LIGHTSAIL
AllocateStaticIp
valid {
input.Body.staticIpName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AttachCertificateToDistribution
valid {
input.Body.distributionName == STRING
input.Body.certificateName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AttachDisk
valid {
input.Body.diskName == STRING
input.Body.instanceName == STRING
input.Body.diskPath == STRING
input.Body.autoMounting == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AttachInstancesToLoadBalancer
valid {
input.Body.loadBalancerName == STRING
input.Body.instanceNames[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AttachLoadBalancerTlsCertificate
valid {
input.Body.loadBalancerName == STRING
input.Body.certificateName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AttachStaticIp
valid {
input.Body.staticIpName == STRING
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CloseInstancePublicPorts
enum_NetworkProtocol := [ "tcp", "all", "udp", "icmp", "icmpv6" ]
valid {
input.Body.portInfo.fromPort == INTEGER
input.Body.portInfo.toPort == INTEGER
input.Body.portInfo.protocol == enum_NetworkProtocol[_]
input.Body.portInfo.cidrs[_] == STRING
input.Body.portInfo.ipv6Cidrs[_] == STRING
input.Body.portInfo.cidrListAliases[_] == STRING
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CopySnapshot
enum_RegionName := [ "us-east-1", "us-east-2", "us-west-1", "us-west-2", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "ca-central-1", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "eu-north-1" ]
valid {
input.Body.sourceSnapshotName == STRING
input.Body.sourceResourceName == STRING
input.Body.restoreDate == STRING
input.Body.useLatestRestorableAutoSnapshot == BOOLEAN
input.Body.targetSnapshotName == STRING
input.Body.sourceRegion == enum_RegionName[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateBucket
valid {
input.Body.bucketName == STRING
input.Body.bundleId == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.enableObjectVersioning == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateBucketAccessKey
valid {
input.Body.bucketName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateCertificate
valid {
input.Body.certificateName == STRING
input.Body.domainName == STRING
input.Body.subjectAlternativeNames[_] == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateCloudFormationStack
enum_PortInfoSourceType := [ "DEFAULT", "INSTANCE", "NONE", "CLOSED" ]
valid {
input.Body.instances[_].sourceName == STRING
input.Body.instances[_].instanceType == STRING
input.Body.instances[_].portInfoSource == enum_PortInfoSourceType[_]
input.Body.instances[_].userData == STRING
input.Body.instances[_].availabilityZone == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateContactMethod
enum_ContactProtocol := [ "Email", "SMS" ]
valid {
input.Body.protocol == enum_ContactProtocol[_]
input.Body.contactEndpoint == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateContainerService
enum_ContainerServicePowerName := [ "nano", "micro", "small", "medium", "large", "xlarge" ]
enum_ContainerServiceProtocol := [ "HTTP", "HTTPS", "TCP", "UDP" ]
valid {
input.Body.serviceName == STRING
input.Body.power == enum_ContainerServicePowerName[_]
input.Body.scale == INTEGER
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.publicDomainNames.STRING[_] == STRING
input.Body.deployment.containers.STRING.image == STRING
input.Body.deployment.containers.STRING.command[_] == STRING
input.Body.deployment.containers.STRING.environment.STRING == STRING
input.Body.deployment.containers.STRING.ports.STRING == enum_ContainerServiceProtocol[_]
input.Body.deployment.publicEndpoint.containerName == STRING
input.Body.deployment.publicEndpoint.containerPort == INTEGER
input.Body.deployment.publicEndpoint.healthCheck.healthyThreshold == INTEGER
input.Body.deployment.publicEndpoint.healthCheck.unhealthyThreshold == INTEGER
input.Body.deployment.publicEndpoint.healthCheck.timeoutSeconds == INTEGER
input.Body.deployment.publicEndpoint.healthCheck.intervalSeconds == INTEGER
input.Body.deployment.publicEndpoint.healthCheck.path == STRING
input.Body.deployment.publicEndpoint.healthCheck.successCodes == STRING
input.Body.privateRegistryAccess.ecrImagePullerRole.isActive == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateContainerServiceDeployment
enum_ContainerServiceProtocol := [ "HTTP", "HTTPS", "TCP", "UDP" ]
valid {
input.Body.serviceName == STRING
input.Body.containers.STRING.image == STRING
input.Body.containers.STRING.command[_] == STRING
input.Body.containers.STRING.environment.STRING == STRING
input.Body.containers.STRING.ports.STRING == enum_ContainerServiceProtocol[_]
input.Body.publicEndpoint.containerName == STRING
input.Body.publicEndpoint.containerPort == INTEGER
input.Body.publicEndpoint.healthCheck.healthyThreshold == INTEGER
input.Body.publicEndpoint.healthCheck.unhealthyThreshold == INTEGER
