DETECTIVE
AcceptInvitation
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}BatchGetGraphMemberDatasources
valid {
input.Body.GraphArn == STRING
input.Body.AccountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}BatchGetMembershipDatasources
valid {
input.Body.GraphArns[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateGraph
valid {
input.Body.Tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateMembers
valid {
input.Body.GraphArn == STRING
input.Body.Message == STRING
input.Body.DisableEmailNotification == BOOLEAN
input.Body.Accounts[_].AccountId == STRING
input.Body.Accounts[_].EmailAddress == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteGraph
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteMembers
valid {
input.Body.GraphArn == STRING
input.Body.AccountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeOrganizationConfiguration
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisableOrganizationAdminAccount
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisassociateMembership
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}EnableOrganizationAdminAccount
valid {
input.Body.AccountId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetInvestigation
valid {
input.Body.GraphArn == STRING
input.Body.InvestigationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMembers
valid {
input.Body.GraphArn == STRING
input.Body.AccountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListDatasourcePackages
valid {
input.Body.GraphArn == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListGraphs
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListIndicators
enum_IndicatorType := [ "TTP_OBSERVED", "IMPOSSIBLE_TRAVEL", "FLAGGED_IP_ADDRESS", "NEW_GEOLOCATION", "NEW_ASO", "NEW_USER_AGENT", "RELATED_FINDING", "RELATED_FINDING_GROUP" ]
valid {
input.Body.GraphArn == STRING
input.Body.InvestigationId == STRING
input.Body.IndicatorType == enum_IndicatorType[_]
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListInvestigations
enum_Field := [ "SEVERITY", "STATUS", "CREATED_TIME" ]
enum_SortOrder := [ "ASC", "DESC" ]
valid {
input.Body.GraphArn == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.FilterCriteria.Severity.Value == STRING
input.Body.FilterCriteria.Status.Value == STRING
input.Body.FilterCriteria.State.Value == STRING
input.Body.FilterCriteria.EntityArn.Value == STRING
input.Body.FilterCriteria.CreatedTime.StartInclusive == TIMESTAMP
input.Body.FilterCriteria.CreatedTime.EndInclusive == TIMESTAMP
input.Body.SortCriteria.Field == enum_Field[_]
input.Body.SortCriteria.SortOrder == enum_SortOrder[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListInvitations
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMembers
valid {
input.Body.GraphArn == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListOrganizationAdminAccounts
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListTagsForResource
valid {
input.ReqMap.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}RejectInvitation
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}StartInvestigation
valid {
input.Body.GraphArn == STRING
input.Body.EntityArn == STRING
input.Body.ScopeStartTime == TIMESTAMP
input.Body.ScopeEndTime == TIMESTAMP
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}StartMonitoringMember
valid {
input.Body.GraphArn == STRING
input.Body.AccountId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}TagResource
valid {
input.Body.Tags.STRING == STRING
input.ReqMap.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UntagResource
valid {
input.ReqMap.ResourceArn == STRING
input.Qs.tagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateDatasourcePackages
enum_DatasourcePackage := [ "DETECTIVE_CORE", "EKS_AUDIT", "ASFF_SECURITYHUB_FINDING" ]
valid {
input.Body.GraphArn == STRING
input.Body.DatasourcePackages[_] == enum_DatasourcePackage[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateInvestigationState
enum_State := [ "ACTIVE", "ARCHIVED" ]
valid {
input.Body.GraphArn == STRING
input.Body.InvestigationId == STRING
input.Body.State == enum_State[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateOrganizationConfiguration
valid {
input.Body.GraphArn == STRING
input.Body.AutoEnable == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}Updated 19 days ago