OPENSEARCHSERVERLESS

BatchGetCollection

valid {
    input.Body.ids[_] == STRING
    input.Body.names[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchGetEffectiveLifecyclePolicy

enum_LifecyclePolicyType := [ "retention" ]

valid {
    input.Body.resourceIdentifiers[_].resource == STRING
    input.Body.resourceIdentifiers[_].type == enum_LifecyclePolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchGetLifecyclePolicy

enum_LifecyclePolicyType := [ "retention" ]

valid {
    input.Body.identifiers[_].name == STRING
    input.Body.identifiers[_].type == enum_LifecyclePolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

BatchGetVpcEndpoint

valid {
    input.Body.ids[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAccessPolicy

enum_AccessPolicyType := [ "data" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.policy == STRING
    input.Body.type == enum_AccessPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateCollection

enum_CollectionType := [ "SEARCH", "TIMESERIES", "VECTORSEARCH" ]
enum_StandbyReplicas := [ "ENABLED", "DISABLED" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.standbyReplicas == enum_StandbyReplicas[_]
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.Body.type == enum_CollectionType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateLifecyclePolicy

enum_LifecyclePolicyType := [ "retention" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.policy == STRING
    input.Body.type == enum_LifecyclePolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateSecurityConfig

enum_SecurityConfigType := [ "saml" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.samlOptions.groupAttribute == STRING
    input.Body.samlOptions.metadata == STRING
    input.Body.samlOptions.sessionTimeout == INTEGER
    input.Body.samlOptions.userAttribute == STRING
    input.Body.type == enum_SecurityConfigType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateSecurityPolicy

enum_SecurityPolicyType := [ "encryption", "network" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.policy == STRING
    input.Body.type == enum_SecurityPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateVpcEndpoint

valid {
    input.Body.clientToken == STRING
    input.Body.name == STRING
    input.Body.securityGroupIds[_] == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.vpcId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAccessPolicy

enum_AccessPolicyType := [ "data" ]

valid {
    input.Body.clientToken == STRING
    input.Body.name == STRING
    input.Body.type == enum_AccessPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteCollection

valid {
    input.Body.clientToken == STRING
    input.Body.id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteLifecyclePolicy

enum_LifecyclePolicyType := [ "retention" ]

valid {
    input.Body.clientToken == STRING
    input.Body.name == STRING
    input.Body.type == enum_LifecyclePolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteSecurityConfig

valid {
    input.Body.clientToken == STRING
    input.Body.id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteSecurityPolicy

enum_SecurityPolicyType := [ "encryption", "network" ]

valid {
    input.Body.clientToken == STRING
    input.Body.name == STRING
    input.Body.type == enum_SecurityPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteVpcEndpoint

valid {
    input.Body.clientToken == STRING
    input.Body.id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAccessPolicy

enum_AccessPolicyType := [ "data" ]

valid {
    input.Body.name == STRING
    input.Body.type == enum_AccessPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetAccountSettings

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPoliciesStats

valid {
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSecurityConfig

valid {
    input.Body.id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSecurityPolicy

enum_SecurityPolicyType := [ "encryption", "network" ]

valid {
    input.Body.name == STRING
    input.Body.type == enum_SecurityPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAccessPolicies

enum_AccessPolicyType := [ "data" ]

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.resource[_] == STRING
    input.Body.type == enum_AccessPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListCollections

enum_CollectionStatus := [ "CREATING", "DELETING", "ACTIVE", "FAILED" ]

valid {
    input.Body.collectionFilters.name == STRING
    input.Body.collectionFilters.status == enum_CollectionStatus[_]
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListLifecyclePolicies

enum_LifecyclePolicyType := [ "retention" ]

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.resources[_] == STRING
    input.Body.type == enum_LifecyclePolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListSecurityConfigs

enum_SecurityConfigType := [ "saml" ]

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.type == enum_SecurityConfigType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListSecurityPolicies

enum_SecurityPolicyType := [ "encryption", "network" ]

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.resource[_] == STRING
    input.Body.type == enum_SecurityPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.Body.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListVpcEndpoints

enum_VpcEndpointStatus := [ "PENDING", "DELETING", "ACTIVE", "FAILED" ]

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.vpcEndpointFilters.status == enum_VpcEndpointStatus[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAccessPolicy

enum_AccessPolicyType := [ "data" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.policy == STRING
    input.Body.policyVersion == STRING
    input.Body.type == enum_AccessPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAccountSettings

valid {
    input.Body.capacityLimits.maxIndexingCapacityInOCU == INTEGER
    input.Body.capacityLimits.maxSearchCapacityInOCU == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateCollection

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.id == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateLifecyclePolicy

enum_LifecyclePolicyType := [ "retention" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.policy == STRING
    input.Body.policyVersion == STRING
    input.Body.type == enum_LifecyclePolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateSecurityConfig

valid {
    input.Body.clientToken == STRING
    input.Body.configVersion == STRING
    input.Body.description == STRING
    input.Body.id == STRING
    input.Body.samlOptions.groupAttribute == STRING
    input.Body.samlOptions.metadata == STRING
    input.Body.samlOptions.sessionTimeout == INTEGER
    input.Body.samlOptions.userAttribute == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateSecurityPolicy

enum_SecurityPolicyType := [ "encryption", "network" ]

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.name == STRING
    input.Body.policy == STRING
    input.Body.policyVersion == STRING
    input.Body.type == enum_SecurityPolicyType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateVpcEndpoint

valid {
    input.Body.addSecurityGroupIds[_] == STRING
    input.Body.addSubnetIds[_] == STRING
    input.Body.clientToken == STRING
    input.Body.id == STRING
    input.Body.removeSecurityGroupIds[_] == STRING
    input.Body.removeSubnetIds[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}