+updateNetworkSettings_subnetIds :: Lens.Lens' UpdateNetworkSettings (Prelude.Maybe (Prelude.NonEmpty Prelude.Text))
+updateNetworkSettings_subnetIds = Lens.lens (\UpdateNetworkSettings' {subnetIds} -> subnetIds) (\s@UpdateNetworkSettings' {} a -> s {subnetIds = a} :: UpdateNetworkSettings) Prelude.. Lens.mapping Lens.coerced
+
+-- | The VPC that streaming instances will connect to.
+updateNetworkSettings_vpcId :: Lens.Lens' UpdateNetworkSettings (Prelude.Maybe Prelude.Text)
+updateNetworkSettings_vpcId = Lens.lens (\UpdateNetworkSettings' {vpcId} -> vpcId) (\s@UpdateNetworkSettings' {} a -> s {vpcId = a} :: UpdateNetworkSettings)
+
+-- | The ARN of the network settings.
+updateNetworkSettings_networkSettingsArn :: Lens.Lens' UpdateNetworkSettings Prelude.Text
+updateNetworkSettings_networkSettingsArn = Lens.lens (\UpdateNetworkSettings' {networkSettingsArn} -> networkSettingsArn) (\s@UpdateNetworkSettings' {} a -> s {networkSettingsArn = a} :: UpdateNetworkSettings)
+
+instance Core.AWSRequest UpdateNetworkSettings where
+  type
+    AWSResponse UpdateNetworkSettings =
+      UpdateNetworkSettingsResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateNetworkSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "networkSettings")
+      )
+
+instance Prelude.Hashable UpdateNetworkSettings where
+  hashWithSalt _salt UpdateNetworkSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` securityGroupIds
+      `Prelude.hashWithSalt` subnetIds
+      `Prelude.hashWithSalt` vpcId
+      `Prelude.hashWithSalt` networkSettingsArn
+
+instance Prelude.NFData UpdateNetworkSettings where
+  rnf UpdateNetworkSettings' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf securityGroupIds
+      `Prelude.seq` Prelude.rnf subnetIds
+      `Prelude.seq` Prelude.rnf vpcId
+      `Prelude.seq` Prelude.rnf networkSettingsArn
+
+instance Data.ToHeaders UpdateNetworkSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateNetworkSettings where
+  toJSON UpdateNetworkSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("securityGroupIds" Data..=)
+              Prelude.<$> securityGroupIds,
+            ("subnetIds" Data..=) Prelude.<$> subnetIds,
+            ("vpcId" Data..=) Prelude.<$> vpcId
+          ]
+      )
+
+instance Data.ToPath UpdateNetworkSettings where
+  toPath UpdateNetworkSettings' {..} =
+    Prelude.mconcat
+      ["/networkSettings/", Data.toBS networkSettingsArn]
+
+instance Data.ToQuery UpdateNetworkSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateNetworkSettingsResponse' smart constructor.
+data UpdateNetworkSettingsResponse = UpdateNetworkSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The network settings.
+    networkSettings :: NetworkSettings
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateNetworkSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateNetworkSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'networkSettings', 'updateNetworkSettingsResponse_networkSettings' - The network settings.
+newUpdateNetworkSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'networkSettings'
+  NetworkSettings ->
+  UpdateNetworkSettingsResponse
+newUpdateNetworkSettingsResponse
+  pHttpStatus_
+  pNetworkSettings_ =
+    UpdateNetworkSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        networkSettings = pNetworkSettings_
+      }
+
+-- | The response's http status code.
+updateNetworkSettingsResponse_httpStatus :: Lens.Lens' UpdateNetworkSettingsResponse Prelude.Int
+updateNetworkSettingsResponse_httpStatus = Lens.lens (\UpdateNetworkSettingsResponse' {httpStatus} -> httpStatus) (\s@UpdateNetworkSettingsResponse' {} a -> s {httpStatus = a} :: UpdateNetworkSettingsResponse)
+
+-- | The network settings.
+updateNetworkSettingsResponse_networkSettings :: Lens.Lens' UpdateNetworkSettingsResponse NetworkSettings
+updateNetworkSettingsResponse_networkSettings = Lens.lens (\UpdateNetworkSettingsResponse' {networkSettings} -> networkSettings) (\s@UpdateNetworkSettingsResponse' {} a -> s {networkSettings = a} :: UpdateNetworkSettingsResponse)
+
+instance Prelude.NFData UpdateNetworkSettingsResponse where
+  rnf UpdateNetworkSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf networkSettings
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdatePortal.hs b/gen/Amazonka/WorkSpacesWeb/UpdatePortal.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdatePortal.hs
@@ -0,0 +1,181 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdatePortal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates a web portal.
+module Amazonka.WorkSpacesWeb.UpdatePortal
+  ( -- * Creating a Request
+    UpdatePortal (..),
+    newUpdatePortal,
+
+    -- * Request Lenses
+    updatePortal_displayName,
+    updatePortal_portalArn,
+
+    -- * Destructuring the Response
+    UpdatePortalResponse (..),
+    newUpdatePortalResponse,
+
+    -- * Response Lenses
+    updatePortalResponse_portal,
+    updatePortalResponse_httpStatus,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdatePortal' smart constructor.
+data UpdatePortal = UpdatePortal'
+  { -- | The name of the web portal. This is not visible to users who log into
+    -- the web portal.
+    displayName :: Prelude.Maybe (Data.Sensitive Prelude.Text),
+    -- | The ARN of the web portal.
+    portalArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdatePortal' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'displayName', 'updatePortal_displayName' - The name of the web portal. This is not visible to users who log into
+-- the web portal.
+--
+-- 'portalArn', 'updatePortal_portalArn' - The ARN of the web portal.
+newUpdatePortal ::
+  -- | 'portalArn'
+  Prelude.Text ->
+  UpdatePortal
+newUpdatePortal pPortalArn_ =
+  UpdatePortal'
+    { displayName = Prelude.Nothing,
+      portalArn = pPortalArn_
+    }
+
+-- | The name of the web portal. This is not visible to users who log into
+-- the web portal.
+updatePortal_displayName :: Lens.Lens' UpdatePortal (Prelude.Maybe Prelude.Text)
+updatePortal_displayName = Lens.lens (\UpdatePortal' {displayName} -> displayName) (\s@UpdatePortal' {} a -> s {displayName = a} :: UpdatePortal) Prelude.. Lens.mapping Data._Sensitive
+
+-- | The ARN of the web portal.
+updatePortal_portalArn :: Lens.Lens' UpdatePortal Prelude.Text
+updatePortal_portalArn = Lens.lens (\UpdatePortal' {portalArn} -> portalArn) (\s@UpdatePortal' {} a -> s {portalArn = a} :: UpdatePortal)
+
+instance Core.AWSRequest UpdatePortal where
+  type AWSResponse UpdatePortal = UpdatePortalResponse
+  request overrides =
+    Request.putJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdatePortalResponse'
+            Prelude.<$> (x Data..?> "portal")
+            Prelude.<*> (Prelude.pure (Prelude.fromEnum s))
+      )
+
+instance Prelude.Hashable UpdatePortal where
+  hashWithSalt _salt UpdatePortal' {..} =
+    _salt
+      `Prelude.hashWithSalt` displayName
+      `Prelude.hashWithSalt` portalArn
+
+instance Prelude.NFData UpdatePortal where
+  rnf UpdatePortal' {..} =
+    Prelude.rnf displayName
+      `Prelude.seq` Prelude.rnf portalArn
+
+instance Data.ToHeaders UpdatePortal where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdatePortal where
+  toJSON UpdatePortal' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [("displayName" Data..=) Prelude.<$> displayName]
+      )
+
+instance Data.ToPath UpdatePortal where
+  toPath UpdatePortal' {..} =
+    Prelude.mconcat ["/portals/", Data.toBS portalArn]
+
+instance Data.ToQuery UpdatePortal where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdatePortalResponse' smart constructor.
+data UpdatePortalResponse = UpdatePortalResponse'
+  { -- | The web portal.
+    portal :: Prelude.Maybe Portal,
+    -- | The response's http status code.
+    httpStatus :: Prelude.Int
+  }
+  deriving (Prelude.Eq, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdatePortalResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'portal', 'updatePortalResponse_portal' - The web portal.
+--
+-- 'httpStatus', 'updatePortalResponse_httpStatus' - The response's http status code.
+newUpdatePortalResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  UpdatePortalResponse
+newUpdatePortalResponse pHttpStatus_ =
+  UpdatePortalResponse'
+    { portal = Prelude.Nothing,
+      httpStatus = pHttpStatus_
+    }
+
+-- | The web portal.
+updatePortalResponse_portal :: Lens.Lens' UpdatePortalResponse (Prelude.Maybe Portal)
+updatePortalResponse_portal = Lens.lens (\UpdatePortalResponse' {portal} -> portal) (\s@UpdatePortalResponse' {} a -> s {portal = a} :: UpdatePortalResponse)
+
+-- | The response's http status code.
+updatePortalResponse_httpStatus :: Lens.Lens' UpdatePortalResponse Prelude.Int
+updatePortalResponse_httpStatus = Lens.lens (\UpdatePortalResponse' {httpStatus} -> httpStatus) (\s@UpdatePortalResponse' {} a -> s {httpStatus = a} :: UpdatePortalResponse)
+
+instance Prelude.NFData UpdatePortalResponse where
+  rnf UpdatePortalResponse' {..} =
+    Prelude.rnf portal
+      `Prelude.seq` Prelude.rnf httpStatus
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdateTrustStore.hs b/gen/Amazonka/WorkSpacesWeb/UpdateTrustStore.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdateTrustStore.hs
@@ -0,0 +1,237 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdateTrustStore
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the trust store.
