AbortMultipartUpload
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.uploadId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CompleteMultipartUpload
enum_RequestPayer := [ "requester" ]
valid {
input.Body.CompleteMultipartUpload.Part[_].ETag == STRING
input.Body.CompleteMultipartUpload.Part[_].ChecksumCRC32 == STRING
input.Body.CompleteMultipartUpload.Part[_].ChecksumCRC32C == STRING
input.Body.CompleteMultipartUpload.Part[_].ChecksumSHA1 == STRING
input.Body.CompleteMultipartUpload.Part[_].ChecksumSHA256 == STRING
input.Body.CompleteMultipartUpload.Part[_].PartNumber == INTEGER
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.uploadId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CopyObject
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_MetadataDirective := [ "COPY", "REPLACE" ]
enum_ObjectCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read", "aws-exec-read", "bucket-owner-read", "bucket-owner-full-control" ]
enum_ObjectLockLegalHoldStatus := [ "ON", "OFF" ]
enum_ObjectLockMode := [ "GOVERNANCE", "COMPLIANCE" ]
enum_RequestPayer := [ "requester" ]
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
enum_StorageClass := [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE" ]
enum_TaggingDirective := [ "COPY", "REPLACE" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateBucket
enum_BucketCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read" ]
enum_BucketLocationConstraint := [ "af-south-1", "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", "ca-central-1", "cn-north-1", "cn-northwest-1", "EU", "eu-central-1", "eu-north-1", "eu-south-1", "eu-south-2", "eu-west-1", "eu-west-2", "eu-west-3", "me-south-1", "sa-east-1", "us-east-2", "us-gov-east-1", "us-gov-west-1", "us-west-1", "us-west-2" ]
enum_BucketType := [ "Directory" ]
enum_DataRedundancy := [ "SingleAvailabilityZone" ]
enum_LocationType := [ "AvailabilityZone" ]
enum_ObjectOwnership := [ "BucketOwnerPreferred", "ObjectWriter", "BucketOwnerEnforced" ]
valid {
input.Body.CreateBucketConfiguration.LocationConstraint == enum_BucketLocationConstraint[_]
input.Body.CreateBucketConfiguration.Location.Type == enum_LocationType[_]
input.Body.CreateBucketConfiguration.Location.Name == STRING
input.Body.CreateBucketConfiguration.Bucket.DataRedundancy == enum_DataRedundancy[_]
input.Body.CreateBucketConfiguration.Bucket.Type == enum_BucketType[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateMultipartUpload
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ObjectCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read", "aws-exec-read", "bucket-owner-read", "bucket-owner-full-control" ]
enum_ObjectLockLegalHoldStatus := [ "ON", "OFF" ]
enum_ObjectLockMode := [ "GOVERNANCE", "COMPLIANCE" ]
enum_RequestPayer := [ "requester" ]
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
enum_StorageClass := [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateSession
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
enum_SessionMode := [ "ReadOnly", "ReadWrite" ]
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucket
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketAnalyticsConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketCors
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketEncryption
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketIntelligentTieringConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketInventoryConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketLifecycle
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketMetricsConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketOwnershipControls
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketPolicy
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketReplication
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketTagging
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteBucketWebsite
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteObject
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteObjectTagging
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteObjects
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_RequestPayer := [ "requester" ]
valid {
input.Body.Delete.Object[_].Key == STRING
input.Body.Delete.Object[_].VersionId == STRING
input.Body.Delete.Quiet == BOOLEAN
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeletePublicAccessBlock
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketAccelerateConfiguration
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketAcl
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketAnalyticsConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketCors
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketEncryption
