DETECTIVE
AcceptInvitation
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
BatchGetGraphMemberDatasources
valid {
input.Body.GraphArn == STRING
input.Body.AccountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
BatchGetMembershipDatasources
valid {
input.Body.GraphArns[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateGraph
valid {
input.Body.Tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateMembers
valid {
input.Body.GraphArn == STRING
input.Body.Message == STRING
input.Body.DisableEmailNotification == BOOLEAN
input.Body.Accounts[_].AccountId == STRING
input.Body.Accounts[_].EmailAddress == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteGraph
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteMembers
valid {
input.Body.GraphArn == STRING
input.Body.AccountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeOrganizationConfiguration
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableOrganizationAdminAccount
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisassociateMembership
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableOrganizationAdminAccount
valid {
input.Body.AccountId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInvestigation
valid {
input.Body.GraphArn == STRING
input.Body.InvestigationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetMembers
valid {
input.Body.GraphArn == STRING
input.Body.AccountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListDatasourcePackages
valid {
input.Body.GraphArn == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListGraphs
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListIndicators
enum_IndicatorType := [ "TTP_OBSERVED", "IMPOSSIBLE_TRAVEL", "FLAGGED_IP_ADDRESS", "NEW_GEOLOCATION", "NEW_ASO", "NEW_USER_AGENT", "RELATED_FINDING", "RELATED_FINDING_GROUP" ]
valid {
input.Body.GraphArn == STRING
input.Body.InvestigationId == STRING
input.Body.IndicatorType == enum_IndicatorType[_]
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListInvestigations
enum_Field := [ "SEVERITY", "STATUS", "CREATED_TIME" ]
enum_SortOrder := [ "ASC", "DESC" ]
valid {
input.Body.GraphArn == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.FilterCriteria.Severity.Value == STRING
input.Body.FilterCriteria.Status.Value == STRING
input.Body.FilterCriteria.State.Value == STRING
input.Body.FilterCriteria.EntityArn.Value == STRING
input.Body.FilterCriteria.CreatedTime.StartInclusive == TIMESTAMP
input.Body.FilterCriteria.CreatedTime.EndInclusive == TIMESTAMP
input.Body.SortCriteria.Field == enum_Field[_]
input.Body.SortCriteria.SortOrder == enum_SortOrder[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListInvitations
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMembers
valid {
input.Body.GraphArn == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListOrganizationAdminAccounts
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTagsForResource
valid {
input.ReqMap.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RejectInvitation
valid {
input.Body.GraphArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StartInvestigation
valid {
input.Body.GraphArn == STRING
input.Body.EntityArn == STRING
input.Body.ScopeStartTime == TIMESTAMP
input.Body.ScopeEndTime == TIMESTAMP
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StartMonitoringMember
valid {
input.Body.GraphArn == STRING
input.Body.AccountId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.Tags.STRING == STRING
input.ReqMap.ResourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.ReqMap.ResourceArn == STRING
input.Qs.tagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateDatasourcePackages
enum_DatasourcePackage := [ "DETECTIVE_CORE", "EKS_AUDIT", "ASFF_SECURITYHUB_FINDING" ]
valid {
input.Body.GraphArn == STRING
input.Body.DatasourcePackages[_] == enum_DatasourcePackage[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateInvestigationState
enum_State := [ "ACTIVE", "ARCHIVED" ]
valid {
input.Body.GraphArn == STRING
input.Body.InvestigationId == STRING
input.Body.State == enum_State[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateOrganizationConfiguration
valid {
input.Body.GraphArn == STRING
input.Body.AutoEnable == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 8 days ago