WORKMAIL
AssociateDelegateToResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.EntityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}AssociateMemberToGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.MemberId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}AssumeImpersonationRole
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CancelMailboxExportJob
valid {
input.Body.ClientToken == STRING
input.Body.JobId == STRING
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateAlias
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Alias == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateAvailabilityConfiguration
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.Body.EwsProvider.EwsEndpoint == STRING
input.Body.EwsProvider.EwsUsername == STRING
input.Body.EwsProvider.EwsPassword == STRING
input.Body.LambdaProvider.LambdaArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateGroup
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateIdentityCenterApplication
valid {
input.Body.Name == STRING
input.Body.InstanceArn == STRING
input.Body.ClientToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateImpersonationRole
enum_AccessEffect := [ "ALLOW", "DENY" ]
enum_ImpersonationRoleType := [ "FULL_ACCESS", "READ_ONLY" ]
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.Type == enum_ImpersonationRoleType[_]
input.Body.Description == STRING
input.Body.Rules[_].ImpersonationRuleId == STRING
input.Body.Rules[_].Name == STRING
input.Body.Rules[_].Description == STRING
input.Body.Rules[_].Effect == enum_AccessEffect[_]
input.Body.Rules[_].TargetUsers[_] == STRING
input.Body.Rules[_].NotTargetUsers[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateMobileDeviceAccessRule
enum_MobileDeviceAccessRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.ClientToken == STRING
input.Body.Name == STRING
input.Body.Description == STRING
input.Body.Effect == enum_MobileDeviceAccessRuleEffect[_]
input.Body.DeviceTypes[_] == STRING
input.Body.NotDeviceTypes[_] == STRING
input.Body.DeviceModels[_] == STRING
input.Body.NotDeviceModels[_] == STRING
input.Body.DeviceOperatingSystems[_] == STRING
input.Body.NotDeviceOperatingSystems[_] == STRING
input.Body.DeviceUserAgents[_] == STRING
input.Body.NotDeviceUserAgents[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateOrganization
valid {
input.Body.DirectoryId == STRING
input.Body.Alias == STRING
input.Body.ClientToken == STRING
input.Body.Domains[_].DomainName == STRING
input.Body.Domains[_].HostedZoneId == STRING
input.Body.KmsKeyArn == STRING
input.Body.EnableInteroperability == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateResource
enum_ResourceType := [ "ROOM", "EQUIPMENT" ]
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.Type == enum_ResourceType[_]
input.Body.Description == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}CreateUser
enum_UserRole := [ "USER", "RESOURCE", "SYSTEM_USER", "REMOTE_USER" ]
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.Body.DisplayName == STRING
input.Body.Password == STRING
input.Body.Role == enum_UserRole[_]
input.Body.FirstName == STRING
input.Body.LastName == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.Body.IdentityProviderUserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteAccessControlRule
valid {
input.Body.OrganizationId == STRING
input.Body.Name == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteAlias
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Alias == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteAvailabilityConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteEmailMonitoringConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteIdentityCenterApplication
valid {
input.Body.ApplicationArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteIdentityProviderConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteImpersonationRole
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteMailboxPermissions
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.GranteeId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteMobileDeviceAccessOverride
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteMobileDeviceAccessRule
valid {
input.Body.OrganizationId == STRING
input.Body.MobileDeviceAccessRuleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteOrganization
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.DeleteDirectory == BOOLEAN
input.Body.ForceDelete == BOOLEAN
input.Body.DeleteIdentityCenterApplication == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeletePersonalAccessToken
valid {
input.Body.OrganizationId == STRING
input.Body.PersonalAccessTokenId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteRetentionPolicy
valid {
input.Body.OrganizationId == STRING
input.Body.Id == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeleteUser
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeregisterFromWorkMail
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DeregisterMailDomain
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeEmailMonitoringConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeEntity
valid {
input.Body.OrganizationId == STRING
input.Body.Email == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeIdentityProviderConfiguration
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeInboundDmarcSettings
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeMailboxExportJob
valid {
input.Body.JobId == STRING
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeOrganization
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DescribeUser