+module Amazonka.WorkSpacesWeb.UpdateTrustStore
+  ( -- * Creating a Request
+    UpdateTrustStore (..),
+    newUpdateTrustStore,
+
+    -- * Request Lenses
+    updateTrustStore_certificatesToAdd,
+    updateTrustStore_certificatesToDelete,
+    updateTrustStore_clientToken,
+    updateTrustStore_trustStoreArn,
+
+    -- * Destructuring the Response
+    UpdateTrustStoreResponse (..),
+    newUpdateTrustStoreResponse,
+
+    -- * Response Lenses
+    updateTrustStoreResponse_httpStatus,
+    updateTrustStoreResponse_trustStoreArn,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdateTrustStore' smart constructor.
+data UpdateTrustStore = UpdateTrustStore'
+  { -- | A list of CA certificates to add to the trust store.
+    certificatesToAdd :: Prelude.Maybe [Data.Base64],
+    -- | A list of CA certificates to delete from a trust store.
+    certificatesToDelete :: Prelude.Maybe [Prelude.Text],
+    -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- return the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateTrustStore' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'certificatesToAdd', 'updateTrustStore_certificatesToAdd' - A list of CA certificates to add to the trust store.
+--
+-- 'certificatesToDelete', 'updateTrustStore_certificatesToDelete' - A list of CA certificates to delete from a trust store.
+--
+-- 'clientToken', 'updateTrustStore_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'trustStoreArn', 'updateTrustStore_trustStoreArn' - The ARN of the trust store.
+newUpdateTrustStore ::
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  UpdateTrustStore
+newUpdateTrustStore pTrustStoreArn_ =
+  UpdateTrustStore'
+    { certificatesToAdd =
+        Prelude.Nothing,
+      certificatesToDelete = Prelude.Nothing,
+      clientToken = Prelude.Nothing,
+      trustStoreArn = pTrustStoreArn_
+    }
+
+-- | A list of CA certificates to add to the trust store.
+updateTrustStore_certificatesToAdd :: Lens.Lens' UpdateTrustStore (Prelude.Maybe [Prelude.ByteString])
+updateTrustStore_certificatesToAdd = Lens.lens (\UpdateTrustStore' {certificatesToAdd} -> certificatesToAdd) (\s@UpdateTrustStore' {} a -> s {certificatesToAdd = a} :: UpdateTrustStore) Prelude.. Lens.mapping Lens.coerced
+
+-- | A list of CA certificates to delete from a trust store.
+updateTrustStore_certificatesToDelete :: Lens.Lens' UpdateTrustStore (Prelude.Maybe [Prelude.Text])
+updateTrustStore_certificatesToDelete = Lens.lens (\UpdateTrustStore' {certificatesToDelete} -> certificatesToDelete) (\s@UpdateTrustStore' {} a -> s {certificatesToDelete = a} :: UpdateTrustStore) Prelude.. Lens.mapping Lens.coerced
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+updateTrustStore_clientToken :: Lens.Lens' UpdateTrustStore (Prelude.Maybe Prelude.Text)
+updateTrustStore_clientToken = Lens.lens (\UpdateTrustStore' {clientToken} -> clientToken) (\s@UpdateTrustStore' {} a -> s {clientToken = a} :: UpdateTrustStore)
+
+-- | The ARN of the trust store.
+updateTrustStore_trustStoreArn :: Lens.Lens' UpdateTrustStore Prelude.Text
+updateTrustStore_trustStoreArn = Lens.lens (\UpdateTrustStore' {trustStoreArn} -> trustStoreArn) (\s@UpdateTrustStore' {} a -> s {trustStoreArn = a} :: UpdateTrustStore)
+
+instance Core.AWSRequest UpdateTrustStore where
+  type
+    AWSResponse UpdateTrustStore =
+      UpdateTrustStoreResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateTrustStoreResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "trustStoreArn")
+      )
+
+instance Prelude.Hashable UpdateTrustStore where
+  hashWithSalt _salt UpdateTrustStore' {..} =
+    _salt
+      `Prelude.hashWithSalt` certificatesToAdd
+      `Prelude.hashWithSalt` certificatesToDelete
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` trustStoreArn
+
+instance Prelude.NFData UpdateTrustStore where
+  rnf UpdateTrustStore' {..} =
+    Prelude.rnf certificatesToAdd
+      `Prelude.seq` Prelude.rnf certificatesToDelete
+      `Prelude.seq` Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf trustStoreArn
+
+instance Data.ToHeaders UpdateTrustStore where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateTrustStore where
+  toJSON UpdateTrustStore' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("certificatesToAdd" Data..=)
+              Prelude.<$> certificatesToAdd,
+            ("certificatesToDelete" Data..=)
+              Prelude.<$> certificatesToDelete,
+            ("clientToken" Data..=) Prelude.<$> clientToken
+          ]
+      )
+
+instance Data.ToPath UpdateTrustStore where
+  toPath UpdateTrustStore' {..} =
+    Prelude.mconcat
+      ["/trustStores/", Data.toBS trustStoreArn]
+
+instance Data.ToQuery UpdateTrustStore where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateTrustStoreResponse' smart constructor.
+data UpdateTrustStoreResponse = UpdateTrustStoreResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The ARN of the trust store.
+    trustStoreArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateTrustStoreResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateTrustStoreResponse_httpStatus' - The response's http status code.
+--
+-- 'trustStoreArn', 'updateTrustStoreResponse_trustStoreArn' - The ARN of the trust store.
+newUpdateTrustStoreResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'trustStoreArn'
+  Prelude.Text ->
+  UpdateTrustStoreResponse
+newUpdateTrustStoreResponse
+  pHttpStatus_
+  pTrustStoreArn_ =
+    UpdateTrustStoreResponse'
+      { httpStatus =
+          pHttpStatus_,
+        trustStoreArn = pTrustStoreArn_
+      }
+
+-- | The response's http status code.
+updateTrustStoreResponse_httpStatus :: Lens.Lens' UpdateTrustStoreResponse Prelude.Int
+updateTrustStoreResponse_httpStatus = Lens.lens (\UpdateTrustStoreResponse' {httpStatus} -> httpStatus) (\s@UpdateTrustStoreResponse' {} a -> s {httpStatus = a} :: UpdateTrustStoreResponse)
+
+-- | The ARN of the trust store.
+updateTrustStoreResponse_trustStoreArn :: Lens.Lens' UpdateTrustStoreResponse Prelude.Text
+updateTrustStoreResponse_trustStoreArn = Lens.lens (\UpdateTrustStoreResponse' {trustStoreArn} -> trustStoreArn) (\s@UpdateTrustStoreResponse' {} a -> s {trustStoreArn = a} :: UpdateTrustStoreResponse)
+
+instance Prelude.NFData UpdateTrustStoreResponse where
+  rnf UpdateTrustStoreResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf trustStoreArn
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdateUserAccessLoggingSettings.hs b/gen/Amazonka/WorkSpacesWeb/UpdateUserAccessLoggingSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdateUserAccessLoggingSettings.hs
@@ -0,0 +1,245 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdateUserAccessLoggingSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the user access logging settings.
+module Amazonka.WorkSpacesWeb.UpdateUserAccessLoggingSettings
+  ( -- * Creating a Request
+    UpdateUserAccessLoggingSettings (..),
+    newUpdateUserAccessLoggingSettings,
+
+    -- * Request Lenses
+    updateUserAccessLoggingSettings_clientToken,
+    updateUserAccessLoggingSettings_kinesisStreamArn,
+    updateUserAccessLoggingSettings_userAccessLoggingSettingsArn,
+
+    -- * Destructuring the Response
+    UpdateUserAccessLoggingSettingsResponse (..),
+    newUpdateUserAccessLoggingSettingsResponse,
+
+    -- * Response Lenses
+    updateUserAccessLoggingSettingsResponse_httpStatus,
+    updateUserAccessLoggingSettingsResponse_userAccessLoggingSettings,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdateUserAccessLoggingSettings' smart constructor.
+data UpdateUserAccessLoggingSettings = UpdateUserAccessLoggingSettings'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- return the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the Kinesis stream.
+    kinesisStreamArn :: Prelude.Maybe Prelude.Text,
+    -- | The ARN of the user access logging settings.
+    userAccessLoggingSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateUserAccessLoggingSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'updateUserAccessLoggingSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'kinesisStreamArn', 'updateUserAccessLoggingSettings_kinesisStreamArn' - The ARN of the Kinesis stream.
+--
+-- 'userAccessLoggingSettingsArn', 'updateUserAccessLoggingSettings_userAccessLoggingSettingsArn' - The ARN of the user access logging settings.
+newUpdateUserAccessLoggingSettings ::
+  -- | 'userAccessLoggingSettingsArn'
+  Prelude.Text ->
+  UpdateUserAccessLoggingSettings
+newUpdateUserAccessLoggingSettings
+  pUserAccessLoggingSettingsArn_ =
+    UpdateUserAccessLoggingSettings'
+      { clientToken =
+          Prelude.Nothing,
+        kinesisStreamArn = Prelude.Nothing,
+        userAccessLoggingSettingsArn =
+          pUserAccessLoggingSettingsArn_
+      }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+updateUserAccessLoggingSettings_clientToken :: Lens.Lens' UpdateUserAccessLoggingSettings (Prelude.Maybe Prelude.Text)
+updateUserAccessLoggingSettings_clientToken = Lens.lens (\UpdateUserAccessLoggingSettings' {clientToken} -> clientToken) (\s@UpdateUserAccessLoggingSettings' {} a -> s {clientToken = a} :: UpdateUserAccessLoggingSettings)
+
+-- | The ARN of the Kinesis stream.
