/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include namespace Aws { namespace IAM { namespace Model { /** */ class SimulateCustomPolicyRequest : public IAMRequest { public: AWS_IAM_API SimulateCustomPolicyRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "SimulateCustomPolicy"; } AWS_IAM_API Aws::String SerializePayload() const override; protected: AWS_IAM_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override; public: /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline const Aws::Vector& GetPolicyInputList() const{ return m_policyInputList; } /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline bool PolicyInputListHasBeenSet() const { return m_policyInputListHasBeenSet; } /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline void SetPolicyInputList(const Aws::Vector& value) { m_policyInputListHasBeenSet = true; m_policyInputList = value; } /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline void SetPolicyInputList(Aws::Vector&& value) { m_policyInputListHasBeenSet = true; m_policyInputList = std::move(value); } /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& WithPolicyInputList(const Aws::Vector& value) { SetPolicyInputList(value); return *this;} /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& WithPolicyInputList(Aws::Vector&& value) { SetPolicyInputList(std::move(value)); return *this;} /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& AddPolicyInputList(const Aws::String& value) { m_policyInputListHasBeenSet = true; m_policyInputList.push_back(value); return *this; } /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& AddPolicyInputList(Aws::String&& value) { m_policyInputListHasBeenSet = true; m_policyInputList.push_back(std::move(value)); return *this; } /** *

A list of policy documents to include in the simulation. Each document is * specified as a string containing the complete, valid JSON text of an IAM policy. * Do not include any resource-based policies in this parameter. Any resource-based * policy must be submitted with the ResourcePolicy parameter. The * policies cannot be "scope-down" policies, such as you could include in a call to * GetFederationToken * or one of the AssumeRole * API operations. In other words, do not use policies designed to restrict what a * user can do while using the temporary credentials.

The maximum length of * the policy document that you can pass in this operation, including whitespace, * is listed below. To view the maximum character counts of a managed policy with * no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& AddPolicyInputList(const char* value) { m_policyInputListHasBeenSet = true; m_policyInputList.push_back(value); return *this; } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline const Aws::Vector& GetPermissionsBoundaryPolicyInputList() const{ return m_permissionsBoundaryPolicyInputList; } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline bool PermissionsBoundaryPolicyInputListHasBeenSet() const { return m_permissionsBoundaryPolicyInputListHasBeenSet; } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline void SetPermissionsBoundaryPolicyInputList(const Aws::Vector& value) { m_permissionsBoundaryPolicyInputListHasBeenSet = true; m_permissionsBoundaryPolicyInputList = value; } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline void SetPermissionsBoundaryPolicyInputList(Aws::Vector&& value) { m_permissionsBoundaryPolicyInputListHasBeenSet = true; m_permissionsBoundaryPolicyInputList = std::move(value); } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& WithPermissionsBoundaryPolicyInputList(const Aws::Vector& value) { SetPermissionsBoundaryPolicyInputList(value); return *this;} /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& WithPermissionsBoundaryPolicyInputList(Aws::Vector&& value) { SetPermissionsBoundaryPolicyInputList(std::move(value)); return *this;} /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& AddPermissionsBoundaryPolicyInputList(const Aws::String& value) { m_permissionsBoundaryPolicyInputListHasBeenSet = true; m_permissionsBoundaryPolicyInputList.push_back(value); return *this; } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& AddPermissionsBoundaryPolicyInputList(Aws::String&& value) { m_permissionsBoundaryPolicyInputListHasBeenSet = true; m_permissionsBoundaryPolicyInputList.push_back(std::move(value)); return *this; } /** *

The IAM permissions boundary policy to simulate. The permissions boundary * sets the maximum permissions that an IAM entity can have. You can input only one * permissions boundary when you pass a policy to this operation. For more * information about permissions boundaries, see Permissions * boundaries for IAM entities in the IAM User Guide. The policy input * is specified as a string that contains the complete, valid JSON text of a * permissions boundary policy.

