KMS
CancelKeyDeletion
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ConnectCustomKeyStore
valid {
input.Body.CustomKeyStoreId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateAlias
valid {
input.Body.AliasName == STRING
input.Body.TargetKeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateCustomKeyStore
enum_CustomKeyStoreType := [ "AWS_CLOUDHSM", "EXTERNAL_KEY_STORE" ]
enum_XksProxyConnectivityType := [ "PUBLIC_ENDPOINT", "VPC_ENDPOINT_SERVICE" ]
valid {
input.Body.CustomKeyStoreName == STRING
input.Body.CloudHsmClusterId == STRING
input.Body.TrustAnchorCertificate == STRING
input.Body.KeyStorePassword == STRING
input.Body.CustomKeyStoreType == enum_CustomKeyStoreType[_]
input.Body.XksProxyUriEndpoint == STRING
input.Body.XksProxyUriPath == STRING
input.Body.XksProxyVpcEndpointServiceName == STRING
input.Body.XksProxyAuthenticationCredential.AccessKeyId == STRING
input.Body.XksProxyAuthenticationCredential.RawSecretAccessKey == STRING
input.Body.XksProxyConnectivity == enum_XksProxyConnectivityType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateGrant
enum_GrantOperation := [ "Decrypt", "Encrypt", "GenerateDataKey", "GenerateDataKeyWithoutPlaintext", "ReEncryptFrom", "ReEncryptTo", "Sign", "Verify", "GetPublicKey", "CreateGrant", "RetireGrant", "DescribeKey", "GenerateDataKeyPair", "GenerateDataKeyPairWithoutPlaintext", "GenerateMac", "VerifyMac", "DeriveSharedSecret" ]
valid {
input.Body.KeyId == STRING
input.Body.GranteePrincipal == STRING
input.Body.RetiringPrincipal == STRING
input.Body.Operations[_] == enum_GrantOperation[_]
input.Body.Constraints.EncryptionContextSubset.STRING == STRING
input.Body.Constraints.EncryptionContextEquals.STRING == STRING
input.Body.GrantTokens[_] == STRING
input.Body.Name == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateKey
enum_CustomerMasterKeySpec := [ "RSA_2048", "RSA_3072", "RSA_4096", "ECC_NIST_P256", "ECC_NIST_P384", "ECC_NIST_P521", "ECC_SECG_P256K1", "SYMMETRIC_DEFAULT", "HMAC_224", "HMAC_256", "HMAC_384", "HMAC_512", "SM2" ]
enum_KeySpec := [ "RSA_2048", "RSA_3072", "RSA_4096", "ECC_NIST_P256", "ECC_NIST_P384", "ECC_NIST_P521", "ECC_SECG_P256K1", "SYMMETRIC_DEFAULT", "HMAC_224", "HMAC_256", "HMAC_384", "HMAC_512", "SM2" ]
enum_KeyUsageType := [ "SIGN_VERIFY", "ENCRYPT_DECRYPT", "GENERATE_VERIFY_MAC", "KEY_AGREEMENT" ]
enum_OriginType := [ "AWS_KMS", "EXTERNAL", "AWS_CLOUDHSM", "EXTERNAL_KEY_STORE" ]
valid {
input.Body.Policy == STRING
input.Body.Description == STRING
input.Body.KeyUsage == enum_KeyUsageType[_]
input.Body.CustomerMasterKeySpec == enum_CustomerMasterKeySpec[_]
input.Body.KeySpec == enum_KeySpec[_]
input.Body.Origin == enum_OriginType[_]
input.Body.CustomKeyStoreId == STRING
input.Body.BypassPolicyLockoutSafetyCheck == BOOLEAN
input.Body.Tags[_].TagKey == STRING
input.Body.Tags[_].TagValue == STRING
input.Body.MultiRegion == BOOLEAN
input.Body.XksKeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Decrypt
enum_EncryptionAlgorithmSpec := [ "SYMMETRIC_DEFAULT", "RSAES_OAEP_SHA_1", "RSAES_OAEP_SHA_256", "SM2PKE" ]
enum_KeyEncryptionMechanism := [ "RSAES_OAEP_SHA_256" ]
valid {
input.Body.CiphertextBlob == BLOB
input.Body.EncryptionContext.STRING == STRING
input.Body.GrantTokens[_] == STRING
input.Body.KeyId == STRING
input.Body.EncryptionAlgorithm == enum_EncryptionAlgorithmSpec[_]
input.Body.Recipient.KeyEncryptionAlgorithm == enum_KeyEncryptionMechanism[_]
input.Body.Recipient.AttestationDocument == BLOB
