MACIE2
AcceptInvitation
valid {
input.Body.administratorAccountId == STRING
input.Body.invitationId == STRING
input.Body.masterAccount == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}BatchGetCustomDataIdentifiers
valid {
input.Body.ids[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}BatchUpdateAutomatedDiscoveryAccounts
enum_AutomatedDiscoveryAccountStatus := [ "ENABLED", "DISABLED" ]
valid {
input.Body.accounts[_].accountId == STRING
input.Body.accounts[_].status == enum_AutomatedDiscoveryAccountStatus[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateAllowList
valid {
input.Body.clientToken == STRING
input.Body.criteria.regex == STRING
input.Body.criteria.s3WordsList.bucketName == STRING
input.Body.criteria.s3WordsList.objectKey == STRING
input.Body.description == STRING
input.Body.name == STRING
input.Body.tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateClassificationJob
enum_DayOfWeek := [ "SUNDAY", "MONDAY", "TUESDAY", "WEDNESDAY", "THURSDAY", "FRIDAY", "SATURDAY" ]
enum_JobComparator := [ "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH" ]
enum_JobType := [ "ONE_TIME", "SCHEDULED" ]
enum_ManagedDataIdentifierSelector := [ "ALL", "EXCLUDE", "INCLUDE", "NONE", "RECOMMENDED" ]
enum_ScopeFilterKey := [ "OBJECT_EXTENSION", "OBJECT_LAST_MODIFIED_DATE", "OBJECT_SIZE", "OBJECT_KEY" ]
enum_SimpleCriterionKeyForJob := [ "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS" ]
enum_TagTarget := [ "S3_OBJECT" ]
valid {
input.Body.allowListIds[_] == STRING
input.Body.clientToken == STRING
input.Body.customDataIdentifierIds[_] == STRING
input.Body.description == STRING
input.Body.initialRun == BOOLEAN
input.Body.jobType == enum_JobType[_]
input.Body.managedDataIdentifierIds[_] == STRING
input.Body.managedDataIdentifierSelector == enum_ManagedDataIdentifierSelector[_]
input.Body.name == STRING
input.Body.s3JobDefinition.bucketCriteria.excludes.and[_].simpleCriterion.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.bucketCriteria.excludes.and[_].simpleCriterion.key == enum_SimpleCriterionKeyForJob[_]
input.Body.s3JobDefinition.bucketCriteria.excludes.and[_].simpleCriterion.values[_] == STRING
input.Body.s3JobDefinition.bucketCriteria.excludes.and[_].tagCriterion.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.bucketCriteria.excludes.and[_].tagCriterion.tagValues[_].key == STRING
input.Body.s3JobDefinition.bucketCriteria.excludes.and[_].tagCriterion.tagValues[_].value == STRING
input.Body.s3JobDefinition.bucketCriteria.includes.and[_].simpleCriterion.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.bucketCriteria.includes.and[_].simpleCriterion.key == enum_SimpleCriterionKeyForJob[_]
input.Body.s3JobDefinition.bucketCriteria.includes.and[_].simpleCriterion.values[_] == STRING
input.Body.s3JobDefinition.bucketCriteria.includes.and[_].tagCriterion.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.bucketCriteria.includes.and[_].tagCriterion.tagValues[_].key == STRING
input.Body.s3JobDefinition.bucketCriteria.includes.and[_].tagCriterion.tagValues[_].value == STRING
input.Body.s3JobDefinition.bucketDefinitions[_].accountId == STRING
input.Body.s3JobDefinition.bucketDefinitions[_].buckets[_] == STRING
input.Body.s3JobDefinition.scoping.excludes.and[_].simpleScopeTerm.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.scoping.excludes.and[_].simpleScopeTerm.key == enum_ScopeFilterKey[_]
input.Body.s3JobDefinition.scoping.excludes.and[_].simpleScopeTerm.values[_] == STRING
input.Body.s3JobDefinition.scoping.excludes.and[_].tagScopeTerm.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.scoping.excludes.and[_].tagScopeTerm.key == STRING
input.Body.s3JobDefinition.scoping.excludes.and[_].tagScopeTerm.tagValues[_].key == STRING
input.Body.s3JobDefinition.scoping.excludes.and[_].tagScopeTerm.tagValues[_].value == STRING
input.Body.s3JobDefinition.scoping.excludes.and[_].tagScopeTerm.target == enum_TagTarget[_]
input.Body.s3JobDefinition.scoping.includes.and[_].simpleScopeTerm.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.scoping.includes.and[_].simpleScopeTerm.key == enum_ScopeFilterKey[_]
input.Body.s3JobDefinition.scoping.includes.and[_].simpleScopeTerm.values[_] == STRING
input.Body.s3JobDefinition.scoping.includes.and[_].tagScopeTerm.comparator == enum_JobComparator[_]
input.Body.s3JobDefinition.scoping.includes.and[_].tagScopeTerm.key == STRING
input.Body.s3JobDefinition.scoping.includes.and[_].tagScopeTerm.tagValues[_].key == STRING