+updateUserAccessLoggingSettings_kinesisStreamArn :: Lens.Lens' UpdateUserAccessLoggingSettings (Prelude.Maybe Prelude.Text)
+updateUserAccessLoggingSettings_kinesisStreamArn = Lens.lens (\UpdateUserAccessLoggingSettings' {kinesisStreamArn} -> kinesisStreamArn) (\s@UpdateUserAccessLoggingSettings' {} a -> s {kinesisStreamArn = a} :: UpdateUserAccessLoggingSettings)
+
+-- | The ARN of the user access logging settings.
+updateUserAccessLoggingSettings_userAccessLoggingSettingsArn :: Lens.Lens' UpdateUserAccessLoggingSettings Prelude.Text
+updateUserAccessLoggingSettings_userAccessLoggingSettingsArn = Lens.lens (\UpdateUserAccessLoggingSettings' {userAccessLoggingSettingsArn} -> userAccessLoggingSettingsArn) (\s@UpdateUserAccessLoggingSettings' {} a -> s {userAccessLoggingSettingsArn = a} :: UpdateUserAccessLoggingSettings)
+
+instance
+  Core.AWSRequest
+    UpdateUserAccessLoggingSettings
+  where
+  type
+    AWSResponse UpdateUserAccessLoggingSettings =
+      UpdateUserAccessLoggingSettingsResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateUserAccessLoggingSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "userAccessLoggingSettings")
+      )
+
+instance
+  Prelude.Hashable
+    UpdateUserAccessLoggingSettings
+  where
+  hashWithSalt
+    _salt
+    UpdateUserAccessLoggingSettings' {..} =
+      _salt
+        `Prelude.hashWithSalt` clientToken
+        `Prelude.hashWithSalt` kinesisStreamArn
+        `Prelude.hashWithSalt` userAccessLoggingSettingsArn
+
+instance
+  Prelude.NFData
+    UpdateUserAccessLoggingSettings
+  where
+  rnf UpdateUserAccessLoggingSettings' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf kinesisStreamArn
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettingsArn
+
+instance
+  Data.ToHeaders
+    UpdateUserAccessLoggingSettings
+  where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateUserAccessLoggingSettings where
+  toJSON UpdateUserAccessLoggingSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("kinesisStreamArn" Data..=)
+              Prelude.<$> kinesisStreamArn
+          ]
+      )
+
+instance Data.ToPath UpdateUserAccessLoggingSettings where
+  toPath UpdateUserAccessLoggingSettings' {..} =
+    Prelude.mconcat
+      [ "/userAccessLoggingSettings/",
+        Data.toBS userAccessLoggingSettingsArn
+      ]
+
+instance Data.ToQuery UpdateUserAccessLoggingSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateUserAccessLoggingSettingsResponse' smart constructor.
+data UpdateUserAccessLoggingSettingsResponse = UpdateUserAccessLoggingSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The user access logging settings.
+    userAccessLoggingSettings :: UserAccessLoggingSettings
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateUserAccessLoggingSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateUserAccessLoggingSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'userAccessLoggingSettings', 'updateUserAccessLoggingSettingsResponse_userAccessLoggingSettings' - The user access logging settings.
+newUpdateUserAccessLoggingSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'userAccessLoggingSettings'
+  UserAccessLoggingSettings ->
+  UpdateUserAccessLoggingSettingsResponse
+newUpdateUserAccessLoggingSettingsResponse
+  pHttpStatus_
+  pUserAccessLoggingSettings_ =
+    UpdateUserAccessLoggingSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        userAccessLoggingSettings =
+          pUserAccessLoggingSettings_
+      }
+
+-- | The response's http status code.
+updateUserAccessLoggingSettingsResponse_httpStatus :: Lens.Lens' UpdateUserAccessLoggingSettingsResponse Prelude.Int
+updateUserAccessLoggingSettingsResponse_httpStatus = Lens.lens (\UpdateUserAccessLoggingSettingsResponse' {httpStatus} -> httpStatus) (\s@UpdateUserAccessLoggingSettingsResponse' {} a -> s {httpStatus = a} :: UpdateUserAccessLoggingSettingsResponse)
+
+-- | The user access logging settings.
+updateUserAccessLoggingSettingsResponse_userAccessLoggingSettings :: Lens.Lens' UpdateUserAccessLoggingSettingsResponse UserAccessLoggingSettings
+updateUserAccessLoggingSettingsResponse_userAccessLoggingSettings = Lens.lens (\UpdateUserAccessLoggingSettingsResponse' {userAccessLoggingSettings} -> userAccessLoggingSettings) (\s@UpdateUserAccessLoggingSettingsResponse' {} a -> s {userAccessLoggingSettings = a} :: UpdateUserAccessLoggingSettingsResponse)
+
+instance
+  Prelude.NFData
+    UpdateUserAccessLoggingSettingsResponse
+  where
+  rnf UpdateUserAccessLoggingSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf userAccessLoggingSettings
diff --git a/gen/Amazonka/WorkSpacesWeb/UpdateUserSettings.hs b/gen/Amazonka/WorkSpacesWeb/UpdateUserSettings.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/UpdateUserSettings.hs
@@ -0,0 +1,323 @@
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE DuplicateRecordFields #-}
+{-# LANGUAGE NamedFieldPuns #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE RecordWildCards #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-binds #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+{-# OPTIONS_GHC -fno-warn-unused-matches #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.UpdateUserSettings
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+--
+-- Updates the user settings.
+module Amazonka.WorkSpacesWeb.UpdateUserSettings
+  ( -- * Creating a Request
+    UpdateUserSettings (..),
+    newUpdateUserSettings,
+
+    -- * Request Lenses
+    updateUserSettings_clientToken,
+    updateUserSettings_copyAllowed,
+    updateUserSettings_disconnectTimeoutInMinutes,
+    updateUserSettings_downloadAllowed,
+    updateUserSettings_idleDisconnectTimeoutInMinutes,
+    updateUserSettings_pasteAllowed,
+    updateUserSettings_printAllowed,
+    updateUserSettings_uploadAllowed,
+    updateUserSettings_userSettingsArn,
+
+    -- * Destructuring the Response
+    UpdateUserSettingsResponse (..),
+    newUpdateUserSettingsResponse,
+
+    -- * Response Lenses
+    updateUserSettingsResponse_httpStatus,
+    updateUserSettingsResponse_userSettings,
+  )
+where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import qualified Amazonka.Request as Request
+import qualified Amazonka.Response as Response
+import Amazonka.WorkSpacesWeb.Types
+
+-- | /See:/ 'newUpdateUserSettings' smart constructor.
+data UpdateUserSettings = UpdateUserSettings'
+  { -- | A unique, case-sensitive identifier that you provide to ensure the
+    -- idempotency of the request. Idempotency ensures that an API request
+    -- completes only once. With an idempotent request, if the original request
+    -- completes successfully, subsequent retries with the same client token
+    -- return the result from the original successful request.
+    --
+    -- If you do not specify a client token, one is automatically generated by
+    -- the AWS SDK.
+    clientToken :: Prelude.Maybe Prelude.Text,
+    -- | Specifies whether the user can copy text from the streaming session to
+    -- the local device.
+    copyAllowed :: Prelude.Maybe EnabledType,
+    -- | The amount of time that a streaming session remains active after users
+    -- disconnect.
+    disconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | Specifies whether the user can download files from the streaming session
+    -- to the local device.
+    downloadAllowed :: Prelude.Maybe EnabledType,
+    -- | The amount of time that users can be idle (inactive) before they are
+    -- disconnected from their streaming session and the disconnect timeout
+    -- interval begins.
+    idleDisconnectTimeoutInMinutes :: Prelude.Maybe Prelude.Natural,
+    -- | Specifies whether the user can paste text from the local device to the
+    -- streaming session.
+    pasteAllowed :: Prelude.Maybe EnabledType,
+    -- | Specifies whether the user can print to the local device.
+    printAllowed :: Prelude.Maybe EnabledType,
+    -- | Specifies whether the user can upload files from the local device to the
+    -- streaming session.
+    uploadAllowed :: Prelude.Maybe EnabledType,
+    -- | The ARN of the user settings.
+    userSettingsArn :: Prelude.Text
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateUserSettings' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'clientToken', 'updateUserSettings_clientToken' - A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+--
+-- 'copyAllowed', 'updateUserSettings_copyAllowed' - Specifies whether the user can copy text from the streaming session to
+-- the local device.
+--
+-- 'disconnectTimeoutInMinutes', 'updateUserSettings_disconnectTimeoutInMinutes' - The amount of time that a streaming session remains active after users
+-- disconnect.
+--
+-- 'downloadAllowed', 'updateUserSettings_downloadAllowed' - Specifies whether the user can download files from the streaming session
+-- to the local device.
+--
+-- 'idleDisconnectTimeoutInMinutes', 'updateUserSettings_idleDisconnectTimeoutInMinutes' - The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+--
+-- 'pasteAllowed', 'updateUserSettings_pasteAllowed' - Specifies whether the user can paste text from the local device to the
+-- streaming session.
+--
+-- 'printAllowed', 'updateUserSettings_printAllowed' - Specifies whether the user can print to the local device.
+--
+-- 'uploadAllowed', 'updateUserSettings_uploadAllowed' - Specifies whether the user can upload files from the local device to the
+-- streaming session.
+--
+-- 'userSettingsArn', 'updateUserSettings_userSettingsArn' - The ARN of the user settings.