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisassociateDelegateFromResource
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.EntityId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}DisassociateMemberFromGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.MemberId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetAccessControlEffect
valid {
input.Body.OrganizationId == STRING
input.Body.IpAddress == STRING
input.Body.Action == STRING
input.Body.UserId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetDefaultRetentionPolicy
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetImpersonationRole
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetImpersonationRoleEffect
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.Body.TargetUser == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMailDomain
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMailboxDetails
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMobileDeviceAccessEffect
valid {
input.Body.OrganizationId == STRING
input.Body.DeviceType == STRING
input.Body.DeviceModel == STRING
input.Body.DeviceOperatingSystem == STRING
input.Body.DeviceUserAgent == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetMobileDeviceAccessOverride
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}GetPersonalAccessTokenMetadata
valid {
input.Body.OrganizationId == STRING
input.Body.PersonalAccessTokenId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListAccessControlRules
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListAliases
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListAvailabilityConfigurations
valid {
input.Body.OrganizationId == STRING
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListGroupMembers
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListGroups
enum_EntityState := [ "ENABLED", "DISABLED", "DELETED" ]
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.Filters.NamePrefix == STRING
input.Body.Filters.PrimaryEmailPrefix == STRING
input.Body.Filters.State == enum_EntityState[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListGroupsForEntity
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Filters.GroupNamePrefix == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListImpersonationRoles
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMailDomains
valid {
input.Body.OrganizationId == STRING
input.Body.MaxResults == INTEGER
input.Body.NextToken == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMailboxExportJobs
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMailboxPermissions
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMobileDeviceAccessOverrides
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListMobileDeviceAccessRules
valid {
input.Body.OrganizationId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListOrganizations
valid {
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListPersonalAccessTokens
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListResourceDelegates
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListResources
enum_EntityState := [ "ENABLED", "DISABLED", "DELETED" ]
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.Filters.NamePrefix == STRING
input.Body.Filters.PrimaryEmailPrefix == STRING
input.Body.Filters.State == enum_EntityState[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListTagsForResource
valid {
input.Body.ResourceARN == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ListUsers
enum_EntityState := [ "ENABLED", "DISABLED", "DELETED" ]
valid {
input.Body.OrganizationId == STRING
input.Body.NextToken == STRING
input.Body.MaxResults == INTEGER
input.Body.Filters.UsernamePrefix == STRING
input.Body.Filters.DisplayNamePrefix == STRING
input.Body.Filters.PrimaryEmailPrefix == STRING
input.Body.Filters.State == enum_EntityState[_]
input.Body.Filters.IdentityProviderUserIdPrefix == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutAccessControlRule
enum_AccessControlRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.Name == STRING
input.Body.Effect == enum_AccessControlRuleEffect[_]
input.Body.Description == STRING
input.Body.IpRanges[_] == STRING
input.Body.NotIpRanges[_] == STRING
input.Body.Actions[_] == STRING
input.Body.NotActions[_] == STRING
input.Body.UserIds[_] == STRING
input.Body.NotUserIds[_] == STRING
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleIds[_] == STRING
input.Body.NotImpersonationRoleIds[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutEmailMonitoringConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.RoleArn == STRING
input.Body.LogGroupArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutIdentityProviderConfiguration
enum_IdentityProviderAuthenticationMode := [ "IDENTITY_PROVIDER_ONLY", "IDENTITY_PROVIDER_AND_DIRECTORY" ]
enum_PersonalAccessTokenConfigurationStatus := [ "ACTIVE", "INACTIVE" ]
valid {
input.Body.OrganizationId == STRING
input.Body.AuthenticationMode == enum_IdentityProviderAuthenticationMode[_]
input.Body.IdentityCenterConfiguration.InstanceArn == STRING
input.Body.IdentityCenterConfiguration.ApplicationArn == STRING
input.Body.PersonalAccessTokenConfiguration.Status == enum_PersonalAccessTokenConfigurationStatus[_]
input.Body.PersonalAccessTokenConfiguration.LifetimeInDays == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutInboundDmarcSettings
valid {
input.Body.OrganizationId == STRING
input.Body.Enforced == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutMailboxPermissions
enum_PermissionType := [ "FULL_ACCESS", "SEND_AS", "SEND_ON_BEHALF" ]
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.GranteeId == STRING