input.Body.s3JobDefinition.scoping.includes.and[_].tagScopeTerm.tagValues[_].value == STRING
input.Body.s3JobDefinition.scoping.includes.and[_].tagScopeTerm.target == enum_TagTarget[_]
input.Body.samplingPercentage == INTEGER
input.Body.scheduleFrequency.dailySchedule == {}
input.Body.scheduleFrequency.monthlySchedule.dayOfMonth == INTEGER
input.Body.scheduleFrequency.weeklySchedule.dayOfWeek == enum_DayOfWeek[_]
input.Body.tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateCustomDataIdentifier
enum_DataIdentifierSeverity := [ "LOW", "MEDIUM", "HIGH" ]
valid {
input.Body.clientToken == STRING
input.Body.description == STRING
input.Body.ignoreWords[_] == STRING
input.Body.keywords[_] == STRING
input.Body.maximumMatchDistance == INTEGER
input.Body.name == STRING
input.Body.regex == STRING
input.Body.severityLevels[_].occurrencesThreshold == LONG
input.Body.severityLevels[_].severity == enum_DataIdentifierSeverity[_]
input.Body.tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateFindingsFilter
enum_FindingsFilterAction := [ "ARCHIVE", "NOOP" ]
valid {
input.Body.action == enum_FindingsFilterAction[_]
input.Body.clientToken == STRING
input.Body.description == STRING
input.Body.findingCriteria.criterion.STRING.eq[_] == STRING
input.Body.findingCriteria.criterion.STRING.eqExactMatch[_] == STRING
input.Body.findingCriteria.criterion.STRING.gt == LONG
input.Body.findingCriteria.criterion.STRING.gte == LONG
input.Body.findingCriteria.criterion.STRING.lt == LONG
input.Body.findingCriteria.criterion.STRING.lte == LONG
input.Body.findingCriteria.criterion.STRING.neq[_] == STRING
input.Body.name == STRING
input.Body.position == INTEGER
input.Body.tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateInvitations
valid {
input.Body.accountIds[_] == STRING
input.Body.disableEmailNotification == BOOLEAN
input.Body.message == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateMember
valid {
input.Body.account.accountId == STRING
input.Body.account.email == STRING
input.Body.tags.STRING == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateSampleFindings
enum_FindingType := [ "SensitiveData:S3Object/Multiple", "SensitiveData:S3Object/Financial", "SensitiveData:S3Object/Personal", "SensitiveData:S3Object/Credentials", "SensitiveData:S3Object/CustomIdentifier", "Policy:IAMUser/S3BucketPublic", "Policy:IAMUser/S3BucketSharedExternally", "Policy:IAMUser/S3BucketReplicatedExternally", "Policy:IAMUser/S3BucketEncryptionDisabled", "Policy:IAMUser/S3BlockPublicAccessDisabled", "Policy:IAMUser/S3BucketSharedWithCloudFront" ]
valid {
input.Body.findingTypes[_] == enum_FindingType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeclineInvitations
valid {
input.Body.accountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteAllowList
valid {
input.ReqMap.id == STRING
input.Qs.ignoreJobChecks == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteCustomDataIdentifier
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteFindingsFilter
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteInvitations
valid {
input.Body.accountIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteMember
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeBuckets
enum_OrderBy := [ "ASC", "DESC" ]
valid {
input.Body.criteria.STRING.eq[_] == STRING
input.Body.criteria.STRING.gt == LONG
input.Body.criteria.STRING.gte == LONG
input.Body.criteria.STRING.lt == LONG
input.Body.criteria.STRING.lte == LONG
input.Body.criteria.STRING.neq[_] == STRING
input.Body.criteria.STRING.prefix == STRING
input.Body.maxResults == INTEGER
input.Body.nextToken == STRING
input.Body.sortCriteria.attributeName == STRING
input.Body.sortCriteria.orderBy == enum_OrderBy[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeClassificationJob
valid {
input.ReqMap.jobId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeOrganizationConfiguration
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisableMacie
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisableOrganizationAdminAccount
valid {
input.Qs.adminAccountId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisassociateFromAdministratorAccount
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisassociateFromMasterAccount
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisassociateMember
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}EnableMacie
enum_FindingPublishingFrequency := [ "FIFTEEN_MINUTES", "ONE_HOUR", "SIX_HOURS" ]
enum_MacieStatus := [ "PAUSED", "ENABLED" ]