The maximum length of the policy document * that you can pass in this operation, including whitespace, is listed below. To * view the maximum character counts of a managed policy with no whitespaces, see * IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

*/ inline SimulateCustomPolicyRequest& AddPermissionsBoundaryPolicyInputList(const char* value) { m_permissionsBoundaryPolicyInputListHasBeenSet = true; m_permissionsBoundaryPolicyInputList.push_back(value); return *this; } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline const Aws::Vector& GetActionNames() const{ return m_actionNames; } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline bool ActionNamesHasBeenSet() const { return m_actionNamesHasBeenSet; } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline void SetActionNames(const Aws::Vector& value) { m_actionNamesHasBeenSet = true; m_actionNames = value; } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline void SetActionNames(Aws::Vector&& value) { m_actionNamesHasBeenSet = true; m_actionNames = std::move(value); } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline SimulateCustomPolicyRequest& WithActionNames(const Aws::Vector& value) { SetActionNames(value); return *this;} /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline SimulateCustomPolicyRequest& WithActionNames(Aws::Vector&& value) { SetActionNames(std::move(value)); return *this;} /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline SimulateCustomPolicyRequest& AddActionNames(const Aws::String& value) { m_actionNamesHasBeenSet = true; m_actionNames.push_back(value); return *this; } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline SimulateCustomPolicyRequest& AddActionNames(Aws::String&& value) { m_actionNamesHasBeenSet = true; m_actionNames.push_back(std::move(value)); return *this; } /** *

A list of names of API operations to evaluate in the simulation. Each * operation is evaluated against each resource. Each operation must include the * service identifier, such as iam:CreateUser. This operation does not * support using wildcards (*) in an action name.

*/ inline SimulateCustomPolicyRequest& AddActionNames(const char* value) { m_actionNamesHasBeenSet = true; m_actionNames.push_back(value); return *this; } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline const Aws::Vector& GetResourceArns() const{ return m_resourceArns; } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline bool ResourceArnsHasBeenSet() const { return m_resourceArnsHasBeenSet; } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline void SetResourceArns(const Aws::Vector& value) { m_resourceArnsHasBeenSet = true; m_resourceArns = value; } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline void SetResourceArns(Aws::Vector&& value) { m_resourceArnsHasBeenSet = true; m_resourceArns = std::move(value); } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& WithResourceArns(const Aws::Vector& value) { SetResourceArns(value); return *this;} /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& WithResourceArns(Aws::Vector&& value) { SetResourceArns(std::move(value)); return *this;} /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& AddResourceArns(const Aws::String& value) { m_resourceArnsHasBeenSet = true; m_resourceArns.push_back(value); return *this; } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& AddResourceArns(Aws::String&& value) { m_resourceArnsHasBeenSet = true; m_resourceArns.push_back(std::move(value)); return *this; } /** *

A list of ARNs of Amazon Web Services resources to include in the simulation. * If this parameter is not provided, then the value defaults to * * (all resources). Each API in the ActionNames parameter is evaluated * for each resource in this list. The simulation determines the access result * (allowed or denied) of each combination and reports it in the response. You can * simulate resources that don't exist in your account.

The simulation does * not automatically retrieve policies for the specified resources. If you want to * include a resource policy in the simulation, then you must include the policy as * a string in the ResourcePolicy parameter.

If you include a * ResourcePolicy, then it must be applicable to all of the resources * included in the simulation or you receive an invalid input error.

For * more information about ARNs, see Amazon * Resource Names (ARNs) in the Amazon Web Services General * Reference.