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAlias
valid {
input.Body.AliasName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteCustomKeyStore
valid {
input.Body.CustomKeyStoreId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteImportedKeyMaterial
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeriveSharedSecret
enum_KeyAgreementAlgorithmSpec := [ "ECDH" ]
enum_KeyEncryptionMechanism := [ "RSAES_OAEP_SHA_256" ]
valid {
input.Body.KeyId == STRING
input.Body.KeyAgreementAlgorithm == enum_KeyAgreementAlgorithmSpec[_]
input.Body.PublicKey == BLOB
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.Body.Recipient.KeyEncryptionAlgorithm == enum_KeyEncryptionMechanism[_]
input.Body.Recipient.AttestationDocument == BLOB
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeCustomKeyStores
valid {
input.Body.CustomKeyStoreId == STRING
input.Body.CustomKeyStoreName == STRING
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeKey
valid {
input.Body.KeyId == STRING
input.Body.GrantTokens[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableKey
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableKeyRotation
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisconnectCustomKeyStore
valid {
input.Body.CustomKeyStoreId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableKey
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableKeyRotation
valid {
input.Body.KeyId == STRING
input.Body.RotationPeriodInDays == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Encrypt
enum_EncryptionAlgorithmSpec := [ "SYMMETRIC_DEFAULT", "RSAES_OAEP_SHA_1", "RSAES_OAEP_SHA_256", "SM2PKE" ]
valid {
input.Body.KeyId == STRING
input.Body.Plaintext == BLOB
input.Body.EncryptionContext.STRING == STRING
input.Body.GrantTokens[_] == STRING
input.Body.EncryptionAlgorithm == enum_EncryptionAlgorithmSpec[_]
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GenerateDataKey
enum_DataKeySpec := [ "AES_256", "AES_128" ]
enum_KeyEncryptionMechanism := [ "RSAES_OAEP_SHA_256" ]
valid {
input.Body.KeyId == STRING
input.Body.EncryptionContext.STRING == STRING
input.Body.NumberOfBytes == INTEGER
input.Body.KeySpec == enum_DataKeySpec[_]
input.Body.GrantTokens[_] == STRING
input.Body.Recipient.KeyEncryptionAlgorithm == enum_KeyEncryptionMechanism[_]
input.Body.Recipient.AttestationDocument == BLOB
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GenerateDataKeyPair
enum_DataKeyPairSpec := [ "RSA_2048", "RSA_3072", "RSA_4096", "ECC_NIST_P256", "ECC_NIST_P384", "ECC_NIST_P521", "ECC_SECG_P256K1", "SM2" ]
enum_KeyEncryptionMechanism := [ "RSAES_OAEP_SHA_256" ]
valid {
input.Body.EncryptionContext.STRING == STRING
input.Body.KeyId == STRING
input.Body.KeyPairSpec == enum_DataKeyPairSpec[_]
input.Body.GrantTokens[_] == STRING
input.Body.Recipient.KeyEncryptionAlgorithm == enum_KeyEncryptionMechanism[_]
input.Body.Recipient.AttestationDocument == BLOB
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GenerateDataKeyPairWithoutPlaintext
enum_DataKeyPairSpec := [ "RSA_2048", "RSA_3072", "RSA_4096", "ECC_NIST_P256", "ECC_NIST_P384", "ECC_NIST_P521", "ECC_SECG_P256K1", "SM2" ]
valid {
input.Body.EncryptionContext.STRING == STRING
input.Body.KeyId == STRING
input.Body.KeyPairSpec == enum_DataKeyPairSpec[_]
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GenerateDataKeyWithoutPlaintext
enum_DataKeySpec := [ "AES_256", "AES_128" ]
valid {
input.Body.KeyId == STRING
input.Body.EncryptionContext.STRING == STRING
input.Body.KeySpec == enum_DataKeySpec[_]