input.Body.publicEndpoint.healthCheck.timeoutSeconds == INTEGER
input.Body.publicEndpoint.healthCheck.intervalSeconds == INTEGER
input.Body.publicEndpoint.healthCheck.path == STRING
input.Body.publicEndpoint.healthCheck.successCodes == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateContainerServiceRegistryLogin
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateDisk
enum_AddOnType := [ "AutoSnapshot", "StopInstanceOnIdle" ]
valid {
input.Body.diskName == STRING
input.Body.availabilityZone == STRING
input.Body.sizeInGb == INTEGER
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.addOns[_].addOnType == enum_AddOnType[_]
input.Body.addOns[_].autoSnapshotAddOnRequest.snapshotTimeOfDay == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.threshold == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.duration == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateDiskFromSnapshot
enum_AddOnType := [ "AutoSnapshot", "StopInstanceOnIdle" ]
valid {
input.Body.diskName == STRING
input.Body.diskSnapshotName == STRING
input.Body.availabilityZone == STRING
input.Body.sizeInGb == INTEGER
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.addOns[_].addOnType == enum_AddOnType[_]
input.Body.addOns[_].autoSnapshotAddOnRequest.snapshotTimeOfDay == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.threshold == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.duration == STRING
input.Body.sourceDiskName == STRING
input.Body.restoreDate == STRING
input.Body.useLatestRestorableAutoSnapshot == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateDiskSnapshot
valid {
input.Body.diskName == STRING
input.Body.diskSnapshotName == STRING
input.Body.instanceName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateDistribution
enum_BehaviorEnum := [ "dont-cache", "cache" ]
enum_ForwardValues := [ "none", "allow-list", "all" ]
enum_HeaderEnum := [ "Accept", "Accept-Charset", "Accept-Datetime", "Accept-Encoding", "Accept-Language", "Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-SmartTV-Viewer", "CloudFront-Is-Tablet-Viewer", "CloudFront-Viewer-Country", "Host", "Origin", "Referer" ]
enum_IpAddressType := [ "dualstack", "ipv4", "ipv6" ]
enum_OriginProtocolPolicyEnum := [ "http-only", "https-only" ]
enum_RegionName := [ "us-east-1", "us-east-2", "us-west-1", "us-west-2", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "ca-central-1", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "eu-north-1" ]
enum_ViewerMinimumTlsProtocolVersionEnum := [ "TLSv1.1_2016", "TLSv1.2_2018", "TLSv1.2_2019", "TLSv1.2_2021" ]
valid {
input.Body.distributionName == STRING
input.Body.origin.name == STRING
input.Body.origin.regionName == enum_RegionName[_]
input.Body.origin.protocolPolicy == enum_OriginProtocolPolicyEnum[_]
input.Body.origin.responseTimeout == INTEGER
input.Body.defaultCacheBehavior.behavior == enum_BehaviorEnum[_]
input.Body.cacheBehaviorSettings.defaultTTL == LONG
input.Body.cacheBehaviorSettings.minimumTTL == LONG
input.Body.cacheBehaviorSettings.maximumTTL == LONG
input.Body.cacheBehaviorSettings.allowedHTTPMethods == STRING
input.Body.cacheBehaviorSettings.cachedHTTPMethods == STRING
input.Body.cacheBehaviorSettings.forwardedCookies.option == enum_ForwardValues[_]
input.Body.cacheBehaviorSettings.forwardedCookies.cookiesAllowList[_] == STRING
input.Body.cacheBehaviorSettings.forwardedHeaders.option == enum_ForwardValues[_]
input.Body.cacheBehaviorSettings.forwardedHeaders.headersAllowList[_] == enum_HeaderEnum[_]
input.Body.cacheBehaviorSettings.forwardedQueryStrings.option == BOOLEAN
input.Body.cacheBehaviorSettings.forwardedQueryStrings.queryStringsAllowList[_] == STRING
input.Body.cacheBehaviors[_].path == STRING
input.Body.cacheBehaviors[_].behavior == enum_BehaviorEnum[_]
input.Body.bundleId == STRING
input.Body.ipAddressType == enum_IpAddressType[_]
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.certificateName == STRING
input.Body.viewerMinimumTlsProtocolVersion == enum_ViewerMinimumTlsProtocolVersionEnum[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateDomain
valid {
input.Body.domainName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateDomainEntry
valid {
input.Body.domainName == STRING
input.Body.domainEntry.id == STRING
input.Body.domainEntry.name == STRING
input.Body.domainEntry.target == STRING
input.Body.domainEntry.isAlias == BOOLEAN
input.Body.domainEntry.type == STRING
input.Body.domainEntry.options.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateGUISessionAccessDetails
valid {
input.Body.resourceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateInstanceSnapshot
valid {
input.Body.instanceSnapshotName == STRING
input.Body.instanceName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateInstances
enum_AddOnType := [ "AutoSnapshot", "StopInstanceOnIdle" ]
enum_IpAddressType := [ "dualstack", "ipv4", "ipv6" ]
valid {