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketIntelligentTieringConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketInventoryConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketLifecycleConfiguration
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketLocation
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketLogging
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketMetricsConfiguration
valid {
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketNotificationConfiguration
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketOwnershipControls
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketPolicy
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketPolicyStatus
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketReplication
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketRequestPayment
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketTagging
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketVersioning
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetBucketWebsite
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObject
enum_ChecksumMode := [ "ENABLED" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.response-cache-control == STRING
input.Qs.response-content-disposition == STRING
input.Qs.response-content-encoding == STRING
input.Qs.response-content-language == STRING
input.Qs.response-content-type == STRING
input.Qs.response-expires == TIMESTAMP
input.Qs.versionId == STRING
input.Qs.partNumber == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectAcl
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectAttributes
enum_ObjectAttributes := [ "ETag", "Checksum", "ObjectParts", "StorageClass", "ObjectSize" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectLegalHold
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectLockConfiguration
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectRetention
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectTagging
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetObjectTorrent
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetPublicAccessBlock
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
HeadBucket
valid {
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
HeadObject
enum_ChecksumMode := [ "ENABLED" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.response-cache-control == STRING
input.Qs.response-content-disposition == STRING
input.Qs.response-content-encoding == STRING
input.Qs.response-content-language == STRING
input.Qs.response-content-type == STRING
input.Qs.response-expires == TIMESTAMP
input.Qs.versionId == STRING
input.Qs.partNumber == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListBucketAnalyticsConfigurations
valid {
input.ReqMap.Bucket == STRING
input.Qs.continuation-token == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListBucketIntelligentTieringConfigurations
valid {
input.ReqMap.Bucket == STRING
input.Qs.continuation-token == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListBucketInventoryConfigurations
valid {
input.ReqMap.Bucket == STRING
input.Qs.continuation-token == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListBucketMetricsConfigurations
valid {
input.ReqMap.Bucket == STRING
input.Qs.continuation-token == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListDirectoryBuckets
valid {
input.Qs.continuation-token == STRING
input.Qs.max-directory-buckets == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMultipartUploads
enum_EncodingType := [ "url" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.Qs.delimiter == STRING
input.Qs.encoding-type == enum_EncodingType[_]
input.Qs.key-marker == STRING
input.Qs.max-uploads == INTEGER
input.Qs.prefix == STRING
input.Qs.upload-id-marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListObjectVersions
enum_EncodingType := [ "url" ]
enum_OptionalObjectAttributes := [ "RestoreStatus" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.Qs.delimiter == STRING
input.Qs.encoding-type == enum_EncodingType[_]
input.Qs.key-marker == STRING
input.Qs.max-keys == INTEGER
input.Qs.prefix == STRING
input.Qs.version-id-marker == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListObjects
enum_EncodingType := [ "url" ]
enum_OptionalObjectAttributes := [ "RestoreStatus" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.Qs.delimiter == STRING
input.Qs.encoding-type == enum_EncodingType[_]
input.Qs.marker == STRING
input.Qs.max-keys == INTEGER
input.Qs.prefix == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListObjectsV2
enum_EncodingType := [ "url" ]
enum_OptionalObjectAttributes := [ "RestoreStatus" ]
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.Qs.delimiter == STRING