input.Body.NumberOfBytes == INTEGER
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GenerateMac
enum_MacAlgorithmSpec := [ "HMAC_SHA_224", "HMAC_SHA_256", "HMAC_SHA_384", "HMAC_SHA_512" ]
valid {
input.Body.Message == BLOB
input.Body.KeyId == STRING
input.Body.MacAlgorithm == enum_MacAlgorithmSpec[_]
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GenerateRandom
enum_KeyEncryptionMechanism := [ "RSAES_OAEP_SHA_256" ]
valid {
input.Body.NumberOfBytes == INTEGER
input.Body.CustomKeyStoreId == STRING
input.Body.Recipient.KeyEncryptionAlgorithm == enum_KeyEncryptionMechanism[_]
input.Body.Recipient.AttestationDocument == BLOB
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetKeyPolicy
valid {
input.Body.KeyId == STRING
input.Body.PolicyName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetKeyRotationStatus
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetParametersForImport
enum_AlgorithmSpec := [ "RSAES_PKCS1_V1_5", "RSAES_OAEP_SHA_1", "RSAES_OAEP_SHA_256", "RSA_AES_KEY_WRAP_SHA_1", "RSA_AES_KEY_WRAP_SHA_256", "SM2PKE" ]
enum_WrappingKeySpec := [ "RSA_2048", "RSA_3072", "RSA_4096", "SM2" ]
valid {
input.Body.KeyId == STRING
input.Body.WrappingAlgorithm == enum_AlgorithmSpec[_]
input.Body.WrappingKeySpec == enum_WrappingKeySpec[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetPublicKey
valid {
input.Body.KeyId == STRING
input.Body.GrantTokens[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ImportKeyMaterial
enum_ExpirationModelType := [ "KEY_MATERIAL_EXPIRES", "KEY_MATERIAL_DOES_NOT_EXPIRE" ]
valid {
input.Body.KeyId == STRING
input.Body.ImportToken == BLOB
input.Body.EncryptedKeyMaterial == BLOB
input.Body.ValidTo == TIMESTAMP
input.Body.ExpirationModel == enum_ExpirationModelType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListAliases
valid {
input.Body.KeyId == STRING
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListGrants
valid {
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.Body.KeyId == STRING
input.Body.GrantId == STRING
input.Body.GranteePrincipal == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListKeyPolicies
valid {
input.Body.KeyId == STRING
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListKeyRotations
valid {
input.Body.KeyId == STRING
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListKeys
valid {
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListResourceTags
valid {
input.Body.KeyId == STRING
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListRetirableGrants
valid {
input.Body.Limit == INTEGER
input.Body.Marker == STRING
input.Body.RetiringPrincipal == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutKeyPolicy
valid {
input.Body.KeyId == STRING
input.Body.PolicyName == STRING
input.Body.Policy == STRING
input.Body.BypassPolicyLockoutSafetyCheck == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ReEncrypt
enum_EncryptionAlgorithmSpec := [ "SYMMETRIC_DEFAULT", "RSAES_OAEP_SHA_1", "RSAES_OAEP_SHA_256", "SM2PKE" ]
valid {
input.Body.CiphertextBlob == BLOB
input.Body.SourceEncryptionContext.STRING == STRING
input.Body.SourceKeyId == STRING
input.Body.DestinationKeyId == STRING
input.Body.DestinationEncryptionContext.STRING == STRING
input.Body.SourceEncryptionAlgorithm == enum_EncryptionAlgorithmSpec[_]
input.Body.DestinationEncryptionAlgorithm == enum_EncryptionAlgorithmSpec[_]
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ReplicateKey
valid {
input.Body.KeyId == STRING