input.Body.instanceNames[_] == STRING
input.Body.availabilityZone == STRING
input.Body.customImageName == STRING
input.Body.blueprintId == STRING
input.Body.bundleId == STRING
input.Body.userData == STRING
input.Body.keyPairName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.addOns[_].addOnType == enum_AddOnType[_]
input.Body.addOns[_].autoSnapshotAddOnRequest.snapshotTimeOfDay == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.threshold == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.duration == STRING
input.Body.ipAddressType == enum_IpAddressType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateInstancesFromSnapshot
enum_AddOnType := [ "AutoSnapshot", "StopInstanceOnIdle" ]
enum_IpAddressType := [ "dualstack", "ipv4", "ipv6" ]
valid {
input.Body.instanceNames[_] == STRING
input.Body.attachedDiskMapping.STRING[_].originalDiskPath == STRING
input.Body.attachedDiskMapping.STRING[_].newDiskName == STRING
input.Body.availabilityZone == STRING
input.Body.instanceSnapshotName == STRING
input.Body.bundleId == STRING
input.Body.userData == STRING
input.Body.keyPairName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.addOns[_].addOnType == enum_AddOnType[_]
input.Body.addOns[_].autoSnapshotAddOnRequest.snapshotTimeOfDay == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.threshold == STRING
input.Body.addOns[_].stopInstanceOnIdleRequest.duration == STRING
input.Body.ipAddressType == enum_IpAddressType[_]
input.Body.sourceInstanceName == STRING
input.Body.restoreDate == STRING
input.Body.useLatestRestorableAutoSnapshot == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateKeyPair
valid {
input.Body.keyPairName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateLoadBalancer
enum_IpAddressType := [ "dualstack", "ipv4", "ipv6" ]
valid {
input.Body.loadBalancerName == STRING
input.Body.instancePort == INTEGER
input.Body.healthCheckPath == STRING
input.Body.certificateName == STRING
input.Body.certificateDomainName == STRING
input.Body.certificateAlternativeNames[_] == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.ipAddressType == enum_IpAddressType[_]
input.Body.tlsPolicyName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateLoadBalancerTlsCertificate
valid {
input.Body.loadBalancerName == STRING
input.Body.certificateName == STRING
input.Body.certificateDomainName == STRING
input.Body.certificateAlternativeNames[_] == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.Body.availabilityZone == STRING
input.Body.relationalDatabaseBlueprintId == STRING
input.Body.relationalDatabaseBundleId == STRING
input.Body.masterDatabaseName == STRING
input.Body.masterUsername == STRING
input.Body.masterUserPassword == STRING
input.Body.preferredBackupWindow == STRING
input.Body.preferredMaintenanceWindow == STRING
input.Body.publiclyAccessible == BOOLEAN
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRelationalDatabaseFromSnapshot
valid {
input.Body.relationalDatabaseName == STRING
input.Body.availabilityZone == STRING
input.Body.publiclyAccessible == BOOLEAN
input.Body.relationalDatabaseSnapshotName == STRING
input.Body.relationalDatabaseBundleId == STRING
input.Body.sourceRelationalDatabaseName == STRING
input.Body.restoreTime == TIMESTAMP
input.Body.useLatestRestorableTime == BOOLEAN
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateRelationalDatabaseSnapshot
valid {
input.Body.relationalDatabaseName == STRING
input.Body.relationalDatabaseSnapshotName == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAlarm
valid {
input.Body.alarmName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAutoSnapshot
valid {
input.Body.resourceName == STRING
input.Body.date == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucket
valid {
input.Body.bucketName == STRING
input.Body.forceDelete == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketAccessKey
valid {
input.Body.bucketName == STRING
input.Body.accessKeyId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteCertificate
valid {
input.Body.certificateName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteContactMethod
enum_ContactProtocol := [ "Email", "SMS" ]
valid {
input.Body.protocol == enum_ContactProtocol[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteContainerImage
valid {
input.Body.serviceName == STRING
input.Body.image == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteContainerService
valid {
input.Body.serviceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteDisk
valid {
input.Body.diskName == STRING
input.Body.forceDeleteAddOns == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteDiskSnapshot
valid {
input.Body.diskSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteDistribution
valid {
input.Body.distributionName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteDomain
valid {
input.Body.domainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteDomainEntry
valid {
input.Body.domainName == STRING
input.Body.domainEntry.id == STRING
input.Body.domainEntry.name == STRING
input.Body.domainEntry.target == STRING
input.Body.domainEntry.isAlias == BOOLEAN
input.Body.domainEntry.type == STRING
input.Body.domainEntry.options.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteInstance
valid {
input.Body.instanceName == STRING
input.Body.forceDeleteAddOns == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteInstanceSnapshot
valid {
input.Body.instanceSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteKeyPair
valid {
input.Body.keyPairName == STRING
input.Body.expectedFingerprint == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteKnownHostKeys
valid {
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteLoadBalancer
valid {
input.Body.loadBalancerName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteLoadBalancerTlsCertificate
valid {
input.Body.loadBalancerName == STRING
input.Body.certificateName == STRING
input.Body.force == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.Body.skipFinalSnapshot == BOOLEAN
input.Body.finalRelationalDatabaseSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRelationalDatabaseSnapshot
valid {
input.Body.relationalDatabaseSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DetachCertificateFromDistribution
valid {
input.Body.distributionName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DetachDisk
valid {
input.Body.diskName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DetachInstancesFromLoadBalancer
valid {
input.Body.loadBalancerName == STRING
input.Body.instanceNames[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DetachStaticIp
valid {
input.Body.staticIpName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableAddOn
enum_AddOnType := [ "AutoSnapshot", "StopInstanceOnIdle" ]
valid {
input.Body.addOnType == enum_AddOnType[_]
input.Body.resourceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DownloadDefaultKeyPair
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableAddOn
enum_AddOnType := [ "AutoSnapshot", "StopInstanceOnIdle" ]
valid {
input.Body.resourceName == STRING
input.Body.addOnRequest.addOnType == enum_AddOnType[_]
input.Body.addOnRequest.autoSnapshotAddOnRequest.snapshotTimeOfDay == STRING
input.Body.addOnRequest.stopInstanceOnIdleRequest.threshold == STRING
input.Body.addOnRequest.stopInstanceOnIdleRequest.duration == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ExportSnapshot
valid {
input.Body.sourceSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetActiveNames
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetAlarms
valid {
input.Body.alarmName == STRING
input.Body.pageToken == STRING
input.Body.monitoredResourceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetAutoSnapshots
valid {
input.Body.resourceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBlueprints
enum_AppCategory := [ "LfR" ]
valid {
input.Body.includeInactive == BOOLEAN
input.Body.pageToken == STRING
input.Body.appCategory == enum_AppCategory[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketAccessKeys
valid {
input.Body.bucketName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketBundles
valid {
input.Body.includeInactive == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketMetricData
enum_BucketMetricName := [ "BucketSizeBytes", "NumberOfObjects" ]
enum_MetricStatistic := [ "Minimum", "Maximum", "Sum", "Average", "SampleCount" ]
enum_MetricUnit := [ "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None" ]
valid {
input.Body.bucketName == STRING
input.Body.metricName == enum_BucketMetricName[_]
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.period == INTEGER
input.Body.statistics[_] == enum_MetricStatistic[_]
input.Body.unit == enum_MetricUnit[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBuckets
valid {
input.Body.bucketName == STRING
input.Body.pageToken == STRING
input.Body.includeConnectedResources == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBundles
enum_AppCategory := [ "LfR" ]
valid {
input.Body.includeInactive == BOOLEAN
input.Body.pageToken == STRING
input.Body.appCategory == enum_AppCategory[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetCertificates
enum_CertificateStatus := [ "PENDING_VALIDATION", "ISSUED", "INACTIVE", "EXPIRED", "VALIDATION_TIMED_OUT", "REVOKED", "FAILED" ]
valid {
input.Body.certificateStatuses[_] == enum_CertificateStatus[_]
input.Body.includeCertificateDetails == BOOLEAN
input.Body.certificateName == STRING
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetCloudFormationStackRecords
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContactMethods
enum_ContactProtocol := [ "Email", "SMS" ]
valid {
input.Body.protocols[_] == enum_ContactProtocol[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerAPIMetadata
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerImages
valid {
input.Body.serviceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerLog
valid {
input.Body.serviceName == STRING
input.Body.containerName == STRING
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.filterPattern == STRING
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerServiceDeployments
valid {
input.Body.serviceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerServiceMetricData
enum_ContainerServiceMetricName := [ "CPUUtilization", "MemoryUtilization" ]
enum_MetricStatistic := [ "Minimum", "Maximum", "Sum", "Average", "SampleCount" ]
valid {
input.Body.serviceName == STRING
input.Body.metricName == enum_ContainerServiceMetricName[_]
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.period == INTEGER
input.Body.statistics[_] == enum_MetricStatistic[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerServicePowers
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetContainerServices
valid {
input.Body.serviceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetCostEstimate
valid {
input.Body.resourceName == STRING
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDisk
valid {
input.Body.diskName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDiskSnapshot
valid {
input.Body.diskSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDiskSnapshots
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDisks
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDistributionBundles
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDistributionLatestCacheReset
valid {
input.Body.distributionName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDistributionMetricData
enum_DistributionMetricName := [ "Requests", "BytesDownloaded", "BytesUploaded", "TotalErrorRate", "Http4xxErrorRate", "Http5xxErrorRate" ]
enum_MetricStatistic := [ "Minimum", "Maximum", "Sum", "Average", "SampleCount" ]
enum_MetricUnit := [ "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None" ]
valid {
input.Body.distributionName == STRING
input.Body.metricName == enum_DistributionMetricName[_]
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.period == INTEGER
input.Body.unit == enum_MetricUnit[_]
input.Body.statistics[_] == enum_MetricStatistic[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDistributions
valid {
input.Body.distributionName == STRING
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDomain
valid {
input.Body.domainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDomains
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetExportSnapshotRecords
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstance
valid {
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstanceAccessDetails
enum_InstanceAccessProtocol := [ "ssh", "rdp" ]
valid {
input.Body.instanceName == STRING
input.Body.protocol == enum_InstanceAccessProtocol[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstanceMetricData
enum_InstanceMetricName := [ "CPUUtilization", "NetworkIn", "NetworkOut", "StatusCheckFailed", "StatusCheckFailed_Instance", "StatusCheckFailed_System", "BurstCapacityTime", "BurstCapacityPercentage", "MetadataNoToken" ]
enum_MetricStatistic := [ "Minimum", "Maximum", "Sum", "Average", "SampleCount" ]
enum_MetricUnit := [ "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None" ]
valid {
input.Body.instanceName == STRING
input.Body.metricName == enum_InstanceMetricName[_]
input.Body.period == INTEGER
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.unit == enum_MetricUnit[_]
input.Body.statistics[_] == enum_MetricStatistic[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstancePortStates
valid {
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstanceSnapshot
valid {
input.Body.instanceSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstanceSnapshots
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstanceState
valid {
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetInstances
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetKeyPair
valid {
input.Body.keyPairName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetKeyPairs
valid {
input.Body.pageToken == STRING
input.Body.includeDefaultKeyPair == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetLoadBalancer
valid {
input.Body.loadBalancerName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetLoadBalancerMetricData
enum_LoadBalancerMetricName := [ "ClientTLSNegotiationErrorCount", "HealthyHostCount", "UnhealthyHostCount", "HTTPCode_LB_4XX_Count", "HTTPCode_LB_5XX_Count", "HTTPCode_Instance_2XX_Count", "HTTPCode_Instance_3XX_Count", "HTTPCode_Instance_4XX_Count", "HTTPCode_Instance_5XX_Count", "InstanceResponseTime", "RejectedConnectionCount", "RequestCount" ]
enum_MetricStatistic := [ "Minimum", "Maximum", "Sum", "Average", "SampleCount" ]
enum_MetricUnit := [ "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None" ]