valid {
input.Body.clientToken == STRING
input.Body.findingPublishingFrequency == enum_FindingPublishingFrequency[_]
input.Body.status == enum_MacieStatus[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}EnableOrganizationAdminAccount
valid {
input.Body.adminAccountId == STRING
input.Body.clientToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetAdministratorAccount
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetAllowList
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetAutomatedDiscoveryConfiguration
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetBucketStatistics
valid {
input.Body.accountId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetClassificationExportConfiguration
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetClassificationScope
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetCustomDataIdentifier
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetFindingStatistics
enum_FindingStatisticsSortAttributeName := [ "groupKey", "count" ]
enum_GroupBy := [ "resourcesAffected.s3Bucket.name", "type", "classificationDetails.jobId", "severity.description" ]
enum_OrderBy := [ "ASC", "DESC" ]
valid {
input.Body.findingCriteria.criterion.STRING.eq[_] == STRING
input.Body.findingCriteria.criterion.STRING.eqExactMatch[_] == STRING
input.Body.findingCriteria.criterion.STRING.gt == LONG
input.Body.findingCriteria.criterion.STRING.gte == LONG
input.Body.findingCriteria.criterion.STRING.lt == LONG
input.Body.findingCriteria.criterion.STRING.lte == LONG
input.Body.findingCriteria.criterion.STRING.neq[_] == STRING
input.Body.groupBy == enum_GroupBy[_]
input.Body.size == INTEGER
input.Body.sortCriteria.attributeName == enum_FindingStatisticsSortAttributeName[_]
input.Body.sortCriteria.orderBy == enum_OrderBy[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetFindings
enum_OrderBy := [ "ASC", "DESC" ]
valid {
input.Body.findingIds[_] == STRING
input.Body.sortCriteria.attributeName == STRING
input.Body.sortCriteria.orderBy == enum_OrderBy[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetFindingsFilter
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetFindingsPublicationConfiguration
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetInvitationsCount
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMacieSession
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMasterAccount
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMember
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetResourceProfile
valid {
input.Qs.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetRevealConfiguration
valid {
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetSensitiveDataOccurrences
valid {
input.ReqMap.findingId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetSensitiveDataOccurrencesAvailability
valid {
input.ReqMap.findingId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetSensitivityInspectionTemplate
valid {
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetUsageStatistics
enum_OrderBy := [ "ASC", "DESC" ]
enum_TimeRange := [ "MONTH_TO_DATE", "PAST_30_DAYS" ]
enum_UsageStatisticsFilterComparator := [ "GT", "GTE", "LT", "LTE", "EQ", "NE", "CONTAINS" ]
enum_UsageStatisticsFilterKey := [ "accountId", "serviceLimit", "freeTrialStartDate", "total" ]
enum_UsageStatisticsSortKey := [ "accountId", "total", "serviceLimitValue", "freeTrialStartDate" ]
valid {
input.Body.filterBy[_].comparator == enum_UsageStatisticsFilterComparator[_]
input.Body.filterBy[_].key == enum_UsageStatisticsFilterKey[_]
input.Body.filterBy[_].values[_] == STRING
input.Body.maxResults == INTEGER
input.Body.nextToken == STRING
input.Body.sortBy.key == enum_UsageStatisticsSortKey[_]
input.Body.sortBy.orderBy == enum_OrderBy[_]
input.Body.timeRange == enum_TimeRange[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetUsageTotals
valid {
input.Qs.timeRange == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListAllowLists
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListAutomatedDiscoveryAccounts
valid {
input.Qs.accountIds[_] == STRING
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListClassificationJobs
enum_JobComparator := [ "EQ", "GT", "GTE", "LT", "LTE", "NE", "CONTAINS", "STARTS_WITH" ]
enum_ListJobsFilterKey := [ "jobType", "jobStatus", "createdAt", "name" ]
enum_ListJobsSortAttributeName := [ "createdAt", "jobStatus", "name", "jobType" ]
enum_OrderBy := [ "ASC", "DESC" ]
valid {
