APIGATEWAY

CreateApi

enum_ProtocolType := [ "WEBSOCKET", "HTTP" ]

valid {
    input.Body.apiKeySelectionExpression == STRING
    input.Body.corsConfiguration.allowCredentials == BOOLEAN
    input.Body.corsConfiguration.allowHeaders[_] == STRING
    input.Body.corsConfiguration.allowMethods[_] == STRING
    input.Body.corsConfiguration.allowOrigins[_] == STRING
    input.Body.corsConfiguration.exposeHeaders[_] == STRING
    input.Body.corsConfiguration.maxAge == INTEGER
    input.Body.credentialsArn == STRING
    input.Body.description == STRING
    input.Body.disableSchemaValidation == BOOLEAN
    input.Body.disableExecuteApiEndpoint == BOOLEAN
    input.Body.name == STRING
    input.Body.protocolType == enum_ProtocolType[_]
    input.Body.routeKey == STRING
    input.Body.routeSelectionExpression == STRING
    input.Body.tags.STRING == STRING
    input.Body.target == STRING
    input.Body.version == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateApiKey

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.enabled == BOOLEAN
    input.Body.generateDistinctId == BOOLEAN
    input.Body.value == STRING
    input.Body.stageKeys[_].restApiId == STRING
    input.Body.stageKeys[_].stageName == STRING
    input.Body.customerId == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateApiMapping

valid {
    input.Body.apiId == STRING
    input.Body.apiMappingKey == STRING
    input.Body.stage == STRING
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAuthorizer

enum_AuthorizerType := [ "REQUEST", "JWT" ]

valid {
    input.Body.authorizerCredentialsArn == STRING
    input.Body.authorizerPayloadFormatVersion == STRING
    input.Body.authorizerResultTtlInSeconds == INTEGER
    input.Body.authorizerType == enum_AuthorizerType[_]
    input.Body.authorizerUri == STRING
    input.Body.enableSimpleResponses == BOOLEAN
    input.Body.identitySource[_] == STRING
    input.Body.identityValidationExpression == STRING
    input.Body.jwtConfiguration.audience[_] == STRING
    input.Body.jwtConfiguration.issuer == STRING
    input.Body.name == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateBasePathMapping

valid {
    input.Body.basePath == STRING
    input.Body.restApiId == STRING
    input.Body.stage == STRING
    input.ReqMap.domain_name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateDeployment

valid {
    input.Body.description == STRING
    input.Body.stageName == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateDocumentationPart

enum_DocumentationPartType := [ "API", "AUTHORIZER", "MODEL", "RESOURCE", "METHOD", "PATH_PARAMETER", "QUERY_PARAMETER", "REQUEST_HEADER", "REQUEST_BODY", "RESPONSE", "RESPONSE_HEADER", "RESPONSE_BODY" ]

valid {
    input.Body.location.type == enum_DocumentationPartType[_]
    input.Body.location.path == STRING
    input.Body.location.method == STRING
    input.Body.location.statusCode == STRING
    input.Body.location.name == STRING
    input.Body.properties == STRING
    input.ReqMap.restapi_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateDocumentationVersion

valid {
    input.Body.documentationVersion == STRING
    input.Body.stageName == STRING
    input.Body.description == STRING
    input.ReqMap.restapi_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateDomainName

enum_DomainNameStatus := [ "AVAILABLE", "UPDATING", "PENDING_CERTIFICATE_REIMPORT", "PENDING_OWNERSHIP_VERIFICATION" ]
enum_EndpointType := [ "REGIONAL", "EDGE" ]
enum_SecurityPolicy := [ "TLS_1_0", "TLS_1_2" ]

