WORKSPACES-WEB

AssociateBrowserSettings

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.browserSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AssociateIpAccessSettings

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.ipAccessSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AssociateNetworkSettings

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.networkSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AssociateTrustStore

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.trustStoreArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AssociateUserAccessLoggingSettings

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.userAccessLoggingSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

AssociateUserSettings

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.userSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateBrowserSettings

valid {
    input.Body.additionalEncryptionContext.STRING == STRING
    input.Body.browserPolicy == STRING
    input.Body.clientToken == STRING
    input.Body.customerManagedKey == STRING
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateIdentityProvider

enum_IdentityProviderType := [ "SAML", "Facebook", "Google", "LoginWithAmazon", "SignInWithApple", "OIDC" ]

valid {
    input.Body.clientToken == STRING
    input.Body.identityProviderDetails.STRING == STRING
    input.Body.identityProviderName == STRING
    input.Body.identityProviderType == enum_IdentityProviderType[_]
    input.Body.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateIpAccessSettings

valid {
    input.Body.additionalEncryptionContext.STRING == STRING
    input.Body.clientToken == STRING
    input.Body.customerManagedKey == STRING
    input.Body.description == STRING
    input.Body.displayName == STRING
    input.Body.ipRules[_].description == STRING
    input.Body.ipRules[_].ipRange == STRING
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateNetworkSettings

valid {
    input.Body.clientToken == STRING
    input.Body.securityGroupIds[_] == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.Body.vpcId == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreatePortal

enum_AuthenticationType := [ "Standard", "IAM_Identity_Center" ]
enum_InstanceType := [ "standard.regular", "standard.large", "standard.xlarge" ]

valid {
    input.Body.additionalEncryptionContext.STRING == STRING
    input.Body.authenticationType == enum_AuthenticationType[_]
    input.Body.clientToken == STRING
    input.Body.customerManagedKey == STRING
    input.Body.displayName == STRING
    input.Body.instanceType == enum_InstanceType[_]
    input.Body.maxConcurrentSessions == INTEGER
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateTrustStore

valid {
    input.Body.certificateList[_] == BLOB
    input.Body.clientToken == STRING
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateUserAccessLoggingSettings

valid {
    input.Body.clientToken == STRING
    input.Body.kinesisStreamArn == STRING
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

CreateUserSettings

enum_EnabledType := [ "Disabled", "Enabled" ]

valid {
    input.Body.additionalEncryptionContext.STRING == STRING
    input.Body.clientToken == STRING
    input.Body.cookieSynchronizationConfiguration.allowlist[_].domain == STRING
    input.Body.cookieSynchronizationConfiguration.allowlist[_].name == STRING
    input.Body.cookieSynchronizationConfiguration.allowlist[_].path == STRING
    input.Body.cookieSynchronizationConfiguration.blocklist[_].domain == STRING
    input.Body.cookieSynchronizationConfiguration.blocklist[_].name == STRING
    input.Body.cookieSynchronizationConfiguration.blocklist[_].path == STRING
    input.Body.copyAllowed == enum_EnabledType[_]
    input.Body.customerManagedKey == STRING
    input.Body.disconnectTimeoutInMinutes == INTEGER
    input.Body.downloadAllowed == enum_EnabledType[_]
    input.Body.idleDisconnectTimeoutInMinutes == INTEGER
    input.Body.pasteAllowed == enum_EnabledType[_]
    input.Body.printAllowed == enum_EnabledType[_]
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.Body.uploadAllowed == enum_EnabledType[_]
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteBrowserSettings

valid {
    input.ReqMap.browserSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteIdentityProvider

valid {
    input.ReqMap.identityProviderArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteIpAccessSettings

valid {
    input.ReqMap.ipAccessSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteNetworkSettings

valid {
    input.ReqMap.networkSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeletePortal

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteTrustStore

valid {
    input.ReqMap.trustStoreArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteUserAccessLoggingSettings

valid {
    input.ReqMap.userAccessLoggingSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DeleteUserSettings

valid {
    input.ReqMap.userSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateBrowserSettings

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateIpAccessSettings

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateNetworkSettings

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateTrustStore

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateUserAccessLoggingSettings

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

DisassociateUserSettings

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetBrowserSettings

valid {
    input.ReqMap.browserSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIdentityProvider

valid {
    input.ReqMap.identityProviderArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetIpAccessSettings

valid {
    input.ReqMap.ipAccessSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetNetworkSettings

valid {
    input.ReqMap.networkSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPortal

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetPortalServiceProviderMetadata

valid {
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTrustStore

valid {
    input.ReqMap.trustStoreArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetTrustStoreCertificate

valid {
    input.ReqMap.trustStoreArn == STRING
    input.Qs.thumbprint == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUserAccessLoggingSettings

valid {
    input.ReqMap.userAccessLoggingSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

GetUserSettings

valid {
    input.ReqMap.userSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListBrowserSettings

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListIdentityProviders

valid {
    input.ReqMap.portalArn == STRING
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListIpAccessSettings

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListNetworkSettings

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListPortals

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTagsForResource

valid {
    input.ReqMap.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTrustStoreCertificates

valid {
    input.ReqMap.trustStoreArn == STRING
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListTrustStores

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListUserAccessLoggingSettings

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

ListUserSettings

valid {
    input.Qs.maxResults == INTEGER
    input.Qs.nextToken == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

TagResource

valid {
    input.Body.clientToken == STRING
    input.Body.tags[_].Key == STRING
    input.Body.tags[_].Value == STRING
    input.ReqMap.resourceArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UntagResource

valid {
    input.ReqMap.resourceArn == STRING
    input.Qs.tagKeys[_] == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateBrowserSettings

valid {
    input.Body.browserPolicy == STRING
    input.Body.clientToken == STRING
    input.ReqMap.browserSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateIdentityProvider

enum_IdentityProviderType := [ "SAML", "Facebook", "Google", "LoginWithAmazon", "SignInWithApple", "OIDC" ]

valid {
    input.Body.clientToken == STRING
    input.Body.identityProviderDetails.STRING == STRING
    input.Body.identityProviderName == STRING
    input.Body.identityProviderType == enum_IdentityProviderType[_]
    input.ReqMap.identityProviderArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateIpAccessSettings

valid {
    input.Body.clientToken == STRING
    input.Body.description == STRING
    input.Body.displayName == STRING
    input.Body.ipRules[_].description == STRING
    input.Body.ipRules[_].ipRange == STRING
    input.ReqMap.ipAccessSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateNetworkSettings

valid {
    input.Body.clientToken == STRING
    input.Body.securityGroupIds[_] == STRING
    input.Body.subnetIds[_] == STRING
    input.Body.vpcId == STRING
    input.ReqMap.networkSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdatePortal

enum_AuthenticationType := [ "Standard", "IAM_Identity_Center" ]
enum_InstanceType := [ "standard.regular", "standard.large", "standard.xlarge" ]

valid {
    input.Body.authenticationType == enum_AuthenticationType[_]
    input.Body.displayName == STRING
    input.Body.instanceType == enum_InstanceType[_]
    input.Body.maxConcurrentSessions == INTEGER
    input.ReqMap.portalArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateTrustStore

valid {
    input.Body.certificatesToAdd[_] == BLOB
    input.Body.certificatesToDelete[_] == STRING
    input.Body.clientToken == STRING
    input.ReqMap.trustStoreArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateUserAccessLoggingSettings

valid {
    input.Body.clientToken == STRING
    input.Body.kinesisStreamArn == STRING
    input.ReqMap.userAccessLoggingSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}

UpdateUserSettings

enum_EnabledType := [ "Disabled", "Enabled" ]

valid {
    input.Body.clientToken == STRING
    input.Body.cookieSynchronizationConfiguration.allowlist[_].domain == STRING
    input.Body.cookieSynchronizationConfiguration.allowlist[_].name == STRING
    input.Body.cookieSynchronizationConfiguration.allowlist[_].path == STRING
    input.Body.cookieSynchronizationConfiguration.blocklist[_].domain == STRING
    input.Body.cookieSynchronizationConfiguration.blocklist[_].name == STRING
    input.Body.cookieSynchronizationConfiguration.blocklist[_].path == STRING
    input.Body.copyAllowed == enum_EnabledType[_]
    input.Body.disconnectTimeoutInMinutes == INTEGER
    input.Body.downloadAllowed == enum_EnabledType[_]
    input.Body.idleDisconnectTimeoutInMinutes == INTEGER
    input.Body.pasteAllowed == enum_EnabledType[_]
    input.Body.printAllowed == enum_EnabledType[_]
    input.Body.uploadAllowed == enum_EnabledType[_]
    input.ReqMap.userSettingsArn == STRING
    input.ProviderMetadata.Account == STRING
    input.ProviderMetadata.AccessKeyId == STRING
    input.ProviderMetadata.Region == STRING
}