LAKEFORMATION

AddLFTagsToResource

enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.LFTags[_].CatalogId == STRING
    input.Body.LFTags[_].TagKey == STRING
    input.Body.LFTags[_].TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AssumeDecoratedRoleWithSAML

valid {
    input.Body.SAMLAssertion == STRING
    input.Body.RoleArn == STRING
    input.Body.PrincipalArn == STRING
    input.Body.DurationSeconds == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchGrantPermissions

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]
enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Entries[_].Id == STRING
    input.Body.Entries[_].Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Entries[_].Resource.Catalog.Id == STRING
    input.Body.Entries[_].Resource.Database.CatalogId == STRING
    input.Body.Entries[_].Resource.Database.Name == STRING
    input.Body.Entries[_].Resource.Table.CatalogId == STRING
    input.Body.Entries[_].Resource.Table.DatabaseName == STRING
    input.Body.Entries[_].Resource.Table.Name == STRING
    input.Body.Entries[_].Resource.Table.TableWildcard == {}
    input.Body.Entries[_].Resource.TableWithColumns.CatalogId == STRING
    input.Body.Entries[_].Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Entries[_].Resource.TableWithColumns.Name == STRING
    input.Body.Entries[_].Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Entries[_].Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Entries[_].Resource.DataLocation.CatalogId == STRING
    input.Body.Entries[_].Resource.DataLocation.ResourceArn == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.TableName == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.Name == STRING
    input.Body.Entries[_].Resource.LFTag.CatalogId == STRING
    input.Body.Entries[_].Resource.LFTag.TagKey == STRING
    input.Body.Entries[_].Resource.LFTag.TagValues[_] == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Entries[_].Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Entries[_].Resource.LFTagExpression.CatalogId == STRING
    input.Body.Entries[_].Resource.LFTagExpression.Name == STRING
    input.Body.Entries[_].Permissions[_] == enum_Permission[_]
    input.Body.Entries[_].PermissionsWithGrantOption[_] == enum_Permission[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchRevokePermissions

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]
enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Entries[_].Id == STRING
    input.Body.Entries[_].Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Entries[_].Resource.Catalog.Id == STRING
    input.Body.Entries[_].Resource.Database.CatalogId == STRING
    input.Body.Entries[_].Resource.Database.Name == STRING
    input.Body.Entries[_].Resource.Table.CatalogId == STRING
    input.Body.Entries[_].Resource.Table.DatabaseName == STRING
    input.Body.Entries[_].Resource.Table.Name == STRING
    input.Body.Entries[_].Resource.Table.TableWildcard == {}
    input.Body.Entries[_].Resource.TableWithColumns.CatalogId == STRING
    input.Body.Entries[_].Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Entries[_].Resource.TableWithColumns.Name == STRING
    input.Body.Entries[_].Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Entries[_].Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Entries[_].Resource.DataLocation.CatalogId == STRING
    input.Body.Entries[_].Resource.DataLocation.ResourceArn == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.TableName == STRING
    input.Body.Entries[_].Resource.DataCellsFilter.Name == STRING
    input.Body.Entries[_].Resource.LFTag.CatalogId == STRING
    input.Body.Entries[_].Resource.LFTag.TagKey == STRING
    input.Body.Entries[_].Resource.LFTag.TagValues[_] == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Entries[_].Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Entries[_].Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Entries[_].Resource.LFTagExpression.CatalogId == STRING
    input.Body.Entries[_].Resource.LFTagExpression.Name == STRING
    input.Body.Entries[_].Permissions[_] == enum_Permission[_]
    input.Body.Entries[_].PermissionsWithGrantOption[_] == enum_Permission[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CancelTransaction

valid {
    input.Body.TransactionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CommitTransaction

valid {
    input.Body.TransactionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateDataCellsFilter

valid {
    input.Body.TableData.TableCatalogId == STRING
    input.Body.TableData.DatabaseName == STRING
    input.Body.TableData.TableName == STRING
    input.Body.TableData.Name == STRING
    input.Body.TableData.RowFilter.FilterExpression == STRING
    input.Body.TableData.RowFilter.AllRowsWildcard == {}
    input.Body.TableData.ColumnNames[_] == STRING
    input.Body.TableData.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.TableData.VersionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateLFTag

valid {
    input.Body.CatalogId == STRING
    input.Body.TagKey == STRING
    input.Body.TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateLFTagExpression

valid {
    input.Body.Name == STRING
    input.Body.Description == STRING
    input.Body.CatalogId == STRING
    input.Body.Expression[_].TagKey == STRING
    input.Body.Expression[_].TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateLakeFormationIdentityCenterConfiguration

enum_EnableStatus := [ "ENABLED", "DISABLED" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.InstanceArn == STRING
    input.Body.ExternalFiltering.Status == enum_EnableStatus[_]
    input.Body.ExternalFiltering.AuthorizedTargets[_] == STRING
    input.Body.ShareRecipients[_].DataLakePrincipalIdentifier == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateLakeFormationOptIn

enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteDataCellsFilter

valid {
    input.Body.TableCatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.Name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteLFTag

valid {
    input.Body.CatalogId == STRING
    input.Body.TagKey == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteLFTagExpression

valid {
    input.Body.Name == STRING
    input.Body.CatalogId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteLakeFormationIdentityCenterConfiguration

valid {
    input.Body.CatalogId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteLakeFormationOptIn

enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteObjectsOnCancel

valid {
    input.Body.CatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.TransactionId == STRING
    input.Body.Objects[_].Uri == STRING
    input.Body.Objects[_].ETag == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeregisterResource

valid {
    input.Body.ResourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeLakeFormationIdentityCenterConfiguration

valid {
    input.Body.CatalogId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeResource

valid {
    input.Body.ResourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeTransaction

valid {
    input.Body.TransactionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ExtendTransaction

valid {
    input.Body.TransactionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDataCellsFilter

valid {
    input.Body.TableCatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.Name == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDataLakePrincipal

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetDataLakeSettings

valid {
    input.Body.CatalogId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEffectivePermissionsForPath

valid {
    input.Body.CatalogId == STRING
    input.Body.ResourceArn == STRING
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetLFTag

valid {
    input.Body.CatalogId == STRING
    input.Body.TagKey == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetLFTagExpression

valid {
    input.Body.Name == STRING
    input.Body.CatalogId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetQueryState

valid {
    input.Body.QueryId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetQueryStatistics

valid {
    input.Body.QueryId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetResourceLFTags

enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.ShowAssignedLFTags == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTableObjects

valid {
    input.Body.CatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.TransactionId == STRING
    input.Body.QueryAsOfTime == TIMESTAMP
    input.Body.PartitionPredicate == STRING
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTemporaryGluePartitionCredentials

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]
enum_PermissionType := [ "COLUMN_PERMISSION", "CELL_FILTER_PERMISSION", "NESTED_PERMISSION", "NESTED_CELL_PERMISSION" ]

valid {
    input.Body.TableArn == STRING
    input.Body.Partition.Values[_] == STRING
    input.Body.Permissions[_] == enum_Permission[_]
    input.Body.DurationSeconds == INTEGER
    input.Body.AuditContext.AdditionalAuditContext == STRING
    input.Body.SupportedPermissionTypes[_] == enum_PermissionType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTemporaryGlueTableCredentials

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]
enum_PermissionType := [ "COLUMN_PERMISSION", "CELL_FILTER_PERMISSION", "NESTED_PERMISSION", "NESTED_CELL_PERMISSION" ]

valid {
    input.Body.TableArn == STRING
    input.Body.Permissions[_] == enum_Permission[_]
    input.Body.DurationSeconds == INTEGER
    input.Body.AuditContext.AdditionalAuditContext == STRING
    input.Body.SupportedPermissionTypes[_] == enum_PermissionType[_]
    input.Body.S3Path == STRING
    input.Body.QuerySessionContext.QueryId == STRING
    input.Body.QuerySessionContext.QueryStartTime == TIMESTAMP
    input.Body.QuerySessionContext.ClusterId == STRING
    input.Body.QuerySessionContext.QueryAuthorizationId == STRING
    input.Body.QuerySessionContext.AdditionalContext.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetWorkUnitResults

valid {
    input.Body.QueryId == STRING
    input.Body.WorkUnitId == LONG
    input.Body.WorkUnitToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetWorkUnits

valid {
    input.Body.NextToken == STRING
    input.Body.PageSize == INTEGER
    input.Body.QueryId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GrantPermissions

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]
enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.Permissions[_] == enum_Permission[_]
    input.Body.PermissionsWithGrantOption[_] == enum_Permission[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListDataCellsFilter

valid {
    input.Body.Table.CatalogId == STRING
    input.Body.Table.DatabaseName == STRING
    input.Body.Table.Name == STRING
    input.Body.Table.TableWildcard == {}
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListLFTagExpressions

valid {
    input.Body.CatalogId == STRING
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListLFTags

enum_ResourceShareType := [ "FOREIGN", "ALL" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.ResourceShareType == enum_ResourceShareType[_]
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListLakeFormationOptIns

enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListPermissions

enum_DataLakeResourceType := [ "CATALOG", "DATABASE", "TABLE", "DATA_LOCATION", "LF_TAG", "LF_TAG_POLICY", "LF_TAG_POLICY_DATABASE", "LF_TAG_POLICY_TABLE", "LF_NAMED_TAG_EXPRESSION" ]
enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Principal.DataLakePrincipalIdentifier == STRING
    input.Body.ResourceType == enum_DataLakeResourceType[_]
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.Body.IncludeRelated == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListResources

enum_ComparisonOperator := [ "EQ", "NE", "LE", "LT", "GE", "GT", "CONTAINS", "NOT_CONTAINS", "BEGINS_WITH", "IN", "BETWEEN" ]
enum_FieldNameString := [ "RESOURCE_ARN", "ROLE_ARN", "LAST_MODIFIED" ]

valid {
    input.Body.FilterConditionList[_].Field == enum_FieldNameString[_]
    input.Body.FilterConditionList[_].ComparisonOperator == enum_ComparisonOperator[_]
    input.Body.FilterConditionList[_].StringValueList[_] == STRING
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTableStorageOptimizers

enum_OptimizerType := [ "COMPACTION", "GARBAGE_COLLECTION", "ALL" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.StorageOptimizerType == enum_OptimizerType[_]
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTransactions

enum_TransactionStatusFilter := [ "ALL", "COMPLETED", "ACTIVE", "COMMITTED", "ABORTED" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.StatusFilter == enum_TransactionStatusFilter[_]
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutDataLakeSettings

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.DataLakeSettings.DataLakeAdmins[_].DataLakePrincipalIdentifier == STRING
    input.Body.DataLakeSettings.ReadOnlyAdmins[_].DataLakePrincipalIdentifier == STRING
    input.Body.DataLakeSettings.CreateDatabaseDefaultPermissions[_].Principal.DataLakePrincipalIdentifier == STRING
    input.Body.DataLakeSettings.CreateDatabaseDefaultPermissions[_].Permissions[_] == enum_Permission[_]
    input.Body.DataLakeSettings.CreateTableDefaultPermissions[_].Principal.DataLakePrincipalIdentifier == STRING
    input.Body.DataLakeSettings.CreateTableDefaultPermissions[_].Permissions[_] == enum_Permission[_]
    input.Body.DataLakeSettings.Parameters.STRING == STRING
    input.Body.DataLakeSettings.TrustedResourceOwners[_] == STRING
    input.Body.DataLakeSettings.AllowExternalDataFiltering == BOOLEAN
    input.Body.DataLakeSettings.AllowFullTableExternalDataAccess == BOOLEAN
    input.Body.DataLakeSettings.ExternalDataFilteringAllowList[_].DataLakePrincipalIdentifier == STRING
    input.Body.DataLakeSettings.AuthorizedSessionTagValueList[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RegisterResource

valid {
    input.Body.ResourceArn == STRING
    input.Body.UseServiceLinkedRole == BOOLEAN
    input.Body.RoleArn == STRING
    input.Body.WithFederation == BOOLEAN
    input.Body.HybridAccessEnabled == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RemoveLFTagsFromResource

enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.LFTags[_].CatalogId == STRING
    input.Body.LFTags[_].TagKey == STRING
    input.Body.LFTags[_].TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RevokePermissions

enum_Permission := [ "ALL", "SELECT", "ALTER", "DROP", "DELETE", "INSERT", "DESCRIBE", "CREATE_DATABASE", "CREATE_TABLE", "DATA_LOCATION_ACCESS", "CREATE_LF_TAG", "ASSOCIATE", "GRANT_WITH_LF_TAG_EXPRESSION", "CREATE_LF_TAG_EXPRESSION", "CREATE_CATALOG", "SUPER_USER" ]
enum_ResourceType := [ "DATABASE", "TABLE" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.Principal.DataLakePrincipalIdentifier == STRING
    input.Body.Resource.Catalog.Id == STRING
    input.Body.Resource.Database.CatalogId == STRING
    input.Body.Resource.Database.Name == STRING
    input.Body.Resource.Table.CatalogId == STRING
    input.Body.Resource.Table.DatabaseName == STRING
    input.Body.Resource.Table.Name == STRING
    input.Body.Resource.Table.TableWildcard == {}
    input.Body.Resource.TableWithColumns.CatalogId == STRING
    input.Body.Resource.TableWithColumns.DatabaseName == STRING
    input.Body.Resource.TableWithColumns.Name == STRING
    input.Body.Resource.TableWithColumns.ColumnNames[_] == STRING
    input.Body.Resource.TableWithColumns.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.Resource.DataLocation.CatalogId == STRING
    input.Body.Resource.DataLocation.ResourceArn == STRING
    input.Body.Resource.DataCellsFilter.TableCatalogId == STRING
    input.Body.Resource.DataCellsFilter.DatabaseName == STRING
    input.Body.Resource.DataCellsFilter.TableName == STRING
    input.Body.Resource.DataCellsFilter.Name == STRING
    input.Body.Resource.LFTag.CatalogId == STRING
    input.Body.Resource.LFTag.TagKey == STRING
    input.Body.Resource.LFTag.TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.CatalogId == STRING
    input.Body.Resource.LFTagPolicy.ResourceType == enum_ResourceType[_]
    input.Body.Resource.LFTagPolicy.Expression[_].TagKey == STRING
    input.Body.Resource.LFTagPolicy.Expression[_].TagValues[_] == STRING
    input.Body.Resource.LFTagPolicy.ExpressionName == STRING
    input.Body.Resource.LFTagExpression.CatalogId == STRING
    input.Body.Resource.LFTagExpression.Name == STRING
    input.Body.Permissions[_] == enum_Permission[_]
    input.Body.PermissionsWithGrantOption[_] == enum_Permission[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