input.Body.PermissionValues[_] == enum_PermissionType[_]
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutMobileDeviceAccessOverride
enum_MobileDeviceAccessRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.DeviceId == STRING
input.Body.Effect == enum_MobileDeviceAccessRuleEffect[_]
input.Body.Description == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}PutRetentionPolicy
enum_FolderName := [ "INBOX", "DELETED_ITEMS", "SENT_ITEMS", "DRAFTS", "JUNK_EMAIL" ]
enum_RetentionAction := [ "NONE", "DELETE", "PERMANENTLY_DELETE" ]
valid {
input.Body.OrganizationId == STRING
input.Body.Id == STRING
input.Body.Name == STRING
input.Body.Description == STRING
input.Body.FolderConfigurations[_].Name == enum_FolderName[_]
input.Body.FolderConfigurations[_].Action == enum_RetentionAction[_]
input.Body.FolderConfigurations[_].Period == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}RegisterMailDomain
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}RegisterToWorkMail
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Email == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}ResetPassword
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.Password == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}StartMailboxExportJob
valid {
input.Body.ClientToken == STRING
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Description == STRING
input.Body.RoleArn == STRING
input.Body.KmsKeyArn == STRING
input.Body.S3BucketName == STRING
input.Body.S3Prefix == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}TagResource
valid {
input.Body.ResourceARN == STRING
input.Body.Tags[_].Key == STRING
input.Body.Tags[_].Value == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}TestAvailabilityConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.Body.EwsProvider.EwsEndpoint == STRING
input.Body.EwsProvider.EwsUsername == STRING
input.Body.EwsProvider.EwsPassword == STRING
input.Body.LambdaProvider.LambdaArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UntagResource
valid {
input.Body.ResourceARN == STRING
input.Body.TagKeys[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateAvailabilityConfiguration
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.Body.EwsProvider.EwsEndpoint == STRING
input.Body.EwsProvider.EwsUsername == STRING
input.Body.EwsProvider.EwsPassword == STRING
input.Body.LambdaProvider.LambdaArn == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateDefaultMailDomain
valid {
input.Body.OrganizationId == STRING
input.Body.DomainName == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateGroup
valid {
input.Body.OrganizationId == STRING
input.Body.GroupId == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateImpersonationRole
enum_AccessEffect := [ "ALLOW", "DENY" ]
enum_ImpersonationRoleType := [ "FULL_ACCESS", "READ_ONLY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.ImpersonationRoleId == STRING
input.Body.Name == STRING
input.Body.Type == enum_ImpersonationRoleType[_]
input.Body.Description == STRING
input.Body.Rules[_].ImpersonationRuleId == STRING
input.Body.Rules[_].Name == STRING
input.Body.Rules[_].Description == STRING
input.Body.Rules[_].Effect == enum_AccessEffect[_]
input.Body.Rules[_].TargetUsers[_] == STRING
input.Body.Rules[_].NotTargetUsers[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateMailboxQuota
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.MailboxQuota == INTEGER
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateMobileDeviceAccessRule
enum_MobileDeviceAccessRuleEffect := [ "ALLOW", "DENY" ]
valid {
input.Body.OrganizationId == STRING
input.Body.MobileDeviceAccessRuleId == STRING
input.Body.Name == STRING
input.Body.Description == STRING
input.Body.Effect == enum_MobileDeviceAccessRuleEffect[_]
input.Body.DeviceTypes[_] == STRING
input.Body.NotDeviceTypes[_] == STRING
input.Body.DeviceModels[_] == STRING
input.Body.NotDeviceModels[_] == STRING
input.Body.DeviceOperatingSystems[_] == STRING
input.Body.NotDeviceOperatingSystems[_] == STRING
input.Body.DeviceUserAgents[_] == STRING
input.Body.NotDeviceUserAgents[_] == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdatePrimaryEmailAddress
valid {
input.Body.OrganizationId == STRING
input.Body.EntityId == STRING
input.Body.Email == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateResource
enum_ResourceType := [ "ROOM", "EQUIPMENT" ]
valid {
input.Body.OrganizationId == STRING
input.Body.ResourceId == STRING
input.Body.Name == STRING
input.Body.BookingOptions.AutoAcceptRequests == BOOLEAN
input.Body.BookingOptions.AutoDeclineRecurringRequests == BOOLEAN
input.Body.BookingOptions.AutoDeclineConflictingRequests == BOOLEAN
input.Body.Description == STRING
input.Body.Type == enum_ResourceType[_]
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}UpdateUser
enum_UserRole := [ "USER", "RESOURCE", "SYSTEM_USER", "REMOTE_USER" ]
valid {
input.Body.OrganizationId == STRING
input.Body.UserId == STRING
input.Body.Role == enum_UserRole[_]
input.Body.DisplayName == STRING
input.Body.FirstName == STRING
input.Body.LastName == STRING
input.Body.HiddenFromGlobalAddressList == BOOLEAN
input.Body.Initials == STRING
input.Body.Telephone == STRING
input.Body.Street == STRING
input.Body.JobTitle == STRING
input.Body.City == STRING
input.Body.Company == STRING
input.Body.ZipCode == STRING
input.Body.Department == STRING
input.Body.Country == STRING
input.Body.Office == STRING
input.Body.IdentityProviderUserId == STRING
input.ProviderMetadata.Account == STRING
input.ProviderMetadata.AccessKeyId == STRING
input.ProviderMetadata.Region == STRING
}Updated 13 days ago