input.Qs.encoding-type == enum_EncodingType[_]
input.Qs.max-keys == INTEGER
input.Qs.prefix == STRING
input.Qs.continuation-token == STRING
input.Qs.fetch-owner == BOOLEAN
input.Qs.start-after == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListParts
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.max-parts == INTEGER
input.Qs.part-number-marker == INTEGER
input.Qs.uploadId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketAccelerateConfiguration
enum_BucketAccelerateStatus := [ "Enabled", "Suspended" ]
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
valid {
input.Body.AccelerateConfiguration.Status == enum_BucketAccelerateStatus[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketAcl
enum_BucketCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read" ]
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_Permission := [ "FULL_CONTROL", "WRITE", "WRITE_ACP", "READ", "READ_ACP" ]
enum_Type := [ "CanonicalUser", "AmazonCustomerByEmail", "Group" ]
valid {
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.DisplayName == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.EmailAddress == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.ID == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.xsi:type == enum_Type[_]
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.URI == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Permission == enum_Permission[_]
input.Body.AccessControlPolicy.Owner.DisplayName == STRING
input.Body.AccessControlPolicy.Owner.ID == STRING
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketAnalyticsConfiguration
enum_AnalyticsS3ExportFileFormat := [ "CSV" ]
enum_StorageClassAnalysisSchemaVersion := [ "V_1" ]
valid {
input.Body.AnalyticsConfiguration.Id == STRING
input.Body.AnalyticsConfiguration.Filter.Prefix == STRING
input.Body.AnalyticsConfiguration.Filter.Tag.Key == STRING
input.Body.AnalyticsConfiguration.Filter.Tag.Value == STRING
input.Body.AnalyticsConfiguration.Filter.And.Prefix == STRING
input.Body.AnalyticsConfiguration.Filter.And.Tag[_].Key == STRING
input.Body.AnalyticsConfiguration.Filter.And.Tag[_].Value == STRING
input.Body.AnalyticsConfiguration.StorageClassAnalysis.DataExport.OutputSchemaVersion == enum_StorageClassAnalysisSchemaVersion[_]
input.Body.AnalyticsConfiguration.StorageClassAnalysis.DataExport.Destination.S3BucketDestination.Format == enum_AnalyticsS3ExportFileFormat[_]
input.Body.AnalyticsConfiguration.StorageClassAnalysis.DataExport.Destination.S3BucketDestination.BucketAccountId == STRING
input.Body.AnalyticsConfiguration.StorageClassAnalysis.DataExport.Destination.S3BucketDestination.Bucket == STRING
input.Body.AnalyticsConfiguration.StorageClassAnalysis.DataExport.Destination.S3BucketDestination.Prefix == STRING
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketCors
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
valid {
input.Body.CORSConfiguration.CORSRule[_].ID == STRING
input.Body.CORSConfiguration.CORSRule[_].AllowedHeader[_] == STRING
input.Body.CORSConfiguration.CORSRule[_].AllowedMethod[_] == STRING
input.Body.CORSConfiguration.CORSRule[_].AllowedOrigin[_] == STRING
input.Body.CORSConfiguration.CORSRule[_].ExposeHeader[_] == STRING
input.Body.CORSConfiguration.CORSRule[_].MaxAgeSeconds == INTEGER
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketEncryption
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
valid {
input.Body.ServerSideEncryptionConfiguration.Rule[_].ApplyServerSideEncryptionByDefault.SSEAlgorithm == enum_ServerSideEncryption[_]
input.Body.ServerSideEncryptionConfiguration.Rule[_].ApplyServerSideEncryptionByDefault.KMSMasterKeyID == STRING
input.Body.ServerSideEncryptionConfiguration.Rule[_].BucketKeyEnabled == BOOLEAN
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketIntelligentTieringConfiguration
enum_IntelligentTieringAccessTier := [ "ARCHIVE_ACCESS", "DEEP_ARCHIVE_ACCESS" ]
enum_IntelligentTieringStatus := [ "Enabled", "Disabled" ]
valid {
input.Body.IntelligentTieringConfiguration.Id == STRING
input.Body.IntelligentTieringConfiguration.Filter.Prefix == STRING
input.Body.IntelligentTieringConfiguration.Filter.Tag.Key == STRING
input.Body.IntelligentTieringConfiguration.Filter.Tag.Value == STRING
input.Body.IntelligentTieringConfiguration.Filter.And.Prefix == STRING
input.Body.IntelligentTieringConfiguration.Filter.And.Tag[_].Key == STRING
input.Body.IntelligentTieringConfiguration.Filter.And.Tag[_].Value == STRING
input.Body.IntelligentTieringConfiguration.Status == enum_IntelligentTieringStatus[_]
input.Body.IntelligentTieringConfiguration.Tiering[_].Days == INTEGER
input.Body.IntelligentTieringConfiguration.Tiering[_].AccessTier == enum_IntelligentTieringAccessTier[_]
