ROLESANYWHERE
CreateProfile
valid {
input.Body.durationSeconds == INTEGER
input.Body.enabled == BOOLEAN
input.Body.managedPolicyArns[_] == STRING
input.Body.name == STRING
input.Body.requireInstanceProperties == BOOLEAN
input.Body.roleArns[_] == STRING
input.Body.sessionPolicy == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateTrustAnchor
enum_NotificationChannel := [ "ALL" ]
enum_NotificationEvent := [ "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY" ]
enum_TrustAnchorType := [ "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" ]
valid {
input.Body.enabled == BOOLEAN
input.Body.name == STRING
input.Body.notificationSettings[_].channel == enum_NotificationChannel[_]
input.Body.notificationSettings[_].enabled == BOOLEAN
input.Body.notificationSettings[_].event == enum_NotificationEvent[_]
input.Body.notificationSettings[_].threshold == INTEGER
input.Body.source.sourceData.acmPcaArn == STRING
input.Body.source.sourceData.x509CertificateData == STRING
input.Body.source.sourceType == enum_TrustAnchorType[_]
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAttributeMapping
enum_CertificateField := [ "x509Subject", "x509Issuer", "x509SAN" ]
valid {
input.ReqMap.profileId == STRING
input.Qs.certificateField == enum_CertificateField[_]
input.Qs.specifiers[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteCrl
valid {
input.ReqMap.crlId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteProfile
valid {
input.ReqMap.profileId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteTrustAnchor
valid {
input.ReqMap.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableCrl
valid {
input.ReqMap.crlId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableProfile
valid {
input.ReqMap.profileId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisableTrustAnchor
valid {
input.ReqMap.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableCrl
valid {
input.ReqMap.crlId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableProfile
valid {
input.ReqMap.profileId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
EnableTrustAnchor
valid {
input.ReqMap.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetCrl
valid {
input.ReqMap.crlId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetProfile
valid {
input.ReqMap.profileId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetSubject
valid {
input.ReqMap.subjectId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetTrustAnchor
valid {
input.ReqMap.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ImportCrl
valid {
input.Body.crlData == BLOB
input.Body.enabled == BOOLEAN
input.Body.name == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.Body.trustAnchorArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListCrls
valid {
input.Qs.nextToken == STRING
input.Qs.pageSize == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListProfiles
valid {
input.Qs.nextToken == STRING
input.Qs.pageSize == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListSubjects
valid {
input.Qs.nextToken == STRING
input.Qs.pageSize == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTagsForResource
valid {
input.Qs.resourceArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTrustAnchors
valid {
input.Qs.nextToken == STRING
input.Qs.pageSize == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutAttributeMapping
enum_CertificateField := [ "x509Subject", "x509Issuer", "x509SAN" ]
valid {
input.Body.certificateField == enum_CertificateField[_]
input.Body.mappingRules[_].specifier == STRING
input.ReqMap.profileId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutNotificationSettings
enum_NotificationChannel := [ "ALL" ]
enum_NotificationEvent := [ "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY" ]
valid {
input.Body.notificationSettings[_].channel == enum_NotificationChannel[_]
input.Body.notificationSettings[_].enabled == BOOLEAN
input.Body.notificationSettings[_].event == enum_NotificationEvent[_]
input.Body.notificationSettings[_].threshold == INTEGER
input.Body.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ResetNotificationSettings
enum_NotificationChannel := [ "ALL" ]
enum_NotificationEvent := [ "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY" ]
valid {
input.Body.notificationSettingKeys[_].channel == enum_NotificationChannel[_]
input.Body.notificationSettingKeys[_].event == enum_NotificationEvent[_]
input.Body.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.resourceArn == STRING
input.Body.tags[_].key == STRING
input.Body.tags[_].value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.Body.resourceArn == STRING
input.Body.tagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateCrl
valid {
input.Body.crlData == BLOB
input.Body.name == STRING
input.ReqMap.crlId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateProfile
valid {
input.Body.durationSeconds == INTEGER
input.Body.managedPolicyArns[_] == STRING
input.Body.name == STRING
input.Body.roleArns[_] == STRING
input.Body.sessionPolicy == STRING
input.ReqMap.profileId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateTrustAnchor
enum_TrustAnchorType := [ "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY" ]
valid {
input.Body.name == STRING
input.Body.source.sourceData.acmPcaArn == STRING
input.Body.source.sourceData.x509CertificateData == STRING
input.Body.source.sourceType == enum_TrustAnchorType[_]
input.ReqMap.trustAnchorId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 8 days ago