CODEPIPELINE

AcknowledgeJob

valid {
    input.Body.jobId == STRING
    input.Body.nonce == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AcknowledgeThirdPartyJob

valid {
    input.Body.jobId == STRING
    input.Body.nonce == STRING
    input.Body.clientToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateCustomActionType

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]
enum_ActionConfigurationPropertyType := [ "String", "Number", "Boolean" ]

valid {
    input.Body.category == enum_ActionCategory[_]
    input.Body.provider == STRING
    input.Body.version == STRING
    input.Body.settings.thirdPartyConfigurationUrl == STRING
    input.Body.settings.entityUrlTemplate == STRING
    input.Body.settings.executionUrlTemplate == STRING
    input.Body.settings.revisionUrlTemplate == STRING
    input.Body.configurationProperties[_].name == STRING
    input.Body.configurationProperties[_].required == BOOLEAN
    input.Body.configurationProperties[_].key == BOOLEAN
    input.Body.configurationProperties[_].secret == BOOLEAN
    input.Body.configurationProperties[_].queryable == BOOLEAN
    input.Body.configurationProperties[_].description == STRING
    input.Body.configurationProperties[_].type == enum_ActionConfigurationPropertyType[_]
    input.Body.inputArtifactDetails.minimumCount == INTEGER
    input.Body.inputArtifactDetails.maximumCount == INTEGER
    input.Body.outputArtifactDetails.minimumCount == INTEGER
    input.Body.outputArtifactDetails.maximumCount == INTEGER
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreatePipeline

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]
enum_ActionOwner := [ "AWS", "ThirdParty", "Custom" ]
enum_ArtifactStoreType := [ "S3" ]
enum_BlockerType := [ "Schedule" ]
enum_EncryptionKeyType := [ "KMS" ]
enum_ExecutionMode := [ "QUEUED", "SUPERSEDED", "PARALLEL" ]
enum_GitPullRequestEventType := [ "OPEN", "UPDATED", "CLOSED" ]
enum_PipelineTriggerProviderType := [ "CodeStarSourceConnection" ]
enum_PipelineType := [ "V1", "V2" ]
enum_Result := [ "ROLLBACK", "FAIL", "RETRY", "SKIP" ]
enum_RuleCategory := [ "Rule" ]
enum_RuleOwner := [ "AWS" ]
enum_StageRetryMode := [ "FAILED_ACTIONS", "ALL_ACTIONS" ]