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketInventoryConfiguration
enum_InventoryFormat := [ "CSV", "ORC", "Parquet" ]
enum_InventoryFrequency := [ "Daily", "Weekly" ]
enum_InventoryIncludedObjectVersions := [ "All", "Current" ]
enum_InventoryOptionalField := [ "Size", "LastModifiedDate", "StorageClass", "ETag", "IsMultipartUploaded", "ReplicationStatus", "EncryptionStatus", "ObjectLockRetainUntilDate", "ObjectLockMode", "ObjectLockLegalHoldStatus", "IntelligentTieringAccessTier", "BucketKeyStatus", "ChecksumAlgorithm", "ObjectAccessControlList", "ObjectOwner" ]
valid {
input.Body.InventoryConfiguration.Destination.S3BucketDestination.AccountId == STRING
input.Body.InventoryConfiguration.Destination.S3BucketDestination.Bucket == STRING
input.Body.InventoryConfiguration.Destination.S3BucketDestination.Format == enum_InventoryFormat[_]
input.Body.InventoryConfiguration.Destination.S3BucketDestination.Prefix == STRING
input.Body.InventoryConfiguration.Destination.S3BucketDestination.Encryption.SSE-S3 == {}
input.Body.InventoryConfiguration.Destination.S3BucketDestination.Encryption.SSE-KMS.KeyId == STRING
input.Body.InventoryConfiguration.IsEnabled == BOOLEAN
input.Body.InventoryConfiguration.Filter.Prefix == STRING
input.Body.InventoryConfiguration.Id == STRING
input.Body.InventoryConfiguration.IncludedObjectVersions == enum_InventoryIncludedObjectVersions[_]
input.Body.InventoryConfiguration.OptionalFields[_] == enum_InventoryOptionalField[_]
input.Body.InventoryConfiguration.Schedule.Frequency == enum_InventoryFrequency[_]
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketLifecycleConfiguration
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ExpirationStatus := [ "Enabled", "Disabled" ]
enum_TransitionDefaultMinimumObjectSize := [ "varies_by_storage_class", "all_storage_classes_128K" ]
enum_TransitionStorageClass := [ "GLACIER", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "DEEP_ARCHIVE", "GLACIER_IR" ]
valid {
input.Body.LifecycleConfiguration.Rule[_].Expiration.Date == TIMESTAMP
input.Body.LifecycleConfiguration.Rule[_].Expiration.Days == INTEGER
input.Body.LifecycleConfiguration.Rule[_].Expiration.ExpiredObjectDeleteMarker == BOOLEAN
input.Body.LifecycleConfiguration.Rule[_].ID == STRING
input.Body.LifecycleConfiguration.Rule[_].Prefix == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.Prefix == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.Tag.Key == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.Tag.Value == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.ObjectSizeGreaterThan == LONG
input.Body.LifecycleConfiguration.Rule[_].Filter.ObjectSizeLessThan == LONG
input.Body.LifecycleConfiguration.Rule[_].Filter.And.Prefix == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.And.Tag[_].Key == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.And.Tag[_].Value == STRING
input.Body.LifecycleConfiguration.Rule[_].Filter.And.ObjectSizeGreaterThan == LONG
input.Body.LifecycleConfiguration.Rule[_].Filter.And.ObjectSizeLessThan == LONG
input.Body.LifecycleConfiguration.Rule[_].Status == enum_ExpirationStatus[_]
input.Body.LifecycleConfiguration.Rule[_].Transition[_].Date == TIMESTAMP
input.Body.LifecycleConfiguration.Rule[_].Transition[_].Days == INTEGER
input.Body.LifecycleConfiguration.Rule[_].Transition[_].StorageClass == enum_TransitionStorageClass[_]
input.Body.LifecycleConfiguration.Rule[_].NoncurrentVersionTransition[_].NoncurrentDays == INTEGER
input.Body.LifecycleConfiguration.Rule[_].NoncurrentVersionTransition[_].StorageClass == enum_TransitionStorageClass[_]
input.Body.LifecycleConfiguration.Rule[_].NoncurrentVersionTransition[_].NewerNoncurrentVersions == INTEGER
input.Body.LifecycleConfiguration.Rule[_].NoncurrentVersionExpiration.NoncurrentDays == INTEGER
input.Body.LifecycleConfiguration.Rule[_].NoncurrentVersionExpiration.NewerNoncurrentVersions == INTEGER
input.Body.LifecycleConfiguration.Rule[_].AbortIncompleteMultipartUpload.DaysAfterInitiation == INTEGER
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketLogging
enum_BucketLogsPermission := [ "FULL_CONTROL", "READ", "WRITE" ]
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_PartitionDateSource := [ "EventTime", "DeliveryTime" ]
enum_Type := [ "CanonicalUser", "AmazonCustomerByEmail", "Group" ]
valid {
input.Body.BucketLoggingStatus.LoggingEnabled.TargetBucket == STRING
input.Body.BucketLoggingStatus.LoggingEnabled.TargetGrants[_].Grantee.DisplayName == STRING
input.Body.BucketLoggingStatus.LoggingEnabled.TargetGrants[_].Grantee.EmailAddress == STRING
input.Body.BucketLoggingStatus.LoggingEnabled.TargetGrants[_].Grantee.ID == STRING
input.Body.BucketLoggingStatus.LoggingEnabled.TargetGrants[_].Grantee.xsi:type == enum_Type[_]