valid {
input.Body.loadBalancerName == STRING
input.Body.metricName == enum_LoadBalancerMetricName[_]
input.Body.period == INTEGER
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.unit == enum_MetricUnit[_]
input.Body.statistics[_] == enum_MetricStatistic[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetLoadBalancerTlsCertificates
valid {
input.Body.loadBalancerName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetLoadBalancerTlsPolicies
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetLoadBalancers
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetOperation
valid {
input.Body.operationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetOperations
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetOperationsForResource
valid {
input.Body.resourceName == STRING
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRegions
valid {
input.Body.includeAvailabilityZones == BOOLEAN
input.Body.includeRelationalDatabaseAvailabilityZones == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseBlueprints
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseBundles
valid {
input.Body.pageToken == STRING
input.Body.includeInactive == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseEvents
valid {
input.Body.relationalDatabaseName == STRING
input.Body.durationInMinutes == INTEGER
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseLogEvents
valid {
input.Body.relationalDatabaseName == STRING
input.Body.logStreamName == STRING
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.startFromHead == BOOLEAN
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseLogStreams
valid {
input.Body.relationalDatabaseName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseMasterUserPassword
enum_RelationalDatabasePasswordVersion := [ "CURRENT", "PREVIOUS", "PENDING" ]
valid {
input.Body.relationalDatabaseName == STRING
input.Body.passwordVersion == enum_RelationalDatabasePasswordVersion[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseMetricData
enum_MetricStatistic := [ "Minimum", "Maximum", "Sum", "Average", "SampleCount" ]
enum_MetricUnit := [ "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None" ]
enum_RelationalDatabaseMetricName := [ "CPUUtilization", "DatabaseConnections", "DiskQueueDepth", "FreeStorageSpace", "NetworkReceiveThroughput", "NetworkTransmitThroughput" ]
valid {
input.Body.relationalDatabaseName == STRING
input.Body.metricName == enum_RelationalDatabaseMetricName[_]
input.Body.period == INTEGER
input.Body.startTime == TIMESTAMP
input.Body.endTime == TIMESTAMP
input.Body.unit == enum_MetricUnit[_]
input.Body.statistics[_] == enum_MetricStatistic[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseParameters
valid {
input.Body.relationalDatabaseName == STRING
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseSnapshot
valid {
input.Body.relationalDatabaseSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabaseSnapshots
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetRelationalDatabases
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetSetupHistory
valid {
input.Body.resourceName == STRING
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetStaticIp
valid {
input.Body.staticIpName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetStaticIps
valid {
input.Body.pageToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ImportKeyPair
valid {
input.Body.keyPairName == STRING
input.Body.publicKeyBase64 == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
IsVpcPeered
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
OpenInstancePublicPorts
enum_NetworkProtocol := [ "tcp", "all", "udp", "icmp", "icmpv6" ]
valid {
input.Body.portInfo.fromPort == INTEGER
input.Body.portInfo.toPort == INTEGER
input.Body.portInfo.protocol == enum_NetworkProtocol[_]
input.Body.portInfo.cidrs[_] == STRING
input.Body.portInfo.ipv6Cidrs[_] == STRING
input.Body.portInfo.cidrListAliases[_] == STRING
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PeerVpc
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutAlarm
enum_AlarmState := [ "OK", "ALARM", "INSUFFICIENT_DATA" ]
enum_ComparisonOperator := [ "GreaterThanOrEqualToThreshold", "GreaterThanThreshold", "LessThanThreshold", "LessThanOrEqualToThreshold" ]
enum_ContactProtocol := [ "Email", "SMS" ]
enum_MetricName := [ "CPUUtilization", "NetworkIn", "NetworkOut", "StatusCheckFailed", "StatusCheckFailed_Instance", "StatusCheckFailed_System", "ClientTLSNegotiationErrorCount", "HealthyHostCount", "UnhealthyHostCount", "HTTPCode_LB_4XX_Count", "HTTPCode_LB_5XX_Count", "HTTPCode_Instance_2XX_Count", "HTTPCode_Instance_3XX_Count", "HTTPCode_Instance_4XX_Count", "HTTPCode_Instance_5XX_Count", "InstanceResponseTime", "RejectedConnectionCount", "RequestCount", "DatabaseConnections", "DiskQueueDepth", "FreeStorageSpace", "NetworkReceiveThroughput", "NetworkTransmitThroughput", "BurstCapacityTime", "BurstCapacityPercentage" ]
