// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. package verifiedpermissions import ( "fmt" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awsutil" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/private/protocol" "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" ) const opCreateIdentitySource = "CreateIdentitySource" // CreateIdentitySourceRequest generates a "aws/request.Request" representing the // client's request for the CreateIdentitySource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See CreateIdentitySource for more information on using the CreateIdentitySource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the CreateIdentitySourceRequest method. // req, resp := client.CreateIdentitySourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource func (c *VerifiedPermissions) CreateIdentitySourceRequest(input *CreateIdentitySourceInput) (req *request.Request, output *CreateIdentitySourceOutput) { op := &request.Operation{ Name: opCreateIdentitySource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &CreateIdentitySourceInput{} } output = &CreateIdentitySourceOutput{} req = c.newRequest(op, input, output) return } // CreateIdentitySource API operation for Amazon Verified Permissions. // // Creates a reference to an Amazon Cognito user pool as an external identity // provider (IdP). // // After you create an identity source, you can use the identities provided // by the IdP as proxies for the principal in authorization queries that use // the IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operation. These identities take the form of tokens that contain claims about // the user, such as IDs, attributes and group memberships. Amazon Cognito provides // both identity tokens and access tokens, and Verified Permissions can use // either or both. Any combination of identity and access tokens results in // the same Cedar principal. Verified Permissions automatically translates the // information about the identities into the standard Cedar attributes that // can be evaluated by your policies. Because the Amazon Cognito identity and // access tokens can contain different information, the tokens you choose to // use determine which principal attributes are available to access when evaluating // Cedar policies. // // If you delete a Amazon Cognito user pool or user, tokens from that deleted // pool or that deleted user continue to be usable until they expire. // // To reference a user from this identity source in your Cedar policies, use // the following syntax. // // IdentityType::"| // // Where IdentityType is the string that you provide to the PrincipalEntityType // parameter for this operation. The CognitoUserPoolId and CognitoClientId are // defined by the Amazon Cognito user pool. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation CreateIdentitySource for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ServiceQuotaExceededException // The request failed because it would cause a service quota to be exceeded. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource func (c *VerifiedPermissions) CreateIdentitySource(input *CreateIdentitySourceInput) (*CreateIdentitySourceOutput, error) { req, out := c.CreateIdentitySourceRequest(input) return out, req.Send() } // CreateIdentitySourceWithContext is the same as CreateIdentitySource with the addition of // the ability to pass a context and additional request options. // // See CreateIdentitySource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) CreateIdentitySourceWithContext(ctx aws.Context, input *CreateIdentitySourceInput, opts ...request.Option) (*CreateIdentitySourceOutput, error) { req, out := c.CreateIdentitySourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opCreatePolicy = "CreatePolicy" // CreatePolicyRequest generates a "aws/request.Request" representing the // client's request for the CreatePolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See CreatePolicy for more information on using the CreatePolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the CreatePolicyRequest method. // req, resp := client.CreatePolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy func (c *VerifiedPermissions) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) { op := &request.Operation{ Name: opCreatePolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &CreatePolicyInput{} } output = &CreatePolicyOutput{} req = c.newRequest(op, input, output) return } // CreatePolicy API operation for Amazon Verified Permissions. // // Creates a Cedar policy and saves it in the specified policy store. You can // create either a static policy or a policy linked to a policy template. // // - To create a static policy, provide the Cedar policy text in the StaticPolicy // section of the PolicyDefinition. // // - To create a policy that is dynamically linked to a policy template, // specify the policy template ID and the principal and resource to associate // with this policy in the templateLinked section of the PolicyDefinition. // If the policy template is ever updated, any policies linked to the policy // template automatically use the updated template. // // Creating a policy causes it to be validated against the schema in the policy // store. If the policy doesn't pass validation, the operation fails and the // policy isn't stored. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation CreatePolicy for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ServiceQuotaExceededException // The request failed because it would cause a service quota to be exceeded. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy func (c *VerifiedPermissions) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) { req, out := c.CreatePolicyRequest(input) return out, req.Send() } // CreatePolicyWithContext is the same as CreatePolicy with the addition of // the ability to pass a context and additional request options. // // See CreatePolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) { req, out := c.CreatePolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opCreatePolicyStore = "CreatePolicyStore" // CreatePolicyStoreRequest generates a "aws/request.Request" representing the // client's request for the CreatePolicyStore operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See CreatePolicyStore for more information on using the CreatePolicyStore // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the CreatePolicyStoreRequest method. // req, resp := client.CreatePolicyStoreRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore func (c *VerifiedPermissions) CreatePolicyStoreRequest(input *CreatePolicyStoreInput) (req *request.Request, output *CreatePolicyStoreOutput) { op := &request.Operation{ Name: opCreatePolicyStore, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &CreatePolicyStoreInput{} } output = &CreatePolicyStoreOutput{} req = c.newRequest(op, input, output) return } // CreatePolicyStore API operation for Amazon Verified Permissions. // // Creates a policy store. A policy store is a container for policy resources. // // Although Cedar supports multiple namespaces (https://docs.cedarpolicy.com/schema.html#namespace), // Verified Permissions currently supports only one namespace per policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation CreatePolicyStore for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ServiceQuotaExceededException // The request failed because it would cause a service quota to be exceeded. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore func (c *VerifiedPermissions) CreatePolicyStore(input *CreatePolicyStoreInput) (*CreatePolicyStoreOutput, error) { req, out := c.CreatePolicyStoreRequest(input) return out, req.Send() } // CreatePolicyStoreWithContext is the same as CreatePolicyStore with the addition of // the ability to pass a context and additional request options. // // See CreatePolicyStore for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) CreatePolicyStoreWithContext(ctx aws.Context, input *CreatePolicyStoreInput, opts ...request.Option) (*CreatePolicyStoreOutput, error) { req, out := c.CreatePolicyStoreRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opCreatePolicyTemplate = "CreatePolicyTemplate" // CreatePolicyTemplateRequest generates a "aws/request.Request" representing the // client's request for the CreatePolicyTemplate operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See CreatePolicyTemplate for more information on using the CreatePolicyTemplate // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the CreatePolicyTemplateRequest method. // req, resp := client.CreatePolicyTemplateRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate func (c *VerifiedPermissions) CreatePolicyTemplateRequest(input *CreatePolicyTemplateInput) (req *request.Request, output *CreatePolicyTemplateOutput) { op := &request.Operation{ Name: opCreatePolicyTemplate, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &CreatePolicyTemplateInput{} } output = &CreatePolicyTemplateOutput{} req = c.newRequest(op, input, output) return } // CreatePolicyTemplate API operation for Amazon Verified Permissions. // // Creates a policy template. A template can use placeholders for the principal // and resource. A template must be instantiated into a policy by associating // it with specific principals and resources to use for the placeholders. That // instantiated policy can then be considered in authorization decisions. The // instantiated policy works identically to any other policy, except that it // is dynamically linked to the template. If the template changes, then any // policies that are linked to that template are immediately updated as well. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation CreatePolicyTemplate for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ServiceQuotaExceededException // The request failed because it would cause a service quota to be exceeded. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate func (c *VerifiedPermissions) CreatePolicyTemplate(input *CreatePolicyTemplateInput) (*CreatePolicyTemplateOutput, error) { req, out := c.CreatePolicyTemplateRequest(input) return out, req.Send() } // CreatePolicyTemplateWithContext is the same as CreatePolicyTemplate with the addition of // the ability to pass a context and additional request options. // // See CreatePolicyTemplate for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) CreatePolicyTemplateWithContext(ctx aws.Context, input *CreatePolicyTemplateInput, opts ...request.Option) (*CreatePolicyTemplateOutput, error) { req, out := c.CreatePolicyTemplateRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opDeleteIdentitySource = "DeleteIdentitySource" // DeleteIdentitySourceRequest generates a "aws/request.Request" representing the // client's request for the DeleteIdentitySource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See DeleteIdentitySource for more information on using the DeleteIdentitySource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the DeleteIdentitySourceRequest method. // req, resp := client.DeleteIdentitySourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource func (c *VerifiedPermissions) DeleteIdentitySourceRequest(input *DeleteIdentitySourceInput) (req *request.Request, output *DeleteIdentitySourceOutput) { op := &request.Operation{ Name: opDeleteIdentitySource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &DeleteIdentitySourceInput{} } output = &DeleteIdentitySourceOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // DeleteIdentitySource API operation for Amazon Verified Permissions. // // Deletes an identity source that references an identity provider (IdP) such // as Amazon Cognito. After you delete the identity source, you can no longer // use tokens for identities from that identity source to represent principals // in authorization queries made using IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html). // operations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation DeleteIdentitySource for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource func (c *VerifiedPermissions) DeleteIdentitySource(input *DeleteIdentitySourceInput) (*DeleteIdentitySourceOutput, error) { req, out := c.DeleteIdentitySourceRequest(input) return out, req.Send() } // DeleteIdentitySourceWithContext is the same as DeleteIdentitySource with the addition of // the ability to pass a context and additional request options. // // See DeleteIdentitySource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) DeleteIdentitySourceWithContext(ctx aws.Context, input *DeleteIdentitySourceInput, opts ...request.Option) (*DeleteIdentitySourceOutput, error) { req, out := c.DeleteIdentitySourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opDeletePolicy = "DeletePolicy" // DeletePolicyRequest generates a "aws/request.Request" representing the // client's request for the DeletePolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See DeletePolicy for more information on using the DeletePolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the DeletePolicyRequest method. // req, resp := client.DeletePolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy func (c *VerifiedPermissions) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) { op := &request.Operation{ Name: opDeletePolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &DeletePolicyInput{} } output = &DeletePolicyOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // DeletePolicy API operation for Amazon Verified Permissions. // // Deletes the specified policy from the policy store. // // This operation is idempotent; if you specify a policy that doesn't exist, // the request response returns a successful HTTP 200 status code. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation DeletePolicy for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy func (c *VerifiedPermissions) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) { req, out := c.DeletePolicyRequest(input) return out, req.Send() } // DeletePolicyWithContext is the same as DeletePolicy with the addition of // the ability to pass a context and additional request options. // // See DeletePolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) { req, out := c.DeletePolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opDeletePolicyStore = "DeletePolicyStore" // DeletePolicyStoreRequest generates a "aws/request.Request" representing the // client's request for the DeletePolicyStore operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See DeletePolicyStore for more information on using the DeletePolicyStore // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the DeletePolicyStoreRequest method. // req, resp := client.DeletePolicyStoreRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore func (c *VerifiedPermissions) DeletePolicyStoreRequest(input *DeletePolicyStoreInput) (req *request.Request, output *DeletePolicyStoreOutput) { op := &request.Operation{ Name: opDeletePolicyStore, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &DeletePolicyStoreInput{} } output = &DeletePolicyStoreOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // DeletePolicyStore API operation for Amazon Verified Permissions. // // Deletes the specified policy store. // // This operation is idempotent. If you specify a policy store that does not // exist, the request response will still return a successful HTTP 200 status // code. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation DeletePolicyStore for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore func (c *VerifiedPermissions) DeletePolicyStore(input *DeletePolicyStoreInput) (*DeletePolicyStoreOutput, error) { req, out := c.DeletePolicyStoreRequest(input) return out, req.Send() } // DeletePolicyStoreWithContext is the same as DeletePolicyStore with the addition of // the ability to pass a context and additional request options. // // See DeletePolicyStore for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) DeletePolicyStoreWithContext(ctx aws.Context, input *DeletePolicyStoreInput, opts ...request.Option) (*DeletePolicyStoreOutput, error) { req, out := c.DeletePolicyStoreRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opDeletePolicyTemplate = "DeletePolicyTemplate" // DeletePolicyTemplateRequest generates a "aws/request.Request" representing the // client's request for the DeletePolicyTemplate operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See DeletePolicyTemplate for more information on using the DeletePolicyTemplate // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the DeletePolicyTemplateRequest method. // req, resp := client.DeletePolicyTemplateRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate func (c *VerifiedPermissions) DeletePolicyTemplateRequest(input *DeletePolicyTemplateInput) (req *request.Request, output *DeletePolicyTemplateOutput) { op := &request.Operation{ Name: opDeletePolicyTemplate, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &DeletePolicyTemplateInput{} } output = &DeletePolicyTemplateOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // DeletePolicyTemplate API operation for Amazon Verified Permissions. // // Deletes the specified policy template from the policy store. // // This operation also deletes any policies that were created from the specified // policy template. Those policies are immediately removed from all future API // responses, and are asynchronously deleted from the policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation DeletePolicyTemplate for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate func (c *VerifiedPermissions) DeletePolicyTemplate(input *DeletePolicyTemplateInput) (*DeletePolicyTemplateOutput, error) { req, out := c.DeletePolicyTemplateRequest(input) return out, req.Send() } // DeletePolicyTemplateWithContext is the same as DeletePolicyTemplate with the addition of // the ability to pass a context and additional request options. // // See DeletePolicyTemplate for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) DeletePolicyTemplateWithContext(ctx aws.Context, input *DeletePolicyTemplateInput, opts ...request.Option) (*DeletePolicyTemplateOutput, error) { req, out := c.DeletePolicyTemplateRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opGetIdentitySource = "GetIdentitySource" // GetIdentitySourceRequest generates a "aws/request.Request" representing the // client's request for the GetIdentitySource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See GetIdentitySource for more information on using the GetIdentitySource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the GetIdentitySourceRequest method. // req, resp := client.GetIdentitySourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource func (c *VerifiedPermissions) GetIdentitySourceRequest(input *GetIdentitySourceInput) (req *request.Request, output *GetIdentitySourceOutput) { op := &request.Operation{ Name: opGetIdentitySource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &GetIdentitySourceInput{} } output = &GetIdentitySourceOutput{} req = c.newRequest(op, input, output) return } // GetIdentitySource API operation for Amazon Verified Permissions. // // Retrieves the details about the specified identity source. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation GetIdentitySource for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource func (c *VerifiedPermissions) GetIdentitySource(input *GetIdentitySourceInput) (*GetIdentitySourceOutput, error) { req, out := c.GetIdentitySourceRequest(input) return out, req.Send() } // GetIdentitySourceWithContext is the same as GetIdentitySource with the addition of // the ability to pass a context and additional request options. // // See GetIdentitySource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) GetIdentitySourceWithContext(ctx aws.Context, input *GetIdentitySourceInput, opts ...request.Option) (*GetIdentitySourceOutput, error) { req, out := c.GetIdentitySourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opGetPolicy = "GetPolicy" // GetPolicyRequest generates a "aws/request.Request" representing the // client's request for the GetPolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See GetPolicy for more information on using the GetPolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the GetPolicyRequest method. // req, resp := client.GetPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy func (c *VerifiedPermissions) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) { op := &request.Operation{ Name: opGetPolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &GetPolicyInput{} } output = &GetPolicyOutput{} req = c.newRequest(op, input, output) return } // GetPolicy API operation for Amazon Verified Permissions. // // Retrieves information about the specified policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation GetPolicy for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy func (c *VerifiedPermissions) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) { req, out := c.GetPolicyRequest(input) return