input.Body.BucketLoggingStatus.LoggingEnabled.TargetGrants[_].Grantee.URI == STRING
input.Body.BucketLoggingStatus.LoggingEnabled.TargetGrants[_].Permission == enum_BucketLogsPermission[_]
input.Body.BucketLoggingStatus.LoggingEnabled.TargetPrefix == STRING
input.Body.BucketLoggingStatus.LoggingEnabled.TargetObjectKeyFormat.SimplePrefix == {}
input.Body.BucketLoggingStatus.LoggingEnabled.TargetObjectKeyFormat.PartitionedPrefix.PartitionDateSource == enum_PartitionDateSource[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketMetricsConfiguration
valid {
input.Body.MetricsConfiguration.Id == STRING
input.Body.MetricsConfiguration.Filter.Prefix == STRING
input.Body.MetricsConfiguration.Filter.Tag.Key == STRING
input.Body.MetricsConfiguration.Filter.Tag.Value == STRING
input.Body.MetricsConfiguration.Filter.AccessPointArn == STRING
input.Body.MetricsConfiguration.Filter.And.Prefix == STRING
input.Body.MetricsConfiguration.Filter.And.Tag[_].Key == STRING
input.Body.MetricsConfiguration.Filter.And.Tag[_].Value == STRING
input.Body.MetricsConfiguration.Filter.And.AccessPointArn == STRING
input.ReqMap.Bucket == STRING
input.Qs.id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketNotificationConfiguration
enum_Event := [ "s3:ReducedRedundancyLostObject", "s3:ObjectCreated:*", "s3:ObjectCreated:Put", "s3:ObjectCreated:Post", "s3:ObjectCreated:Copy", "s3:ObjectCreated:CompleteMultipartUpload", "s3:ObjectRemoved:*", "s3:ObjectRemoved:Delete", "s3:ObjectRemoved:DeleteMarkerCreated", "s3:ObjectRestore:*", "s3:ObjectRestore:Post", "s3:ObjectRestore:Completed", "s3:Replication:*", "s3:Replication:OperationFailedReplication", "s3:Replication:OperationNotTracked", "s3:Replication:OperationMissedThreshold", "s3:Replication:OperationReplicatedAfterThreshold", "s3:ObjectRestore:Delete", "s3:LifecycleTransition", "s3:IntelligentTiering", "s3:ObjectAcl:Put", "s3:LifecycleExpiration:*", "s3:LifecycleExpiration:Delete", "s3:LifecycleExpiration:DeleteMarkerCreated", "s3:ObjectTagging:*", "s3:ObjectTagging:Put", "s3:ObjectTagging:Delete" ]
enum_FilterRuleName := [ "prefix", "suffix" ]
valid {
input.Body.NotificationConfiguration.TopicConfiguration[_].Id == STRING
input.Body.NotificationConfiguration.TopicConfiguration[_].Topic == STRING
input.Body.NotificationConfiguration.TopicConfiguration[_].Event[_] == enum_Event[_]
input.Body.NotificationConfiguration.TopicConfiguration[_].Filter.S3Key.FilterRule[_].Name == enum_FilterRuleName[_]
input.Body.NotificationConfiguration.TopicConfiguration[_].Filter.S3Key.FilterRule[_].Value == STRING
input.Body.NotificationConfiguration.QueueConfiguration[_].Id == STRING
input.Body.NotificationConfiguration.QueueConfiguration[_].Queue == STRING
input.Body.NotificationConfiguration.QueueConfiguration[_].Event[_] == enum_Event[_]
input.Body.NotificationConfiguration.QueueConfiguration[_].Filter.S3Key.FilterRule[_].Name == enum_FilterRuleName[_]
input.Body.NotificationConfiguration.QueueConfiguration[_].Filter.S3Key.FilterRule[_].Value == STRING
input.Body.NotificationConfiguration.CloudFunctionConfiguration[_].Id == STRING
input.Body.NotificationConfiguration.CloudFunctionConfiguration[_].CloudFunction == STRING
input.Body.NotificationConfiguration.CloudFunctionConfiguration[_].Event[_] == enum_Event[_]
input.Body.NotificationConfiguration.CloudFunctionConfiguration[_].Filter.S3Key.FilterRule[_].Name == enum_FilterRuleName[_]
input.Body.NotificationConfiguration.CloudFunctionConfiguration[_].Filter.S3Key.FilterRule[_].Value == STRING
input.Body.NotificationConfiguration.EventBridgeConfiguration == {}
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketOwnershipControls
enum_ObjectOwnership := [ "BucketOwnerPreferred", "ObjectWriter", "BucketOwnerEnforced" ]
valid {
input.Body.OwnershipControls.Rule[_].ObjectOwnership == enum_ObjectOwnership[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketPolicy
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
valid {
input.Body.Policy == STRING
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketReplication
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_DeleteMarkerReplicationStatus := [ "Enabled", "Disabled" ]
enum_ExistingObjectReplicationStatus := [ "Enabled", "Disabled" ]
enum_MetricsStatus := [ "Enabled", "Disabled" ]
enum_OwnerOverride := [ "Destination" ]
enum_ReplicaModificationsStatus := [ "Enabled", "Disabled" ]
enum_ReplicationRuleStatus := [ "Enabled", "Disabled" ]
enum_ReplicationTimeStatus := [ "Enabled", "Disabled" ]
enum_SseKmsEncryptedObjectsStatus := [ "Enabled", "Disabled" ]
enum_StorageClass := [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE" ]
valid {
input.Body.ReplicationConfiguration.Role == STRING
input.Body.ReplicationConfiguration.Rule[_].ID == STRING
