CreateAccess

enum_HomeDirectoryType := [ "PATH", "LOGICAL" ]
enum_MapType := [ "FILE", "DIRECTORY" ]

valid {
    input.Body.HomeDirectory == STRING
    input.Body.HomeDirectoryType == enum_HomeDirectoryType[_]
    input.Body.HomeDirectoryMappings[_].Entry == STRING
    input.Body.HomeDirectoryMappings[_].Target == STRING
    input.Body.HomeDirectoryMappings[_].Type == enum_MapType[_]
    input.Body.Policy == STRING
    input.Body.PosixProfile.Uid == LONG
    input.Body.PosixProfile.Gid == LONG
    input.Body.PosixProfile.SecondaryGids[_] == LONG
    input.Body.Role == STRING
    input.Body.ServerId == STRING
    input.Body.ExternalId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateAgreement

enum_AgreementStatusType := [ "ACTIVE", "INACTIVE" ]

valid {
    input.Body.Description == STRING
    input.Body.ServerId == STRING
    input.Body.LocalProfileId == STRING
    input.Body.PartnerProfileId == STRING
    input.Body.BaseDirectory == STRING
    input.Body.AccessRole == STRING
    input.Body.Status == enum_AgreementStatusType[_]
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateConnector

enum_CompressionEnum := [ "ZLIB", "DISABLED" ]
enum_EncryptionAlg := [ "AES128_CBC", "AES192_CBC", "AES256_CBC", "NONE" ]
enum_MdnResponse := [ "SYNC", "NONE" ]
enum_MdnSigningAlg := [ "SHA256", "SHA384", "SHA512", "SHA1", "NONE", "DEFAULT" ]
enum_SigningAlg := [ "SHA256", "SHA384", "SHA512", "SHA1", "NONE" ]

valid {
    input.Body.Url == STRING
    input.Body.As2Config.LocalProfileId == STRING
    input.Body.As2Config.PartnerProfileId == STRING
    input.Body.As2Config.MessageSubject == STRING
    input.Body.As2Config.Compression == enum_CompressionEnum[_]
    input.Body.As2Config.EncryptionAlgorithm == enum_EncryptionAlg[_]
    input.Body.As2Config.SigningAlgorithm == enum_SigningAlg[_]
    input.Body.As2Config.MdnSigningAlgorithm == enum_MdnSigningAlg[_]
    input.Body.As2Config.MdnResponse == enum_MdnResponse[_]
    input.Body.As2Config.BasicAuthSecretId == STRING
    input.Body.AccessRole == STRING
    input.Body.LoggingRole == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.Body.SftpConfig.UserSecretId == STRING
    input.Body.SftpConfig.TrustedHostKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateProfile

enum_ProfileType := [ "LOCAL", "PARTNER" ]

valid {
    input.Body.As2Id == STRING
    input.Body.ProfileType == enum_ProfileType[_]
    input.Body.CertificateIds[_] == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateServer

enum_As2Transport := [ "HTTP" ]
enum_DirectoryListingOptimization := [ "ENABLED", "DISABLED" ]
enum_Domain := [ "S3", "EFS" ]
enum_EndpointType := [ "PUBLIC", "VPC", "VPC_ENDPOINT" ]
enum_IdentityProviderType := [ "SERVICE_MANAGED", "API_GATEWAY", "AWS_DIRECTORY_SERVICE", "AWS_LAMBDA" ]
enum_Protocol := [ "SFTP", "FTP", "FTPS", "AS2" ]
enum_SetStatOption := [ "DEFAULT", "ENABLE_NO_OP" ]
enum_SftpAuthenticationMethods := [ "PASSWORD", "PUBLIC_KEY", "PUBLIC_KEY_OR_PASSWORD", "PUBLIC_KEY_AND_PASSWORD" ]
enum_TlsSessionResumptionMode := [ "DISABLED", "ENABLED", "ENFORCED" ]