input.Body.ReplicaRegion == STRING
input.Body.Policy == STRING
input.Body.BypassPolicyLockoutSafetyCheck == BOOLEAN
input.Body.Description == STRING
input.Body.Tags[_].TagKey == STRING
input.Body.Tags[_].TagValue == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RetireGrant
valid {
input.Body.GrantToken == STRING
input.Body.KeyId == STRING
input.Body.GrantId == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RevokeGrant
valid {
input.Body.KeyId == STRING
input.Body.GrantId == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RotateKeyOnDemand
valid {
input.Body.KeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ScheduleKeyDeletion
valid {
input.Body.KeyId == STRING
input.Body.PendingWindowInDays == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Sign
enum_MessageType := [ "RAW", "DIGEST" ]
enum_SigningAlgorithmSpec := [ "RSASSA_PSS_SHA_256", "RSASSA_PSS_SHA_384", "RSASSA_PSS_SHA_512", "RSASSA_PKCS1_V1_5_SHA_256", "RSASSA_PKCS1_V1_5_SHA_384", "RSASSA_PKCS1_V1_5_SHA_512", "ECDSA_SHA_256", "ECDSA_SHA_384", "ECDSA_SHA_512", "SM2DSA" ]
valid {
input.Body.KeyId == STRING
input.Body.Message == BLOB
input.Body.MessageType == enum_MessageType[_]
input.Body.GrantTokens[_] == STRING
input.Body.SigningAlgorithm == enum_SigningAlgorithmSpec[_]
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.KeyId == STRING
input.Body.Tags[_].TagKey == STRING
input.Body.Tags[_].TagValue == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.Body.KeyId == STRING
input.Body.TagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateAlias
valid {
input.Body.AliasName == STRING
input.Body.TargetKeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateCustomKeyStore
enum_XksProxyConnectivityType := [ "PUBLIC_ENDPOINT", "VPC_ENDPOINT_SERVICE" ]
valid {
input.Body.CustomKeyStoreId == STRING
input.Body.NewCustomKeyStoreName == STRING
input.Body.KeyStorePassword == STRING
input.Body.CloudHsmClusterId == STRING
input.Body.XksProxyUriEndpoint == STRING
input.Body.XksProxyUriPath == STRING
input.Body.XksProxyVpcEndpointServiceName == STRING
input.Body.XksProxyAuthenticationCredential.AccessKeyId == STRING
input.Body.XksProxyAuthenticationCredential.RawSecretAccessKey == STRING
input.Body.XksProxyConnectivity == enum_XksProxyConnectivityType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateKeyDescription
valid {
input.Body.KeyId == STRING
input.Body.Description == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdatePrimaryRegion
valid {
input.Body.KeyId == STRING
input.Body.PrimaryRegion == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Verify
enum_MessageType := [ "RAW", "DIGEST" ]
enum_SigningAlgorithmSpec := [ "RSASSA_PSS_SHA_256", "RSASSA_PSS_SHA_384", "RSASSA_PSS_SHA_512", "RSASSA_PKCS1_V1_5_SHA_256", "RSASSA_PKCS1_V1_5_SHA_384", "RSASSA_PKCS1_V1_5_SHA_512", "ECDSA_SHA_256", "ECDSA_SHA_384", "ECDSA_SHA_512", "SM2DSA" ]
valid {
input.Body.KeyId == STRING
input.Body.Message == BLOB
input.Body.MessageType == enum_MessageType[_]
input.Body.Signature == BLOB
input.Body.SigningAlgorithm == enum_SigningAlgorithmSpec[_]
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
VerifyMac
enum_MacAlgorithmSpec := [ "HMAC_SHA_224", "HMAC_SHA_256", "HMAC_SHA_384", "HMAC_SHA_512" ]
valid {
input.Body.Message == BLOB
input.Body.KeyId == STRING
input.Body.MacAlgorithm == enum_MacAlgorithmSpec[_]
input.Body.Mac == BLOB
input.Body.GrantTokens[_] == STRING
input.Body.DryRun == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 23 days ago