input.Body.ReplicationConfiguration.Rule[_].Priority == INTEGER
input.Body.ReplicationConfiguration.Rule[_].Prefix == STRING
input.Body.ReplicationConfiguration.Rule[_].Filter.Prefix == STRING
input.Body.ReplicationConfiguration.Rule[_].Filter.Tag.Key == STRING
input.Body.ReplicationConfiguration.Rule[_].Filter.Tag.Value == STRING
input.Body.ReplicationConfiguration.Rule[_].Filter.And.Prefix == STRING
input.Body.ReplicationConfiguration.Rule[_].Filter.And.Tag[_].Key == STRING
input.Body.ReplicationConfiguration.Rule[_].Filter.And.Tag[_].Value == STRING
input.Body.ReplicationConfiguration.Rule[_].Status == enum_ReplicationRuleStatus[_]
input.Body.ReplicationConfiguration.Rule[_].SourceSelectionCriteria.SseKmsEncryptedObjects.Status == enum_SseKmsEncryptedObjectsStatus[_]
input.Body.ReplicationConfiguration.Rule[_].SourceSelectionCriteria.ReplicaModifications.Status == enum_ReplicaModificationsStatus[_]
input.Body.ReplicationConfiguration.Rule[_].ExistingObjectReplication.Status == enum_ExistingObjectReplicationStatus[_]
input.Body.ReplicationConfiguration.Rule[_].Destination.Bucket == STRING
input.Body.ReplicationConfiguration.Rule[_].Destination.Account == STRING
input.Body.ReplicationConfiguration.Rule[_].Destination.StorageClass == enum_StorageClass[_]
input.Body.ReplicationConfiguration.Rule[_].Destination.AccessControlTranslation.Owner == enum_OwnerOverride[_]
input.Body.ReplicationConfiguration.Rule[_].Destination.EncryptionConfiguration.ReplicaKmsKeyID == STRING
input.Body.ReplicationConfiguration.Rule[_].Destination.ReplicationTime.Status == enum_ReplicationTimeStatus[_]
input.Body.ReplicationConfiguration.Rule[_].Destination.ReplicationTime.Time.Minutes == INTEGER
input.Body.ReplicationConfiguration.Rule[_].Destination.Metrics.Status == enum_MetricsStatus[_]
input.Body.ReplicationConfiguration.Rule[_].Destination.Metrics.EventThreshold.Minutes == INTEGER
input.Body.ReplicationConfiguration.Rule[_].DeleteMarkerReplication.Status == enum_DeleteMarkerReplicationStatus[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketRequestPayment
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_Payer := [ "Requester", "BucketOwner" ]
valid {
input.Body.RequestPaymentConfiguration.Payer == enum_Payer[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketTagging
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
valid {
input.Body.Tagging.TagSet[_].Key == STRING
input.Body.Tagging.TagSet[_].Value == STRING
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketVersioning
enum_BucketVersioningStatus := [ "Enabled", "Suspended" ]
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_MFADelete := [ "Enabled", "Disabled" ]
valid {
input.Body.VersioningConfiguration.MfaDelete == enum_MFADelete[_]
input.Body.VersioningConfiguration.Status == enum_BucketVersioningStatus[_]
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutBucketWebsite
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_Protocol := [ "http", "https" ]
valid {
input.Body.WebsiteConfiguration.ErrorDocument.Key == STRING
input.Body.WebsiteConfiguration.IndexDocument.Suffix == STRING
input.Body.WebsiteConfiguration.RedirectAllRequestsTo.HostName == STRING
input.Body.WebsiteConfiguration.RedirectAllRequestsTo.Protocol == enum_Protocol[_]
input.Body.WebsiteConfiguration.RoutingRules[_].Condition.HttpErrorCodeReturnedEquals == STRING
input.Body.WebsiteConfiguration.RoutingRules[_].Condition.KeyPrefixEquals == STRING
input.Body.WebsiteConfiguration.RoutingRules[_].Redirect.HostName == STRING
input.Body.WebsiteConfiguration.RoutingRules[_].Redirect.HttpRedirectCode == STRING
input.Body.WebsiteConfiguration.RoutingRules[_].Redirect.Protocol == enum_Protocol[_]
input.Body.WebsiteConfiguration.RoutingRules[_].Redirect.ReplaceKeyPrefixWith == STRING
input.Body.WebsiteConfiguration.RoutingRules[_].Redirect.ReplaceKeyWith == STRING
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutObject
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ObjectCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read", "aws-exec-read", "bucket-owner-read", "bucket-owner-full-control" ]
enum_ObjectLockLegalHoldStatus := [ "ON", "OFF" ]
enum_ObjectLockMode := [ "GOVERNANCE", "COMPLIANCE" ]
enum_RequestPayer := [ "requester" ]
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
enum_StorageClass := [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE" ]
valid {
input.Body.Body == BLOB
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutObjectAcl
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ObjectCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read", "aws-exec-read", "bucket-owner-read", "bucket-owner-full-control" ]
enum_Permission := [ "FULL_CONTROL", "WRITE", "WRITE_ACP", "READ", "READ_ACP" ]
