REDSHIFT-SERVERLESS

ConvertRecoveryPointToSnapshot

valid {
    input.Body.recoveryPointId == STRING
    input.Body.retentionPeriod == INTEGER
    input.Body.snapshotName == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateCustomDomainAssociation

valid {
    input.Body.customDomainCertificateArn == STRING
    input.Body.customDomainName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateEndpointAccess

valid {
    input.Body.endpointName == STRING
    input.Body.ownerAccount == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.vpcSecurityGroupIds[_] == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateNamespace

enum_LogExport := [ "useractivitylog", "userlog", "connectionlog" ]

valid {
    input.Body.adminPasswordSecretKmsKeyId == STRING
    input.Body.adminUserPassword == STRING
    input.Body.adminUsername == STRING
    input.Body.dbName == STRING
    input.Body.defaultIamRoleArn == STRING
    input.Body.iamRoles[_] == STRING
    input.Body.kmsKeyId == STRING
    input.Body.logExports[_] == enum_LogExport[_]
    input.Body.manageAdminPassword == BOOLEAN
    input.Body.namespaceName == STRING
    input.Body.redshiftIdcApplicationArn == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateScheduledAction

valid {
    input.Body.enabled == BOOLEAN
    input.Body.endTime == TIMESTAMP
    input.Body.namespaceName == STRING
    input.Body.roleArn == STRING
    input.Body.schedule.at == TIMESTAMP
    input.Body.schedule.cron == STRING
    input.Body.scheduledActionDescription == STRING
    input.Body.scheduledActionName == STRING
    input.Body.startTime == TIMESTAMP
    input.Body.targetAction.createSnapshot.namespaceName == STRING
    input.Body.targetAction.createSnapshot.retentionPeriod == INTEGER
    input.Body.targetAction.createSnapshot.snapshotNamePrefix == STRING
    input.Body.targetAction.createSnapshot.tags[_].key == STRING
    input.Body.targetAction.createSnapshot.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateSnapshot

valid {
    input.Body.namespaceName == STRING
    input.Body.retentionPeriod == INTEGER
    input.Body.snapshotName == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateSnapshotCopyConfiguration

valid {
    input.Body.destinationKmsKeyId == STRING
    input.Body.destinationRegion == STRING
    input.Body.namespaceName == STRING
    input.Body.snapshotRetentionPeriod == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateUsageLimit

enum_UsageLimitBreachAction := [ "log", "emit-metric", "deactivate" ]
enum_UsageLimitPeriod := [ "daily", "weekly", "monthly" ]
enum_UsageLimitUsageType := [ "serverless-compute", "cross-region-datasharing" ]

valid {
    input.Body.amount == LONG
    input.Body.breachAction == enum_UsageLimitBreachAction[_]
    input.Body.period == enum_UsageLimitPeriod[_]
    input.Body.resourceArn == STRING
    input.Body.usageType == enum_UsageLimitUsageType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateWorkgroup

enum_PerformanceTargetStatus := [ "ENABLED", "DISABLED" ]

valid {
    input.Body.baseCapacity == INTEGER
    input.Body.configParameters[_].parameterKey == STRING
    input.Body.configParameters[_].parameterValue == STRING
    input.Body.enhancedVpcRouting == BOOLEAN
    input.Body.ipAddressType == STRING
    input.Body.maxCapacity == INTEGER
    input.Body.namespaceName == STRING
    input.Body.port == INTEGER
    input.Body.pricePerformanceTarget.level == INTEGER
    input.Body.pricePerformanceTarget.status == enum_PerformanceTargetStatus[_]
    input.Body.publiclyAccessible == BOOLEAN
    input.Body.securityGroupIds[_] == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteCustomDomainAssociation

valid {
    input.Body.customDomainName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteEndpointAccess

valid {
    input.Body.endpointName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteNamespace

valid {
    input.Body.finalSnapshotName == STRING
    input.Body.finalSnapshotRetentionPeriod == INTEGER
    input.Body.namespaceName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteResourcePolicy

valid {
    input.Body.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteScheduledAction

valid {
    input.Body.scheduledActionName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteSnapshot

valid {
    input.Body.snapshotName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteSnapshotCopyConfiguration

valid {
    input.Body.snapshotCopyConfigurationId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteUsageLimit

valid {
    input.Body.usageLimitId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteWorkgroup

valid {
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetCredentials

valid {
    input.Body.customDomainName == STRING
    input.Body.dbName == STRING
    input.Body.durationSeconds == INTEGER
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetCustomDomainAssociation

valid {
    input.Body.customDomainName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetEndpointAccess

valid {
    input.Body.endpointName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetNamespace

valid {
    input.Body.namespaceName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetRecoveryPoint

valid {
    input.Body.recoveryPointId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetResourcePolicy

valid {
    input.Body.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetScheduledAction

valid {
    input.Body.scheduledActionName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetSnapshot

valid {
    input.Body.ownerAccount == STRING
    input.Body.snapshotArn == STRING
    input.Body.snapshotName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTableRestoreStatus

valid {
    input.Body.tableRestoreRequestId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUsageLimit

valid {
    input.Body.usageLimitId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetWorkgroup

valid {
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListCustomDomainAssociations

valid {
    input.Body.customDomainCertificateArn == STRING
    input.Body.customDomainName == STRING
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListEndpointAccess

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.ownerAccount == STRING
    input.Body.vpcId == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListManagedWorkgroups

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.sourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListNamespaces

