Updating GetDataAccess response for S3 Access Grants to include the matched Grantee for the requested prefix

Author: aws-sdk-dotnet-automation

generator/ServiceModels/s3control/s3control-2018-08-20.api.json

@@ -3416,7 +3416,8 @@
       "type":"structure",
       "members":{
         "Credentials":{"shape":"Credentials"},
-        "MatchedGrantTarget":{"shape":"S3Prefix"}
+        "MatchedGrantTarget":{"shape":"S3Prefix"},
+        "Grantee":{"shape":"Grantee"}
       }
     },
     "GetJobTaggingRequest":{

generator/ServiceModels/s3control/s3control-2018-08-20.docs.json

@@ -1336,6 +1336,7 @@
         "CreateAccessGrantRequest$Grantee": "<p>The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.</p>",
         "CreateAccessGrantResult$Grantee": "<p>The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.</p>",
         "GetAccessGrantResult$Grantee": "<p>The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added a corporate directory to Amazon Web Services IAM Identity Center and associated this Identity Center instance with the S3 Access Grants instance, the grantee can also be a corporate directory user or group.</p>",
+        "GetDataAccessResult$Grantee": "<p>The user, group, or role that was granted access to the S3 location scope. For directory identities, this API also returns the grants of the IAM role used for the identity-aware request. For more information on identity-aware sessions, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_sts-setcontext.html\">Granting permissions to use identity-aware console sessions</a>. </p>",
         "ListAccessGrantEntry$Grantee": "<p>The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.</p>"
       }
     },

generator/ServiceModels/s3control/s3control-2018-08-20.normal.json

@@ -4165,6 +4165,10 @@
         "MatchedGrantTarget":{
           "shape":"S3Prefix",
           "documentation":"<p>The S3 URI path of the data to which you are being granted temporary access credentials. </p>"
+        },
+        "Grantee":{
+          "shape":"Grantee",
+          "documentation":"<p>The user, group, or role that was granted access to the S3 location scope. For directory identities, this API also returns the grants of the IAM role used for the identity-aware request. For more information on identity-aware sessions, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_sts-setcontext.html\">Granting permissions to use identity-aware console sessions</a>. </p>"
         }
       }
     },

sdk/src/Services/S3Control/Generated/Model/GetDataAccessResponse.cs

@@ -35,6 +35,7 @@ namespace Amazon.S3Control.Model
     public partial class GetDataAccessResponse : AmazonWebServiceResponse
     {
         private Credentials _credentials;
+        private Grantee _grantee;
         private string _matchedGrantTarget;
 
         /// <summary>
@@ -56,6 +57,27 @@ internal bool IsSetCredentials()
             return this._credentials != null;
         }
 
+        /// <summary>
+        /// Gets and sets the property Grantee. 
+        /// <para>
+        /// The user, group, or role that was granted access to the S3 location scope. For directory
+        /// identities, this API also returns the grants of the IAM role used for the identity-aware
+        /// request. For more information on identity-aware sessions, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_sts-setcontext.html">Granting
+        /// permissions to use identity-aware console sessions</a>. 
+        /// </para>
+        /// </summary>
+        public Grantee Grantee
+        {
+            get { return this._grantee; }
+            set { this._grantee = value; }
+        }
+
+        // Check to see if Grantee property is set
+        internal bool IsSetGrantee()
+        {
+            return this._grantee != null;
+        }
+
         /// <summary>
         /// Gets and sets the property MatchedGrantTarget. 
         /// <para>

sdk/src/Services/S3Control/Generated/Model/Internal/MarshallTransformations/GetDataAccessResponseUnmarshaller.cs

@@ -71,6 +71,12 @@ private static void UnmarshallResult(XmlUnmarshallerContext context, GetDataAcce
                         response.Credentials = unmarshaller.Unmarshall(context);
                         continue;
                     }
+                    if (context.TestExpression("Grantee", targetDepth))
+                    {
+                        var unmarshaller = GranteeUnmarshaller.Instance;
+                        response.Grantee = unmarshaller.Unmarshall(context);
+                        continue;
+                    }
                     if (context.TestExpression("MatchedGrantTarget", targetDepth))
                     {
                         var unmarshaller = StringUnmarshaller.Instance;