Simulation of resource-based policies isn't * supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& AddResourceArns(const char* value) { m_resourceArnsHasBeenSet = true; m_resourceArns.push_back(value); return *this; } /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline const Aws::String& GetResourcePolicy() const{ return m_resourcePolicy; } /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline bool ResourcePolicyHasBeenSet() const { return m_resourcePolicyHasBeenSet; } /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline void SetResourcePolicy(const Aws::String& value) { m_resourcePolicyHasBeenSet = true; m_resourcePolicy = value; } /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline void SetResourcePolicy(Aws::String&& value) { m_resourcePolicyHasBeenSet = true; m_resourcePolicy = std::move(value); } /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline void SetResourcePolicy(const char* value) { m_resourcePolicyHasBeenSet = true; m_resourcePolicy.assign(value); } /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& WithResourcePolicy(const Aws::String& value) { SetResourcePolicy(value); return *this;} /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& WithResourcePolicy(Aws::String&& value) { SetResourcePolicy(std::move(value)); return *this;} /** *

A resource-based policy to include in the simulation provided as a string. * Each resource in the simulation is treated as if it had this policy attached. * You can include only one resource-based policy in a simulation.

The * maximum length of the policy document that you can pass in this operation, * including whitespace, is listed below. To view the maximum character counts of a * managed policy with no whitespaces, see IAM * and STS character quotas.

The regex pattern used to validate this * parameter is a string of characters consisting of the following:

  • *

    Any printable ASCII character ranging from the space character * (\u0020) through the end of the ASCII character range

    • *

  • The printable characters in the Basic Latin and Latin-1 Supplement * character set (through \u00FF)

  • The special * characters tab (\u0009), line feed (\u000A), and * carriage return (\u000D)

Simulation of * resource-based policies isn't supported for IAM roles.

*/ inline SimulateCustomPolicyRequest& WithResourcePolicy(const char* value) { SetResourcePolicy(value); return *this;} /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline const Aws::String& GetResourceOwner() const{ return m_resourceOwner; } /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline bool ResourceOwnerHasBeenSet() const { return m_resourceOwnerHasBeenSet; } /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline void SetResourceOwner(const Aws::String& value) { m_resourceOwnerHasBeenSet = true; m_resourceOwner = value; } /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline void SetResourceOwner(Aws::String&& value) { m_resourceOwnerHasBeenSet = true; m_resourceOwner = std::move(value); } /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline void SetResourceOwner(const char* value) { m_resourceOwnerHasBeenSet = true; m_resourceOwner.assign(value); } /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline SimulateCustomPolicyRequest& WithResourceOwner(const Aws::String& value) { SetResourceOwner(value); return *this;} /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline SimulateCustomPolicyRequest& WithResourceOwner(Aws::String&& value) { SetResourceOwner(std::move(value)); return *this;} /** *

An ARN representing the Amazon Web Services account ID that specifies the * owner of any simulated resource that does not identify its owner in the resource * ARN. Examples of resource ARNs include an S3 bucket or object. If * ResourceOwner is specified, it is also used as the account owner of * any ResourcePolicy included in the simulation. If the * ResourceOwner parameter is not specified, then the owner of the * resources and the resource policy defaults to the account of the identity * provided in CallerArn. This parameter is required only if you * specify a resource-based policy and account that owns the resource is different * from the account that owns the simulated calling user * CallerArn.

The ARN for an account uses the following syntax: * arn:aws:iam::AWS-account-ID:root. For example, to represent * the account with the 112233445566 ID, use the following ARN: * arn:aws:iam::112233445566-ID:root.

*/ inline SimulateCustomPolicyRequest& WithResourceOwner(const char* value) { SetResourceOwner(value); return *this;} /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline const Aws::String& GetCallerArn() const{ return m_callerArn; } /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline bool CallerArnHasBeenSet() const { return m_callerArnHasBeenSet; } /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline void SetCallerArn(const Aws::String& value) { m_callerArnHasBeenSet = true; m_callerArn = value; } /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline void SetCallerArn(Aws::String&& value) { m_callerArnHasBeenSet = true; m_callerArn = std::move(value); } /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline void SetCallerArn(const char* value) { m_callerArnHasBeenSet = true; m_callerArn.assign(value); } /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline SimulateCustomPolicyRequest& WithCallerArn(const Aws::String& value) { SetCallerArn(value); return *this;} /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline SimulateCustomPolicyRequest& WithCallerArn(Aws::String&& value) { SetCallerArn(std::move(value)); return *this;} /** *

The ARN of the IAM user that you want to use as the simulated caller of the * API operations. CallerArn is required if you include a * ResourcePolicy so that the policy's Principal element * has a value to use in evaluating the policy.