valid {
    input.Body.domainName == STRING
    input.Body.domainNameConfigurations[_].apiGatewayDomainName == STRING
    input.Body.domainNameConfigurations[_].certificateArn == STRING
    input.Body.domainNameConfigurations[_].certificateName == STRING
    input.Body.domainNameConfigurations[_].certificateUploadDate == TIMESTAMP
    input.Body.domainNameConfigurations[_].domainNameStatus == enum_DomainNameStatus[_]
    input.Body.domainNameConfigurations[_].domainNameStatusMessage == STRING
    input.Body.domainNameConfigurations[_].endpointType == enum_EndpointType[_]
    input.Body.domainNameConfigurations[_].hostedZoneId == STRING
    input.Body.domainNameConfigurations[_].securityPolicy == enum_SecurityPolicy[_]
    input.Body.domainNameConfigurations[_].ownershipVerificationCertificateArn == STRING
    input.Body.mutualTlsAuthentication.truststoreUri == STRING
    input.Body.mutualTlsAuthentication.truststoreVersion == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateIntegration

enum_ConnectionType := [ "INTERNET", "VPC_LINK" ]
enum_ContentHandlingStrategy := [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" ]
enum_IntegrationType := [ "AWS", "HTTP", "MOCK", "HTTP_PROXY", "AWS_PROXY" ]
enum_PassthroughBehavior := [ "WHEN_NO_MATCH", "NEVER", "WHEN_NO_TEMPLATES" ]

valid {
    input.Body.connectionId == STRING
    input.Body.connectionType == enum_ConnectionType[_]
    input.Body.contentHandlingStrategy == enum_ContentHandlingStrategy[_]
    input.Body.credentialsArn == STRING
    input.Body.description == STRING
    input.Body.integrationMethod == STRING
    input.Body.integrationSubtype == STRING
    input.Body.integrationType == enum_IntegrationType[_]
    input.Body.integrationUri == STRING
    input.Body.passthroughBehavior == enum_PassthroughBehavior[_]
    input.Body.payloadFormatVersion == STRING
    input.Body.requestParameters.STRING == STRING
    input.Body.requestTemplates.STRING == STRING
    input.Body.responseParameters.STRING.STRING == STRING
    input.Body.templateSelectionExpression == STRING
    input.Body.timeoutInMillis == INTEGER
    input.Body.tlsConfig.serverNameToVerify == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateIntegrationResponse

enum_ContentHandlingStrategy := [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" ]

valid {
    input.Body.contentHandlingStrategy == enum_ContentHandlingStrategy[_]
    input.Body.integrationResponseKey == STRING
    input.Body.responseParameters.STRING == STRING
    input.Body.responseTemplates.STRING == STRING
    input.Body.templateSelectionExpression == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateModel

valid {
    input.Body.contentType == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.schema == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateRequestValidator

valid {
    input.Body.name == STRING
    input.Body.validateRequestBody == BOOLEAN
    input.Body.validateRequestParameters == BOOLEAN
    input.ReqMap.restapi_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateResource

valid {
    input.Body.pathPart == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.parent_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateRestApi

enum_ApiKeySourceType := [ "HEADER", "AUTHORIZER" ]
enum_EndpointType := [ "REGIONAL", "EDGE", "PRIVATE" ]

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.version == STRING
    input.Body.cloneFrom == STRING
    input.Body.binaryMediaTypes[_] == STRING
    input.Body.minimumCompressionSize == INTEGER
    input.Body.apiKeySource == enum_ApiKeySourceType[_]
    input.Body.endpointConfiguration.types[_] == enum_EndpointType[_]
    input.Body.endpointConfiguration.vpcEndpointIds[_] == STRING
    input.Body.policy == STRING
    input.Body.tags.STRING == STRING
    input.Body.disableExecuteApiEndpoint == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateRoute

enum_AuthorizationType := [ "NONE", "AWS_IAM", "CUSTOM", "JWT" ]

valid {
    input.Body.apiKeyRequired == BOOLEAN
    input.Body.authorizationScopes[_] == STRING
    input.Body.authorizationType == enum_AuthorizationType[_]
    input.Body.authorizerId == STRING
    input.Body.modelSelectionExpression == STRING
    input.Body.operationName == STRING
    input.Body.requestModels.STRING == STRING
    input.Body.requestParameters.STRING.required == BOOLEAN
    input.Body.routeKey == STRING
    input.Body.routeResponseSelectionExpression == STRING
    input.Body.target == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateRouteResponse

