ACM
AddTagsToCertificate
valid {
input.Body.CertificateArn == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteCertificate
valid {
input.Body.CertificateArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeCertificate
valid {
input.Body.CertificateArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ExportCertificate
valid {
input.Body.CertificateArn == STRING
input.Body.Passphrase == BLOB
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetAccountConfiguration
valid {
input.Body.CertificateArn == STRING
input.Body.Passphrase == BLOB
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetCertificate
valid {
input.Body.CertificateArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ImportCertificate
valid {
input.Body.CertificateArn == STRING
input.Body.Certificate == BLOB
input.Body.PrivateKey == BLOB
input.Body.CertificateChain == BLOB
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListCertificates
enum_CertificateStatus := [ "PENDING_VALIDATION", "ISSUED", "INACTIVE", "EXPIRED", "VALIDATION_TIMED_OUT", "REVOKED", "FAILED" ]
enum_ExtendedKeyUsageName := [ "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM" ]
enum_KeyAlgorithm := [ "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1" ]
enum_KeyUsageName := [ "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM" ]
enum_SortBy := [ "CREATED_AT" ]
enum_SortOrder := [ "ASCENDING", "DESCENDING" ]
valid {
input.Body.CertificateStatuses[_] == enum_CertificateStatus[_]
input.Body.Includes.extendedKeyUsage[_] == enum_ExtendedKeyUsageName[_]
input.Body.Includes.keyUsage[_] == enum_KeyUsageName[_]
input.Body.Includes.keyTypes[_] == enum_KeyAlgorithm[_]
input.Body.NextToken == STRING
input.Body.MaxItems == INTEGER
input.Body.SortBy == enum_SortBy[_]
input.Body.SortOrder == enum_SortOrder[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTagsForCertificate
valid {
input.Body.CertificateArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutAccountConfiguration
valid {
input.Body.ExpiryEvents.DaysBeforeExpiry == INTEGER
input.Body.IdempotencyToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RemoveTagsFromCertificate
valid {
input.Body.CertificateArn == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RenewCertificate
valid {
input.Body.CertificateArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RequestCertificate
enum_CertificateTransparencyLoggingPreference := [ "ENABLED", "DISABLED" ]
enum_KeyAlgorithm := [ "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1" ]
enum_ValidationMethod := [ "EMAIL", "DNS" ]
valid {
input.Body.DomainName == STRING
input.Body.ValidationMethod == enum_ValidationMethod[_]
input.Body.SubjectAlternativeNames[_] == STRING
input.Body.IdempotencyToken == STRING
input.Body.DomainValidationOptions[_].DomainName == STRING
input.Body.DomainValidationOptions[_].ValidationDomain == STRING
input.Body.Options.CertificateTransparencyLoggingPreference == enum_CertificateTransparencyLoggingPreference[_]
input.Body.CertificateAuthorityArn == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.Body.KeyAlgorithm == enum_KeyAlgorithm[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ResendValidationEmail
valid {
input.Body.CertificateArn == STRING
input.Body.Domain == STRING
input.Body.ValidationDomain == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateCertificateOptions
enum_CertificateTransparencyLoggingPreference := [ "ENABLED", "DISABLED" ]
valid {
input.Body.CertificateArn == STRING
input.Body.Options.CertificateTransparencyLoggingPreference == enum_CertificateTransparencyLoggingPreference[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 23 days ago