enum_TreatMissingData := [ "breaching", "notBreaching", "ignore", "missing" ]
valid {
input.Body.alarmName == STRING
input.Body.metricName == enum_MetricName[_]
input.Body.monitoredResourceName == STRING
input.Body.comparisonOperator == enum_ComparisonOperator[_]
input.Body.threshold == DOUBLE
input.Body.evaluationPeriods == INTEGER
input.Body.datapointsToAlarm == INTEGER
input.Body.treatMissingData == enum_TreatMissingData[_]
input.Body.contactProtocols[_] == enum_ContactProtocol[_]
input.Body.notificationTriggers[_] == enum_AlarmState[_]
input.Body.notificationEnabled == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutInstancePublicPorts
enum_NetworkProtocol := [ "tcp", "all", "udp", "icmp", "icmpv6" ]
valid {
input.Body.portInfos[_].fromPort == INTEGER
input.Body.portInfos[_].toPort == INTEGER
input.Body.portInfos[_].protocol == enum_NetworkProtocol[_]
input.Body.portInfos[_].cidrs[_] == STRING
input.Body.portInfos[_].ipv6Cidrs[_] == STRING
input.Body.portInfos[_].cidrListAliases[_] == STRING
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RebootInstance
valid {
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RebootRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RegisterContainerImage
valid {
input.Body.serviceName == STRING
input.Body.label == STRING
input.Body.digest == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ReleaseStaticIp
valid {
input.Body.staticIpName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ResetDistributionCache
valid {
input.Body.distributionName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SendContactMethodVerification
enum_ContactMethodVerificationProtocol := [ "Email" ]
valid {
input.Body.protocol == enum_ContactMethodVerificationProtocol[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SetIpAddressType
enum_IpAddressType := [ "dualstack", "ipv4", "ipv6" ]
enum_ResourceType := [ "ContainerService", "Instance", "StaticIp", "KeyPair", "InstanceSnapshot", "Domain", "PeeredVpc", "LoadBalancer", "LoadBalancerTlsCertificate", "Disk", "DiskSnapshot", "RelationalDatabase", "RelationalDatabaseSnapshot", "ExportSnapshotRecord", "CloudFormationStackRecord", "Alarm", "ContactMethod", "Distribution", "Certificate", "Bucket" ]
valid {
input.Body.resourceType == enum_ResourceType[_]
input.Body.resourceName == STRING
input.Body.ipAddressType == enum_IpAddressType[_]
input.Body.acceptBundleUpdate == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SetResourceAccessForBucket
enum_ResourceBucketAccess := [ "allow", "deny" ]
valid {
input.Body.resourceName == STRING
input.Body.bucketName == STRING
input.Body.access == enum_ResourceBucketAccess[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SetupInstanceHttps
enum_CertificateProvider := [ "LetsEncrypt" ]
valid {
input.Body.instanceName == STRING
input.Body.emailAddress == STRING
input.Body.domainNames[_] == STRING
input.Body.certificateProvider == enum_CertificateProvider[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StartGUISession
valid {
input.Body.resourceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StartInstance
valid {
input.Body.instanceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StartRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StopGUISession
valid {
input.Body.resourceName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StopInstance
valid {
input.Body.instanceName == STRING
input.Body.force == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StopRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.Body.relationalDatabaseSnapshotName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.resourceName == STRING
input.Body.resourceArn == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TestAlarm
enum_AlarmState := [ "OK", "ALARM", "INSUFFICIENT_DATA" ]
valid {
input.Body.alarmName == STRING
input.Body.state == enum_AlarmState[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UnpeerVpc
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.Body.resourceName == STRING
input.Body.resourceArn == STRING
input.Body.tagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateBucket
enum_AccessType := [ "public", "private" ]
valid {
input.Body.bucketName == STRING
input.Body.accessRules.getObject == enum_AccessType[_]
input.Body.accessRules.allowPublicOverrides == BOOLEAN
input.Body.versioning == STRING
input.Body.readonlyAccessAccounts[_] == STRING
input.Body.accessLogConfig.enabled == BOOLEAN
input.Body.accessLogConfig.destination == STRING
input.Body.accessLogConfig.prefix == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateBucketBundle
valid {
input.Body.bucketName == STRING
input.Body.bundleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateContainerService
enum_ContainerServicePowerName := [ "nano", "micro", "small", "medium", "large", "xlarge" ]
valid {
input.Body.serviceName == STRING
