BEYONDCORP

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.create

valid {
    input.Body.group.email == STRING
    input.Body.group.id == STRING
    input.Body.ruleSetting.type == STRING
    input.Body.ruleSetting.value.STRING == ANY
    input.ReqMap.parent == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.list

valid {
    input.ReqMap.parent == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.patch

valid {
    input.Body.group.email == STRING
    input.Body.group.id == STRING
    input.Body.ruleSetting.type == STRING
    input.Body.ruleSetting.value.STRING == ANY
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.browserDlpRules.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.create

valid {
    input.Body.displayName == STRING
    input.Body.group.email == STRING
    input.Body.group.id == STRING
    input.Body.partnerMetadata.internalTenantId == STRING
    input.Body.partnerMetadata.partnerTenantId == STRING
    input.ReqMap.parent == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.patch

valid {
    input.Body.displayName == STRING
    input.Body.group.email == STRING
    input.Body.group.id == STRING
    input.Body.partnerMetadata.internalTenantId == STRING
    input.Body.partnerMetadata.partnerTenantId == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.create

valid {
    input.Body.displayName == STRING
    input.Body.encryptionInfo.encryptionSaEmail == STRING
    input.Body.encryptionInfo.jwk == STRING
    input.Body.proxyProtocolConfig.metadata.STRING == STRING
    input.Body.proxyUri == STRING
    input.Body.routingInfo.pacUri == STRING
    input.Body.transportInfo.serverCaCertPem == STRING
    input.Body.transportInfo.sslDecryptCaCertPem == STRING
    input.ReqMap.parent == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.patch

valid {
    input.Body.displayName == STRING
    input.Body.encryptionInfo.encryptionSaEmail == STRING
    input.Body.encryptionInfo.jwk == STRING
    input.Body.proxyProtocolConfig.metadata.STRING == STRING
    input.Body.proxyUri == STRING
    input.Body.routingInfo.pacUri == STRING
    input.Body.transportInfo.serverCaCertPem == STRING
    input.Body.transportInfo.sslDecryptCaCertPem == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.proxyConfigs.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.global.partnerTenants.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.insights.configuredInsight

enum_AggregationParameter := [ "AGGREGATION_UNSPECIFIED", "HOURLY", "DAILY", "WEEKLY", "MONTHLY", "CUSTOM_DATE_RANGE" ]

valid {
    input.ReqMap.insight == STRING
    input.Qs.aggregation == enum_AggregationParameter[_]
    input.Qs.customGrouping.fieldFilter == STRING
    input.Qs.customGrouping.groupFields == STRING
    input.Qs.endTime == STRING
    input.Qs.fieldFilter == STRING
    input.Qs.group == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.Qs.startTime == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.insights.get

enum_ViewParameter := [ "INSIGHT_VIEW_UNSPECIFIED", "BASIC", "FULL" ]

valid {
    input.ReqMap.name == STRING
    input.Qs.view == enum_ViewParameter[_]
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.insights.list

enum_AggregationParameter := [ "AGGREGATION_UNSPECIFIED", "HOURLY", "DAILY", "WEEKLY", "MONTHLY", "CUSTOM_DATE_RANGE" ]
enum_ViewParameter := [ "INSIGHT_VIEW_UNSPECIFIED", "BASIC", "FULL" ]

valid {
    input.ReqMap.parent == STRING
    input.Qs.aggregation == enum_AggregationParameter[_]
    input.Qs.endTime == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.Qs.startTime == STRING
    input.Qs.view == enum_ViewParameter[_]
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.operations.cancel

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.operations.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.subscriptions.cancel

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.subscriptions.create

enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionSku := [ "SKU_UNSPECIFIED", "BCE_STANDARD_SKU" ]
enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionType := [ "TYPE_UNSPECIFIED", "TRIAL", "PAID", "ALLOWLIST" ]

valid {
    input.Body.billingAccount == STRING
    input.Body.name == STRING
    input.Body.seatCount == STRING
    input.Body.sku == enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionSku[_]
    input.Body.type == enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionType[_]
    input.ReqMap.parent == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.subscriptions.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.subscriptions.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.subscriptions.patch

enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionSku := [ "SKU_UNSPECIFIED", "BCE_STANDARD_SKU" ]
enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionType := [ "TYPE_UNSPECIFIED", "TRIAL", "PAID", "ALLOWLIST" ]

valid {
    input.Body.billingAccount == STRING
    input.Body.name == STRING
    input.Body.seatCount == STRING
    input.Body.sku == enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionSku[_]
    input.Body.type == enum_GoogleCloudBeyondcorpSaasplatformSubscriptionsV1alphaSubscriptionType[_]
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.organizations.locations.subscriptions.restart