input.Body.filterCriteria.excludes[_].comparator == enum_JobComparator[_]
input.Body.filterCriteria.excludes[_].key == enum_ListJobsFilterKey[_]
input.Body.filterCriteria.excludes[_].values[_] == STRING
input.Body.filterCriteria.includes[_].comparator == enum_JobComparator[_]
input.Body.filterCriteria.includes[_].key == enum_ListJobsFilterKey[_]
input.Body.filterCriteria.includes[_].values[_] == STRING
input.Body.maxResults == INTEGER
input.Body.nextToken == STRING
input.Body.sortCriteria.attributeName == enum_ListJobsSortAttributeName[_]
input.Body.sortCriteria.orderBy == enum_OrderBy[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListClassificationScopes
valid {
input.Qs.name == STRING
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListCustomDataIdentifiers
valid {
input.Body.maxResults == INTEGER
input.Body.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListFindings
enum_OrderBy := [ "ASC", "DESC" ]
valid {
input.Body.findingCriteria.criterion.STRING.eq[_] == STRING
input.Body.findingCriteria.criterion.STRING.eqExactMatch[_] == STRING
input.Body.findingCriteria.criterion.STRING.gt == LONG
input.Body.findingCriteria.criterion.STRING.gte == LONG
input.Body.findingCriteria.criterion.STRING.lt == LONG
input.Body.findingCriteria.criterion.STRING.lte == LONG
input.Body.findingCriteria.criterion.STRING.neq[_] == STRING
input.Body.maxResults == INTEGER
input.Body.nextToken == STRING
input.Body.sortCriteria.attributeName == STRING
input.Body.sortCriteria.orderBy == enum_OrderBy[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListFindingsFilters
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListInvitations
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListManagedDataIdentifiers
valid {
input.Body.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMembers
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.Qs.onlyAssociated == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListOrganizationAdminAccounts
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListResourceProfileArtifacts
valid {
input.Qs.nextToken == STRING
input.Qs.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListResourceProfileDetections
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.Qs.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListSensitivityInspectionTemplates
valid {
input.Qs.maxResults == INTEGER
input.Qs.nextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListTagsForResource
valid {
input.ReqMap.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutClassificationExportConfiguration
valid {
input.Body.configuration.s3Destination.bucketName == STRING
input.Body.configuration.s3Destination.keyPrefix == STRING
input.Body.configuration.s3Destination.kmsKeyArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutFindingsPublicationConfiguration
valid {
input.Body.clientToken == STRING
input.Body.securityHubConfiguration.publishClassificationFindings == BOOLEAN
input.Body.securityHubConfiguration.publishPolicyFindings == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}SearchResources
enum_OrderBy := [ "ASC", "DESC" ]
enum_SearchResourcesComparator := [ "EQ", "NE" ]
enum_SearchResourcesSimpleCriterionKey := [ "ACCOUNT_ID", "S3_BUCKET_NAME", "S3_BUCKET_EFFECTIVE_PERMISSION", "S3_BUCKET_SHARED_ACCESS", "AUTOMATED_DISCOVERY_MONITORING_STATUS" ]
enum_SearchResourcesSortAttributeName := [ "ACCOUNT_ID", "RESOURCE_NAME", "S3_CLASSIFIABLE_OBJECT_COUNT", "S3_CLASSIFIABLE_SIZE_IN_BYTES" ]
valid {
input.Body.bucketCriteria.excludes.and[_].simpleCriterion.comparator == enum_SearchResourcesComparator[_]
input.Body.bucketCriteria.excludes.and[_].simpleCriterion.key == enum_SearchResourcesSimpleCriterionKey[_]
input.Body.bucketCriteria.excludes.and[_].simpleCriterion.values[_] == STRING
input.Body.bucketCriteria.excludes.and[_].tagCriterion.comparator == enum_SearchResourcesComparator[_]
input.Body.bucketCriteria.excludes.and[_].tagCriterion.tagValues[_].key == STRING
input.Body.bucketCriteria.excludes.and[_].tagCriterion.tagValues[_].value == STRING
input.Body.bucketCriteria.includes.and[_].simpleCriterion.comparator == enum_SearchResourcesComparator[_]
input.Body.bucketCriteria.includes.and[_].simpleCriterion.key == enum_SearchResourcesSimpleCriterionKey[_]
input.Body.bucketCriteria.includes.and[_].simpleCriterion.values[_] == STRING
input.Body.bucketCriteria.includes.and[_].tagCriterion.comparator == enum_SearchResourcesComparator[_]
input.Body.bucketCriteria.includes.and[_].tagCriterion.tagValues[_].key == STRING