enum_RequestPayer := [ "requester" ]
enum_Type := [ "CanonicalUser", "AmazonCustomerByEmail", "Group" ]
valid {
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.DisplayName == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.EmailAddress == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.ID == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.xsi:type == enum_Type[_]
input.Body.AccessControlPolicy.AccessControlList[_].Grantee.URI == STRING
input.Body.AccessControlPolicy.AccessControlList[_].Permission == enum_Permission[_]
input.Body.AccessControlPolicy.Owner.DisplayName == STRING
input.Body.AccessControlPolicy.Owner.ID == STRING
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutObjectLegalHold
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ObjectLockLegalHoldStatus := [ "ON", "OFF" ]
enum_RequestPayer := [ "requester" ]
valid {
input.Body.LegalHold.Status == enum_ObjectLockLegalHoldStatus[_]
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutObjectLockConfiguration
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ObjectLockEnabled := [ "Enabled" ]
enum_ObjectLockRetentionMode := [ "GOVERNANCE", "COMPLIANCE" ]
enum_RequestPayer := [ "requester" ]
valid {
input.Body.ObjectLockConfiguration.ObjectLockEnabled == enum_ObjectLockEnabled[_]
input.Body.ObjectLockConfiguration.Rule.DefaultRetention.Mode == enum_ObjectLockRetentionMode[_]
input.Body.ObjectLockConfiguration.Rule.DefaultRetention.Days == INTEGER
input.Body.ObjectLockConfiguration.Rule.DefaultRetention.Years == INTEGER
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutObjectRetention
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_ObjectLockRetentionMode := [ "GOVERNANCE", "COMPLIANCE" ]
enum_RequestPayer := [ "requester" ]
valid {
input.Body.Retention.Mode == enum_ObjectLockRetentionMode[_]
input.Body.Retention.RetainUntilDate == TIMESTAMP
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutObjectTagging
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_RequestPayer := [ "requester" ]
valid {
input.Body.Tagging.TagSet[_].Key == STRING
input.Body.Tagging.TagSet[_].Value == STRING
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutPublicAccessBlock
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
valid {
input.Body.PublicAccessBlockConfiguration.BlockPublicAcls == BOOLEAN
input.Body.PublicAccessBlockConfiguration.IgnorePublicAcls == BOOLEAN
input.Body.PublicAccessBlockConfiguration.BlockPublicPolicy == BOOLEAN
input.Body.PublicAccessBlockConfiguration.RestrictPublicBuckets == BOOLEAN
input.ReqMap.Bucket == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RestoreObject
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_CompressionType := [ "NONE", "GZIP", "BZIP2" ]
enum_ExpressionType := [ "SQL" ]
enum_FileHeaderInfo := [ "USE", "IGNORE", "NONE" ]
enum_JSONType := [ "DOCUMENT", "LINES" ]
enum_ObjectCannedACL := [ "private", "public-read", "public-read-write", "authenticated-read", "aws-exec-read", "bucket-owner-read", "bucket-owner-full-control" ]
enum_Permission := [ "FULL_CONTROL", "WRITE", "WRITE_ACP", "READ", "READ_ACP" ]
enum_QuoteFields := [ "ALWAYS", "ASNEEDED" ]
enum_RequestPayer := [ "requester" ]
enum_RestoreRequestType := [ "SELECT" ]
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
enum_StorageClass := [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE" ]
enum_Tier := [ "Standard", "Bulk", "Expedited" ]
enum_Type := [ "CanonicalUser", "AmazonCustomerByEmail", "Group" ]
valid {
input.Body.RestoreRequest.Days == INTEGER
input.Body.RestoreRequest.GlacierJobParameters.Tier == enum_Tier[_]
input.Body.RestoreRequest.Type == enum_RestoreRequestType[_]
input.Body.RestoreRequest.Tier == enum_Tier[_]
input.Body.RestoreRequest.Description == STRING
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.FileHeaderInfo == enum_FileHeaderInfo[_]
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.Comments == STRING
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.QuoteEscapeCharacter == STRING
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.RecordDelimiter == STRING
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.FieldDelimiter == STRING
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.QuoteCharacter == STRING
input.Body.RestoreRequest.SelectParameters.InputSerialization.CSV.AllowQuotedRecordDelimiter == BOOLEAN
input.Body.RestoreRequest.SelectParameters.InputSerialization.CompressionType == enum_CompressionType[_]
input.Body.RestoreRequest.SelectParameters.InputSerialization.JSON.Type == enum_JSONType[_]
input.Body.RestoreRequest.SelectParameters.InputSerialization.Parquet == {}
input.Body.RestoreRequest.SelectParameters.ExpressionType == enum_ExpressionType[_]
input.Body.RestoreRequest.SelectParameters.Expression == STRING