valid {
    input.Body.Certificate == STRING
    input.Body.Domain == enum_Domain[_]
    input.Body.EndpointDetails.AddressAllocationIds[_] == STRING
    input.Body.EndpointDetails.SubnetIds[_] == STRING
    input.Body.EndpointDetails.VpcEndpointId == STRING
    input.Body.EndpointDetails.VpcId == STRING
    input.Body.EndpointDetails.SecurityGroupIds[_] == STRING
    input.Body.EndpointType == enum_EndpointType[_]
    input.Body.HostKey == STRING
    input.Body.IdentityProviderDetails.Url == STRING
    input.Body.IdentityProviderDetails.InvocationRole == STRING
    input.Body.IdentityProviderDetails.DirectoryId == STRING
    input.Body.IdentityProviderDetails.Function == STRING
    input.Body.IdentityProviderDetails.SftpAuthenticationMethods == enum_SftpAuthenticationMethods[_]
    input.Body.IdentityProviderType == enum_IdentityProviderType[_]
    input.Body.LoggingRole == STRING
    input.Body.PostAuthenticationLoginBanner == STRING
    input.Body.PreAuthenticationLoginBanner == STRING
    input.Body.Protocols[_] == enum_Protocol[_]
    input.Body.ProtocolDetails.PassiveIp == STRING
    input.Body.ProtocolDetails.TlsSessionResumptionMode == enum_TlsSessionResumptionMode[_]
    input.Body.ProtocolDetails.SetStatOption == enum_SetStatOption[_]
    input.Body.ProtocolDetails.As2Transports[_] == enum_As2Transport[_]
    input.Body.SecurityPolicyName == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.Body.WorkflowDetails.OnUpload[_].WorkflowId == STRING
    input.Body.WorkflowDetails.OnUpload[_].ExecutionRole == STRING
    input.Body.WorkflowDetails.OnPartialUpload[_].WorkflowId == STRING
    input.Body.WorkflowDetails.OnPartialUpload[_].ExecutionRole == STRING
    input.Body.StructuredLogDestinations[_] == STRING
    input.Body.S3StorageOptions.DirectoryListingOptimization == enum_DirectoryListingOptimization[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateUser

enum_HomeDirectoryType := [ "PATH", "LOGICAL" ]
enum_MapType := [ "FILE", "DIRECTORY" ]

valid {
    input.Body.HomeDirectory == STRING
    input.Body.HomeDirectoryType == enum_HomeDirectoryType[_]
    input.Body.HomeDirectoryMappings[_].Entry == STRING
    input.Body.HomeDirectoryMappings[_].Target == STRING
    input.Body.HomeDirectoryMappings[_].Type == enum_MapType[_]
    input.Body.Policy == STRING
    input.Body.PosixProfile.Uid == LONG
    input.Body.PosixProfile.Gid == LONG
    input.Body.PosixProfile.SecondaryGids[_] == LONG
    input.Body.Role == STRING
    input.Body.ServerId == STRING
    input.Body.SshPublicKeyBody == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.Body.UserName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateWorkflow

enum_EncryptionType := [ "PGP" ]
enum_OverwriteExisting := [ "TRUE", "FALSE" ]
enum_WorkflowStepType := [ "COPY", "CUSTOM", "TAG", "DELETE", "DECRYPT" ]