+newUpdateUserSettings ::
+  -- | 'userSettingsArn'
+  Prelude.Text ->
+  UpdateUserSettings
+newUpdateUserSettings pUserSettingsArn_ =
+  UpdateUserSettings'
+    { clientToken = Prelude.Nothing,
+      copyAllowed = Prelude.Nothing,
+      disconnectTimeoutInMinutes = Prelude.Nothing,
+      downloadAllowed = Prelude.Nothing,
+      idleDisconnectTimeoutInMinutes = Prelude.Nothing,
+      pasteAllowed = Prelude.Nothing,
+      printAllowed = Prelude.Nothing,
+      uploadAllowed = Prelude.Nothing,
+      userSettingsArn = pUserSettingsArn_
+    }
+
+-- | A unique, case-sensitive identifier that you provide to ensure the
+-- idempotency of the request. Idempotency ensures that an API request
+-- completes only once. With an idempotent request, if the original request
+-- completes successfully, subsequent retries with the same client token
+-- return the result from the original successful request.
+--
+-- If you do not specify a client token, one is automatically generated by
+-- the AWS SDK.
+updateUserSettings_clientToken :: Lens.Lens' UpdateUserSettings (Prelude.Maybe Prelude.Text)
+updateUserSettings_clientToken = Lens.lens (\UpdateUserSettings' {clientToken} -> clientToken) (\s@UpdateUserSettings' {} a -> s {clientToken = a} :: UpdateUserSettings)
+
+-- | Specifies whether the user can copy text from the streaming session to
+-- the local device.
+updateUserSettings_copyAllowed :: Lens.Lens' UpdateUserSettings (Prelude.Maybe EnabledType)
+updateUserSettings_copyAllowed = Lens.lens (\UpdateUserSettings' {copyAllowed} -> copyAllowed) (\s@UpdateUserSettings' {} a -> s {copyAllowed = a} :: UpdateUserSettings)
+
+-- | The amount of time that a streaming session remains active after users
+-- disconnect.
+updateUserSettings_disconnectTimeoutInMinutes :: Lens.Lens' UpdateUserSettings (Prelude.Maybe Prelude.Natural)
+updateUserSettings_disconnectTimeoutInMinutes = Lens.lens (\UpdateUserSettings' {disconnectTimeoutInMinutes} -> disconnectTimeoutInMinutes) (\s@UpdateUserSettings' {} a -> s {disconnectTimeoutInMinutes = a} :: UpdateUserSettings)
+
+-- | Specifies whether the user can download files from the streaming session
+-- to the local device.
+updateUserSettings_downloadAllowed :: Lens.Lens' UpdateUserSettings (Prelude.Maybe EnabledType)
+updateUserSettings_downloadAllowed = Lens.lens (\UpdateUserSettings' {downloadAllowed} -> downloadAllowed) (\s@UpdateUserSettings' {} a -> s {downloadAllowed = a} :: UpdateUserSettings)
+
+-- | The amount of time that users can be idle (inactive) before they are
+-- disconnected from their streaming session and the disconnect timeout
+-- interval begins.
+updateUserSettings_idleDisconnectTimeoutInMinutes :: Lens.Lens' UpdateUserSettings (Prelude.Maybe Prelude.Natural)
+updateUserSettings_idleDisconnectTimeoutInMinutes = Lens.lens (\UpdateUserSettings' {idleDisconnectTimeoutInMinutes} -> idleDisconnectTimeoutInMinutes) (\s@UpdateUserSettings' {} a -> s {idleDisconnectTimeoutInMinutes = a} :: UpdateUserSettings)
+
+-- | Specifies whether the user can paste text from the local device to the
+-- streaming session.
+updateUserSettings_pasteAllowed :: Lens.Lens' UpdateUserSettings (Prelude.Maybe EnabledType)
+updateUserSettings_pasteAllowed = Lens.lens (\UpdateUserSettings' {pasteAllowed} -> pasteAllowed) (\s@UpdateUserSettings' {} a -> s {pasteAllowed = a} :: UpdateUserSettings)
+
+-- | Specifies whether the user can print to the local device.
+updateUserSettings_printAllowed :: Lens.Lens' UpdateUserSettings (Prelude.Maybe EnabledType)
+updateUserSettings_printAllowed = Lens.lens (\UpdateUserSettings' {printAllowed} -> printAllowed) (\s@UpdateUserSettings' {} a -> s {printAllowed = a} :: UpdateUserSettings)
+
+-- | Specifies whether the user can upload files from the local device to the
+-- streaming session.
+updateUserSettings_uploadAllowed :: Lens.Lens' UpdateUserSettings (Prelude.Maybe EnabledType)
+updateUserSettings_uploadAllowed = Lens.lens (\UpdateUserSettings' {uploadAllowed} -> uploadAllowed) (\s@UpdateUserSettings' {} a -> s {uploadAllowed = a} :: UpdateUserSettings)
+
+-- | The ARN of the user settings.
+updateUserSettings_userSettingsArn :: Lens.Lens' UpdateUserSettings Prelude.Text
+updateUserSettings_userSettingsArn = Lens.lens (\UpdateUserSettings' {userSettingsArn} -> userSettingsArn) (\s@UpdateUserSettings' {} a -> s {userSettingsArn = a} :: UpdateUserSettings)
+
+instance Core.AWSRequest UpdateUserSettings where
+  type
+    AWSResponse UpdateUserSettings =
+      UpdateUserSettingsResponse
+  request overrides =
+    Request.patchJSON (overrides defaultService)
+  response =
+    Response.receiveJSON
+      ( \s h x ->
+          UpdateUserSettingsResponse'
+            Prelude.<$> (Prelude.pure (Prelude.fromEnum s))
+            Prelude.<*> (x Data..:> "userSettings")
+      )
+
+instance Prelude.Hashable UpdateUserSettings where
+  hashWithSalt _salt UpdateUserSettings' {..} =
+    _salt
+      `Prelude.hashWithSalt` clientToken
+      `Prelude.hashWithSalt` copyAllowed
+      `Prelude.hashWithSalt` disconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` downloadAllowed
+      `Prelude.hashWithSalt` idleDisconnectTimeoutInMinutes
+      `Prelude.hashWithSalt` pasteAllowed
+      `Prelude.hashWithSalt` printAllowed
+      `Prelude.hashWithSalt` uploadAllowed
+      `Prelude.hashWithSalt` userSettingsArn
+
+instance Prelude.NFData UpdateUserSettings where
+  rnf UpdateUserSettings' {..} =
+    Prelude.rnf clientToken
+      `Prelude.seq` Prelude.rnf copyAllowed
+      `Prelude.seq` Prelude.rnf disconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf downloadAllowed
+      `Prelude.seq` Prelude.rnf idleDisconnectTimeoutInMinutes
+      `Prelude.seq` Prelude.rnf pasteAllowed
+      `Prelude.seq` Prelude.rnf printAllowed
+      `Prelude.seq` Prelude.rnf uploadAllowed
+      `Prelude.seq` Prelude.rnf userSettingsArn
+
+instance Data.ToHeaders UpdateUserSettings where
+  toHeaders =
+    Prelude.const
+      ( Prelude.mconcat
+          [ "Content-Type"
+              Data.=# ( "application/x-amz-json-1.1" ::
+                          Prelude.ByteString
+                      )
+          ]
+      )
+
+instance Data.ToJSON UpdateUserSettings where
+  toJSON UpdateUserSettings' {..} =
+    Data.object
+      ( Prelude.catMaybes
+          [ ("clientToken" Data..=) Prelude.<$> clientToken,
+            ("copyAllowed" Data..=) Prelude.<$> copyAllowed,
+            ("disconnectTimeoutInMinutes" Data..=)
+              Prelude.<$> disconnectTimeoutInMinutes,
+            ("downloadAllowed" Data..=)
+              Prelude.<$> downloadAllowed,
+            ("idleDisconnectTimeoutInMinutes" Data..=)
+              Prelude.<$> idleDisconnectTimeoutInMinutes,
+            ("pasteAllowed" Data..=) Prelude.<$> pasteAllowed,
+            ("printAllowed" Data..=) Prelude.<$> printAllowed,
+            ("uploadAllowed" Data..=) Prelude.<$> uploadAllowed
+          ]
+      )
+
+instance Data.ToPath UpdateUserSettings where
+  toPath UpdateUserSettings' {..} =
+    Prelude.mconcat
+      ["/userSettings/", Data.toBS userSettingsArn]
+
+instance Data.ToQuery UpdateUserSettings where
+  toQuery = Prelude.const Prelude.mempty
+
+-- | /See:/ 'newUpdateUserSettingsResponse' smart constructor.
+data UpdateUserSettingsResponse = UpdateUserSettingsResponse'
+  { -- | The response's http status code.
+    httpStatus :: Prelude.Int,
+    -- | The user settings.
+    userSettings :: UserSettings
+  }
+  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)
+
+-- |
+-- Create a value of 'UpdateUserSettingsResponse' with all optional fields omitted.
+--
+-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
+--
+-- The following record fields are available, with the corresponding lenses provided
+-- for backwards compatibility:
+--
+-- 'httpStatus', 'updateUserSettingsResponse_httpStatus' - The response's http status code.
+--
+-- 'userSettings', 'updateUserSettingsResponse_userSettings' - The user settings.
+newUpdateUserSettingsResponse ::
+  -- | 'httpStatus'
+  Prelude.Int ->
+  -- | 'userSettings'
+  UserSettings ->
+  UpdateUserSettingsResponse
+newUpdateUserSettingsResponse
+  pHttpStatus_
+  pUserSettings_ =
+    UpdateUserSettingsResponse'
+      { httpStatus =
+          pHttpStatus_,
+        userSettings = pUserSettings_
+      }
+
+-- | The response's http status code.