input.Body.RestoreRequest.SelectParameters.OutputSerialization.CSV.QuoteFields == enum_QuoteFields[_]
input.Body.RestoreRequest.SelectParameters.OutputSerialization.CSV.QuoteEscapeCharacter == STRING
input.Body.RestoreRequest.SelectParameters.OutputSerialization.CSV.RecordDelimiter == STRING
input.Body.RestoreRequest.SelectParameters.OutputSerialization.CSV.FieldDelimiter == STRING
input.Body.RestoreRequest.SelectParameters.OutputSerialization.CSV.QuoteCharacter == STRING
input.Body.RestoreRequest.SelectParameters.OutputSerialization.JSON.RecordDelimiter == STRING
input.Body.RestoreRequest.OutputLocation.S3.BucketName == STRING
input.Body.RestoreRequest.OutputLocation.S3.Prefix == STRING
input.Body.RestoreRequest.OutputLocation.S3.Encryption.EncryptionType == enum_ServerSideEncryption[_]
input.Body.RestoreRequest.OutputLocation.S3.Encryption.KMSKeyId == STRING
input.Body.RestoreRequest.OutputLocation.S3.Encryption.KMSContext == STRING
input.Body.RestoreRequest.OutputLocation.S3.CannedACL == enum_ObjectCannedACL[_]
input.Body.RestoreRequest.OutputLocation.S3.AccessControlList[_].Grantee.DisplayName == STRING
input.Body.RestoreRequest.OutputLocation.S3.AccessControlList[_].Grantee.EmailAddress == STRING
input.Body.RestoreRequest.OutputLocation.S3.AccessControlList[_].Grantee.ID == STRING
input.Body.RestoreRequest.OutputLocation.S3.AccessControlList[_].Grantee.xsi:type == enum_Type[_]
input.Body.RestoreRequest.OutputLocation.S3.AccessControlList[_].Grantee.URI == STRING
input.Body.RestoreRequest.OutputLocation.S3.AccessControlList[_].Permission == enum_Permission[_]
input.Body.RestoreRequest.OutputLocation.S3.Tagging.TagSet[_].Key == STRING
input.Body.RestoreRequest.OutputLocation.S3.Tagging.TagSet[_].Value == STRING
input.Body.RestoreRequest.OutputLocation.S3.UserMetadata[_].Name == STRING
input.Body.RestoreRequest.OutputLocation.S3.UserMetadata[_].Value == STRING
input.Body.RestoreRequest.OutputLocation.S3.StorageClass == enum_StorageClass[_]
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.versionId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
SelectObjectContent
enum_CompressionType := [ "NONE", "GZIP", "BZIP2" ]
enum_ExpressionType := [ "SQL" ]
enum_FileHeaderInfo := [ "USE", "IGNORE", "NONE" ]
enum_JSONType := [ "DOCUMENT", "LINES" ]
enum_QuoteFields := [ "ALWAYS", "ASNEEDED" ]
valid {
input.Body.Expression == STRING
input.Body.ExpressionType == enum_ExpressionType[_]
input.Body.RequestProgress.Enabled == BOOLEAN
input.Body.InputSerialization.CSV.FileHeaderInfo == enum_FileHeaderInfo[_]
input.Body.InputSerialization.CSV.Comments == STRING
input.Body.InputSerialization.CSV.QuoteEscapeCharacter == STRING
input.Body.InputSerialization.CSV.RecordDelimiter == STRING
input.Body.InputSerialization.CSV.FieldDelimiter == STRING
input.Body.InputSerialization.CSV.QuoteCharacter == STRING
input.Body.InputSerialization.CSV.AllowQuotedRecordDelimiter == BOOLEAN
input.Body.InputSerialization.CompressionType == enum_CompressionType[_]
input.Body.InputSerialization.JSON.Type == enum_JSONType[_]
input.Body.InputSerialization.Parquet == {}
input.Body.OutputSerialization.CSV.QuoteFields == enum_QuoteFields[_]
input.Body.OutputSerialization.CSV.QuoteEscapeCharacter == STRING
input.Body.OutputSerialization.CSV.RecordDelimiter == STRING
input.Body.OutputSerialization.CSV.FieldDelimiter == STRING
input.Body.OutputSerialization.CSV.QuoteCharacter == STRING
input.Body.OutputSerialization.JSON.RecordDelimiter == STRING
input.Body.ScanRange.Start == LONG
input.Body.ScanRange.End == LONG
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UploadPart
enum_ChecksumAlgorithm := [ "CRC32", "CRC32C", "SHA1", "SHA256" ]
enum_RequestPayer := [ "requester" ]
valid {
input.Body.Body == BLOB
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.partNumber == INTEGER
input.Qs.uploadId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UploadPartCopy
enum_RequestPayer := [ "requester" ]
valid {
input.ReqMap.Bucket == STRING
input.ReqMap.Key == STRING
input.Qs.partNumber == INTEGER
input.Qs.uploadId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
WriteGetObjectResponse
enum_ObjectLockLegalHoldStatus := [ "ON", "OFF" ]
enum_ObjectLockMode := [ "GOVERNANCE", "COMPLIANCE" ]
enum_ReplicationStatus := [ "COMPLETE", "PENDING", "FAILED", "REPLICA", "COMPLETED" ]
enum_RequestCharged := [ "requester" ]
enum_ServerSideEncryption := [ "AES256", "aws:kms", "aws:kms:dsse" ]
enum_StorageClass := [ "STANDARD", "REDUCED_REDUNDANCY", "STANDARD_IA", "ONEZONE_IA", "INTELLIGENT_TIERING", "GLACIER", "DEEP_ARCHIVE", "OUTPOSTS", "GLACIER_IR", "SNOW", "EXPRESS_ONEZONE" ]
valid {
input.Body.Body == BLOB
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 1 day ago