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListRecoveryPoints

valid {
    input.Body.endTime == TIMESTAMP
    input.Body.maxResults == INTEGER
    input.Body.namespaceArn == STRING
    input.Body.namespaceName == STRING
    input.Body.nextToken == STRING
    input.Body.startTime == TIMESTAMP
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListScheduledActions

valid {
    input.Body.maxResults == INTEGER
    input.Body.namespaceName == STRING
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListSnapshotCopyConfigurations

valid {
    input.Body.maxResults == INTEGER
    input.Body.namespaceName == STRING
    input.Body.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListSnapshots

valid {
    input.Body.endTime == TIMESTAMP
    input.Body.maxResults == INTEGER
    input.Body.namespaceArn == STRING
    input.Body.namespaceName == STRING
    input.Body.nextToken == STRING
    input.Body.ownerAccount == STRING
    input.Body.startTime == TIMESTAMP
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTableRestoreStatus

valid {
    input.Body.maxResults == INTEGER
    input.Body.namespaceName == STRING
    input.Body.nextToken == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.Body.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListUsageLimits

enum_UsageLimitUsageType := [ "serverless-compute", "cross-region-datasharing" ]

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.resourceArn == STRING
    input.Body.usageType == enum_UsageLimitUsageType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListWorkgroups

valid {
    input.Body.maxResults == INTEGER
    input.Body.nextToken == STRING
    input.Body.ownerAccount == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

PutResourcePolicy

valid {
    input.Body.policy == STRING
    input.Body.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RestoreFromRecoveryPoint

valid {
    input.Body.namespaceName == STRING
    input.Body.recoveryPointId == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RestoreFromSnapshot

valid {
    input.Body.adminPasswordSecretKmsKeyId == STRING
    input.Body.manageAdminPassword == BOOLEAN
    input.Body.namespaceName == STRING
    input.Body.ownerAccount == STRING
    input.Body.snapshotArn == STRING
    input.Body.snapshotName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RestoreTableFromRecoveryPoint

valid {
    input.Body.activateCaseSensitiveIdentifier == BOOLEAN
    input.Body.namespaceName == STRING
    input.Body.newTableName == STRING
    input.Body.recoveryPointId == STRING
    input.Body.sourceDatabaseName == STRING
    input.Body.sourceSchemaName == STRING
    input.Body.sourceTableName == STRING
    input.Body.targetDatabaseName == STRING
    input.Body.targetSchemaName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

RestoreTableFromSnapshot

valid {
    input.Body.activateCaseSensitiveIdentifier == BOOLEAN
    input.Body.namespaceName == STRING
    input.Body.newTableName == STRING
    input.Body.snapshotName == STRING
    input.Body.sourceDatabaseName == STRING
    input.Body.sourceSchemaName == STRING
    input.Body.sourceTableName == STRING
    input.Body.targetDatabaseName == STRING
    input.Body.targetSchemaName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tags[_].key == STRING
    input.Body.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.Body.resourceArn == STRING
    input.Body.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateCustomDomainAssociation

valid {
    input.Body.customDomainCertificateArn == STRING
    input.Body.customDomainName == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateEndpointAccess

valid {
    input.Body.endpointName == STRING
    input.Body.vpcSecurityGroupIds[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateNamespace

enum_LogExport := [ "useractivitylog", "userlog", "connectionlog" ]

valid {
    input.Body.adminPasswordSecretKmsKeyId == STRING
    input.Body.adminUserPassword == STRING
    input.Body.adminUsername == STRING
    input.Body.defaultIamRoleArn == STRING
    input.Body.iamRoles[_] == STRING
    input.Body.kmsKeyId == STRING
    input.Body.logExports[_] == enum_LogExport[_]
    input.Body.manageAdminPassword == BOOLEAN
    input.Body.namespaceName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateScheduledAction

valid {
    input.Body.enabled == BOOLEAN
    input.Body.endTime == TIMESTAMP
    input.Body.roleArn == STRING
    input.Body.schedule.at == TIMESTAMP
    input.Body.schedule.cron == STRING
    input.Body.scheduledActionDescription == STRING
    input.Body.scheduledActionName == STRING
    input.Body.startTime == TIMESTAMP
    input.Body.targetAction.createSnapshot.namespaceName == STRING
    input.Body.targetAction.createSnapshot.retentionPeriod == INTEGER
    input.Body.targetAction.createSnapshot.snapshotNamePrefix == STRING
    input.Body.targetAction.createSnapshot.tags[_].key == STRING
    input.Body.targetAction.createSnapshot.tags[_].value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateSnapshot

valid {
    input.Body.retentionPeriod == INTEGER
    input.Body.snapshotName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateSnapshotCopyConfiguration

valid {
    input.Body.snapshotCopyConfigurationId == STRING
    input.Body.snapshotRetentionPeriod == INTEGER
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateUsageLimit

enum_UsageLimitBreachAction := [ "log", "emit-metric", "deactivate" ]

valid {
    input.Body.amount == LONG
    input.Body.breachAction == enum_UsageLimitBreachAction[_]
    input.Body.usageLimitId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateWorkgroup

enum_PerformanceTargetStatus := [ "ENABLED", "DISABLED" ]

valid {
    input.Body.baseCapacity == INTEGER
    input.Body.configParameters[_].parameterKey == STRING
    input.Body.configParameters[_].parameterValue == STRING
    input.Body.enhancedVpcRouting == BOOLEAN
    input.Body.ipAddressType == STRING
    input.Body.maxCapacity == INTEGER
    input.Body.port == INTEGER
    input.Body.pricePerformanceTarget.level == INTEGER
    input.Body.pricePerformanceTarget.status == enum_PerformanceTargetStatus[_]
    input.Body.publiclyAccessible == BOOLEAN
    input.Body.securityGroupIds[_] == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.workgroupName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}