valid {
    input.Body.pipeline.name == STRING
    input.Body.pipeline.roleArn == STRING
    input.Body.pipeline.artifactStore.type == enum_ArtifactStoreType[_]
    input.Body.pipeline.artifactStore.location == STRING
    input.Body.pipeline.artifactStore.encryptionKey.id == STRING
    input.Body.pipeline.artifactStore.encryptionKey.type == enum_EncryptionKeyType[_]
    input.Body.pipeline.artifactStores.STRING.type == enum_ArtifactStoreType[_]
    input.Body.pipeline.artifactStores.STRING.location == STRING
    input.Body.pipeline.artifactStores.STRING.encryptionKey.id == STRING
    input.Body.pipeline.artifactStores.STRING.encryptionKey.type == enum_EncryptionKeyType[_]
    input.Body.pipeline.stages[_].name == STRING
    input.Body.pipeline.stages[_].blockers[_].name == STRING
    input.Body.pipeline.stages[_].blockers[_].type == enum_BlockerType[_]
    input.Body.pipeline.stages[_].actions[_].name == STRING
    input.Body.pipeline.stages[_].actions[_].actionTypeId.category == enum_ActionCategory[_]
    input.Body.pipeline.stages[_].actions[_].actionTypeId.owner == enum_ActionOwner[_]
    input.Body.pipeline.stages[_].actions[_].actionTypeId.provider == STRING
    input.Body.pipeline.stages[_].actions[_].actionTypeId.version == STRING
    input.Body.pipeline.stages[_].actions[_].runOrder == INTEGER
    input.Body.pipeline.stages[_].actions[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].actions[_].commands[_] == STRING
    input.Body.pipeline.stages[_].actions[_].outputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].actions[_].outputArtifacts[_].files[_] == STRING
    input.Body.pipeline.stages[_].actions[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].actions[_].outputVariables[_] == STRING
    input.Body.pipeline.stages[_].actions[_].roleArn == STRING
    input.Body.pipeline.stages[_].actions[_].region == STRING
    input.Body.pipeline.stages[_].actions[_].namespace == STRING
    input.Body.pipeline.stages[_].actions[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.stages[_].onFailure.result == enum_Result[_]
    input.Body.pipeline.stages[_].onFailure.retryConfiguration.retryMode == enum_StageRetryMode[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].result == enum_Result[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].name == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.category == enum_RuleCategory[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.owner == enum_RuleOwner[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.provider == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.version == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].commands[_] == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].roleArn == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].region == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.stages[_].onSuccess.conditions[_].result == enum_Result[_]
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].name == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.category == enum_RuleCategory[_]
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.owner == enum_RuleOwner[_]
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.provider == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.version == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].commands[_] == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].roleArn == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].region == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].result == enum_Result[_]
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].name == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.category == enum_RuleCategory[_]
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.owner == enum_RuleOwner[_]
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.provider == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.version == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].commands[_] == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].roleArn == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].region == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.version == INTEGER
    input.Body.pipeline.executionMode == enum_ExecutionMode[_]
    input.Body.pipeline.pipelineType == enum_PipelineType[_]
    input.Body.pipeline.variables[_].name == STRING
    input.Body.pipeline.variables[_].defaultValue == STRING
    input.Body.pipeline.variables[_].description == STRING
    input.Body.pipeline.triggers[_].providerType == enum_PipelineTriggerProviderType[_]
    input.Body.pipeline.triggers[_].gitConfiguration.sourceActionName == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].tags.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].tags.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].branches.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].branches.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].filePaths.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].filePaths.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].events[_] == enum_GitPullRequestEventType[_]
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].branches.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].branches.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].filePaths.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].filePaths.excludes[_] == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteCustomActionType

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]

valid {
    input.Body.category == enum_ActionCategory[_]
    input.Body.provider == STRING
    input.Body.version == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeletePipeline

valid {
    input.Body.name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteWebhook

valid {
    input.Body.name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeregisterWebhookWithThirdParty

valid {
    input.Body.webhookName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisableStageTransition

enum_StageTransitionType := [ "Inbound", "Outbound" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.transitionType == enum_StageTransitionType[_]
    input.Body.reason == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

EnableStageTransition

enum_StageTransitionType := [ "Inbound", "Outbound" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.transitionType == enum_StageTransitionType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetActionType

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]

valid {
    input.Body.category == enum_ActionCategory[_]
    input.Body.owner == STRING
    input.Body.provider == STRING
    input.Body.version == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetJobDetails

valid {
    input.Body.jobId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPipeline

valid {
    input.Body.name == STRING
    input.Body.version == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPipelineExecution

valid {
    input.Body.pipelineName == STRING
    input.Body.pipelineExecutionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPipelineState

valid {
    input.Body.name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetThirdPartyJobDetails

valid {
    input.Body.jobId == STRING
    input.Body.clientToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListActionExecutions

enum_StartTimeRange := [ "Latest", "All" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.filter.pipelineExecutionId == STRING
    input.Body.filter.latestInPipelineExecution.pipelineExecutionId == STRING
    input.Body.filter.latestInPipelineExecution.startTimeRange == enum_StartTimeRange[_]
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListActionTypes

enum_ActionOwner := [ "AWS", "ThirdParty", "Custom" ]

valid {
    input.Body.actionOwnerFilter == enum_ActionOwner[_]
    input.Body.nextToken == STRING
    input.Body.regionFilter == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListPipelineExecutions

valid {
    input.Body.pipelineName == STRING
    input.Body.maxResults == INTEGER
    input.Body.filter.succeededInStage.stageName == STRING
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListPipelines

valid {
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListRuleExecutions

enum_StartTimeRange := [ "Latest", "All" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.filter.pipelineExecutionId == STRING
    input.Body.filter.latestInPipelineExecution.pipelineExecutionId == STRING
    input.Body.filter.latestInPipelineExecution.startTimeRange == enum_StartTimeRange[_]
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListRuleTypes

enum_RuleOwner := [ "AWS" ]

valid {
    input.Body.ruleOwnerFilter == enum_RuleOwner[_]
    input.Body.regionFilter == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.Body.resourceArn == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListWebhooks

valid {
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

OverrideStageCondition

enum_ConditionType := [ "BEFORE_ENTRY", "ON_SUCCESS" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.pipelineExecutionId == STRING
    input.Body.conditionType == enum_ConditionType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PollForJobs