valid {
    input.Body.modelSelectionExpression == STRING
    input.Body.responseModels.STRING == STRING
    input.Body.responseParameters.STRING.required == BOOLEAN
    input.Body.routeResponseKey == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateStage

enum_LoggingLevel := [ "ERROR", "INFO", "OFF" ]

valid {
    input.Body.accessLogSettings.destinationArn == STRING
    input.Body.accessLogSettings.format == STRING
    input.Body.autoDeploy == BOOLEAN
    input.Body.clientCertificateId == STRING
    input.Body.defaultRouteSettings.dataTraceEnabled == BOOLEAN
    input.Body.defaultRouteSettings.detailedMetricsEnabled == BOOLEAN
    input.Body.defaultRouteSettings.loggingLevel == enum_LoggingLevel[_]
    input.Body.defaultRouteSettings.throttlingBurstLimit == INTEGER
    input.Body.defaultRouteSettings.throttlingRateLimit == DOUBLE
    input.Body.deploymentId == STRING
    input.Body.description == STRING
    input.Body.routeSettings.STRING.dataTraceEnabled == BOOLEAN
    input.Body.routeSettings.STRING.detailedMetricsEnabled == BOOLEAN
    input.Body.routeSettings.STRING.loggingLevel == enum_LoggingLevel[_]
    input.Body.routeSettings.STRING.throttlingBurstLimit == INTEGER
    input.Body.routeSettings.STRING.throttlingRateLimit == DOUBLE
    input.Body.stageName == STRING
    input.Body.stageVariables.STRING == STRING
    input.Body.tags.STRING == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateUsagePlan

enum_QuotaPeriodType := [ "DAY", "WEEK", "MONTH" ]

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.apiStages[_].apiId == STRING
    input.Body.apiStages[_].stage == STRING
    input.Body.apiStages[_].throttle.STRING.burstLimit == INTEGER
    input.Body.apiStages[_].throttle.STRING.rateLimit == DOUBLE
    input.Body.throttle.burstLimit == INTEGER
    input.Body.throttle.rateLimit == DOUBLE
    input.Body.quota.limit == INTEGER
    input.Body.quota.offset == INTEGER
    input.Body.quota.period == enum_QuotaPeriodType[_]
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateUsagePlanKey

valid {
    input.Body.keyId == STRING
    input.Body.keyType == STRING
    input.ReqMap.usageplanId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateVpcLink

valid {
    input.Body.name == STRING
    input.Body.securityGroupIds[_] == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAccessLogSettings

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteApi

valid {
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteApiKey

valid {
    input.ReqMap.api_Key == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteApiMapping

valid {
    input.ReqMap.apiMappingId == STRING
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAuthorizer

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.authorizerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteBasePathMapping

valid {
    input.ReqMap.domain_name == STRING
    input.ReqMap.base_path == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteClientCertificate

valid {
    input.ReqMap.clientcertificate_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteCorsConfiguration

valid {
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteDeployment

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.deploymentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteDocumentationPart

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.part_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteDocumentationVersion

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.doc_version == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteDomainName

valid {
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteGatewayResponse

enum_GatewayResponseType := [ "DEFAULT_4XX", "DEFAULT_5XX", "RESOURCE_NOT_FOUND", "UNAUTHORIZED", "INVALID_API_KEY", "ACCESS_DENIED", "AUTHORIZER_FAILURE", "AUTHORIZER_CONFIGURATION_ERROR", "INVALID_SIGNATURE", "EXPIRED_TOKEN", "MISSING_AUTHENTICATION_TOKEN", "INTEGRATION_FAILURE", "INTEGRATION_TIMEOUT", "API_CONFIGURATION_ERROR", "UNSUPPORTED_MEDIA_TYPE", "BAD_REQUEST_PARAMETERS", "BAD_REQUEST_BODY", "REQUEST_TOO_LARGE", "THROTTLED", "QUOTA_EXCEEDED", "WAF_FILTERED" ]

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.response_type == enum_GatewayResponseType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteIntegration

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteIntegrationResponse

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ReqMap.integrationResponseId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteMethod

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteMethodResponse

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ReqMap.status_code == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteModel

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.modelId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteRequestValidator

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.requestvalidator_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteResource

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteRestApi

valid {
    input.ReqMap.restapi_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteRoute

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteRouteRequestParameter

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.requestParameterKey == STRING
    input.ReqMap.routeId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteRouteResponse

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ReqMap.routeResponseId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteRouteSettings

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.routeKey == STRING
    input.ReqMap.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteStage

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteUsagePlan

valid {
    input.ReqMap.usageplanId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteUsagePlanKey

valid {
    input.ReqMap.usageplanId == STRING
    input.ReqMap.keyId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteVpcLink

valid {
    input.ReqMap.vpcLinkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ExportApi

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.specification == STRING
    input.Qs.exportVersion == STRING
    input.Qs.includeExtensions == BOOLEAN
    input.Qs.outputType == STRING
    input.Qs.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

FlushStageAuthorizersCache

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.stage_name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

FlushStageCache

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.stage_name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GenerateClientCertificate

valid {
    input.Body.description == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAccount

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApi

valid {
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApiKey

valid {
    input.ReqMap.api_Key == STRING
    input.Qs.includeValue == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApiKeys

valid {
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.Qs.name == STRING
    input.Qs.customerId == STRING
    input.Qs.includeValues == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApiMapping

valid {
    input.ReqMap.apiMappingId == STRING
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApiMappings

valid {
    input.ReqMap.domainName == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApis

valid {
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAuthorizer

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.authorizerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAuthorizers

valid {
    input.ReqMap.apiId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetBasePathMapping

valid {
    input.ReqMap.domain_name == STRING
    input.ReqMap.base_path == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetBasePathMappings

valid {
    input.ReqMap.domain_name == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetClientCertificate

valid {
    input.ReqMap.clientcertificate_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetClientCertificates

valid {
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDeployment

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.deploymentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDeployments

valid {
    input.ReqMap.apiId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDocumentationPart

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.part_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDocumentationParts

enum_DocumentationPartType := [ "API", "AUTHORIZER", "MODEL", "RESOURCE", "METHOD", "PATH_PARAMETER", "QUERY_PARAMETER", "REQUEST_HEADER", "REQUEST_BODY", "RESPONSE", "RESPONSE_HEADER", "RESPONSE_BODY" ]
enum_LocationStatusType := [ "DOCUMENTED", "UNDOCUMENTED" ]

valid {
    input.ReqMap.restapi_id == STRING
    input.Qs.type == enum_DocumentationPartType[_]
    input.Qs.name == STRING
    input.Qs.path == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.Qs.locationStatus == enum_LocationStatusType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDocumentationVersion

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.doc_version == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDocumentationVersions

valid {
    input.ReqMap.restapi_id == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDomainName

valid {
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDomainNames

valid {
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetExport

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.stage_name == STRING
    input.ReqMap.export_type == STRING
    input.Qs.parameters.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetGatewayResponse

enum_GatewayResponseType := [ "DEFAULT_4XX", "DEFAULT_5XX", "RESOURCE_NOT_FOUND", "UNAUTHORIZED", "INVALID_API_KEY", "ACCESS_DENIED", "AUTHORIZER_FAILURE", "AUTHORIZER_CONFIGURATION_ERROR", "INVALID_SIGNATURE", "EXPIRED_TOKEN", "MISSING_AUTHENTICATION_TOKEN", "INTEGRATION_FAILURE", "INTEGRATION_TIMEOUT", "API_CONFIGURATION_ERROR", "UNSUPPORTED_MEDIA_TYPE", "BAD_REQUEST_PARAMETERS", "BAD_REQUEST_BODY", "REQUEST_TOO_LARGE", "THROTTLED", "QUOTA_EXCEEDED", "WAF_FILTERED" ]

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.response_type == enum_GatewayResponseType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetGatewayResponses

valid {
    input.ReqMap.restapi_id == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIntegration

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIntegrationResponse

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ReqMap.integrationResponseId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIntegrationResponses

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIntegrations

valid {
    input.ReqMap.apiId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetMethod

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetMethodResponse

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ReqMap.status_code == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetModel

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.modelId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetModelTemplate

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.modelId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetModels

valid {
    input.ReqMap.apiId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRequestValidator

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.requestvalidator_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRequestValidators

valid {
    input.ReqMap.restapi_id == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetResource

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.Qs.embed[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetResources

valid {
    input.ReqMap.restapi_id == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.Qs.embed[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRestApi

valid {
    input.ReqMap.restapi_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRestApis

valid {
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRoute

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRouteResponse

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ReqMap.routeResponseId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRouteResponses

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRoutes

valid {
    input.ReqMap.apiId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSdk

valid {
    input.ReqMap.restapi_id == STRING
    input.ReqMap.stage_name == STRING
    input.ReqMap.sdk_type == STRING
    input.Qs.parameters.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSdkType

valid {
    input.ReqMap.sdktype_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSdkTypes

valid {
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetStage

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetStages

valid {
    input.ReqMap.apiId == STRING
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTags

valid {
    input.ReqMap.resource-arn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUsage

valid {
    input.ReqMap.usageplanId == STRING
    input.Qs.keyId == STRING
    input.Qs.startDate == STRING
    input.Qs.endDate == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUsagePlan

valid {
    input.ReqMap.usageplanId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUsagePlanKey

valid {
    input.ReqMap.usageplanId == STRING
    input.ReqMap.keyId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUsagePlanKeys

valid {
    input.ReqMap.usageplanId == STRING
    input.Qs.position == STRING
    input.Qs.limit == INTEGER
    input.Qs.name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUsagePlans

valid {
    input.Qs.position == STRING
    input.Qs.keyId == STRING
    input.Qs.limit == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetVpcLink

valid {
    input.ReqMap.vpcLinkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetVpcLinks

valid {
    input.Qs.maxResults == STRING
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportApi

valid {
    input.Body.body == STRING
    input.Qs.basepath == STRING
    input.Qs.failOnWarnings == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportApiKeys

enum_ApiKeysFormat := [ "csv" ]

valid {
    input.Body.body == BLOB
    input.Qs.format == enum_ApiKeysFormat[_]
    input.Qs.failonwarnings == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportDocumentationParts

enum_PutMode := [ "merge", "overwrite" ]

valid {
    input.Body.body == BLOB
    input.ReqMap.restapi_id == STRING
    input.Qs.mode == enum_PutMode[_]
    input.Qs.failonwarnings == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportRestApi

valid {
    input.Body.body == BLOB
    input.Qs.failonwarnings == BOOLEAN
    input.Qs.parameters.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutGatewayResponse

enum_GatewayResponseType := [ "DEFAULT_4XX", "DEFAULT_5XX", "RESOURCE_NOT_FOUND", "UNAUTHORIZED", "INVALID_API_KEY", "ACCESS_DENIED", "AUTHORIZER_FAILURE", "AUTHORIZER_CONFIGURATION_ERROR", "INVALID_SIGNATURE", "EXPIRED_TOKEN", "MISSING_AUTHENTICATION_TOKEN", "INTEGRATION_FAILURE", "INTEGRATION_TIMEOUT", "API_CONFIGURATION_ERROR", "UNSUPPORTED_MEDIA_TYPE", "BAD_REQUEST_PARAMETERS", "BAD_REQUEST_BODY", "REQUEST_TOO_LARGE", "THROTTLED", "QUOTA_EXCEEDED", "WAF_FILTERED" ]

valid {
    input.Body.statusCode == STRING
    input.Body.responseParameters.STRING == STRING
    input.Body.responseTemplates.STRING == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.response_type == enum_GatewayResponseType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutIntegration

enum_ConnectionType := [ "INTERNET", "VPC_LINK" ]
enum_ContentHandlingStrategy := [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" ]
enum_IntegrationType := [ "HTTP", "AWS", "MOCK", "HTTP_PROXY", "AWS_PROXY" ]