+updateUserSettingsResponse_httpStatus :: Lens.Lens' UpdateUserSettingsResponse Prelude.Int
+updateUserSettingsResponse_httpStatus = Lens.lens (\UpdateUserSettingsResponse' {httpStatus} -> httpStatus) (\s@UpdateUserSettingsResponse' {} a -> s {httpStatus = a} :: UpdateUserSettingsResponse)
+
+-- | The user settings.
+updateUserSettingsResponse_userSettings :: Lens.Lens' UpdateUserSettingsResponse UserSettings
+updateUserSettingsResponse_userSettings = Lens.lens (\UpdateUserSettingsResponse' {userSettings} -> userSettings) (\s@UpdateUserSettingsResponse' {} a -> s {userSettings = a} :: UpdateUserSettingsResponse)
+
+instance Prelude.NFData UpdateUserSettingsResponse where
+  rnf UpdateUserSettingsResponse' {..} =
+    Prelude.rnf httpStatus
+      `Prelude.seq` Prelude.rnf userSettings
diff --git a/gen/Amazonka/WorkSpacesWeb/Waiters.hs b/gen/Amazonka/WorkSpacesWeb/Waiters.hs
new file mode 100644
--- /dev/null
+++ b/gen/Amazonka/WorkSpacesWeb/Waiters.hs
@@ -0,0 +1,24 @@
+{-# LANGUAGE DisambiguateRecordFields #-}
+{-# LANGUAGE OverloadedStrings #-}
+{-# LANGUAGE StrictData #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE NoImplicitPrelude #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Amazonka.WorkSpacesWeb.Waiters
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Amazonka.WorkSpacesWeb.Waiters where
+
+import qualified Amazonka.Core as Core
+import qualified Amazonka.Core.Lens.Internal as Lens
+import qualified Amazonka.Data as Data
+import qualified Amazonka.Prelude as Prelude
+import Amazonka.WorkSpacesWeb.Lens
+import Amazonka.WorkSpacesWeb.Types
diff --git a/src/.gitkeep b/src/.gitkeep
new file mode 100644
--- /dev/null
+++ b/src/.gitkeep
diff --git a/test/Main.hs b/test/Main.hs
new file mode 100644
--- /dev/null
+++ b/test/Main.hs
@@ -0,0 +1,23 @@
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- |
+-- Module      : Main
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Main (main) where
+
+import Test.Amazonka.WorkSpacesWeb
+import Test.Amazonka.WorkSpacesWeb.Internal
+import Test.Tasty
+
+main :: IO ()
+main =
+  defaultMain $
+    testGroup
+      "WorkSpacesWeb"
+      [ testGroup "tests" tests,
+        testGroup "fixtures" fixtures
+      ]
diff --git a/test/Test/Amazonka/Gen/WorkSpacesWeb.hs b/test/Test/Amazonka/Gen/WorkSpacesWeb.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/Gen/WorkSpacesWeb.hs
@@ -0,0 +1,1058 @@
+{-# OPTIONS_GHC -fno-warn-orphans #-}
+{-# OPTIONS_GHC -fno-warn-unused-imports #-}
+
+-- Derived from AWS service descriptions, licensed under Apache 2.0.
+
+-- |
+-- Module      : Test.Amazonka.Gen.WorkSpacesWeb
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.Gen.WorkSpacesWeb where
+
+import Amazonka.WorkSpacesWeb
+import qualified Data.Proxy as Proxy
+import Test.Amazonka.Fixture
+import Test.Amazonka.Prelude
+import Test.Amazonka.WorkSpacesWeb.Internal
+import Test.Tasty
+
+-- Auto-generated: the actual test selection needs to be manually placed into
+-- the top-level so that real test data can be incrementally added.
+--
+-- This commented snippet is what the entire set should look like:
+
+-- fixtures :: TestTree
+-- fixtures =
+--     [ testGroup "request"
+--         [ requestAssociateBrowserSettings $
+--             newAssociateBrowserSettings
+--
+--         , requestAssociateNetworkSettings $
+--             newAssociateNetworkSettings
+--
+--         , requestAssociateTrustStore $
+--             newAssociateTrustStore
+--
+--         , requestAssociateUserAccessLoggingSettings $
+--             newAssociateUserAccessLoggingSettings
+--
+--         , requestAssociateUserSettings $
+--             newAssociateUserSettings
+--
+--         , requestCreateBrowserSettings $
+--             newCreateBrowserSettings
+--
+--         , requestCreateIdentityProvider $
+--             newCreateIdentityProvider
+--
+--         , requestCreateNetworkSettings $
+--             newCreateNetworkSettings
+--
+--         , requestCreatePortal $
+--             newCreatePortal
+--
+--         , requestCreateTrustStore $
+--             newCreateTrustStore
+--
+--         , requestCreateUserAccessLoggingSettings $
+--             newCreateUserAccessLoggingSettings
+--
+--         , requestCreateUserSettings $
+--             newCreateUserSettings
+--
+--         , requestDeleteBrowserSettings $
+--             newDeleteBrowserSettings
+--
+--         , requestDeleteIdentityProvider $
+--             newDeleteIdentityProvider
+--
+--         , requestDeleteNetworkSettings $
+--             newDeleteNetworkSettings
+--
+--         , requestDeletePortal $
+--             newDeletePortal
+--
+--         , requestDeleteTrustStore $
+--             newDeleteTrustStore
+--
+--         , requestDeleteUserAccessLoggingSettings $
+--             newDeleteUserAccessLoggingSettings
+--
+--         , requestDeleteUserSettings $
+--             newDeleteUserSettings
+--
+--         , requestDisassociateBrowserSettings $
+--             newDisassociateBrowserSettings
+--
+--         , requestDisassociateNetworkSettings $
+--             newDisassociateNetworkSettings
+--
+--         , requestDisassociateTrustStore $
+--             newDisassociateTrustStore
+--
+--         , requestDisassociateUserAccessLoggingSettings $
+--             newDisassociateUserAccessLoggingSettings
+--
+--         , requestDisassociateUserSettings $
+--             newDisassociateUserSettings
+--
+--         , requestGetBrowserSettings $
+--             newGetBrowserSettings
+--
+--         , requestGetIdentityProvider $
+--             newGetIdentityProvider
+--
+--         , requestGetNetworkSettings $
+--             newGetNetworkSettings
+--
+--         , requestGetPortal $
+--             newGetPortal
+--
+--         , requestGetPortalServiceProviderMetadata $
+--             newGetPortalServiceProviderMetadata
+--
+--         , requestGetTrustStore $
+--             newGetTrustStore
+--
+--         , requestGetTrustStoreCertificate $
+--             newGetTrustStoreCertificate
+--
+--         , requestGetUserAccessLoggingSettings $
+--             newGetUserAccessLoggingSettings
+--
+--         , requestGetUserSettings $
+--             newGetUserSettings
+--
+--         , requestListBrowserSettings $
+--             newListBrowserSettings
+--
+--         , requestListIdentityProviders $
+--             newListIdentityProviders
+--
+--         , requestListNetworkSettings $
+--             newListNetworkSettings
+--
+--         , requestListPortals $
+--             newListPortals
+--
+--         , requestListTagsForResource $
+--             newListTagsForResource
+--
+--         , requestListTrustStoreCertificates $
+--             newListTrustStoreCertificates
+--
+--         , requestListTrustStores $
+--             newListTrustStores
+--
+--         , requestListUserAccessLoggingSettings $
+--             newListUserAccessLoggingSettings
+--
+--         , requestListUserSettings $
+--             newListUserSettings
+--
+--         , requestTagResource $
+--             newTagResource
+--
+--         , requestUntagResource $
+--             newUntagResource
+--
+--         , requestUpdateBrowserSettings $
+--             newUpdateBrowserSettings
+--
+--         , requestUpdateIdentityProvider $
+--             newUpdateIdentityProvider
+--
+--         , requestUpdateNetworkSettings $
+--             newUpdateNetworkSettings
+--
+--         , requestUpdatePortal $
+--             newUpdatePortal
+--
+--         , requestUpdateTrustStore $
+--             newUpdateTrustStore
+--
+--         , requestUpdateUserAccessLoggingSettings $
+--             newUpdateUserAccessLoggingSettings
+--
+--         , requestUpdateUserSettings $
+--             newUpdateUserSettings
+--
+--           ]
+
+--     , testGroup "response"
+--         [ responseAssociateBrowserSettings $
+--             newAssociateBrowserSettingsResponse
+--
+--         , responseAssociateNetworkSettings $
+--             newAssociateNetworkSettingsResponse
+--
+--         , responseAssociateTrustStore $
+--             newAssociateTrustStoreResponse
+--
+--         , responseAssociateUserAccessLoggingSettings $
+--             newAssociateUserAccessLoggingSettingsResponse
+--
+--         , responseAssociateUserSettings $
+--             newAssociateUserSettingsResponse
+--
+--         , responseCreateBrowserSettings $
+--             newCreateBrowserSettingsResponse
+--
+--         , responseCreateIdentityProvider $
+--             newCreateIdentityProviderResponse
+--
+--         , responseCreateNetworkSettings $
+--             newCreateNetworkSettingsResponse
+--
+--         , responseCreatePortal $
+--             newCreatePortalResponse
+--
+--         , responseCreateTrustStore $
+--             newCreateTrustStoreResponse
+--
+--         , responseCreateUserAccessLoggingSettings $
+--             newCreateUserAccessLoggingSettingsResponse
+--
+--         , responseCreateUserSettings $
+--             newCreateUserSettingsResponse
