AddAttributesToFindings

valid {
    input.Body.findingArns[_] == STRING
    input.Body.attributes[_].key == STRING
    input.Body.attributes[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAssessmentTarget

valid {
    input.Body.assessmentTargetName == STRING
    input.Body.resourceGroupArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAssessmentTemplate

valid {
    input.Body.assessmentTargetArn == STRING
    input.Body.assessmentTemplateName == STRING
    input.Body.durationInSeconds == INTEGER
    input.Body.rulesPackageArns[_] == STRING
    input.Body.userAttributesForFindings[_].key == STRING
    input.Body.userAttributesForFindings[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateExclusionsPreview

valid {
    input.Body.assessmentTemplateArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateResourceGroup

valid {
    input.Body.resourceGroupTags[_].key == STRING
    input.Body.resourceGroupTags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessmentRun

valid {
    input.Body.assessmentRunArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessmentTarget

valid {
    input.Body.assessmentTargetArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAssessmentTemplate

valid {
    input.Body.assessmentTemplateArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAssessmentRuns

valid {
    input.Body.assessmentRunArns[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAssessmentTargets

valid {
    input.Body.assessmentTargetArns[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAssessmentTemplates

valid {
    input.Body.assessmentTemplateArns[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeCrossAccountAccessRole

valid {
    input.Body.assessmentTemplateArns[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeExclusions

enum_Locale := [ "EN_US" ]

valid {
    input.Body.exclusionArns[_] == STRING
    input.Body.locale == enum_Locale[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeFindings

enum_Locale := [ "EN_US" ]

valid {
    input.Body.findingArns[_] == STRING
    input.Body.locale == enum_Locale[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeResourceGroups

valid {
    input.Body.resourceGroupArns[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeRulesPackages

enum_Locale := [ "EN_US" ]

valid {
    input.Body.rulesPackageArns[_] == STRING
    input.Body.locale == enum_Locale[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAssessmentReport

enum_ReportFileFormat := [ "HTML", "PDF" ]
enum_ReportType := [ "FINDING", "FULL" ]

valid {
    input.Body.assessmentRunArn == STRING
    input.Body.reportFileFormat == enum_ReportFileFormat[_]
    input.Body.reportType == enum_ReportType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetExclusionsPreview

enum_Locale := [ "EN_US" ]

valid {
    input.Body.assessmentTemplateArn == STRING
    input.Body.previewToken == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.Body.locale == enum_Locale[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTelemetryMetadata

valid {
    input.Body.assessmentRunArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentRunAgents

enum_AgentHealth := [ "HEALTHY", "UNHEALTHY", "UNKNOWN" ]
enum_AgentHealthCode := [ "IDLE", "RUNNING", "SHUTDOWN", "UNHEALTHY", "THROTTLED", "UNKNOWN" ]

valid {
    input.Body.assessmentRunArn == STRING
    input.Body.filter.agentHealths[_] == enum_AgentHealth[_]
    input.Body.filter.agentHealthCodes[_] == enum_AgentHealthCode[_]
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentRuns

enum_AssessmentRunState := [ "CREATED", "START_DATA_COLLECTION_PENDING", "START_DATA_COLLECTION_IN_PROGRESS", "COLLECTING_DATA", "STOP_DATA_COLLECTION_PENDING", "DATA_COLLECTED", "START_EVALUATING_RULES_PENDING", "EVALUATING_RULES", "FAILED", "ERROR", "COMPLETED", "COMPLETED_WITH_ERRORS", "CANCELED" ]

valid {
    input.Body.assessmentTemplateArns[_] == STRING
    input.Body.filter.namePattern == STRING
    input.Body.filter.states[_] == enum_AssessmentRunState[_]
    input.Body.filter.durationRange.minSeconds == INTEGER
    input.Body.filter.durationRange.maxSeconds == INTEGER
    input.Body.filter.rulesPackageArns[_] == STRING
    input.Body.filter.startTimeRange.beginDate == TIMESTAMP
    input.Body.filter.startTimeRange.endDate == TIMESTAMP
    input.Body.filter.completionTimeRange.beginDate == TIMESTAMP
    input.Body.filter.completionTimeRange.endDate == TIMESTAMP
    input.Body.filter.stateChangeTimeRange.beginDate == TIMESTAMP
    input.Body.filter.stateChangeTimeRange.endDate == TIMESTAMP
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentTargets

valid {
    input.Body.filter.assessmentTargetNamePattern == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAssessmentTemplates

valid {
    input.Body.assessmentTargetArns[_] == STRING
    input.Body.filter.namePattern == STRING
    input.Body.filter.durationRange.minSeconds == INTEGER
    input.Body.filter.durationRange.maxSeconds == INTEGER
    input.Body.filter.rulesPackageArns[_] == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListEventSubscriptions

valid {
    input.Body.resourceArn == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListExclusions

valid {
    input.Body.assessmentRunArn == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListFindings

enum_Severity := [ "Low", "Medium", "High", "Informational", "Undefined" ]

valid {
    input.Body.assessmentRunArns[_] == STRING
    input.Body.filter.agentIds[_] == STRING
    input.Body.filter.autoScalingGroups[_] == STRING
    input.Body.filter.ruleNames[_] == STRING
    input.Body.filter.severities[_] == enum_Severity[_]
    input.Body.filter.rulesPackageArns[_] == STRING
    input.Body.filter.attributes[_].key == STRING
    input.Body.filter.attributes[_].value == STRING
    input.Body.filter.userAttributes[_].key == STRING
    input.Body.filter.userAttributes[_].value == STRING
    input.Body.filter.creationTimeRange.beginDate == TIMESTAMP
    input.Body.filter.creationTimeRange.endDate == TIMESTAMP
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListRulesPackages

valid {
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.Body.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PreviewAgents

valid {
    input.Body.previewAgentsArn == STRING
    input.Body.nextToken == STRING
    input.Body.maxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RegisterCrossAccountAccessRole

valid {
    input.Body.roleArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RemoveAttributesFromFindings

valid {
    input.Body.findingArns[_] == STRING
    input.Body.attributeKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

SetTagsForResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartAssessmentRun

valid {
    input.Body.assessmentTemplateArn == STRING
    input.Body.assessmentRunName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StopAssessmentRun

enum_StopAction := [ "START_EVALUATION", "SKIP_EVALUATION" ]

valid {
    input.Body.assessmentRunArn == STRING
    input.Body.stopAction == enum_StopAction[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

SubscribeToEvent

enum_InspectorEvent := [ "ASSESSMENT_RUN_STARTED", "ASSESSMENT_RUN_COMPLETED", "ASSESSMENT_RUN_STATE_CHANGED", "FINDING_REPORTED", "OTHER" ]

valid {
    input.Body.resourceArn == STRING
    input.Body.event == enum_InspectorEvent[_]
    input.Body.topicArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UnsubscribeFromEvent

enum_InspectorEvent := [ "ASSESSMENT_RUN_STARTED", "ASSESSMENT_RUN_COMPLETED", "ASSESSMENT_RUN_STATE_CHANGED", "FINDING_REPORTED", "OTHER" ]

valid {
    input.Body.resourceArn == STRING
    input.Body.event == enum_InspectorEvent[_]
    input.Body.topicArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAssessmentTarget

valid {
    input.Body.assessmentTargetArn == STRING
    input.Body.assessmentTargetName == STRING
    input.Body.resourceGroupArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}