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.create

enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayType := [ "TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ]
enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionType := [ "TYPE_UNSPECIFIED", "TCP_PROXY" ]

valid {
    input.Body.applicationEndpoint.host == STRING
    input.Body.applicationEndpoint.port == INTEGER
    input.Body.connectors[_] == STRING
    input.Body.displayName == STRING
    input.Body.gateway.appGateway == STRING
    input.Body.gateway.type == enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayType[_]
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionType[_]
    input.ReqMap.parent == STRING
    input.Qs.appConnectionId == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.patch

enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayType := [ "TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ]
enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionType := [ "TYPE_UNSPECIFIED", "TCP_PROXY" ]

valid {
    input.Body.applicationEndpoint.host == STRING
    input.Body.applicationEndpoint.port == INTEGER
    input.Body.connectors[_] == STRING
    input.Body.displayName == STRING
    input.Body.gateway.appGateway == STRING
    input.Body.gateway.type == enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionGatewayType[_]
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_GoogleCloudBeyondcorpAppconnectionsV1AppConnectionType[_]
    input.ReqMap.name == STRING
    input.Qs.allowMissing == BOOLEAN
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.resolve

valid {
    input.ReqMap.parent == STRING
    input.Qs.appConnectorId == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnections.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.create

enum_GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus := [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ]

valid {
    input.Body.displayName == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.principalInfo.serviceAccount.email == STRING
    input.Body.resourceInfo.id == STRING
    input.Body.resourceInfo.resource.STRING == ANY
    input.Body.resourceInfo.status == enum_GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus[_]
    input.Body.resourceInfo.sub[_] == NESTED
    input.Body.resourceInfo.time == STRING
    input.ReqMap.parent == STRING
    input.Qs.appConnectorId == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.patch

enum_GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus := [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ]

valid {
    input.Body.displayName == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.principalInfo.serviceAccount.email == STRING
    input.Body.resourceInfo.id == STRING
    input.Body.resourceInfo.resource.STRING == ANY
    input.Body.resourceInfo.status == enum_GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus[_]
    input.Body.resourceInfo.sub[_] == NESTED
    input.Body.resourceInfo.time == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.reportStatus

enum_GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus := [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ]

valid {
    input.Body.requestId == STRING
    input.Body.resourceInfo.id == STRING
    input.Body.resourceInfo.resource.STRING == ANY
    input.Body.resourceInfo.status == enum_GoogleCloudBeyondcorpAppconnectorsV1ResourceInfoStatus[_]
    input.Body.resourceInfo.sub[_] == NESTED
    input.Body.resourceInfo.time == STRING
    input.Body.validateOnly == BOOLEAN
    input.ReqMap.appConnector == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.resolveInstanceConfig

valid {
    input.ReqMap.appConnector == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appConnectors.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.create

enum_AppGatewayHostType := [ "HOST_TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ]
enum_AppGatewayType := [ "TYPE_UNSPECIFIED", "TCP_PROXY" ]

valid {
    input.Body.displayName == STRING
    input.Body.hostType == enum_AppGatewayHostType[_]
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_AppGatewayType[_]
    input.ReqMap.parent == STRING
    input.Qs.appGatewayId == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.shouldThrottle

valid {
    input.ReqMap.name == STRING
    input.Qs.port == INTEGER
    input.Qs.requestedAmount == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.appGateways.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.applicationDomains.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.applicationDomains.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.applicationDomains.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.applications.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.applications.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.applications.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.clientConnectorServices.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.clientConnectorServices.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.clientConnectorServices.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.clientGateways.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.clientGateways.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.clientGateways.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.create

enum_ConnectionType := [ "TYPE_UNSPECIFIED", "TCP_PROXY" ]
enum_GatewayType := [ "TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ]

valid {
    input.Body.applicationEndpoint.host == STRING
    input.Body.applicationEndpoint.port == INTEGER
    input.Body.connectors[_] == STRING
    input.Body.displayName == STRING
    input.Body.gateway.type == enum_GatewayType[_]
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_ConnectionType[_]
    input.ReqMap.parent == STRING
    input.Qs.connectionId == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.patch

enum_ConnectionType := [ "TYPE_UNSPECIFIED", "TCP_PROXY" ]
enum_GatewayType := [ "TYPE_UNSPECIFIED", "GCP_REGIONAL_MIG" ]

valid {
    input.Body.applicationEndpoint.host == STRING
    input.Body.applicationEndpoint.port == INTEGER
    input.Body.connectors[_] == STRING
    input.Body.displayName == STRING
    input.Body.gateway.type == enum_GatewayType[_]
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.type == enum_ConnectionType[_]
    input.ReqMap.name == STRING
    input.Qs.allowMissing == BOOLEAN
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.resolve

valid {
    input.ReqMap.parent == STRING
    input.Qs.connectorId == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connections.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.create

enum_ResourceInfoStatus := [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ]

valid {
    input.Body.displayName == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.principalInfo.serviceAccount.email == STRING
    input.Body.resourceInfo.id == STRING
    input.Body.resourceInfo.resource.STRING == ANY
    input.Body.resourceInfo.status == enum_ResourceInfoStatus[_]
    input.Body.resourceInfo.sub[_] == NESTED
    input.Body.resourceInfo.time == STRING
    input.ReqMap.parent == STRING
    input.Qs.connectorId == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.patch

enum_ResourceInfoStatus := [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ]