+--
+--         , responseDeleteBrowserSettings $
+--             newDeleteBrowserSettingsResponse
+--
+--         , responseDeleteIdentityProvider $
+--             newDeleteIdentityProviderResponse
+--
+--         , responseDeleteNetworkSettings $
+--             newDeleteNetworkSettingsResponse
+--
+--         , responseDeletePortal $
+--             newDeletePortalResponse
+--
+--         , responseDeleteTrustStore $
+--             newDeleteTrustStoreResponse
+--
+--         , responseDeleteUserAccessLoggingSettings $
+--             newDeleteUserAccessLoggingSettingsResponse
+--
+--         , responseDeleteUserSettings $
+--             newDeleteUserSettingsResponse
+--
+--         , responseDisassociateBrowserSettings $
+--             newDisassociateBrowserSettingsResponse
+--
+--         , responseDisassociateNetworkSettings $
+--             newDisassociateNetworkSettingsResponse
+--
+--         , responseDisassociateTrustStore $
+--             newDisassociateTrustStoreResponse
+--
+--         , responseDisassociateUserAccessLoggingSettings $
+--             newDisassociateUserAccessLoggingSettingsResponse
+--
+--         , responseDisassociateUserSettings $
+--             newDisassociateUserSettingsResponse
+--
+--         , responseGetBrowserSettings $
+--             newGetBrowserSettingsResponse
+--
+--         , responseGetIdentityProvider $
+--             newGetIdentityProviderResponse
+--
+--         , responseGetNetworkSettings $
+--             newGetNetworkSettingsResponse
+--
+--         , responseGetPortal $
+--             newGetPortalResponse
+--
+--         , responseGetPortalServiceProviderMetadata $
+--             newGetPortalServiceProviderMetadataResponse
+--
+--         , responseGetTrustStore $
+--             newGetTrustStoreResponse
+--
+--         , responseGetTrustStoreCertificate $
+--             newGetTrustStoreCertificateResponse
+--
+--         , responseGetUserAccessLoggingSettings $
+--             newGetUserAccessLoggingSettingsResponse
+--
+--         , responseGetUserSettings $
+--             newGetUserSettingsResponse
+--
+--         , responseListBrowserSettings $
+--             newListBrowserSettingsResponse
+--
+--         , responseListIdentityProviders $
+--             newListIdentityProvidersResponse
+--
+--         , responseListNetworkSettings $
+--             newListNetworkSettingsResponse
+--
+--         , responseListPortals $
+--             newListPortalsResponse
+--
+--         , responseListTagsForResource $
+--             newListTagsForResourceResponse
+--
+--         , responseListTrustStoreCertificates $
+--             newListTrustStoreCertificatesResponse
+--
+--         , responseListTrustStores $
+--             newListTrustStoresResponse
+--
+--         , responseListUserAccessLoggingSettings $
+--             newListUserAccessLoggingSettingsResponse
+--
+--         , responseListUserSettings $
+--             newListUserSettingsResponse
+--
+--         , responseTagResource $
+--             newTagResourceResponse
+--
+--         , responseUntagResource $
+--             newUntagResourceResponse
+--
+--         , responseUpdateBrowserSettings $
+--             newUpdateBrowserSettingsResponse
+--
+--         , responseUpdateIdentityProvider $
+--             newUpdateIdentityProviderResponse
+--
+--         , responseUpdateNetworkSettings $
+--             newUpdateNetworkSettingsResponse
+--
+--         , responseUpdatePortal $
+--             newUpdatePortalResponse
+--
+--         , responseUpdateTrustStore $
+--             newUpdateTrustStoreResponse
+--
+--         , responseUpdateUserAccessLoggingSettings $
+--             newUpdateUserAccessLoggingSettingsResponse
+--
+--         , responseUpdateUserSettings $
+--             newUpdateUserSettingsResponse
+--
+--           ]
+--     ]
+
+-- Requests
+
+requestAssociateBrowserSettings :: AssociateBrowserSettings -> TestTree
+requestAssociateBrowserSettings =
+  req
+    "AssociateBrowserSettings"
+    "fixture/AssociateBrowserSettings.yaml"
+
+requestAssociateNetworkSettings :: AssociateNetworkSettings -> TestTree
+requestAssociateNetworkSettings =
+  req
+    "AssociateNetworkSettings"
+    "fixture/AssociateNetworkSettings.yaml"
+
+requestAssociateTrustStore :: AssociateTrustStore -> TestTree
+requestAssociateTrustStore =
+  req
+    "AssociateTrustStore"
+    "fixture/AssociateTrustStore.yaml"
+
+requestAssociateUserAccessLoggingSettings :: AssociateUserAccessLoggingSettings -> TestTree
+requestAssociateUserAccessLoggingSettings =
+  req
+    "AssociateUserAccessLoggingSettings"
+    "fixture/AssociateUserAccessLoggingSettings.yaml"
+
+requestAssociateUserSettings :: AssociateUserSettings -> TestTree
+requestAssociateUserSettings =
+  req
+    "AssociateUserSettings"
+    "fixture/AssociateUserSettings.yaml"
+
+requestCreateBrowserSettings :: CreateBrowserSettings -> TestTree
+requestCreateBrowserSettings =
+  req
+    "CreateBrowserSettings"
+    "fixture/CreateBrowserSettings.yaml"
+
+requestCreateIdentityProvider :: CreateIdentityProvider -> TestTree
+requestCreateIdentityProvider =
+  req
+    "CreateIdentityProvider"
+    "fixture/CreateIdentityProvider.yaml"
+
+requestCreateNetworkSettings :: CreateNetworkSettings -> TestTree
+requestCreateNetworkSettings =
+  req
+    "CreateNetworkSettings"
+    "fixture/CreateNetworkSettings.yaml"
+
+requestCreatePortal :: CreatePortal -> TestTree
+requestCreatePortal =
+  req
+    "CreatePortal"
+    "fixture/CreatePortal.yaml"
+
+requestCreateTrustStore :: CreateTrustStore -> TestTree
+requestCreateTrustStore =
+  req
+    "CreateTrustStore"
+    "fixture/CreateTrustStore.yaml"
+
+requestCreateUserAccessLoggingSettings :: CreateUserAccessLoggingSettings -> TestTree
+requestCreateUserAccessLoggingSettings =
+  req
+    "CreateUserAccessLoggingSettings"
+    "fixture/CreateUserAccessLoggingSettings.yaml"
+
+requestCreateUserSettings :: CreateUserSettings -> TestTree
+requestCreateUserSettings =
+  req
+    "CreateUserSettings"
+    "fixture/CreateUserSettings.yaml"
+
+requestDeleteBrowserSettings :: DeleteBrowserSettings -> TestTree
+requestDeleteBrowserSettings =
+  req
+    "DeleteBrowserSettings"
+    "fixture/DeleteBrowserSettings.yaml"
+
+requestDeleteIdentityProvider :: DeleteIdentityProvider -> TestTree
+requestDeleteIdentityProvider =
+  req
+    "DeleteIdentityProvider"
+    "fixture/DeleteIdentityProvider.yaml"
+
+requestDeleteNetworkSettings :: DeleteNetworkSettings -> TestTree
+requestDeleteNetworkSettings =
+  req
+    "DeleteNetworkSettings"
+    "fixture/DeleteNetworkSettings.yaml"
+
+requestDeletePortal :: DeletePortal -> TestTree
+requestDeletePortal =
+  req
+    "DeletePortal"
+    "fixture/DeletePortal.yaml"
+
+requestDeleteTrustStore :: DeleteTrustStore -> TestTree
+requestDeleteTrustStore =
+  req
+    "DeleteTrustStore"
+    "fixture/DeleteTrustStore.yaml"
+
+requestDeleteUserAccessLoggingSettings :: DeleteUserAccessLoggingSettings -> TestTree
+requestDeleteUserAccessLoggingSettings =
+  req
+    "DeleteUserAccessLoggingSettings"
+    "fixture/DeleteUserAccessLoggingSettings.yaml"
+
+requestDeleteUserSettings :: DeleteUserSettings -> TestTree
+requestDeleteUserSettings =
+  req
+    "DeleteUserSettings"
+    "fixture/DeleteUserSettings.yaml"
+
+requestDisassociateBrowserSettings :: DisassociateBrowserSettings -> TestTree
+requestDisassociateBrowserSettings =
+  req
+    "DisassociateBrowserSettings"
+    "fixture/DisassociateBrowserSettings.yaml"
+
+requestDisassociateNetworkSettings :: DisassociateNetworkSettings -> TestTree
+requestDisassociateNetworkSettings =
+  req
+    "DisassociateNetworkSettings"
+    "fixture/DisassociateNetworkSettings.yaml"
+
+requestDisassociateTrustStore :: DisassociateTrustStore -> TestTree
+requestDisassociateTrustStore =
+  req
+    "DisassociateTrustStore"
+    "fixture/DisassociateTrustStore.yaml"
+
+requestDisassociateUserAccessLoggingSettings :: DisassociateUserAccessLoggingSettings -> TestTree
+requestDisassociateUserAccessLoggingSettings =
+  req
+    "DisassociateUserAccessLoggingSettings"
+    "fixture/DisassociateUserAccessLoggingSettings.yaml"
+
+requestDisassociateUserSettings :: DisassociateUserSettings -> TestTree
+requestDisassociateUserSettings =
+  req
+    "DisassociateUserSettings"
+    "fixture/DisassociateUserSettings.yaml"
+
+requestGetBrowserSettings :: GetBrowserSettings -> TestTree
+requestGetBrowserSettings =
+  req
+    "GetBrowserSettings"
+    "fixture/GetBrowserSettings.yaml"
+
+requestGetIdentityProvider :: GetIdentityProvider -> TestTree
+requestGetIdentityProvider =
+  req
+    "GetIdentityProvider"
+    "fixture/GetIdentityProvider.yaml"
+
+requestGetNetworkSettings :: GetNetworkSettings -> TestTree
+requestGetNetworkSettings =
+  req
+    "GetNetworkSettings"
+    "fixture/GetNetworkSettings.yaml"
+
+requestGetPortal :: GetPortal -> TestTree
+requestGetPortal =
+  req
+    "GetPortal"
+    "fixture/GetPortal.yaml"
+