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]
enum_ActionOwner := [ "AWS", "ThirdParty", "Custom" ]

valid {
    input.Body.actionTypeId.category == enum_ActionCategory[_]
    input.Body.actionTypeId.owner == enum_ActionOwner[_]
    input.Body.actionTypeId.provider == STRING
    input.Body.actionTypeId.version == STRING
    input.Body.maxBatchSize == INTEGER
    input.Body.queryParam.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PollForThirdPartyJobs

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]
enum_ActionOwner := [ "AWS", "ThirdParty", "Custom" ]

valid {
    input.Body.actionTypeId.category == enum_ActionCategory[_]
    input.Body.actionTypeId.owner == enum_ActionOwner[_]
    input.Body.actionTypeId.provider == STRING
    input.Body.actionTypeId.version == STRING
    input.Body.maxBatchSize == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutActionRevision

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.actionName == STRING
    input.Body.actionRevision.revisionId == STRING
    input.Body.actionRevision.revisionChangeId == STRING
    input.Body.actionRevision.created == TIMESTAMP
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutApprovalResult

enum_ApprovalStatus := [ "Approved", "Rejected" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.actionName == STRING
    input.Body.result.summary == STRING
    input.Body.result.status == enum_ApprovalStatus[_]
    input.Body.token == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutJobFailureResult

enum_FailureType := [ "JobFailed", "ConfigurationError", "PermissionError", "RevisionOutOfSync", "RevisionUnavailable", "SystemUnavailable" ]

valid {
    input.Body.jobId == STRING
    input.Body.failureDetails.type == enum_FailureType[_]
    input.Body.failureDetails.message == STRING
    input.Body.failureDetails.externalExecutionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutJobSuccessResult

valid {
    input.Body.jobId == STRING
    input.Body.currentRevision.revision == STRING
    input.Body.currentRevision.changeIdentifier == STRING
    input.Body.currentRevision.created == TIMESTAMP
    input.Body.currentRevision.revisionSummary == STRING
    input.Body.continuationToken == STRING
    input.Body.executionDetails.summary == STRING
    input.Body.executionDetails.externalExecutionId == STRING
    input.Body.executionDetails.percentComplete == INTEGER
    input.Body.outputVariables.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutThirdPartyJobFailureResult

enum_FailureType := [ "JobFailed", "ConfigurationError", "PermissionError", "RevisionOutOfSync", "RevisionUnavailable", "SystemUnavailable" ]

valid {
    input.Body.jobId == STRING
    input.Body.clientToken == STRING
    input.Body.failureDetails.type == enum_FailureType[_]
    input.Body.failureDetails.message == STRING
    input.Body.failureDetails.externalExecutionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutThirdPartyJobSuccessResult

valid {
    input.Body.jobId == STRING
    input.Body.clientToken == STRING
    input.Body.currentRevision.revision == STRING
    input.Body.currentRevision.changeIdentifier == STRING
    input.Body.currentRevision.created == TIMESTAMP
    input.Body.currentRevision.revisionSummary == STRING
    input.Body.continuationToken == STRING
    input.Body.executionDetails.summary == STRING
    input.Body.executionDetails.externalExecutionId == STRING
    input.Body.executionDetails.percentComplete == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutWebhook

enum_WebhookAuthenticationType := [ "GITHUB_HMAC", "IP", "UNAUTHENTICATED" ]

valid {
    input.Body.webhook.name == STRING
    input.Body.webhook.targetPipeline == STRING
    input.Body.webhook.targetAction == STRING
    input.Body.webhook.filters[_].jsonPath == STRING
    input.Body.webhook.filters[_].matchEquals == STRING
    input.Body.webhook.authentication == enum_WebhookAuthenticationType[_]
    input.Body.webhook.authenticationConfiguration.AllowedIPRange == STRING
    input.Body.webhook.authenticationConfiguration.SecretToken == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RegisterWebhookWithThirdParty

valid {
    input.Body.webhookName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RetryStageExecution

enum_StageRetryMode := [ "FAILED_ACTIONS", "ALL_ACTIONS" ]