input.Body.bucketCriteria.includes.and[_].tagCriterion.tagValues[_].value == STRING
input.Body.maxResults == INTEGER
input.Body.nextToken == STRING
input.Body.sortCriteria.attributeName == enum_SearchResourcesSortAttributeName[_]
input.Body.sortCriteria.orderBy == enum_OrderBy[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}TagResource
valid {
input.Body.tags.STRING == STRING
input.ReqMap.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}TestCustomDataIdentifier
valid {
input.Body.ignoreWords[_] == STRING
input.Body.keywords[_] == STRING
input.Body.maximumMatchDistance == INTEGER
input.Body.regex == STRING
input.Body.sampleText == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UntagResource
valid {
input.ReqMap.resourceArn == STRING
input.Qs.tagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateAllowList
valid {
input.Body.criteria.regex == STRING
input.Body.criteria.s3WordsList.bucketName == STRING
input.Body.criteria.s3WordsList.objectKey == STRING
input.Body.description == STRING
input.Body.name == STRING
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateAutomatedDiscoveryConfiguration
enum_AutoEnableMode := [ "ALL", "NEW", "NONE" ]
enum_AutomatedDiscoveryStatus := [ "ENABLED", "DISABLED" ]
valid {
input.Body.autoEnableOrganizationMembers == enum_AutoEnableMode[_]
input.Body.status == enum_AutomatedDiscoveryStatus[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateClassificationJob
enum_JobStatus := [ "RUNNING", "PAUSED", "CANCELLED", "COMPLETE", "IDLE", "USER_PAUSED" ]
valid {
input.Body.jobStatus == enum_JobStatus[_]
input.ReqMap.jobId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateClassificationScope
enum_ClassificationScopeUpdateOperation := [ "ADD", "REPLACE", "REMOVE" ]
valid {
input.Body.s3.excludes.bucketNames[_] == STRING
input.Body.s3.excludes.operation == enum_ClassificationScopeUpdateOperation[_]
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateFindingsFilter
enum_FindingsFilterAction := [ "ARCHIVE", "NOOP" ]
valid {
input.Body.action == enum_FindingsFilterAction[_]
input.Body.clientToken == STRING
input.Body.description == STRING
input.Body.findingCriteria.criterion.STRING.eq[_] == STRING
input.Body.findingCriteria.criterion.STRING.eqExactMatch[_] == STRING
input.Body.findingCriteria.criterion.STRING.gt == LONG
input.Body.findingCriteria.criterion.STRING.gte == LONG
input.Body.findingCriteria.criterion.STRING.lt == LONG
input.Body.findingCriteria.criterion.STRING.lte == LONG
input.Body.findingCriteria.criterion.STRING.neq[_] == STRING
input.Body.name == STRING
input.Body.position == INTEGER
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateMacieSession
enum_FindingPublishingFrequency := [ "FIFTEEN_MINUTES", "ONE_HOUR", "SIX_HOURS" ]
enum_MacieStatus := [ "PAUSED", "ENABLED" ]
valid {
input.Body.findingPublishingFrequency == enum_FindingPublishingFrequency[_]
input.Body.status == enum_MacieStatus[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateMemberSession
enum_MacieStatus := [ "PAUSED", "ENABLED" ]
valid {
input.Body.status == enum_MacieStatus[_]
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateOrganizationConfiguration
valid {
input.Body.autoEnable == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateResourceProfile
valid {
input.Body.sensitivityScoreOverride == INTEGER
input.Qs.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateResourceProfileDetections
enum_DataIdentifierType := [ "CUSTOM", "MANAGED" ]
valid {
input.Body.suppressDataIdentifiers[_].id == STRING
input.Body.suppressDataIdentifiers[_].type == enum_DataIdentifierType[_]
input.Qs.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateRevealConfiguration
enum_RetrievalMode := [ "CALLER_CREDENTIALS", "ASSUME_ROLE" ]
enum_RevealStatus := [ "ENABLED", "DISABLED" ]
valid {
input.Body.configuration.kmsKeyId == STRING
input.Body.configuration.status == enum_RevealStatus[_]
input.Body.retrievalConfiguration.retrievalMode == enum_RetrievalMode[_]
input.Body.retrievalConfiguration.roleName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateSensitivityInspectionTemplate
valid {
input.Body.description == STRING
input.Body.excludes.managedDataIdentifierIds[_] == STRING
input.Body.includes.allowListIds[_] == STRING
input.Body.includes.customDataIdentifierIds[_] == STRING
input.Body.includes.managedDataIdentifierIds[_] == STRING
input.ReqMap.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}Updated 18 days ago