You can specify only the ARN * of an IAM user. You cannot specify the ARN of an assumed role, federated user, * or a service principal.

*/ inline SimulateCustomPolicyRequest& WithCallerArn(const char* value) { SetCallerArn(value); return *this;} /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline const Aws::Vector& GetContextEntries() const{ return m_contextEntries; } /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline bool ContextEntriesHasBeenSet() const { return m_contextEntriesHasBeenSet; } /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline void SetContextEntries(const Aws::Vector& value) { m_contextEntriesHasBeenSet = true; m_contextEntries = value; } /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline void SetContextEntries(Aws::Vector&& value) { m_contextEntriesHasBeenSet = true; m_contextEntries = std::move(value); } /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline SimulateCustomPolicyRequest& WithContextEntries(const Aws::Vector& value) { SetContextEntries(value); return *this;} /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline SimulateCustomPolicyRequest& WithContextEntries(Aws::Vector&& value) { SetContextEntries(std::move(value)); return *this;} /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline SimulateCustomPolicyRequest& AddContextEntries(const ContextEntry& value) { m_contextEntriesHasBeenSet = true; m_contextEntries.push_back(value); return *this; } /** *

A list of context keys and corresponding values for the simulation to use. * Whenever a context key is evaluated in one of the simulated IAM permissions * policies, the corresponding value is supplied.

*/ inline SimulateCustomPolicyRequest& AddContextEntries(ContextEntry&& value) { m_contextEntriesHasBeenSet = true; m_contextEntries.push_back(std::move(value)); return *this; } /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline const Aws::String& GetResourceHandlingOption() const{ return m_resourceHandlingOption; } /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline bool ResourceHandlingOptionHasBeenSet() const { return m_resourceHandlingOptionHasBeenSet; } /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline void SetResourceHandlingOption(const Aws::String& value) { m_resourceHandlingOptionHasBeenSet = true; m_resourceHandlingOption = value; } /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline void SetResourceHandlingOption(Aws::String&& value) { m_resourceHandlingOptionHasBeenSet = true; m_resourceHandlingOption = std::move(value); } /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline void SetResourceHandlingOption(const char* value) { m_resourceHandlingOptionHasBeenSet = true; m_resourceHandlingOption.assign(value); } /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline SimulateCustomPolicyRequest& WithResourceHandlingOption(const Aws::String& value) { SetResourceHandlingOption(value); return *this;} /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline SimulateCustomPolicyRequest& WithResourceHandlingOption(Aws::String&& value) { SetResourceHandlingOption(std::move(value)); return *this;} /** *

Specifies the type of simulation to run. Different API operations that * support resource-based policies require different combinations of resources. By * specifying the type of simulation to run, you enable the policy simulator to * enforce the presence of the required resources to ensure reliable simulation * results. If your simulation does not match one of the following scenarios, then * you can omit this parameter. The following list shows each of the supported * scenario values and the resources that you must define to run the * simulation.

Each of the EC2 scenarios requires that you specify instance, * image, and security group resources. If your scenario includes an EBS volume, * then you must specify that volume as a resource. If the EC2 scenario includes * VPC, then you must supply the network interface resource. If it includes an IP * subnet, then you must specify the subnet resource. For more information on the * EC2 scenario options, see Supported * platforms in the Amazon EC2 User Guide.

  • * EC2-VPC-InstanceStore

    instance, image, security group, network * interface

  • EC2-VPC-InstanceStore-Subnet

    *

    instance, image, security group, network interface, subnet

  • * EC2-VPC-EBS

    instance, image, security group, network interface, * volume

  • EC2-VPC-EBS-Subnet

    instance, image, * security group, network interface, subnet, volume

*/ inline SimulateCustomPolicyRequest& WithResourceHandlingOption(const char* value) { SetResourceHandlingOption(value); return *this;} /** *

Use this only when paginating results to indicate the maximum number of items * you want in the response. If additional items exist beyond the maximum you * specify, the IsTruncated response element is true.