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.pipelineExecutionId == STRING
    input.Body.retryMode == enum_StageRetryMode[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RollbackStage

valid {
    input.Body.pipelineName == STRING
    input.Body.stageName == STRING
    input.Body.targetPipelineExecutionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartPipelineExecution

enum_SourceRevisionType := [ "COMMIT_ID", "IMAGE_DIGEST", "S3_OBJECT_VERSION_ID", "S3_OBJECT_KEY" ]

valid {
    input.Body.name == STRING
    input.Body.variables[_].name == STRING
    input.Body.variables[_].value == STRING
    input.Body.clientRequestToken == STRING
    input.Body.sourceRevisions[_].actionName == STRING
    input.Body.sourceRevisions[_].revisionType == enum_SourceRevisionType[_]
    input.Body.sourceRevisions[_].revisionValue == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StopPipelineExecution

valid {
    input.Body.pipelineName == STRING
    input.Body.pipelineExecutionId == STRING
    input.Body.abandon == BOOLEAN
    input.Body.reason == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateActionType

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]
enum_ExecutorType := [ "JobWorker", "Lambda" ]

valid {
    input.Body.actionType.description == STRING
    input.Body.actionType.executor.configuration.lambdaExecutorConfiguration.lambdaFunctionArn == STRING
    input.Body.actionType.executor.configuration.jobWorkerExecutorConfiguration.pollingAccounts[_] == STRING
    input.Body.actionType.executor.configuration.jobWorkerExecutorConfiguration.pollingServicePrincipals[_] == STRING
    input.Body.actionType.executor.type == enum_ExecutorType[_]
    input.Body.actionType.executor.policyStatementsTemplate == STRING
    input.Body.actionType.executor.jobTimeout == INTEGER
    input.Body.actionType.id.category == enum_ActionCategory[_]
    input.Body.actionType.id.owner == STRING
    input.Body.actionType.id.provider == STRING
    input.Body.actionType.id.version == STRING
    input.Body.actionType.inputArtifactDetails.minimumCount == INTEGER
    input.Body.actionType.inputArtifactDetails.maximumCount == INTEGER
    input.Body.actionType.outputArtifactDetails.minimumCount == INTEGER
    input.Body.actionType.outputArtifactDetails.maximumCount == INTEGER
    input.Body.actionType.permissions.allowedAccounts[_] == STRING
    input.Body.actionType.properties[_].name == STRING
    input.Body.actionType.properties[_].optional == BOOLEAN
    input.Body.actionType.properties[_].key == BOOLEAN
    input.Body.actionType.properties[_].noEcho == BOOLEAN
    input.Body.actionType.properties[_].queryable == BOOLEAN
    input.Body.actionType.properties[_].description == STRING
    input.Body.actionType.urls.configurationUrl == STRING
    input.Body.actionType.urls.entityUrlTemplate == STRING
    input.Body.actionType.urls.executionUrlTemplate == STRING
    input.Body.actionType.urls.revisionUrlTemplate == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdatePipeline

enum_ActionCategory := [ "Source", "Build", "Deploy", "Test", "Invoke", "Approval", "Compute" ]
enum_ActionOwner := [ "AWS", "ThirdParty", "Custom" ]
enum_ArtifactStoreType := [ "S3" ]
enum_BlockerType := [ "Schedule" ]
enum_EncryptionKeyType := [ "KMS" ]
enum_ExecutionMode := [ "QUEUED", "SUPERSEDED", "PARALLEL" ]
enum_GitPullRequestEventType := [ "OPEN", "UPDATED", "CLOSED" ]
enum_PipelineTriggerProviderType := [ "CodeStarSourceConnection" ]
enum_PipelineType := [ "V1", "V2" ]
enum_Result := [ "ROLLBACK", "FAIL", "RETRY", "SKIP" ]
enum_RuleCategory := [ "Rule" ]
enum_RuleOwner := [ "AWS" ]
enum_StageRetryMode := [ "FAILED_ACTIONS", "ALL_ACTIONS" ]