valid {
    input.Body.Description == STRING
    input.Body.Steps[_].Type == enum_WorkflowStepType[_]
    input.Body.Steps[_].CopyStepDetails.Name == STRING
    input.Body.Steps[_].CopyStepDetails.DestinationFileLocation.S3FileLocation.Bucket == STRING
    input.Body.Steps[_].CopyStepDetails.DestinationFileLocation.S3FileLocation.Key == STRING
    input.Body.Steps[_].CopyStepDetails.DestinationFileLocation.EfsFileLocation.FileSystemId == STRING
    input.Body.Steps[_].CopyStepDetails.DestinationFileLocation.EfsFileLocation.Path == STRING
    input.Body.Steps[_].CopyStepDetails.OverwriteExisting == enum_OverwriteExisting[_]
    input.Body.Steps[_].CopyStepDetails.SourceFileLocation == STRING
    input.Body.Steps[_].CustomStepDetails.Name == STRING
    input.Body.Steps[_].CustomStepDetails.Target == STRING
    input.Body.Steps[_].CustomStepDetails.TimeoutSeconds == INTEGER
    input.Body.Steps[_].CustomStepDetails.SourceFileLocation == STRING
    input.Body.Steps[_].DeleteStepDetails.Name == STRING
    input.Body.Steps[_].DeleteStepDetails.SourceFileLocation == STRING
    input.Body.Steps[_].TagStepDetails.Name == STRING
    input.Body.Steps[_].TagStepDetails.Tags[_].Key == STRING
    input.Body.Steps[_].TagStepDetails.Tags[_].Value == STRING
    input.Body.Steps[_].TagStepDetails.SourceFileLocation == STRING
    input.Body.Steps[_].DecryptStepDetails.Name == STRING
    input.Body.Steps[_].DecryptStepDetails.Type == enum_EncryptionType[_]
    input.Body.Steps[_].DecryptStepDetails.SourceFileLocation == STRING
    input.Body.Steps[_].DecryptStepDetails.OverwriteExisting == enum_OverwriteExisting[_]
    input.Body.Steps[_].DecryptStepDetails.DestinationFileLocation.S3FileLocation.Bucket == STRING
    input.Body.Steps[_].DecryptStepDetails.DestinationFileLocation.S3FileLocation.Key == STRING
    input.Body.Steps[_].DecryptStepDetails.DestinationFileLocation.EfsFileLocation.FileSystemId == STRING
    input.Body.Steps[_].DecryptStepDetails.DestinationFileLocation.EfsFileLocation.Path == STRING
    input.Body.OnExceptionSteps[_].Type == enum_WorkflowStepType[_]
    input.Body.OnExceptionSteps[_].CopyStepDetails.Name == STRING
    input.Body.OnExceptionSteps[_].CopyStepDetails.DestinationFileLocation.S3FileLocation.Bucket == STRING
    input.Body.OnExceptionSteps[_].CopyStepDetails.DestinationFileLocation.S3FileLocation.Key == STRING
    input.Body.OnExceptionSteps[_].CopyStepDetails.DestinationFileLocation.EfsFileLocation.FileSystemId == STRING
    input.Body.OnExceptionSteps[_].CopyStepDetails.DestinationFileLocation.EfsFileLocation.Path == STRING
    input.Body.OnExceptionSteps[_].CopyStepDetails.OverwriteExisting == enum_OverwriteExisting[_]
    input.Body.OnExceptionSteps[_].CopyStepDetails.SourceFileLocation == STRING
    input.Body.OnExceptionSteps[_].CustomStepDetails.Name == STRING
    input.Body.OnExceptionSteps[_].CustomStepDetails.Target == STRING
    input.Body.OnExceptionSteps[_].CustomStepDetails.TimeoutSeconds == INTEGER
    input.Body.OnExceptionSteps[_].CustomStepDetails.SourceFileLocation == STRING
    input.Body.OnExceptionSteps[_].DeleteStepDetails.Name == STRING
    input.Body.OnExceptionSteps[_].DeleteStepDetails.SourceFileLocation == STRING
    input.Body.OnExceptionSteps[_].TagStepDetails.Name == STRING
    input.Body.OnExceptionSteps[_].TagStepDetails.Tags[_].Key == STRING
    input.Body.OnExceptionSteps[_].TagStepDetails.Tags[_].Value == STRING
    input.Body.OnExceptionSteps[_].TagStepDetails.SourceFileLocation == STRING
    input.Body.OnExceptionSteps[_].DecryptStepDetails.Name == STRING
    input.Body.OnExceptionSteps[_].DecryptStepDetails.Type == enum_EncryptionType[_]
    input.Body.OnExceptionSteps[_].DecryptStepDetails.SourceFileLocation == STRING
    input.Body.OnExceptionSteps[_].DecryptStepDetails.OverwriteExisting == enum_OverwriteExisting[_]
    input.Body.OnExceptionSteps[_].DecryptStepDetails.DestinationFileLocation.S3FileLocation.Bucket == STRING
    input.Body.OnExceptionSteps[_].DecryptStepDetails.DestinationFileLocation.S3FileLocation.Key == STRING
    input.Body.OnExceptionSteps[_].DecryptStepDetails.DestinationFileLocation.EfsFileLocation.FileSystemId == STRING
    input.Body.OnExceptionSteps[_].DecryptStepDetails.DestinationFileLocation.EfsFileLocation.Path == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAccess

valid {
    input.Body.ServerId == STRING
    input.Body.ExternalId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteAgreement

valid {
    input.Body.AgreementId == STRING
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteCertificate

valid {
    input.Body.CertificateId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteConnector

valid {
    input.Body.ConnectorId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteHostKey

valid {
    input.Body.ServerId == STRING
    input.Body.HostKeyId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteProfile

valid {
    input.Body.ProfileId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteServer

valid {
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteSshPublicKey

valid {
    input.Body.ServerId == STRING
    input.Body.SshPublicKeyId == STRING
    input.Body.UserName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteUser

valid {
    input.Body.ServerId == STRING
    input.Body.UserName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteWorkflow

valid {
    input.Body.WorkflowId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAccess

valid {
    input.Body.ServerId == STRING
    input.Body.ExternalId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeAgreement

valid {
    input.Body.AgreementId == STRING
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeCertificate

valid {
    input.Body.CertificateId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeConnector

valid {
    input.Body.ConnectorId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeExecution

valid {
    input.Body.ExecutionId == STRING
    input.Body.WorkflowId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeHostKey

valid {
    input.Body.ServerId == STRING
    input.Body.HostKeyId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeProfile

valid {
    input.Body.ProfileId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeSecurityPolicy

valid {
    input.Body.SecurityPolicyName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeServer

valid {
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeUser

valid {
    input.Body.ServerId == STRING
    input.Body.UserName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DescribeWorkflow

valid {
    input.Body.WorkflowId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportCertificate

enum_CertificateUsageType := [ "SIGNING", "ENCRYPTION" ]

valid {
    input.Body.Usage == enum_CertificateUsageType[_]
    input.Body.Certificate == STRING
    input.Body.CertificateChain == STRING
    input.Body.PrivateKey == STRING
    input.Body.ActiveDate == TIMESTAMP
    input.Body.InactiveDate == TIMESTAMP
    input.Body.Description == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportHostKey

valid {
    input.Body.ServerId == STRING
    input.Body.HostKeyBody == STRING
    input.Body.Description == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ImportSshPublicKey

valid {
    input.Body.ServerId == STRING
    input.Body.SshPublicKeyBody == STRING
    input.Body.UserName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAccesses

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListAgreements

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListCertificates

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListConnectors

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListExecutions

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.WorkflowId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListHostKeys

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListProfiles

enum_ProfileType := [ "LOCAL", "PARTNER" ]

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.ProfileType == enum_ProfileType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListSecurityPolicies

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListServers

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.Body.Arn == STRING
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListUsers

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListWorkflows

valid {
    input.Body.MaxResults == INTEGER
    input.Body.NextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