*

If you do not include this parameter, the number of items defaults to 100. * Note that IAM might return fewer results, even when there are more results * available. In that case, the IsTruncated response element returns * true, and Marker contains a value to include in the * subsequent call that tells the service where to continue from.

*/ inline int GetMaxItems() const{ return m_maxItems; } /** *

Use this only when paginating results to indicate the maximum number of items * you want in the response. If additional items exist beyond the maximum you * specify, the IsTruncated response element is true.

*

If you do not include this parameter, the number of items defaults to 100. * Note that IAM might return fewer results, even when there are more results * available. In that case, the IsTruncated response element returns * true, and Marker contains a value to include in the * subsequent call that tells the service where to continue from.

*/ inline bool MaxItemsHasBeenSet() const { return m_maxItemsHasBeenSet; } /** *

Use this only when paginating results to indicate the maximum number of items * you want in the response. If additional items exist beyond the maximum you * specify, the IsTruncated response element is true.

*

If you do not include this parameter, the number of items defaults to 100. * Note that IAM might return fewer results, even when there are more results * available. In that case, the IsTruncated response element returns * true, and Marker contains a value to include in the * subsequent call that tells the service where to continue from.

*/ inline void SetMaxItems(int value) { m_maxItemsHasBeenSet = true; m_maxItems = value; } /** *

Use this only when paginating results to indicate the maximum number of items * you want in the response. If additional items exist beyond the maximum you * specify, the IsTruncated response element is true.

*

If you do not include this parameter, the number of items defaults to 100. * Note that IAM might return fewer results, even when there are more results * available. In that case, the IsTruncated response element returns * true, and Marker contains a value to include in the * subsequent call that tells the service where to continue from.

*/ inline SimulateCustomPolicyRequest& WithMaxItems(int value) { SetMaxItems(value); return *this;} /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline const Aws::String& GetMarker() const{ return m_marker; } /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline bool MarkerHasBeenSet() const { return m_markerHasBeenSet; } /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline void SetMarker(const Aws::String& value) { m_markerHasBeenSet = true; m_marker = value; } /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline void SetMarker(Aws::String&& value) { m_markerHasBeenSet = true; m_marker = std::move(value); } /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline void SetMarker(const char* value) { m_markerHasBeenSet = true; m_marker.assign(value); } /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline SimulateCustomPolicyRequest& WithMarker(const Aws::String& value) { SetMarker(value); return *this;} /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline SimulateCustomPolicyRequest& WithMarker(Aws::String&& value) { SetMarker(std::move(value)); return *this;} /** *

Use this parameter only when paginating results and only after you receive a * response indicating that the results are truncated. Set it to the value of the * Marker element in the response that you received to indicate where * the next call should start.

*/ inline SimulateCustomPolicyRequest& WithMarker(const char* value) { SetMarker(value); return *this;} private: Aws::Vector m_policyInputList; bool m_policyInputListHasBeenSet = false; Aws::Vector m_permissionsBoundaryPolicyInputList; bool m_permissionsBoundaryPolicyInputListHasBeenSet = false; Aws::Vector m_actionNames; bool m_actionNamesHasBeenSet = false; Aws::Vector m_resourceArns; bool m_resourceArnsHasBeenSet = false; Aws::String m_resourcePolicy; bool m_resourcePolicyHasBeenSet = false; Aws::String m_resourceOwner; bool m_resourceOwnerHasBeenSet = false; Aws::String m_callerArn; bool m_callerArnHasBeenSet = false; Aws::Vector m_contextEntries; bool m_contextEntriesHasBeenSet = false; Aws::String m_resourceHandlingOption; bool m_resourceHandlingOptionHasBeenSet = false; int m_maxItems; bool m_maxItemsHasBeenSet = false; Aws::String m_marker; bool m_markerHasBeenSet = false; }; } // namespace Model } // namespace IAM } // namespace Aws