CancelSession

valid {
    input.ReqMap.SessionArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateApprovalTeam

valid {
    input.Body.ClientToken == STRING
    input.Body.ApprovalStrategy.MofN.MinApprovalsRequired == INTEGER
    input.Body.Approvers[_].PrimaryIdentityId == STRING
    input.Body.Approvers[_].PrimaryIdentitySourceArn == STRING
    input.Body.Description == STRING
    input.Body.Policies[_].PolicyArn == STRING
    input.Body.Name == STRING
    input.Body.Tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateIdentitySource

valid {
    input.Body.IdentitySourceParameters.IamIdentityCenter.InstanceArn == STRING
    input.Body.IdentitySourceParameters.IamIdentityCenter.Region == STRING
    input.Body.ClientToken == STRING
    input.Body.Tags.STRING == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteIdentitySource

valid {
    input.ReqMap.IdentitySourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteInactiveApprovalTeamVersion

valid {
    input.ReqMap.Arn == STRING
    input.ReqMap.VersionId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetApprovalTeam

valid {
    input.ReqMap.Arn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIdentitySource

valid {
    input.ReqMap.IdentitySourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPolicyVersion

valid {
    input.ReqMap.PolicyVersionArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetResourcePolicy

enum_PolicyType := [ "AWS_MANAGED", "AWS_RAM" ]

valid {
    input.Body.ResourceArn == STRING
    input.Body.PolicyName == STRING
    input.Body.PolicyType == enum_PolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSession

valid {
    input.ReqMap.SessionArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListApprovalTeams

valid {
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListIdentitySources

valid {
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListPolicies

valid {
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListPolicyVersions

valid {
    input.ReqMap.PolicyArn == STRING
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListResourcePolicies

valid {
    input.ReqMap.ResourceArn == STRING
    input.Qs.MaxResults == INTEGER
    input.Qs.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListSessions

enum_FilterField := [ "ActionName", "ApprovalTeamName", "VotingTime", "Vote", "SessionStatus", "InitiationTime" ]
enum_Operator := [ "EQ", "NE", "GT", "LT", "GTE", "LTE", "CONTAINS", "NOT_CONTAINS", "BETWEEN" ]

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.Filters[_].FieldName == enum_FilterField[_]
    input.Body.Filters[_].Operator == enum_Operator[_]
    input.Body.Filters[_].Value == STRING
    input.ReqMap.ApprovalTeamArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.ReqMap.ResourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartActiveApprovalTeamDeletion

valid {
    input.Body.PendingWindowDays == INTEGER
    input.ReqMap.Arn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.Tags.STRING == STRING
    input.ReqMap.ResourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.Body.TagKeys[_] == STRING
    input.ReqMap.ResourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateApprovalTeam

valid {
    input.Body.ApprovalStrategy.MofN.MinApprovalsRequired == INTEGER
    input.Body.Approvers[_].PrimaryIdentityId == STRING
    input.Body.Approvers[_].PrimaryIdentitySourceArn == STRING
    input.Body.Description == STRING
    input.ReqMap.Arn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}