valid {
    input.Body.pipeline.name == STRING
    input.Body.pipeline.roleArn == STRING
    input.Body.pipeline.artifactStore.type == enum_ArtifactStoreType[_]
    input.Body.pipeline.artifactStore.location == STRING
    input.Body.pipeline.artifactStore.encryptionKey.id == STRING
    input.Body.pipeline.artifactStore.encryptionKey.type == enum_EncryptionKeyType[_]
    input.Body.pipeline.artifactStores.STRING.type == enum_ArtifactStoreType[_]
    input.Body.pipeline.artifactStores.STRING.location == STRING
    input.Body.pipeline.artifactStores.STRING.encryptionKey.id == STRING
    input.Body.pipeline.artifactStores.STRING.encryptionKey.type == enum_EncryptionKeyType[_]
    input.Body.pipeline.stages[_].name == STRING
    input.Body.pipeline.stages[_].blockers[_].name == STRING
    input.Body.pipeline.stages[_].blockers[_].type == enum_BlockerType[_]
    input.Body.pipeline.stages[_].actions[_].name == STRING
    input.Body.pipeline.stages[_].actions[_].actionTypeId.category == enum_ActionCategory[_]
    input.Body.pipeline.stages[_].actions[_].actionTypeId.owner == enum_ActionOwner[_]
    input.Body.pipeline.stages[_].actions[_].actionTypeId.provider == STRING
    input.Body.pipeline.stages[_].actions[_].actionTypeId.version == STRING
    input.Body.pipeline.stages[_].actions[_].runOrder == INTEGER
    input.Body.pipeline.stages[_].actions[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].actions[_].commands[_] == STRING
    input.Body.pipeline.stages[_].actions[_].outputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].actions[_].outputArtifacts[_].files[_] == STRING
    input.Body.pipeline.stages[_].actions[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].actions[_].outputVariables[_] == STRING
    input.Body.pipeline.stages[_].actions[_].roleArn == STRING
    input.Body.pipeline.stages[_].actions[_].region == STRING
    input.Body.pipeline.stages[_].actions[_].namespace == STRING
    input.Body.pipeline.stages[_].actions[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.stages[_].onFailure.result == enum_Result[_]
    input.Body.pipeline.stages[_].onFailure.retryConfiguration.retryMode == enum_StageRetryMode[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].result == enum_Result[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].name == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.category == enum_RuleCategory[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.owner == enum_RuleOwner[_]
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.provider == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].ruleTypeId.version == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].commands[_] == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].roleArn == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].region == STRING
    input.Body.pipeline.stages[_].onFailure.conditions[_].rules[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.stages[_].onSuccess.conditions[_].result == enum_Result[_]
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].name == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.category == enum_RuleCategory[_]
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.owner == enum_RuleOwner[_]
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.provider == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].ruleTypeId.version == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].commands[_] == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].roleArn == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].region == STRING
    input.Body.pipeline.stages[_].onSuccess.conditions[_].rules[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].result == enum_Result[_]
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].name == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.category == enum_RuleCategory[_]
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.owner == enum_RuleOwner[_]
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.provider == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].ruleTypeId.version == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].configuration.STRING == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].commands[_] == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].inputArtifacts[_].name == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].roleArn == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].region == STRING
    input.Body.pipeline.stages[_].beforeEntry.conditions[_].rules[_].timeoutInMinutes == INTEGER
    input.Body.pipeline.version == INTEGER
    input.Body.pipeline.executionMode == enum_ExecutionMode[_]
    input.Body.pipeline.pipelineType == enum_PipelineType[_]
    input.Body.pipeline.variables[_].name == STRING
    input.Body.pipeline.variables[_].defaultValue == STRING
    input.Body.pipeline.variables[_].description == STRING
    input.Body.pipeline.triggers[_].providerType == enum_PipelineTriggerProviderType[_]
    input.Body.pipeline.triggers[_].gitConfiguration.sourceActionName == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].tags.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].tags.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].branches.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].branches.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].filePaths.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.push[_].filePaths.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].events[_] == enum_GitPullRequestEventType[_]
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].branches.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].branches.excludes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].filePaths.includes[_] == STRING
    input.Body.pipeline.triggers[_].gitConfiguration.pullRequest[_].filePaths.excludes[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}