input.Body.power == enum_ContainerServicePowerName[_]
input.Body.scale == INTEGER
input.Body.isDisabled == BOOLEAN
input.Body.publicDomainNames.STRING[_] == STRING
input.Body.privateRegistryAccess.ecrImagePullerRole.isActive == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateDistribution
enum_BehaviorEnum := [ "dont-cache", "cache" ]
enum_ForwardValues := [ "none", "allow-list", "all" ]
enum_HeaderEnum := [ "Accept", "Accept-Charset", "Accept-Datetime", "Accept-Encoding", "Accept-Language", "Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-SmartTV-Viewer", "CloudFront-Is-Tablet-Viewer", "CloudFront-Viewer-Country", "Host", "Origin", "Referer" ]
enum_OriginProtocolPolicyEnum := [ "http-only", "https-only" ]
enum_RegionName := [ "us-east-1", "us-east-2", "us-west-1", "us-west-2", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "ca-central-1", "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "eu-north-1" ]
enum_ViewerMinimumTlsProtocolVersionEnum := [ "TLSv1.1_2016", "TLSv1.2_2018", "TLSv1.2_2019", "TLSv1.2_2021" ]
valid {
input.Body.distributionName == STRING
input.Body.origin.name == STRING
input.Body.origin.regionName == enum_RegionName[_]
input.Body.origin.protocolPolicy == enum_OriginProtocolPolicyEnum[_]
input.Body.origin.responseTimeout == INTEGER
input.Body.defaultCacheBehavior.behavior == enum_BehaviorEnum[_]
input.Body.cacheBehaviorSettings.defaultTTL == LONG
input.Body.cacheBehaviorSettings.minimumTTL == LONG
input.Body.cacheBehaviorSettings.maximumTTL == LONG
input.Body.cacheBehaviorSettings.allowedHTTPMethods == STRING
input.Body.cacheBehaviorSettings.cachedHTTPMethods == STRING
input.Body.cacheBehaviorSettings.forwardedCookies.option == enum_ForwardValues[_]
input.Body.cacheBehaviorSettings.forwardedCookies.cookiesAllowList[_] == STRING
input.Body.cacheBehaviorSettings.forwardedHeaders.option == enum_ForwardValues[_]
input.Body.cacheBehaviorSettings.forwardedHeaders.headersAllowList[_] == enum_HeaderEnum[_]
input.Body.cacheBehaviorSettings.forwardedQueryStrings.option == BOOLEAN
input.Body.cacheBehaviorSettings.forwardedQueryStrings.queryStringsAllowList[_] == STRING
input.Body.cacheBehaviors[_].path == STRING
input.Body.cacheBehaviors[_].behavior == enum_BehaviorEnum[_]
input.Body.isEnabled == BOOLEAN
input.Body.viewerMinimumTlsProtocolVersion == enum_ViewerMinimumTlsProtocolVersionEnum[_]
input.Body.certificateName == STRING
input.Body.useDefaultCertificate == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateDistributionBundle
valid {
input.Body.distributionName == STRING
input.Body.bundleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateDomainEntry
valid {
input.Body.domainName == STRING
input.Body.domainEntry.id == STRING
input.Body.domainEntry.name == STRING
input.Body.domainEntry.target == STRING
input.Body.domainEntry.isAlias == BOOLEAN
input.Body.domainEntry.type == STRING
input.Body.domainEntry.options.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateInstanceMetadataOptions
enum_HttpEndpoint := [ "disabled", "enabled" ]
enum_HttpProtocolIpv6 := [ "disabled", "enabled" ]
enum_HttpTokens := [ "optional", "required" ]
valid {
input.Body.instanceName == STRING
input.Body.httpTokens == enum_HttpTokens[_]
input.Body.httpEndpoint == enum_HttpEndpoint[_]
input.Body.httpPutResponseHopLimit == INTEGER
input.Body.httpProtocolIpv6 == enum_HttpProtocolIpv6[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateLoadBalancerAttribute
enum_LoadBalancerAttributeName := [ "HealthCheckPath", "SessionStickinessEnabled", "SessionStickiness_LB_CookieDurationSeconds", "HttpsRedirectionEnabled", "TlsPolicyName" ]
valid {
input.Body.loadBalancerName == STRING
input.Body.attributeName == enum_LoadBalancerAttributeName[_]
input.Body.attributeValue == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRelationalDatabase
valid {
input.Body.relationalDatabaseName == STRING
input.Body.masterUserPassword == STRING
input.Body.rotateMasterUserPassword == BOOLEAN
input.Body.preferredBackupWindow == STRING
input.Body.preferredMaintenanceWindow == STRING
input.Body.enableBackupRetention == BOOLEAN
input.Body.disableBackupRetention == BOOLEAN
input.Body.publiclyAccessible == BOOLEAN
input.Body.applyImmediately == BOOLEAN
input.Body.caCertificateIdentifier == STRING
input.Body.relationalDatabaseBlueprintId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateRelationalDatabaseParameters
valid {
input.Body.relationalDatabaseName == STRING
input.Body.parameters[_].allowedValues == STRING
input.Body.parameters[_].applyMethod == STRING
input.Body.parameters[_].applyType == STRING
input.Body.parameters[_].dataType == STRING
input.Body.parameters[_].description == STRING
input.Body.parameters[_].isModifiable == BOOLEAN
input.Body.parameters[_].parameterName == STRING
input.Body.parameters[_].parameterValue == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 5 days ago