AUDITMANAGER

AssociateAssessmentReportEvidenceFolder

valid {
    input.Body.evidenceFolderId == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchAssociateAssessmentReportEvidence

valid {
    input.Body.evidenceFolderId == STRING
    input.Body.evidenceIds[_] == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchCreateDelegationByAssessment

enum_RoleType := [ "PROCESS_OWNER", "RESOURCE_OWNER" ]

valid {
    input.Body.createDelegationRequests[_].comment == STRING
    input.Body.createDelegationRequests[_].controlSetId == STRING
    input.Body.createDelegationRequests[_].roleArn == STRING
    input.Body.createDelegationRequests[_].roleType == enum_RoleType[_]
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchDeleteDelegationByAssessment

valid {
    input.Body.delegationIds[_] == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchDisassociateAssessmentReportEvidence

valid {
    input.Body.evidenceFolderId == STRING
    input.Body.evidenceIds[_] == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchImportEvidenceToAssessmentControl

valid {
    input.Body.manualEvidence[_].s3ResourcePath == STRING
    input.Body.manualEvidence[_].textResponse == STRING
    input.Body.manualEvidence[_].evidenceFileName == STRING
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ReqMap.controlId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAssessment

enum_AssessmentReportDestinationType := [ "S3" ]
enum_RoleType := [ "PROCESS_OWNER", "RESOURCE_OWNER" ]

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.assessmentReportsDestination.destinationType == enum_AssessmentReportDestinationType[_]
    input.Body.assessmentReportsDestination.destination == STRING
    input.Body.scope.awsAccounts[_].id == STRING
    input.Body.scope.awsAccounts[_].emailAddress == STRING
    input.Body.scope.awsAccounts[_].name == STRING
    input.Body.scope.awsServices[_].serviceName == STRING
    input.Body.roles[_].roleType == enum_RoleType[_]
    input.Body.roles[_].roleArn == STRING
    input.Body.frameworkId == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAssessmentFramework

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.complianceType == STRING
    input.Body.controlSets[_].name == STRING
    input.Body.controlSets[_].controls[_].id == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAssessmentReport

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.queryStatement == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateControl

enum_KeywordInputType := [ "SELECT_FROM_LIST", "UPLOAD_FILE", "INPUT_TEXT" ]
enum_SourceFrequency := [ "DAILY", "WEEKLY", "MONTHLY" ]
enum_SourceSetUpOption := [ "System_Controls_Mapping", "Procedural_Controls_Mapping" ]
enum_SourceType := [ "AWS_Cloudtrail", "AWS_Config", "AWS_Security_Hub", "AWS_API_Call", "MANUAL", "Common_Control", "Core_Control" ]

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.testingInformation == STRING
    input.Body.actionPlanTitle == STRING
    input.Body.actionPlanInstructions == STRING
    input.Body.controlMappingSources[_].sourceName == STRING
    input.Body.controlMappingSources[_].sourceDescription == STRING
    input.Body.controlMappingSources[_].sourceSetUpOption == enum_SourceSetUpOption[_]
    input.Body.controlMappingSources[_].sourceType == enum_SourceType[_]
    input.Body.controlMappingSources[_].sourceKeyword.keywordInputType == enum_KeywordInputType[_]
    input.Body.controlMappingSources[_].sourceKeyword.keywordValue == STRING
    input.Body.controlMappingSources[_].sourceFrequency == enum_SourceFrequency[_]
    input.Body.controlMappingSources[_].troubleshootingText == STRING
    input.Body.tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessment

valid {
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessmentFramework

valid {
    input.ReqMap.frameworkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessmentFrameworkShare

enum_ShareRequestType := [ "SENT", "RECEIVED" ]

valid {
    input.ReqMap.requestId == STRING
    input.Qs.requestType == enum_ShareRequestType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessmentReport

valid {
    input.ReqMap.assessmentId == STRING
    input.ReqMap.assessmentReportId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteControl

valid {
    input.ReqMap.controlId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeregisterAccount

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeregisterOrganizationAdminAccount

valid {
    input.Body.adminAccountId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateAssessmentReportEvidenceFolder

valid {
    input.Body.evidenceFolderId == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAccountStatus

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAssessment

valid {
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAssessmentFramework

valid {
    input.ReqMap.frameworkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAssessmentReportUrl

valid {
    input.ReqMap.assessmentReportId == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetChangeLogs

valid {
    input.ReqMap.assessmentId == STRING
    input.Qs.controlSetId == STRING
    input.Qs.controlId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetControl

valid {
    input.ReqMap.controlId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDelegations

valid {
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEvidence

valid {
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ReqMap.evidenceFolderId == STRING
    input.ReqMap.evidenceId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEvidenceByEvidenceFolder

valid {
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ReqMap.evidenceFolderId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEvidenceFileUploadUrl

valid {
    input.Qs.fileName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEvidenceFolder

valid {
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ReqMap.evidenceFolderId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEvidenceFoldersByAssessment

valid {
    input.ReqMap.assessmentId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEvidenceFoldersByAssessmentControl

valid {
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ReqMap.controlId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetInsights

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetInsightsByAssessment

valid {
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetOrganizationAdminAccount

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetServicesInScope

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSettings

enum_SettingAttribute := [ "ALL", "IS_AWS_ORG_ENABLED", "SNS_TOPIC", "DEFAULT_ASSESSMENT_REPORTS_DESTINATION", "DEFAULT_PROCESS_OWNERS", "EVIDENCE_FINDER_ENABLEMENT", "DEREGISTRATION_POLICY", "DEFAULT_EXPORT_DESTINATION" ]

valid {
    input.ReqMap.attribute == enum_SettingAttribute[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentControlInsightsByControlDomain

valid {
    input.Qs.controlDomainId == STRING
    input.Qs.assessmentId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentFrameworkShareRequests

enum_ShareRequestType := [ "SENT", "RECEIVED" ]

valid {
    input.Qs.requestType == enum_ShareRequestType[_]
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentFrameworks

enum_FrameworkType := [ "Standard", "Custom" ]

valid {
    input.Qs.frameworkType == enum_FrameworkType[_]
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentReports

valid {
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessments

enum_AssessmentStatus := [ "ACTIVE", "INACTIVE" ]

valid {
    input.Qs.status == enum_AssessmentStatus[_]
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListControlDomainInsights

valid {
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListControlDomainInsightsByAssessment

valid {
    input.Qs.assessmentId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListControlInsightsByControlDomain

valid {
    input.Qs.controlDomainId == STRING
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListControls

enum_ControlType := [ "Standard", "Custom", "Core" ]

valid {
    input.Qs.controlType == enum_ControlType[_]
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.Qs.controlCatalogId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListKeywordsForDataSource

enum_DataSourceType := [ "AWS_Cloudtrail", "AWS_Config", "AWS_Security_Hub", "AWS_API_Call", "MANUAL" ]

valid {
    input.Qs.source == enum_DataSourceType[_]
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListNotifications

valid {
    input.Qs.nextToken == STRING
    input.Qs.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.ReqMap.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RegisterAccount

valid {
    input.Body.kmsKey == STRING
    input.Body.delegatedAdminAccount == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RegisterOrganizationAdminAccount

valid {
    input.Body.adminAccountId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartAssessmentFrameworkShare

valid {
    input.Body.destinationAccount == STRING
    input.Body.destinationRegion == STRING
    input.Body.comment == STRING
    input.ReqMap.frameworkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.tags.STRING == STRING
    input.ReqMap.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.ReqMap.resourceArn == STRING
    input.Qs.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessment

enum_AssessmentReportDestinationType := [ "S3" ]
enum_RoleType := [ "PROCESS_OWNER", "RESOURCE_OWNER" ]

valid {
    input.Body.assessmentName == STRING
    input.Body.assessmentDescription == STRING
    input.Body.scope.awsAccounts[_].id == STRING
    input.Body.scope.awsAccounts[_].emailAddress == STRING
    input.Body.scope.awsAccounts[_].name == STRING
    input.Body.scope.awsServices[_].serviceName == STRING
    input.Body.assessmentReportsDestination.destinationType == enum_AssessmentReportDestinationType[_]
    input.Body.assessmentReportsDestination.destination == STRING
    input.Body.roles[_].roleType == enum_RoleType[_]
    input.Body.roles[_].roleArn == STRING
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessmentControl

enum_ControlStatus := [ "UNDER_REVIEW", "REVIEWED", "INACTIVE" ]

valid {
    input.Body.controlStatus == enum_ControlStatus[_]
    input.Body.commentBody == STRING
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ReqMap.controlId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessmentControlSetStatus

enum_ControlSetStatus := [ "ACTIVE", "UNDER_REVIEW", "REVIEWED" ]

valid {
    input.Body.status == enum_ControlSetStatus[_]
    input.Body.comment == STRING
    input.ReqMap.assessmentId == STRING
    input.ReqMap.controlSetId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessmentFramework

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.complianceType == STRING
    input.Body.controlSets[_].id == STRING
    input.Body.controlSets[_].name == STRING
    input.Body.controlSets[_].controls[_].id == STRING
    input.ReqMap.frameworkId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessmentFrameworkShare

enum_ShareRequestAction := [ "ACCEPT", "DECLINE", "REVOKE" ]
enum_ShareRequestType := [ "SENT", "RECEIVED" ]

valid {
    input.Body.requestType == enum_ShareRequestType[_]
    input.Body.action == enum_ShareRequestAction[_]
    input.ReqMap.requestId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessmentStatus

enum_AssessmentStatus := [ "ACTIVE", "INACTIVE" ]

valid {
    input.Body.status == enum_AssessmentStatus[_]
    input.ReqMap.assessmentId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateControl

enum_KeywordInputType := [ "SELECT_FROM_LIST", "UPLOAD_FILE", "INPUT_TEXT" ]
enum_SourceFrequency := [ "DAILY", "WEEKLY", "MONTHLY" ]
enum_SourceSetUpOption := [ "System_Controls_Mapping", "Procedural_Controls_Mapping" ]
enum_SourceType := [ "AWS_Cloudtrail", "AWS_Config", "AWS_Security_Hub", "AWS_API_Call", "MANUAL", "Common_Control", "Core_Control" ]

valid {
    input.Body.name == STRING
    input.Body.description == STRING
    input.Body.testingInformation == STRING
    input.Body.actionPlanTitle == STRING
    input.Body.actionPlanInstructions == STRING
    input.Body.controlMappingSources[_].sourceId == STRING
    input.Body.controlMappingSources[_].sourceName == STRING
    input.Body.controlMappingSources[_].sourceDescription == STRING
    input.Body.controlMappingSources[_].sourceSetUpOption == enum_SourceSetUpOption[_]
    input.Body.controlMappingSources[_].sourceType == enum_SourceType[_]
    input.Body.controlMappingSources[_].sourceKeyword.keywordInputType == enum_KeywordInputType[_]
    input.Body.controlMappingSources[_].sourceKeyword.keywordValue == STRING
    input.Body.controlMappingSources[_].sourceFrequency == enum_SourceFrequency[_]
    input.Body.controlMappingSources[_].troubleshootingText == STRING
    input.ReqMap.controlId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateSettings

enum_AssessmentReportDestinationType := [ "S3" ]
enum_DeleteResources := [ "ALL", "DEFAULT" ]
enum_ExportDestinationType := [ "S3" ]
enum_RoleType := [ "PROCESS_OWNER", "RESOURCE_OWNER" ]

valid {
    input.Body.snsTopic == STRING
    input.Body.defaultAssessmentReportsDestination.destinationType == enum_AssessmentReportDestinationType[_]
    input.Body.defaultAssessmentReportsDestination.destination == STRING
    input.Body.defaultProcessOwners[_].roleType == enum_RoleType[_]
    input.Body.defaultProcessOwners[_].roleArn == STRING
    input.Body.kmsKey == STRING
    input.Body.evidenceFinderEnabled == BOOLEAN
    input.Body.deregistrationPolicy.deleteResources == enum_DeleteResources[_]
    input.Body.defaultExportDestination.destinationType == enum_ExportDestinationType[_]
    input.Body.defaultExportDestination.destination == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ValidateAssessmentReportIntegrity

valid {
    input.Body.s3RelativePath == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}