valid {
    input.Body.displayName == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.principalInfo.serviceAccount.email == STRING
    input.Body.resourceInfo.id == STRING
    input.Body.resourceInfo.resource.STRING == ANY
    input.Body.resourceInfo.status == enum_ResourceInfoStatus[_]
    input.Body.resourceInfo.sub[_] == NESTED
    input.Body.resourceInfo.time == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.reportStatus

enum_ResourceInfoStatus := [ "HEALTH_STATUS_UNSPECIFIED", "HEALTHY", "UNHEALTHY", "UNRESPONSIVE", "DEGRADED" ]

valid {
    input.Body.requestId == STRING
    input.Body.resourceInfo.id == STRING
    input.Body.resourceInfo.resource.STRING == ANY
    input.Body.resourceInfo.status == enum_ResourceInfoStatus[_]
    input.Body.resourceInfo.sub[_] == NESTED
    input.Body.resourceInfo.time == STRING
    input.Body.validateOnly == BOOLEAN
    input.ReqMap.connector == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.resolveInstanceConfig

valid {
    input.ReqMap.connector == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.connectors.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.global.securityGateways.applications.create

valid {
    input.Body.displayName == STRING
    input.Body.endpointMatchers[_].hostname == STRING
    input.Body.endpointMatchers[_].ports[_] == INTEGER
    input.Body.name == STRING
    input.ReqMap.parent == STRING
    input.Qs.applicationId == STRING
    input.Qs.requestId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.global.securityGateways.applications.patch

valid {
    input.Body.displayName == STRING
    input.Body.endpointMatchers[_].hostname == STRING
    input.Body.endpointMatchers[_].ports[_] == INTEGER
    input.Body.name == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.global.securityGateways.applications.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.insights.configuredInsight

enum_AggregationParameter := [ "AGGREGATION_UNSPECIFIED", "HOURLY", "DAILY", "WEEKLY", "MONTHLY", "CUSTOM_DATE_RANGE" ]

valid {
    input.ReqMap.insight == STRING
    input.Qs.aggregation == enum_AggregationParameter[_]
    input.Qs.customGrouping.fieldFilter == STRING
    input.Qs.customGrouping.groupFields == STRING
    input.Qs.endTime == STRING
    input.Qs.fieldFilter == STRING
    input.Qs.group == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.Qs.startTime == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.insights.get

enum_ViewParameter := [ "INSIGHT_VIEW_UNSPECIFIED", "BASIC", "FULL" ]

valid {
    input.ReqMap.name == STRING
    input.Qs.view == enum_ViewParameter[_]
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.insights.list

enum_AggregationParameter := [ "AGGREGATION_UNSPECIFIED", "HOURLY", "DAILY", "WEEKLY", "MONTHLY", "CUSTOM_DATE_RANGE" ]
enum_ViewParameter := [ "INSIGHT_VIEW_UNSPECIFIED", "BASIC", "FULL" ]

valid {
    input.ReqMap.parent == STRING
    input.Qs.aggregation == enum_AggregationParameter[_]
    input.Qs.endTime == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.Qs.startTime == STRING
    input.Qs.view == enum_ViewParameter[_]
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.netConnections.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.netConnections.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.netConnections.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.operations.cancel

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.operations.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.applications.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.applications.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.applications.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.applications.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.applications.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.create

valid {
    input.Body.displayName == STRING
    input.Body.hubs.STRING.natGatewayConfig == {}
    input.Body.name == STRING
    input.ReqMap.parent == STRING
    input.Qs.requestId == STRING
    input.Qs.securityGatewayId == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.validateOnly == BOOLEAN
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.getIamPolicy

valid {
    input.ReqMap.resource == STRING
    input.Qs.options.requestedPolicyVersion == INTEGER
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.orderBy == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.patch

valid {
    input.Body.displayName == STRING
    input.Body.hubs.STRING.natGatewayConfig == {}
    input.Body.name == STRING
    input.ReqMap.name == STRING
    input.Qs.requestId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.setIamPolicy

enum_GoogleIamV1AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]

valid {
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
    input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_GoogleIamV1AuditLogConfigLogType[_]
    input.Body.policy.auditConfigs[_].service == STRING
    input.Body.policy.bindings[_].condition.description == STRING
    input.Body.policy.bindings[_].condition.expression == STRING
    input.Body.policy.bindings[_].condition.location == STRING
    input.Body.policy.bindings[_].condition.title == STRING
    input.Body.policy.bindings[_].members[_] == STRING
    input.Body.policy.bindings[_].role == STRING
    input.Body.policy.etag == STRING
    input.Body.policy.version == INTEGER
    input.Body.updateMask == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.setPeering

valid {
    input.Body.requestId == STRING
    input.Body.validateOnly == BOOLEAN
    input.Body.vpcPeerings[_].dnsZones[_] == STRING
    input.Body.vpcPeerings[_].targetVpcNetwork == STRING
    input.ReqMap.securityGateway == STRING
    input.ProviderMetadata.Region == STRING
}

beyondcorp.projects.locations.securityGateways.testIamPermissions

valid {
    input.Body.permissions[_] == STRING
    input.ReqMap.resource == STRING
    input.ProviderMetadata.Region == STRING
}