SendWorkflowStepState

enum_CustomStepStatus := [ "SUCCESS", "FAILURE" ]

valid {
    input.Body.WorkflowId == STRING
    input.Body.ExecutionId == STRING
    input.Body.Token == STRING
    input.Body.Status == enum_CustomStepStatus[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartFileTransfer

valid {
    input.Body.ConnectorId == STRING
    input.Body.SendFilePaths[_] == STRING
    input.Body.RetrieveFilePaths[_] == STRING
    input.Body.LocalDirectoryPath == STRING
    input.Body.RemoteDirectoryPath == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StartServer

valid {
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

StopServer

valid {
    input.Body.ServerId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.Arn == STRING
    input.Body.Tags[_].Key == STRING
    input.Body.Tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TestConnection

valid {
    input.Body.ConnectorId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TestIdentityProvider

enum_Protocol := [ "SFTP", "FTP", "FTPS", "AS2" ]

valid {
    input.Body.ServerId == STRING
    input.Body.ServerProtocol == enum_Protocol[_]
    input.Body.SourceIp == STRING
    input.Body.UserName == STRING
    input.Body.UserPassword == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.Body.Arn == STRING
    input.Body.TagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAccess

enum_HomeDirectoryType := [ "PATH", "LOGICAL" ]
enum_MapType := [ "FILE", "DIRECTORY" ]

valid {
    input.Body.HomeDirectory == STRING
    input.Body.HomeDirectoryType == enum_HomeDirectoryType[_]
    input.Body.HomeDirectoryMappings[_].Entry == STRING
    input.Body.HomeDirectoryMappings[_].Target == STRING
    input.Body.HomeDirectoryMappings[_].Type == enum_MapType[_]
    input.Body.Policy == STRING
    input.Body.PosixProfile.Uid == LONG
    input.Body.PosixProfile.Gid == LONG
    input.Body.PosixProfile.SecondaryGids[_] == LONG
    input.Body.Role == STRING
    input.Body.ServerId == STRING
    input.Body.ExternalId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateAgreement

enum_AgreementStatusType := [ "ACTIVE", "INACTIVE" ]

valid {
    input.Body.AgreementId == STRING
    input.Body.ServerId == STRING
    input.Body.Description == STRING
    input.Body.Status == enum_AgreementStatusType[_]
    input.Body.LocalProfileId == STRING
    input.Body.PartnerProfileId == STRING
    input.Body.BaseDirectory == STRING
    input.Body.AccessRole == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateCertificate

valid {
    input.Body.CertificateId == STRING
    input.Body.ActiveDate == TIMESTAMP
    input.Body.InactiveDate == TIMESTAMP
    input.Body.Description == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateConnector

enum_CompressionEnum := [ "ZLIB", "DISABLED" ]
enum_EncryptionAlg := [ "AES128_CBC", "AES192_CBC", "AES256_CBC", "NONE" ]
enum_MdnResponse := [ "SYNC", "NONE" ]
enum_MdnSigningAlg := [ "SHA256", "SHA384", "SHA512", "SHA1", "NONE", "DEFAULT" ]
enum_SigningAlg := [ "SHA256", "SHA384", "SHA512", "SHA1", "NONE" ]

valid {
    input.Body.ConnectorId == STRING
    input.Body.Url == STRING
    input.Body.As2Config.LocalProfileId == STRING
    input.Body.As2Config.PartnerProfileId == STRING
    input.Body.As2Config.MessageSubject == STRING
    input.Body.As2Config.Compression == enum_CompressionEnum[_]
    input.Body.As2Config.EncryptionAlgorithm == enum_EncryptionAlg[_]
    input.Body.As2Config.SigningAlgorithm == enum_SigningAlg[_]
    input.Body.As2Config.MdnSigningAlgorithm == enum_MdnSigningAlg[_]
    input.Body.As2Config.MdnResponse == enum_MdnResponse[_]
    input.Body.As2Config.BasicAuthSecretId == STRING
    input.Body.AccessRole == STRING
    input.Body.LoggingRole == STRING
    input.Body.SftpConfig.UserSecretId == STRING
    input.Body.SftpConfig.TrustedHostKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateHostKey

valid {
    input.Body.ServerId == STRING
    input.Body.HostKeyId == STRING
    input.Body.Description == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateProfile

valid {
    input.Body.ProfileId == STRING
    input.Body.CertificateIds[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateServer

enum_As2Transport := [ "HTTP" ]
enum_DirectoryListingOptimization := [ "ENABLED", "DISABLED" ]
enum_EndpointType := [ "PUBLIC", "VPC", "VPC_ENDPOINT" ]
enum_Protocol := [ "SFTP", "FTP", "FTPS", "AS2" ]
enum_SetStatOption := [ "DEFAULT", "ENABLE_NO_OP" ]
enum_SftpAuthenticationMethods := [ "PASSWORD", "PUBLIC_KEY", "PUBLIC_KEY_OR_PASSWORD", "PUBLIC_KEY_AND_PASSWORD" ]
enum_TlsSessionResumptionMode := [ "DISABLED", "ENABLED", "ENFORCED" ]

valid {
    input.Body.Certificate == STRING
    input.Body.ProtocolDetails.PassiveIp == STRING
    input.Body.ProtocolDetails.TlsSessionResumptionMode == enum_TlsSessionResumptionMode[_]
    input.Body.ProtocolDetails.SetStatOption == enum_SetStatOption[_]
    input.Body.ProtocolDetails.As2Transports[_] == enum_As2Transport[_]
    input.Body.EndpointDetails.AddressAllocationIds[_] == STRING
    input.Body.EndpointDetails.SubnetIds[_] == STRING
    input.Body.EndpointDetails.VpcEndpointId == STRING
    input.Body.EndpointDetails.VpcId == STRING
    input.Body.EndpointDetails.SecurityGroupIds[_] == STRING
    input.Body.EndpointType == enum_EndpointType[_]
    input.Body.HostKey == STRING
    input.Body.IdentityProviderDetails.Url == STRING
    input.Body.IdentityProviderDetails.InvocationRole == STRING
    input.Body.IdentityProviderDetails.DirectoryId == STRING
    input.Body.IdentityProviderDetails.Function == STRING
    input.Body.IdentityProviderDetails.SftpAuthenticationMethods == enum_SftpAuthenticationMethods[_]
    input.Body.LoggingRole == STRING
    input.Body.PostAuthenticationLoginBanner == STRING
    input.Body.PreAuthenticationLoginBanner == STRING
    input.Body.Protocols[_] == enum_Protocol[_]
    input.Body.SecurityPolicyName == STRING
    input.Body.ServerId == STRING
    input.Body.WorkflowDetails.OnUpload[_].WorkflowId == STRING
    input.Body.WorkflowDetails.OnUpload[_].ExecutionRole == STRING
    input.Body.WorkflowDetails.OnPartialUpload[_].WorkflowId == STRING
    input.Body.WorkflowDetails.OnPartialUpload[_].ExecutionRole == STRING
    input.Body.StructuredLogDestinations[_] == STRING
    input.Body.S3StorageOptions.DirectoryListingOptimization == enum_DirectoryListingOptimization[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateUser

enum_HomeDirectoryType := [ "PATH", "LOGICAL" ]
enum_MapType := [ "FILE", "DIRECTORY" ]

valid {
    input.Body.HomeDirectory == STRING
    input.Body.HomeDirectoryType == enum_HomeDirectoryType[_]
    input.Body.HomeDirectoryMappings[_].Entry == STRING
    input.Body.HomeDirectoryMappings[_].Target == STRING
    input.Body.HomeDirectoryMappings[_].Type == enum_MapType[_]
    input.Body.Policy == STRING
    input.Body.PosixProfile.Uid == LONG
    input.Body.PosixProfile.Gid == LONG
    input.Body.PosixProfile.SecondaryGids[_] == LONG
    input.Body.Role == STRING
    input.Body.ServerId == STRING
    input.Body.UserName == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}