SearchDatabasesByLFTags

valid {
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.Body.CatalogId == STRING
    input.Body.Expression[_].TagKey == STRING
    input.Body.Expression[_].TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

SearchTablesByLFTags

valid {
    input.Body.NextToken == STRING
    input.Body.MaxResults == INTEGER
    input.Body.CatalogId == STRING
    input.Body.Expression[_].TagKey == STRING
    input.Body.Expression[_].TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartQueryPlanning

valid {
    input.Body.QueryPlanningContext.CatalogId == STRING
    input.Body.QueryPlanningContext.DatabaseName == STRING
    input.Body.QueryPlanningContext.QueryAsOfTime == TIMESTAMP
    input.Body.QueryPlanningContext.QueryParameters.STRING == STRING
    input.Body.QueryPlanningContext.TransactionId == STRING
    input.Body.QueryString == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartTransaction

enum_TransactionType := [ "READ_AND_WRITE", "READ_ONLY" ]

valid {
    input.Body.TransactionType == enum_TransactionType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateDataCellsFilter

valid {
    input.Body.TableData.TableCatalogId == STRING
    input.Body.TableData.DatabaseName == STRING
    input.Body.TableData.TableName == STRING
    input.Body.TableData.Name == STRING
    input.Body.TableData.RowFilter.FilterExpression == STRING
    input.Body.TableData.RowFilter.AllRowsWildcard == {}
    input.Body.TableData.ColumnNames[_] == STRING
    input.Body.TableData.ColumnWildcard.ExcludedColumnNames[_] == STRING
    input.Body.TableData.VersionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateLFTag

valid {
    input.Body.CatalogId == STRING
    input.Body.TagKey == STRING
    input.Body.TagValuesToDelete[_] == STRING
    input.Body.TagValuesToAdd[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateLFTagExpression

valid {
    input.Body.Name == STRING
    input.Body.Description == STRING
    input.Body.CatalogId == STRING
    input.Body.Expression[_].TagKey == STRING
    input.Body.Expression[_].TagValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateLakeFormationIdentityCenterConfiguration

enum_ApplicationStatus := [ "ENABLED", "DISABLED" ]
enum_EnableStatus := [ "ENABLED", "DISABLED" ]

valid {
    input.Body.CatalogId == STRING
    input.Body.ShareRecipients[_].DataLakePrincipalIdentifier == STRING
    input.Body.ApplicationStatus == enum_ApplicationStatus[_]
    input.Body.ExternalFiltering.Status == enum_EnableStatus[_]
    input.Body.ExternalFiltering.AuthorizedTargets[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateResource

valid {
    input.Body.RoleArn == STRING
    input.Body.ResourceArn == STRING
    input.Body.WithFederation == BOOLEAN
    input.Body.HybridAccessEnabled == BOOLEAN
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateTableObjects

valid {
    input.Body.CatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.TransactionId == STRING
    input.Body.WriteOperations[_].AddObject.Uri == STRING
    input.Body.WriteOperations[_].AddObject.ETag == STRING
    input.Body.WriteOperations[_].AddObject.Size == LONG
    input.Body.WriteOperations[_].AddObject.PartitionValues[_] == STRING
    input.Body.WriteOperations[_].DeleteObject.Uri == STRING
    input.Body.WriteOperations[_].DeleteObject.ETag == STRING
    input.Body.WriteOperations[_].DeleteObject.PartitionValues[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateTableStorageOptimizer

valid {
    input.Body.CatalogId == STRING
    input.Body.DatabaseName == STRING
    input.Body.TableName == STRING
    input.Body.StorageOptimizerConfig.COMPACTION.STRING == STRING
    input.Body.StorageOptimizerConfig.GARBAGE_COLLECTION.STRING == STRING
    input.Body.StorageOptimizerConfig.ALL.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}