valid {
    input.Body.type == enum_IntegrationType[_]
    input.Body.httpMethod == STRING
    input.Body.uri == STRING
    input.Body.connectionType == enum_ConnectionType[_]
    input.Body.connectionId == STRING
    input.Body.credentials == STRING
    input.Body.requestParameters.STRING == STRING
    input.Body.requestTemplates.STRING == STRING
    input.Body.passthroughBehavior == STRING
    input.Body.cacheNamespace == STRING
    input.Body.cacheKeyParameters[_] == STRING
    input.Body.contentHandling == enum_ContentHandlingStrategy[_]
    input.Body.timeoutInMillis == INTEGER
    input.Body.tlsConfig.insecureSkipVerification == BOOLEAN
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutIntegrationResponse

enum_ContentHandlingStrategy := [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" ]

valid {
    input.Body.selectionPattern == STRING
    input.Body.responseParameters.STRING == STRING
    input.Body.responseTemplates.STRING == STRING
    input.Body.contentHandling == enum_ContentHandlingStrategy[_]
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ReqMap.status_code == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutMethod

valid {
    input.Body.authorizationType == STRING
    input.Body.authorizerId == STRING
    input.Body.apiKeyRequired == BOOLEAN
    input.Body.operationName == STRING
    input.Body.requestParameters.STRING == BOOLEAN
    input.Body.requestModels.STRING == STRING
    input.Body.requestValidatorId == STRING
    input.Body.authorizationScopes[_] == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutMethodResponse

valid {
    input.Body.responseParameters.STRING == BOOLEAN
    input.Body.responseModels.STRING == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ReqMap.status_code == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutRestApi

enum_PutMode := [ "merge", "overwrite" ]

valid {
    input.Body.body == BLOB
    input.ReqMap.restapi_id == STRING
    input.Qs.mode == enum_PutMode[_]
    input.Qs.failonwarnings == BOOLEAN
    input.Qs.parameters.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ReimportApi

valid {
    input.Body.body == STRING
    input.ReqMap.apiId == STRING
    input.Qs.basepath == STRING
    input.Qs.failOnWarnings == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ResetAuthorizersCache

valid {
    input.ReqMap.apiId == STRING
    input.ReqMap.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.tags.STRING == STRING
    input.ReqMap.resource-arn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TestInvokeAuthorizer

valid {
    input.Body.headers.STRING == STRING
    input.Body.multiValueHeaders.STRING[_] == STRING
    input.Body.pathWithQueryString == STRING
    input.Body.body == STRING
    input.Body.stageVariables.STRING == STRING
    input.Body.additionalContext.STRING == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.authorizer_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TestInvokeMethod

valid {
    input.Body.pathWithQueryString == STRING
    input.Body.body == STRING
    input.Body.headers.STRING == STRING
    input.Body.multiValueHeaders.STRING[_] == STRING
    input.Body.clientCertificateId == STRING
    input.Body.stageVariables.STRING == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.ReqMap.resource-arn == STRING
    input.Qs.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAccount

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateApi

valid {
    input.Body.apiKeySelectionExpression == STRING
    input.Body.corsConfiguration.allowCredentials == BOOLEAN
    input.Body.corsConfiguration.allowHeaders[_] == STRING
    input.Body.corsConfiguration.allowMethods[_] == STRING
    input.Body.corsConfiguration.allowOrigins[_] == STRING
    input.Body.corsConfiguration.exposeHeaders[_] == STRING
    input.Body.corsConfiguration.maxAge == INTEGER
    input.Body.credentialsArn == STRING
    input.Body.description == STRING
    input.Body.disableSchemaValidation == BOOLEAN
    input.Body.disableExecuteApiEndpoint == BOOLEAN
    input.Body.name == STRING
    input.Body.routeKey == STRING
    input.Body.routeSelectionExpression == STRING
    input.Body.target == STRING
    input.Body.version == STRING
    input.ReqMap.apiId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateApiKey

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.api_Key == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateApiMapping

valid {
    input.Body.apiId == STRING
    input.Body.apiMappingKey == STRING
    input.Body.stage == STRING
    input.ReqMap.apiMappingId == STRING
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAuthorizer

enum_AuthorizerType := [ "REQUEST", "JWT" ]

valid {
    input.Body.authorizerCredentialsArn == STRING
    input.Body.authorizerPayloadFormatVersion == STRING
    input.Body.authorizerResultTtlInSeconds == INTEGER
    input.Body.authorizerType == enum_AuthorizerType[_]
    input.Body.authorizerUri == STRING
    input.Body.enableSimpleResponses == BOOLEAN
    input.Body.identitySource[_] == STRING
    input.Body.identityValidationExpression == STRING
    input.Body.jwtConfiguration.audience[_] == STRING
    input.Body.jwtConfiguration.issuer == STRING
    input.Body.name == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.authorizerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateBasePathMapping

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.domain_name == STRING
    input.ReqMap.base_path == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateClientCertificate

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.clientcertificate_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateDeployment

valid {
    input.Body.description == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.deploymentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateDocumentationPart

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.part_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateDocumentationVersion

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.doc_version == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateDomainName

enum_DomainNameStatus := [ "AVAILABLE", "UPDATING", "PENDING_CERTIFICATE_REIMPORT", "PENDING_OWNERSHIP_VERIFICATION" ]
enum_EndpointType := [ "REGIONAL", "EDGE" ]
enum_SecurityPolicy := [ "TLS_1_0", "TLS_1_2" ]

valid {
    input.Body.domainNameConfigurations[_].apiGatewayDomainName == STRING
    input.Body.domainNameConfigurations[_].certificateArn == STRING
    input.Body.domainNameConfigurations[_].certificateName == STRING
    input.Body.domainNameConfigurations[_].certificateUploadDate == TIMESTAMP
    input.Body.domainNameConfigurations[_].domainNameStatus == enum_DomainNameStatus[_]
    input.Body.domainNameConfigurations[_].domainNameStatusMessage == STRING
    input.Body.domainNameConfigurations[_].endpointType == enum_EndpointType[_]
    input.Body.domainNameConfigurations[_].hostedZoneId == STRING
    input.Body.domainNameConfigurations[_].securityPolicy == enum_SecurityPolicy[_]
    input.Body.domainNameConfigurations[_].ownershipVerificationCertificateArn == STRING
    input.Body.mutualTlsAuthentication.truststoreUri == STRING
    input.Body.mutualTlsAuthentication.truststoreVersion == STRING
    input.ReqMap.domainName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateGatewayResponse

enum_GatewayResponseType := [ "DEFAULT_4XX", "DEFAULT_5XX", "RESOURCE_NOT_FOUND", "UNAUTHORIZED", "INVALID_API_KEY", "ACCESS_DENIED", "AUTHORIZER_FAILURE", "AUTHORIZER_CONFIGURATION_ERROR", "INVALID_SIGNATURE", "EXPIRED_TOKEN", "MISSING_AUTHENTICATION_TOKEN", "INTEGRATION_FAILURE", "INTEGRATION_TIMEOUT", "API_CONFIGURATION_ERROR", "UNSUPPORTED_MEDIA_TYPE", "BAD_REQUEST_PARAMETERS", "BAD_REQUEST_BODY", "REQUEST_TOO_LARGE", "THROTTLED", "QUOTA_EXCEEDED", "WAF_FILTERED" ]
enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.response_type == enum_GatewayResponseType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateIntegration

enum_ConnectionType := [ "INTERNET", "VPC_LINK" ]
enum_ContentHandlingStrategy := [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" ]
enum_IntegrationType := [ "AWS", "HTTP", "MOCK", "HTTP_PROXY", "AWS_PROXY" ]
enum_PassthroughBehavior := [ "WHEN_NO_MATCH", "NEVER", "WHEN_NO_TEMPLATES" ]

valid {
    input.Body.connectionId == STRING
    input.Body.connectionType == enum_ConnectionType[_]
    input.Body.contentHandlingStrategy == enum_ContentHandlingStrategy[_]
    input.Body.credentialsArn == STRING
    input.Body.description == STRING
    input.Body.integrationMethod == STRING
    input.Body.integrationSubtype == STRING
    input.Body.integrationType == enum_IntegrationType[_]
    input.Body.integrationUri == STRING
    input.Body.passthroughBehavior == enum_PassthroughBehavior[_]
    input.Body.payloadFormatVersion == STRING
    input.Body.requestParameters.STRING == STRING
    input.Body.requestTemplates.STRING == STRING
    input.Body.responseParameters.STRING.STRING == STRING
    input.Body.templateSelectionExpression == STRING
    input.Body.timeoutInMillis == INTEGER
    input.Body.tlsConfig.serverNameToVerify == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateIntegrationResponse

enum_ContentHandlingStrategy := [ "CONVERT_TO_BINARY", "CONVERT_TO_TEXT" ]

valid {
    input.Body.contentHandlingStrategy == enum_ContentHandlingStrategy[_]
    input.Body.integrationResponseKey == STRING
    input.Body.responseParameters.STRING == STRING
    input.Body.responseTemplates.STRING == STRING
    input.Body.templateSelectionExpression == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.integrationId == STRING
    input.ReqMap.integrationResponseId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateMethod

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateMethodResponse

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ReqMap.http_method == STRING
    input.ReqMap.status_code == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateModel

valid {
    input.Body.contentType == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.schema == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.modelId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateRequestValidator

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.requestvalidator_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateResource

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ReqMap.resource_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateRestApi

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.restapi_id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateRoute

enum_AuthorizationType := [ "NONE", "AWS_IAM", "CUSTOM", "JWT" ]

valid {
    input.Body.apiKeyRequired == BOOLEAN
    input.Body.authorizationScopes[_] == STRING
    input.Body.authorizationType == enum_AuthorizationType[_]
    input.Body.authorizerId == STRING
    input.Body.modelSelectionExpression == STRING
    input.Body.operationName == STRING
    input.Body.requestModels.STRING == STRING
    input.Body.requestParameters.STRING.required == BOOLEAN
    input.Body.routeKey == STRING
    input.Body.routeResponseSelectionExpression == STRING
    input.Body.target == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateRouteResponse

valid {
    input.Body.modelSelectionExpression == STRING
    input.Body.responseModels.STRING == STRING
    input.Body.responseParameters.STRING.required == BOOLEAN
    input.Body.routeResponseKey == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.routeId == STRING
    input.ReqMap.routeResponseId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateStage

enum_LoggingLevel := [ "ERROR", "INFO", "OFF" ]

valid {
    input.Body.accessLogSettings.destinationArn == STRING
    input.Body.accessLogSettings.format == STRING
    input.Body.autoDeploy == BOOLEAN
    input.Body.clientCertificateId == STRING
    input.Body.defaultRouteSettings.dataTraceEnabled == BOOLEAN
    input.Body.defaultRouteSettings.detailedMetricsEnabled == BOOLEAN
    input.Body.defaultRouteSettings.loggingLevel == enum_LoggingLevel[_]
    input.Body.defaultRouteSettings.throttlingBurstLimit == INTEGER
    input.Body.defaultRouteSettings.throttlingRateLimit == DOUBLE
    input.Body.deploymentId == STRING
    input.Body.description == STRING
    input.Body.routeSettings.STRING.dataTraceEnabled == BOOLEAN
    input.Body.routeSettings.STRING.detailedMetricsEnabled == BOOLEAN
    input.Body.routeSettings.STRING.loggingLevel == enum_LoggingLevel[_]
    input.Body.routeSettings.STRING.throttlingBurstLimit == INTEGER
    input.Body.routeSettings.STRING.throttlingRateLimit == DOUBLE
    input.Body.stageVariables.STRING == STRING
    input.ReqMap.apiId == STRING
    input.ReqMap.stageName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateUsage

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.usageplanId == STRING
    input.ReqMap.keyId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateUsagePlan

enum_Op := [ "add", "remove", "replace", "move", "copy", "test" ]

valid {
    input.Body.patchOperations[_].op == enum_Op[_]
    input.Body.patchOperations[_].path == STRING
    input.Body.patchOperations[_].value == STRING
    input.Body.patchOperations[_].from == STRING
    input.ReqMap.usageplanId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateVpcLink

valid {
    input.Body.name == STRING
    input.ReqMap.vpcLinkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}