ELASTICFILESYSTEM

CreateAccessPoint

valid {
    input.Body.ClientToken == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.Body.FileSystemId == STRING
    input.Body.PosixUser.Uid == LONG
    input.Body.PosixUser.Gid == LONG
    input.Body.PosixUser.SecondaryGids[_] == LONG
    input.Body.RootDirectory.Path == STRING
    input.Body.RootDirectory.CreationInfo.OwnerUid == LONG
    input.Body.RootDirectory.CreationInfo.OwnerGid == LONG
    input.Body.RootDirectory.CreationInfo.Permissions == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateFileSystem

enum_PerformanceMode := [ "generalPurpose", "maxIO" ]
enum_ThroughputMode := [ "bursting", "provisioned", "elastic" ]

valid {
    input.Body.CreationToken == STRING
    input.Body.PerformanceMode == enum_PerformanceMode[_]
    input.Body.Encrypted == BOOLEAN
    input.Body.KmsKeyId == STRING
    input.Body.ThroughputMode == enum_ThroughputMode[_]
    input.Body.ProvisionedThroughputInMibps == DOUBLE
    input.Body.AvailabilityZoneName == STRING
    input.Body.Backup == BOOLEAN
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateMountTarget

valid {
    input.Body.FileSystemId == STRING
    input.Body.SubnetId == STRING
    input.Body.IpAddress == STRING
    input.Body.SecurityGroups[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateReplicationConfiguration

valid {
    input.Body.Destinations[_].Region == STRING
    input.Body.Destinations[_].AvailabilityZoneName == STRING
    input.Body.Destinations[_].KmsKeyId == STRING
    input.Body.Destinations[_].FileSystemId == STRING
    input.ReqMap.SourceFileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateTags

valid {
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAccessPoint

valid {
    input.ReqMap.AccessPointId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteFileSystem

valid {
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteFileSystemPolicy

valid {
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteMountTarget

valid {
    input.ReqMap.MountTargetId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteReplicationConfiguration

valid {
    input.ReqMap.SourceFileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteTags

valid {
    input.Body.TagKeys[_] == STRING
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAccessPoints

valid {
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.Qs.AccessPointId == STRING
    input.Qs.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAccountPreferences

valid {
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeBackupPolicy

valid {
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeFileSystemPolicy

valid {
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeFileSystems

valid {
    input.Qs.MaxItems == INTEGER
    input.Qs.Marker == STRING
    input.Qs.CreationToken == STRING
    input.Qs.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeLifecycleConfiguration

valid {
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeMountTargetSecurityGroups

valid {
    input.ReqMap.MountTargetId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeMountTargets

valid {
    input.Qs.MaxItems == INTEGER
    input.Qs.Marker == STRING
    input.Qs.FileSystemId == STRING
    input.Qs.MountTargetId == STRING
    input.Qs.AccessPointId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeReplicationConfigurations

valid {
    input.Qs.FileSystemId == STRING
    input.Qs.NextToken == STRING
    input.Qs.MaxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeTags

valid {
    input.ReqMap.FileSystemId == STRING
    input.Qs.MaxItems == INTEGER
    input.Qs.Marker == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.ReqMap.ResourceId == STRING
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ModifyMountTargetSecurityGroups

valid {
    input.Body.SecurityGroups[_] == STRING
    input.ReqMap.MountTargetId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutAccountPreferences

enum_ResourceIdType := [ "LONG_ID", "SHORT_ID" ]

valid {
    input.Body.ResourceIdType == enum_ResourceIdType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutBackupPolicy

enum_Status := [ "ENABLED", "ENABLING", "DISABLED", "DISABLING" ]

valid {
    input.Body.BackupPolicy.Status == enum_Status[_]
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutFileSystemPolicy

valid {
    input.Body.Policy == STRING
    input.Body.BypassPolicyLockoutSafetyCheck == BOOLEAN
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutLifecycleConfiguration

enum_TransitionToArchiveRules := [ "AFTER_1_DAY", "AFTER_7_DAYS", "AFTER_14_DAYS", "AFTER_30_DAYS", "AFTER_60_DAYS", "AFTER_90_DAYS", "AFTER_180_DAYS", "AFTER_270_DAYS", "AFTER_365_DAYS" ]
enum_TransitionToIARules := [ "AFTER_7_DAYS", "AFTER_14_DAYS", "AFTER_30_DAYS", "AFTER_60_DAYS", "AFTER_90_DAYS", "AFTER_1_DAY", "AFTER_180_DAYS", "AFTER_270_DAYS", "AFTER_365_DAYS" ]
enum_TransitionToPrimaryStorageClassRules := [ "AFTER_1_ACCESS" ]

valid {
    input.Body.LifecyclePolicies[_].TransitionToIA == enum_TransitionToIARules[_]
    input.Body.LifecyclePolicies[_].TransitionToPrimaryStorageClass == enum_TransitionToPrimaryStorageClassRules[_]
    input.Body.LifecyclePolicies[_].TransitionToArchive == enum_TransitionToArchiveRules[_]
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ReqMap.ResourceId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.ReqMap.ResourceId == STRING
    input.Qs.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateFileSystem

enum_ThroughputMode := [ "bursting", "provisioned", "elastic" ]

valid {
    input.Body.ThroughputMode == enum_ThroughputMode[_]
    input.Body.ProvisionedThroughputInMibps == DOUBLE
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateFileSystemProtection

enum_ReplicationOverwriteProtection := [ "ENABLED", "DISABLED", "REPLICATING" ]

valid {
    input.Body.ReplicationOverwriteProtection == enum_ReplicationOverwriteProtection[_]
    input.ReqMap.FileSystemId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}