COGNITO-IDENTITY
CreateIdentityPool
valid {
input.Body.IdentityPoolName == STRING
input.Body.AllowUnauthenticatedIdentities == BOOLEAN
input.Body.AllowClassicFlow == BOOLEAN
input.Body.SupportedLoginProviders.STRING == STRING
input.Body.DeveloperProviderName == STRING
input.Body.OpenIdConnectProviderARNs[_] == STRING
input.Body.CognitoIdentityProviders[_].ProviderName == STRING
input.Body.CognitoIdentityProviders[_].ClientId == STRING
input.Body.CognitoIdentityProviders[_].ServerSideTokenCheck == BOOLEAN
input.Body.SamlProviderARNs[_] == STRING
input.Body.IdentityPoolTags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteIdentities
valid {
input.Body.IdentityIdsToDelete[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteIdentityPool
valid {
input.Body.IdentityPoolId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeIdentity
valid {
input.Body.IdentityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeIdentityPool
valid {
input.Body.IdentityPoolId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetCredentialsForIdentity
valid {
input.Body.IdentityId == STRING
input.Body.Logins.STRING == STRING
input.Body.CustomRoleArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetId
valid {
input.Body.AccountId == STRING
input.Body.IdentityPoolId == STRING
input.Body.Logins.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetIdentityPoolRoles
valid {
input.Body.IdentityPoolId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetOpenIdToken
valid {
input.Body.IdentityId == STRING
input.Body.Logins.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetOpenIdTokenForDeveloperIdentity
valid {
input.Body.IdentityPoolId == STRING
input.Body.IdentityId == STRING
input.Body.Logins.STRING == STRING
input.Body.PrincipalTags.STRING == STRING
input.Body.TokenDuration == LONG
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetPrincipalTagAttributeMap
valid {
input.Body.IdentityPoolId == STRING
input.Body.IdentityProviderName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListIdentities
valid {
input.Body.IdentityPoolId == STRING
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.Body.HideDisabled == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListIdentityPools
valid {
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTagsForResource
valid {
input.Body.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
LookupDeveloperIdentity
valid {
input.Body.IdentityPoolId == STRING
input.Body.IdentityId == STRING
input.Body.DeveloperUserIdentifier == STRING
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
MergeDeveloperIdentities
valid {
input.Body.SourceUserIdentifier == STRING
input.Body.DestinationUserIdentifier == STRING
input.Body.DeveloperProviderName == STRING
input.Body.IdentityPoolId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SetIdentityPoolRoles
enum_AmbiguousRoleResolutionType := [ "AuthenticatedRole", "Deny" ]
enum_MappingRuleMatchType := [ "Equals", "Contains", "StartsWith", "NotEqual" ]
enum_RoleMappingType := [ "Token", "Rules" ]
valid {
input.Body.IdentityPoolId == STRING
input.Body.Roles.STRING == STRING
input.Body.RoleMappings.STRING.Type == enum_RoleMappingType[_]
input.Body.RoleMappings.STRING.AmbiguousRoleResolution == enum_AmbiguousRoleResolutionType[_]
input.Body.RoleMappings.STRING.RulesConfiguration.Rules[_].Claim == STRING
input.Body.RoleMappings.STRING.RulesConfiguration.Rules[_].MatchType == enum_MappingRuleMatchType[_]
input.Body.RoleMappings.STRING.RulesConfiguration.Rules[_].Value == STRING
input.Body.RoleMappings.STRING.RulesConfiguration.Rules[_].RoleARN == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SetPrincipalTagAttributeMap
valid {
input.Body.IdentityPoolId == STRING
input.Body.IdentityProviderName == STRING
input.Body.UseDefaults == BOOLEAN
input.Body.PrincipalTags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.ResourceArn == STRING
input.Body.Tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UnlinkDeveloperIdentity
valid {
input.Body.IdentityId == STRING
input.Body.IdentityPoolId == STRING
input.Body.DeveloperProviderName == STRING
input.Body.DeveloperUserIdentifier == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UnlinkIdentity
valid {
input.Body.IdentityId == STRING
input.Body.Logins.STRING == STRING
input.Body.LoginsToRemove[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.Body.ResourceArn == STRING
input.Body.TagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateIdentityPool
valid {
input.Body.IdentityPoolId == STRING
input.Body.IdentityPoolName == STRING
input.Body.AllowUnauthenticatedIdentities == BOOLEAN
input.Body.AllowClassicFlow == BOOLEAN
input.Body.SupportedLoginProviders.STRING == STRING
input.Body.DeveloperProviderName == STRING
input.Body.OpenIdConnectProviderARNs[_] == STRING
input.Body.CognitoIdentityProviders[_].ProviderName == STRING
input.Body.CognitoIdentityProviders[_].ClientId == STRING
input.Body.CognitoIdentityProviders[_].ServerSideTokenCheck == BOOLEAN
input.Body.SamlProviderARNs[_] == STRING
input.Body.IdentityPoolTags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 6 days ago