+requestGetPortalServiceProviderMetadata :: GetPortalServiceProviderMetadata -> TestTree
+requestGetPortalServiceProviderMetadata =
+  req
+    "GetPortalServiceProviderMetadata"
+    "fixture/GetPortalServiceProviderMetadata.yaml"
+
+requestGetTrustStore :: GetTrustStore -> TestTree
+requestGetTrustStore =
+  req
+    "GetTrustStore"
+    "fixture/GetTrustStore.yaml"
+
+requestGetTrustStoreCertificate :: GetTrustStoreCertificate -> TestTree
+requestGetTrustStoreCertificate =
+  req
+    "GetTrustStoreCertificate"
+    "fixture/GetTrustStoreCertificate.yaml"
+
+requestGetUserAccessLoggingSettings :: GetUserAccessLoggingSettings -> TestTree
+requestGetUserAccessLoggingSettings =
+  req
+    "GetUserAccessLoggingSettings"
+    "fixture/GetUserAccessLoggingSettings.yaml"
+
+requestGetUserSettings :: GetUserSettings -> TestTree
+requestGetUserSettings =
+  req
+    "GetUserSettings"
+    "fixture/GetUserSettings.yaml"
+
+requestListBrowserSettings :: ListBrowserSettings -> TestTree
+requestListBrowserSettings =
+  req
+    "ListBrowserSettings"
+    "fixture/ListBrowserSettings.yaml"
+
+requestListIdentityProviders :: ListIdentityProviders -> TestTree
+requestListIdentityProviders =
+  req
+    "ListIdentityProviders"
+    "fixture/ListIdentityProviders.yaml"
+
+requestListNetworkSettings :: ListNetworkSettings -> TestTree
+requestListNetworkSettings =
+  req
+    "ListNetworkSettings"
+    "fixture/ListNetworkSettings.yaml"
+
+requestListPortals :: ListPortals -> TestTree
+requestListPortals =
+  req
+    "ListPortals"
+    "fixture/ListPortals.yaml"
+
+requestListTagsForResource :: ListTagsForResource -> TestTree
+requestListTagsForResource =
+  req
+    "ListTagsForResource"
+    "fixture/ListTagsForResource.yaml"
+
+requestListTrustStoreCertificates :: ListTrustStoreCertificates -> TestTree
+requestListTrustStoreCertificates =
+  req
+    "ListTrustStoreCertificates"
+    "fixture/ListTrustStoreCertificates.yaml"
+
+requestListTrustStores :: ListTrustStores -> TestTree
+requestListTrustStores =
+  req
+    "ListTrustStores"
+    "fixture/ListTrustStores.yaml"
+
+requestListUserAccessLoggingSettings :: ListUserAccessLoggingSettings -> TestTree
+requestListUserAccessLoggingSettings =
+  req
+    "ListUserAccessLoggingSettings"
+    "fixture/ListUserAccessLoggingSettings.yaml"
+
+requestListUserSettings :: ListUserSettings -> TestTree
+requestListUserSettings =
+  req
+    "ListUserSettings"
+    "fixture/ListUserSettings.yaml"
+
+requestTagResource :: TagResource -> TestTree
+requestTagResource =
+  req
+    "TagResource"
+    "fixture/TagResource.yaml"
+
+requestUntagResource :: UntagResource -> TestTree
+requestUntagResource =
+  req
+    "UntagResource"
+    "fixture/UntagResource.yaml"
+
+requestUpdateBrowserSettings :: UpdateBrowserSettings -> TestTree
+requestUpdateBrowserSettings =
+  req
+    "UpdateBrowserSettings"
+    "fixture/UpdateBrowserSettings.yaml"
+
+requestUpdateIdentityProvider :: UpdateIdentityProvider -> TestTree
+requestUpdateIdentityProvider =
+  req
+    "UpdateIdentityProvider"
+    "fixture/UpdateIdentityProvider.yaml"
+
+requestUpdateNetworkSettings :: UpdateNetworkSettings -> TestTree
+requestUpdateNetworkSettings =
+  req
+    "UpdateNetworkSettings"
+    "fixture/UpdateNetworkSettings.yaml"
+
+requestUpdatePortal :: UpdatePortal -> TestTree
+requestUpdatePortal =
+  req
+    "UpdatePortal"
+    "fixture/UpdatePortal.yaml"
+
+requestUpdateTrustStore :: UpdateTrustStore -> TestTree
+requestUpdateTrustStore =
+  req
+    "UpdateTrustStore"
+    "fixture/UpdateTrustStore.yaml"
+
+requestUpdateUserAccessLoggingSettings :: UpdateUserAccessLoggingSettings -> TestTree
+requestUpdateUserAccessLoggingSettings =
+  req
+    "UpdateUserAccessLoggingSettings"
+    "fixture/UpdateUserAccessLoggingSettings.yaml"
+
+requestUpdateUserSettings :: UpdateUserSettings -> TestTree
+requestUpdateUserSettings =
+  req
+    "UpdateUserSettings"
+    "fixture/UpdateUserSettings.yaml"
+
+-- Responses
+
+responseAssociateBrowserSettings :: AssociateBrowserSettingsResponse -> TestTree
+responseAssociateBrowserSettings =
+  res
+    "AssociateBrowserSettingsResponse"
+    "fixture/AssociateBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AssociateBrowserSettings)
+
+responseAssociateNetworkSettings :: AssociateNetworkSettingsResponse -> TestTree
+responseAssociateNetworkSettings =
+  res
+    "AssociateNetworkSettingsResponse"
+    "fixture/AssociateNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AssociateNetworkSettings)
+
+responseAssociateTrustStore :: AssociateTrustStoreResponse -> TestTree
+responseAssociateTrustStore =
+  res
+    "AssociateTrustStoreResponse"
+    "fixture/AssociateTrustStoreResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AssociateTrustStore)
+
+responseAssociateUserAccessLoggingSettings :: AssociateUserAccessLoggingSettingsResponse -> TestTree
+responseAssociateUserAccessLoggingSettings =
+  res
+    "AssociateUserAccessLoggingSettingsResponse"
+    "fixture/AssociateUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AssociateUserAccessLoggingSettings)
+
+responseAssociateUserSettings :: AssociateUserSettingsResponse -> TestTree
+responseAssociateUserSettings =
+  res
+    "AssociateUserSettingsResponse"
+    "fixture/AssociateUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy AssociateUserSettings)
+
+responseCreateBrowserSettings :: CreateBrowserSettingsResponse -> TestTree
+responseCreateBrowserSettings =
+  res
+    "CreateBrowserSettingsResponse"
+    "fixture/CreateBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateBrowserSettings)
+
+responseCreateIdentityProvider :: CreateIdentityProviderResponse -> TestTree
+responseCreateIdentityProvider =
+  res
+    "CreateIdentityProviderResponse"
+    "fixture/CreateIdentityProviderResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateIdentityProvider)
+
+responseCreateNetworkSettings :: CreateNetworkSettingsResponse -> TestTree
+responseCreateNetworkSettings =
+  res
+    "CreateNetworkSettingsResponse"
+    "fixture/CreateNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateNetworkSettings)
+
+responseCreatePortal :: CreatePortalResponse -> TestTree
+responseCreatePortal =
+  res
+    "CreatePortalResponse"
+    "fixture/CreatePortalResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreatePortal)
+
+responseCreateTrustStore :: CreateTrustStoreResponse -> TestTree
+responseCreateTrustStore =
+  res
+    "CreateTrustStoreResponse"
+    "fixture/CreateTrustStoreResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateTrustStore)
+
+responseCreateUserAccessLoggingSettings :: CreateUserAccessLoggingSettingsResponse -> TestTree
+responseCreateUserAccessLoggingSettings =
+  res
+    "CreateUserAccessLoggingSettingsResponse"
+    "fixture/CreateUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateUserAccessLoggingSettings)
+
+responseCreateUserSettings :: CreateUserSettingsResponse -> TestTree
+responseCreateUserSettings =
+  res
+    "CreateUserSettingsResponse"
+    "fixture/CreateUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy CreateUserSettings)
+
+responseDeleteBrowserSettings :: DeleteBrowserSettingsResponse -> TestTree
+responseDeleteBrowserSettings =
+  res
+    "DeleteBrowserSettingsResponse"
+    "fixture/DeleteBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteBrowserSettings)
+
+responseDeleteIdentityProvider :: DeleteIdentityProviderResponse -> TestTree
+responseDeleteIdentityProvider =
+  res
+    "DeleteIdentityProviderResponse"
+    "fixture/DeleteIdentityProviderResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteIdentityProvider)
+
+responseDeleteNetworkSettings :: DeleteNetworkSettingsResponse -> TestTree
+responseDeleteNetworkSettings =
+  res
+    "DeleteNetworkSettingsResponse"
+    "fixture/DeleteNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteNetworkSettings)
+
+responseDeletePortal :: DeletePortalResponse -> TestTree
+responseDeletePortal =
+  res
+    "DeletePortalResponse"
+    "fixture/DeletePortalResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeletePortal)
+
+responseDeleteTrustStore :: DeleteTrustStoreResponse -> TestTree
+responseDeleteTrustStore =
+  res
+    "DeleteTrustStoreResponse"
+    "fixture/DeleteTrustStoreResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteTrustStore)
+
+responseDeleteUserAccessLoggingSettings :: DeleteUserAccessLoggingSettingsResponse -> TestTree
+responseDeleteUserAccessLoggingSettings =
+  res
+    "DeleteUserAccessLoggingSettingsResponse"
+    "fixture/DeleteUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteUserAccessLoggingSettings)
+
+responseDeleteUserSettings :: DeleteUserSettingsResponse -> TestTree
+responseDeleteUserSettings =
+  res
+    "DeleteUserSettingsResponse"
+    "fixture/DeleteUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DeleteUserSettings)
+
+responseDisassociateBrowserSettings :: DisassociateBrowserSettingsResponse -> TestTree
+responseDisassociateBrowserSettings =
+  res
+    "DisassociateBrowserSettingsResponse"
