WORKMAIL
AssociateDelegateToResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.EntityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AssociateMemberToGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.MemberId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
AssumeImpersonationRole
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CancelMailboxExportJob
valid {
input.Body.ClientToken == STRING
input.Body.JobId == STRING
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateAlias
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Alias == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateAvailabilityConfiguration
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.Body.EwsProvider.EwsEndpoint == STRING
input.Body.EwsProvider.EwsUsername == STRING
input.Body.EwsProvider.EwsPassword == STRING
input.Body.LambdaProvider.LambdaArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateGroup
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateIdentityCenterApplication
valid {
input.Body.Name == STRING
input.Body.InstanceArn == STRING
input.Body.ClientToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateImpersonationRole
enum_AccessEffect := [ "ALLOW", "DENY" ]
enum_ImpersonationRoleType := [ "FULL_ACCESS", "READ_ONLY" ]
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.Type == enum_ImpersonationRoleType[_]
input.Body.Description == STRING
input.Body.Rules[_].ImpersonationRuleId == STRING
input.Body.Rules[_].Name == STRING
input.Body.Rules[_].Description == STRING
input.Body.Rules[_].Effect == enum_AccessEffect[_]
input.Body.Rules[_].TargetUsers[_] == STRING
input.Body.Rules[_].NotTargetUsers[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateMobileDeviceAccessRule
enum_MobileDeviceAccessRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.ClientToken == STRING
input.Body.Name == STRING
input.Body.Description == STRING
input.Body.Effect == enum_MobileDeviceAccessRuleEffect[_]
input.Body.DeviceTypes[_] == STRING
input.Body.NotDeviceTypes[_] == STRING
input.Body.DeviceModels[_] == STRING
input.Body.NotDeviceModels[_] == STRING
input.Body.DeviceOperatingSystems[_] == STRING
input.Body.NotDeviceOperatingSystems[_] == STRING
input.Body.DeviceUserAgents[_] == STRING
input.Body.NotDeviceUserAgents[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateOrganization
valid {
input.Body.DirectoryId == STRING
input.Body.Alias == STRING
input.Body.ClientToken == STRING
input.Body.Domains[_].DomainName == STRING
input.Body.Domains[_].HostedZoneId == STRING
input.Body.KmsKeyArn == STRING
input.Body.EnableInteroperability == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateResource
enum_ResourceType := [ "ROOM", "EQUIPMENT" ]
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.Type == enum_ResourceType[_]
input.Body.Description == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
CreateUser
enum_UserRole := [ "USER", "RESOURCE", "SYSTEM_USER", "REMOTE_USER" ]
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.DisplayName == STRING
input.Body.Password == STRING
input.Body.Role == enum_UserRole[_]
input.Body.FirstName == STRING
input.Body.LastName == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.Body.IdentityProviderUserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAccessControlRule
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAlias
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Alias == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteAvailabilityConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteEmailMonitoringConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteIdentityCenterApplication
valid {
input.Body.ApplicationArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteIdentityProviderConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteImpersonationRole
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteMailboxPermissions
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.GranteeId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteMobileDeviceAccessOverride
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteMobileDeviceAccessRule
valid {
input.Body.OrganizationId == STRING
input.Body.MobileDeviceAccessRuleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteOrganization
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.DeleteDirectory == BOOLEAN
input.Body.ForceDelete == BOOLEAN
input.Body.DeleteIdentityCenterApplication == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeletePersonalAccessToken
valid {
input.Body.OrganizationId == STRING
input.Body.PersonalAccessTokenId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteRetentionPolicy
valid {
input.Body.OrganizationId == STRING
input.Body.Id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeleteUser
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeregisterFromWorkMail
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DeregisterMailDomain
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeEmailMonitoringConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeEntity
valid {
input.Body.OrganizationId == STRING
input.Body.Email == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeIdentityProviderConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeInboundDmarcSettings
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeMailboxExportJob
valid {
input.Body.JobId == STRING
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeOrganization
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DescribeUser
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisassociateDelegateFromResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.EntityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
DisassociateMemberFromGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.MemberId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetAccessControlEffect
valid {
input.Body.OrganizationId == STRING
input.Body.IpAddress == STRING
input.Body.Action == STRING
input.Body.UserId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetDefaultRetentionPolicy
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetImpersonationRole
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetImpersonationRoleEffect
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.Body.TargetUser == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetMailDomain
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetMailboxDetails
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetMobileDeviceAccessEffect
valid {
input.Body.OrganizationId == STRING
input.Body.DeviceType == STRING
input.Body.DeviceModel == STRING
input.Body.DeviceOperatingSystem == STRING
input.Body.DeviceUserAgent == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetMobileDeviceAccessOverride
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
GetPersonalAccessTokenMetadata
valid {
input.Body.OrganizationId == STRING
input.Body.PersonalAccessTokenId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListAccessControlRules
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListAliases
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListAvailabilityConfigurations
valid {
input.Body.OrganizationId == STRING
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListGroupMembers
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListGroups
enum_EntityState := [ "ENABLED", "DISABLED", "DELETED" ]
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.Filters.NamePrefix == STRING
input.Body.Filters.PrimaryEmailPrefix == STRING
input.Body.Filters.State == enum_EntityState[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListGroupsForEntity
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Filters.GroupNamePrefix == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListImpersonationRoles
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMailDomains
valid {
input.Body.OrganizationId == STRING
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMailboxExportJobs
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMailboxPermissions
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMobileDeviceAccessOverrides
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListMobileDeviceAccessRules
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListOrganizations
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListPersonalAccessTokens
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListResourceDelegates
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListResources
enum_EntityState := [ "ENABLED", "DISABLED", "DELETED" ]
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.Filters.NamePrefix == STRING
input.Body.Filters.PrimaryEmailPrefix == STRING
input.Body.Filters.State == enum_EntityState[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListTagsForResource
valid {
input.Body.ResourceARN == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ListUsers
enum_EntityState := [ "ENABLED", "DISABLED", "DELETED" ]
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.Filters.UsernamePrefix == STRING
input.Body.Filters.DisplayNamePrefix == STRING
input.Body.Filters.PrimaryEmailPrefix == STRING
input.Body.Filters.State == enum_EntityState[_]
input.Body.Filters.IdentityProviderUserIdPrefix == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutAccessControlRule
enum_AccessControlRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.Name == STRING
input.Body.Effect == enum_AccessControlRuleEffect[_]
input.Body.Description == STRING
input.Body.IpRanges[_] == STRING
input.Body.NotIpRanges[_] == STRING
input.Body.Actions[_] == STRING
input.Body.NotActions[_] == STRING
input.Body.UserIds[_] == STRING
input.Body.NotUserIds[_] == STRING
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleIds[_] == STRING
input.Body.NotImpersonationRoleIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutEmailMonitoringConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.RoleArn == STRING
input.Body.LogGroupArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutIdentityProviderConfiguration
enum_IdentityProviderAuthenticationMode := [ "IDENTITY_PROVIDER_ONLY", "IDENTITY_PROVIDER_AND_DIRECTORY" ]
enum_PersonalAccessTokenConfigurationStatus := [ "ACTIVE", "INACTIVE" ]
valid {
input.Body.OrganizationId == STRING
input.Body.AuthenticationMode == enum_IdentityProviderAuthenticationMode[_]
input.Body.IdentityCenterConfiguration.InstanceArn == STRING
input.Body.IdentityCenterConfiguration.ApplicationArn == STRING
input.Body.PersonalAccessTokenConfiguration.Status == enum_PersonalAccessTokenConfigurationStatus[_]
input.Body.PersonalAccessTokenConfiguration.LifetimeInDays == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutInboundDmarcSettings
valid {
input.Body.OrganizationId == STRING
input.Body.Enforced == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutMailboxPermissions
enum_PermissionType := [ "FULL_ACCESS", "SEND_AS", "SEND_ON_BEHALF" ]
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.GranteeId == STRING
input.Body.PermissionValues[_] == enum_PermissionType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutMobileDeviceAccessOverride
enum_MobileDeviceAccessRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.Body.Effect == enum_MobileDeviceAccessRuleEffect[_]
input.Body.Description == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
PutRetentionPolicy
enum_FolderName := [ "INBOX", "DELETED_ITEMS", "SENT_ITEMS", "DRAFTS", "JUNK_EMAIL" ]
enum_RetentionAction := [ "NONE", "DELETE", "PERMANENTLY_DELETE" ]
valid {
input.Body.OrganizationId == STRING
input.Body.Id == STRING
input.Body.Name == STRING
input.Body.Description == STRING
input.Body.FolderConfigurations[_].Name == enum_FolderName[_]
input.Body.FolderConfigurations[_].Action == enum_RetentionAction[_]
input.Body.FolderConfigurations[_].Period == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RegisterMailDomain
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
RegisterToWorkMail
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Email == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
ResetPassword
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.Password == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
StartMailboxExportJob
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Description == STRING
input.Body.RoleArn == STRING
input.Body.KmsKeyArn == STRING
input.Body.S3BucketName == STRING
input.Body.S3Prefix == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TagResource
valid {
input.Body.ResourceARN == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
TestAvailabilityConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.Body.EwsProvider.EwsEndpoint == STRING
input.Body.EwsProvider.EwsUsername == STRING
input.Body.EwsProvider.EwsPassword == STRING
input.Body.LambdaProvider.LambdaArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UntagResource
valid {
input.Body.ResourceARN == STRING
input.Body.TagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateAvailabilityConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.Body.EwsProvider.EwsEndpoint == STRING
input.Body.EwsProvider.EwsUsername == STRING
input.Body.EwsProvider.EwsPassword == STRING
input.Body.LambdaProvider.LambdaArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateDefaultMailDomain
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateImpersonationRole
enum_AccessEffect := [ "ALLOW", "DENY" ]
enum_ImpersonationRoleType := [ "FULL_ACCESS", "READ_ONLY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.Body.Name == STRING
input.Body.Type == enum_ImpersonationRoleType[_]
input.Body.Description == STRING
input.Body.Rules[_].ImpersonationRuleId == STRING
input.Body.Rules[_].Name == STRING
input.Body.Rules[_].Description == STRING
input.Body.Rules[_].Effect == enum_AccessEffect[_]
input.Body.Rules[_].TargetUsers[_] == STRING
input.Body.Rules[_].NotTargetUsers[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateMailboxQuota
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.MailboxQuota == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateMobileDeviceAccessRule
enum_MobileDeviceAccessRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.MobileDeviceAccessRuleId == STRING
input.Body.Name == STRING
input.Body.Description == STRING
input.Body.Effect == enum_MobileDeviceAccessRuleEffect[_]
input.Body.DeviceTypes[_] == STRING
input.Body.NotDeviceTypes[_] == STRING
input.Body.DeviceModels[_] == STRING
input.Body.NotDeviceModels[_] == STRING
input.Body.DeviceOperatingSystems[_] == STRING
input.Body.NotDeviceOperatingSystems[_] == STRING
input.Body.DeviceUserAgents[_] == STRING
input.Body.NotDeviceUserAgents[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdatePrimaryEmailAddress
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Email == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateResource
enum_ResourceType := [ "ROOM", "EQUIPMENT" ]
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.Name == STRING
input.Body.BookingOptions.AutoAcceptRequests == BOOLEAN
input.Body.BookingOptions.AutoDeclineRecurringRequests == BOOLEAN
input.Body.BookingOptions.AutoDeclineConflictingRequests == BOOLEAN
input.Body.Description == STRING
input.Body.Type == enum_ResourceType[_]
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
UpdateUser
enum_UserRole := [ "USER", "RESOURCE", "SYSTEM_USER", "REMOTE_USER" ]
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.Role == enum_UserRole[_]
input.Body.DisplayName == STRING
input.Body.FirstName == STRING
input.Body.LastName == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.Body.Initials == STRING
input.Body.Telephone == STRING
input.Body.Street == STRING
input.Body.JobTitle == STRING
input.Body.City == STRING
input.Body.Company == STRING
input.Body.ZipCode == STRING
input.Body.Department == STRING
input.Body.Country == STRING
input.Body.Office == STRING
input.Body.IdentityProviderUserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}
Updated 21 days ago