+    "fixture/DisassociateBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DisassociateBrowserSettings)
+
+responseDisassociateNetworkSettings :: DisassociateNetworkSettingsResponse -> TestTree
+responseDisassociateNetworkSettings =
+  res
+    "DisassociateNetworkSettingsResponse"
+    "fixture/DisassociateNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DisassociateNetworkSettings)
+
+responseDisassociateTrustStore :: DisassociateTrustStoreResponse -> TestTree
+responseDisassociateTrustStore =
+  res
+    "DisassociateTrustStoreResponse"
+    "fixture/DisassociateTrustStoreResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DisassociateTrustStore)
+
+responseDisassociateUserAccessLoggingSettings :: DisassociateUserAccessLoggingSettingsResponse -> TestTree
+responseDisassociateUserAccessLoggingSettings =
+  res
+    "DisassociateUserAccessLoggingSettingsResponse"
+    "fixture/DisassociateUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DisassociateUserAccessLoggingSettings)
+
+responseDisassociateUserSettings :: DisassociateUserSettingsResponse -> TestTree
+responseDisassociateUserSettings =
+  res
+    "DisassociateUserSettingsResponse"
+    "fixture/DisassociateUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy DisassociateUserSettings)
+
+responseGetBrowserSettings :: GetBrowserSettingsResponse -> TestTree
+responseGetBrowserSettings =
+  res
+    "GetBrowserSettingsResponse"
+    "fixture/GetBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetBrowserSettings)
+
+responseGetIdentityProvider :: GetIdentityProviderResponse -> TestTree
+responseGetIdentityProvider =
+  res
+    "GetIdentityProviderResponse"
+    "fixture/GetIdentityProviderResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetIdentityProvider)
+
+responseGetNetworkSettings :: GetNetworkSettingsResponse -> TestTree
+responseGetNetworkSettings =
+  res
+    "GetNetworkSettingsResponse"
+    "fixture/GetNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetNetworkSettings)
+
+responseGetPortal :: GetPortalResponse -> TestTree
+responseGetPortal =
+  res
+    "GetPortalResponse"
+    "fixture/GetPortalResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetPortal)
+
+responseGetPortalServiceProviderMetadata :: GetPortalServiceProviderMetadataResponse -> TestTree
+responseGetPortalServiceProviderMetadata =
+  res
+    "GetPortalServiceProviderMetadataResponse"
+    "fixture/GetPortalServiceProviderMetadataResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetPortalServiceProviderMetadata)
+
+responseGetTrustStore :: GetTrustStoreResponse -> TestTree
+responseGetTrustStore =
+  res
+    "GetTrustStoreResponse"
+    "fixture/GetTrustStoreResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetTrustStore)
+
+responseGetTrustStoreCertificate :: GetTrustStoreCertificateResponse -> TestTree
+responseGetTrustStoreCertificate =
+  res
+    "GetTrustStoreCertificateResponse"
+    "fixture/GetTrustStoreCertificateResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetTrustStoreCertificate)
+
+responseGetUserAccessLoggingSettings :: GetUserAccessLoggingSettingsResponse -> TestTree
+responseGetUserAccessLoggingSettings =
+  res
+    "GetUserAccessLoggingSettingsResponse"
+    "fixture/GetUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetUserAccessLoggingSettings)
+
+responseGetUserSettings :: GetUserSettingsResponse -> TestTree
+responseGetUserSettings =
+  res
+    "GetUserSettingsResponse"
+    "fixture/GetUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy GetUserSettings)
+
+responseListBrowserSettings :: ListBrowserSettingsResponse -> TestTree
+responseListBrowserSettings =
+  res
+    "ListBrowserSettingsResponse"
+    "fixture/ListBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListBrowserSettings)
+
+responseListIdentityProviders :: ListIdentityProvidersResponse -> TestTree
+responseListIdentityProviders =
+  res
+    "ListIdentityProvidersResponse"
+    "fixture/ListIdentityProvidersResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListIdentityProviders)
+
+responseListNetworkSettings :: ListNetworkSettingsResponse -> TestTree
+responseListNetworkSettings =
+  res
+    "ListNetworkSettingsResponse"
+    "fixture/ListNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListNetworkSettings)
+
+responseListPortals :: ListPortalsResponse -> TestTree
+responseListPortals =
+  res
+    "ListPortalsResponse"
+    "fixture/ListPortalsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListPortals)
+
+responseListTagsForResource :: ListTagsForResourceResponse -> TestTree
+responseListTagsForResource =
+  res
+    "ListTagsForResourceResponse"
+    "fixture/ListTagsForResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTagsForResource)
+
+responseListTrustStoreCertificates :: ListTrustStoreCertificatesResponse -> TestTree
+responseListTrustStoreCertificates =
+  res
+    "ListTrustStoreCertificatesResponse"
+    "fixture/ListTrustStoreCertificatesResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTrustStoreCertificates)
+
+responseListTrustStores :: ListTrustStoresResponse -> TestTree
+responseListTrustStores =
+  res
+    "ListTrustStoresResponse"
+    "fixture/ListTrustStoresResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListTrustStores)
+
+responseListUserAccessLoggingSettings :: ListUserAccessLoggingSettingsResponse -> TestTree
+responseListUserAccessLoggingSettings =
+  res
+    "ListUserAccessLoggingSettingsResponse"
+    "fixture/ListUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListUserAccessLoggingSettings)
+
+responseListUserSettings :: ListUserSettingsResponse -> TestTree
+responseListUserSettings =
+  res
+    "ListUserSettingsResponse"
+    "fixture/ListUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy ListUserSettings)
+
+responseTagResource :: TagResourceResponse -> TestTree
+responseTagResource =
+  res
+    "TagResourceResponse"
+    "fixture/TagResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy TagResource)
+
+responseUntagResource :: UntagResourceResponse -> TestTree
+responseUntagResource =
+  res
+    "UntagResourceResponse"
+    "fixture/UntagResourceResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UntagResource)
+
+responseUpdateBrowserSettings :: UpdateBrowserSettingsResponse -> TestTree
+responseUpdateBrowserSettings =
+  res
+    "UpdateBrowserSettingsResponse"
+    "fixture/UpdateBrowserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateBrowserSettings)
+
+responseUpdateIdentityProvider :: UpdateIdentityProviderResponse -> TestTree
+responseUpdateIdentityProvider =
+  res
+    "UpdateIdentityProviderResponse"
+    "fixture/UpdateIdentityProviderResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateIdentityProvider)
+
+responseUpdateNetworkSettings :: UpdateNetworkSettingsResponse -> TestTree
+responseUpdateNetworkSettings =
+  res
+    "UpdateNetworkSettingsResponse"
+    "fixture/UpdateNetworkSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateNetworkSettings)
+
+responseUpdatePortal :: UpdatePortalResponse -> TestTree
+responseUpdatePortal =
+  res
+    "UpdatePortalResponse"
+    "fixture/UpdatePortalResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdatePortal)
+
+responseUpdateTrustStore :: UpdateTrustStoreResponse -> TestTree
+responseUpdateTrustStore =
+  res
+    "UpdateTrustStoreResponse"
+    "fixture/UpdateTrustStoreResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateTrustStore)
+
+responseUpdateUserAccessLoggingSettings :: UpdateUserAccessLoggingSettingsResponse -> TestTree
+responseUpdateUserAccessLoggingSettings =
+  res
+    "UpdateUserAccessLoggingSettingsResponse"
+    "fixture/UpdateUserAccessLoggingSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateUserAccessLoggingSettings)
+
+responseUpdateUserSettings :: UpdateUserSettingsResponse -> TestTree
+responseUpdateUserSettings =
+  res
+    "UpdateUserSettingsResponse"
+    "fixture/UpdateUserSettingsResponse.proto"
+    defaultService
+    (Proxy.Proxy :: Proxy.Proxy UpdateUserSettings)
diff --git a/test/Test/Amazonka/WorkSpacesWeb.hs b/test/Test/Amazonka/WorkSpacesWeb.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/WorkSpacesWeb.hs
@@ -0,0 +1,20 @@
+-- |
+-- Module      : Test.Amazonka.WorkSpacesWeb
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.WorkSpacesWeb
+  ( tests,
+    fixtures,
+  )
+where
+
+import Test.Tasty (TestTree)
+
+tests :: [TestTree]
+tests = []
+
+fixtures :: [TestTree]
+fixtures = []
diff --git a/test/Test/Amazonka/WorkSpacesWeb/Internal.hs b/test/Test/Amazonka/WorkSpacesWeb/Internal.hs
new file mode 100644
--- /dev/null
+++ b/test/Test/Amazonka/WorkSpacesWeb/Internal.hs
@@ -0,0 +1,8 @@
+-- |
+-- Module      : Test.Amazonka.WorkSpacesWeb.Internal
+-- Copyright   : (c) 2013-2023 Brendan Hay
+-- License     : Mozilla Public License, v. 2.0.
+-- Maintainer  : Brendan Hay
+-- Stability   : auto-generated
+-- Portability : non-portable (GHC extensions)
+module Test.Amazonka.WorkSpacesWeb.Internal where