out, req.Send() } // GetPolicyWithContext is the same as GetPolicy with the addition of // the ability to pass a context and additional request options. // // See GetPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) { req, out := c.GetPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opGetPolicyStore = "GetPolicyStore" // GetPolicyStoreRequest generates a "aws/request.Request" representing the // client's request for the GetPolicyStore operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See GetPolicyStore for more information on using the GetPolicyStore // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the GetPolicyStoreRequest method. // req, resp := client.GetPolicyStoreRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore func (c *VerifiedPermissions) GetPolicyStoreRequest(input *GetPolicyStoreInput) (req *request.Request, output *GetPolicyStoreOutput) { op := &request.Operation{ Name: opGetPolicyStore, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &GetPolicyStoreInput{} } output = &GetPolicyStoreOutput{} req = c.newRequest(op, input, output) return } // GetPolicyStore API operation for Amazon Verified Permissions. // // Retrieves details about a policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation GetPolicyStore for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore func (c *VerifiedPermissions) GetPolicyStore(input *GetPolicyStoreInput) (*GetPolicyStoreOutput, error) { req, out := c.GetPolicyStoreRequest(input) return out, req.Send() } // GetPolicyStoreWithContext is the same as GetPolicyStore with the addition of // the ability to pass a context and additional request options. // // See GetPolicyStore for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) GetPolicyStoreWithContext(ctx aws.Context, input *GetPolicyStoreInput, opts ...request.Option) (*GetPolicyStoreOutput, error) { req, out := c.GetPolicyStoreRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opGetPolicyTemplate = "GetPolicyTemplate" // GetPolicyTemplateRequest generates a "aws/request.Request" representing the // client's request for the GetPolicyTemplate operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See GetPolicyTemplate for more information on using the GetPolicyTemplate // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the GetPolicyTemplateRequest method. // req, resp := client.GetPolicyTemplateRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate func (c *VerifiedPermissions) GetPolicyTemplateRequest(input *GetPolicyTemplateInput) (req *request.Request, output *GetPolicyTemplateOutput) { op := &request.Operation{ Name: opGetPolicyTemplate, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &GetPolicyTemplateInput{} } output = &GetPolicyTemplateOutput{} req = c.newRequest(op, input, output) return } // GetPolicyTemplate API operation for Amazon Verified Permissions. // // Retrieve the details for the specified policy template in the specified policy // store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation GetPolicyTemplate for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate func (c *VerifiedPermissions) GetPolicyTemplate(input *GetPolicyTemplateInput) (*GetPolicyTemplateOutput, error) { req, out := c.GetPolicyTemplateRequest(input) return out, req.Send() } // GetPolicyTemplateWithContext is the same as GetPolicyTemplate with the addition of // the ability to pass a context and additional request options. // // See GetPolicyTemplate for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) GetPolicyTemplateWithContext(ctx aws.Context, input *GetPolicyTemplateInput, opts ...request.Option) (*GetPolicyTemplateOutput, error) { req, out := c.GetPolicyTemplateRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opGetSchema = "GetSchema" // GetSchemaRequest generates a "aws/request.Request" representing the // client's request for the GetSchema operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See GetSchema for more information on using the GetSchema // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the GetSchemaRequest method. // req, resp := client.GetSchemaRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema func (c *VerifiedPermissions) GetSchemaRequest(input *GetSchemaInput) (req *request.Request, output *GetSchemaOutput) { op := &request.Operation{ Name: opGetSchema, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &GetSchemaInput{} } output = &GetSchemaOutput{} req = c.newRequest(op, input, output) return } // GetSchema API operation for Amazon Verified Permissions. // // Retrieve the details for the specified schema in the specified policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation GetSchema for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema func (c *VerifiedPermissions) GetSchema(input *GetSchemaInput) (*GetSchemaOutput, error) { req, out := c.GetSchemaRequest(input) return out, req.Send() } // GetSchemaWithContext is the same as GetSchema with the addition of // the ability to pass a context and additional request options. // // See GetSchema for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) GetSchemaWithContext(ctx aws.Context, input *GetSchemaInput, opts ...request.Option) (*GetSchemaOutput, error) { req, out := c.GetSchemaRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opIsAuthorized = "IsAuthorized" // IsAuthorizedRequest generates a "aws/request.Request" representing the // client's request for the IsAuthorized operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See IsAuthorized for more information on using the IsAuthorized // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the IsAuthorizedRequest method. // req, resp := client.IsAuthorizedRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized func (c *VerifiedPermissions) IsAuthorizedRequest(input *IsAuthorizedInput) (req *request.Request, output *IsAuthorizedOutput) { op := &request.Operation{ Name: opIsAuthorized, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &IsAuthorizedInput{} } output = &IsAuthorizedOutput{} req = c.newRequest(op, input, output) return } // IsAuthorized API operation for Amazon Verified Permissions. // // Makes an authorization decision about a service request described in the // parameters. The information in the parameters can also define additional // context that Verified Permissions can include in the evaluation. The request // is evaluated against all matching policies in the specified policy store. // The result of the decision is either Allow or Deny, along with a list of // the policies that resulted in the decision. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation IsAuthorized for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized func (c *VerifiedPermissions) IsAuthorized(input *IsAuthorizedInput) (*IsAuthorizedOutput, error) { req, out := c.IsAuthorizedRequest(input) return out, req.Send() } // IsAuthorizedWithContext is the same as IsAuthorized with the addition of // the ability to pass a context and additional request options. // // See IsAuthorized for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) IsAuthorizedWithContext(ctx aws.Context, input *IsAuthorizedInput, opts ...request.Option) (*IsAuthorizedOutput, error) { req, out := c.IsAuthorizedRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opIsAuthorizedWithToken = "IsAuthorizedWithToken" // IsAuthorizedWithTokenRequest generates a "aws/request.Request" representing the // client's request for the IsAuthorizedWithToken operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See IsAuthorizedWithToken for more information on using the IsAuthorizedWithToken // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the IsAuthorizedWithTokenRequest method. // req, resp := client.IsAuthorizedWithTokenRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken func (c *VerifiedPermissions) IsAuthorizedWithTokenRequest(input *IsAuthorizedWithTokenInput) (req *request.Request, output *IsAuthorizedWithTokenOutput) { op := &request.Operation{ Name: opIsAuthorizedWithToken, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &IsAuthorizedWithTokenInput{} } output = &IsAuthorizedWithTokenOutput{} req = c.newRequest(op, input, output) return } // IsAuthorizedWithToken API operation for Amazon Verified Permissions. // // Makes an authorization decision about a service request described in the // parameters. The principal in this request comes from an external identity // source. The information in the parameters can also define additional context // that Verified Permissions can include in the evaluation. The request is evaluated // against all matching policies in the specified policy store. The result of // the decision is either Allow or Deny, along with a list of the policies that // resulted in the decision. // // If you delete a Amazon Cognito user pool or user, tokens from that deleted // pool or that deleted user continue to be usable until they expire. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation IsAuthorizedWithToken for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken func (c *VerifiedPermissions) IsAuthorizedWithToken(input *IsAuthorizedWithTokenInput) (*IsAuthorizedWithTokenOutput, error) { req, out := c.IsAuthorizedWithTokenRequest(input) return out, req.Send() } // IsAuthorizedWithTokenWithContext is the same as IsAuthorizedWithToken with the addition of // the ability to pass a context and additional request options. // // See IsAuthorizedWithToken for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) IsAuthorizedWithTokenWithContext(ctx aws.Context, input *IsAuthorizedWithTokenInput, opts ...request.Option) (*IsAuthorizedWithTokenOutput, error) { req, out := c.IsAuthorizedWithTokenRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opListIdentitySources = "ListIdentitySources" // ListIdentitySourcesRequest generates a "aws/request.Request" representing the // client's request for the ListIdentitySources operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See ListIdentitySources for more information on using the ListIdentitySources // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the ListIdentitySourcesRequest method. // req, resp := client.ListIdentitySourcesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources func (c *VerifiedPermissions) ListIdentitySourcesRequest(input *ListIdentitySourcesInput) (req *request.Request, output *ListIdentitySourcesOutput) { op := &request.Operation{ Name: opListIdentitySources, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ InputTokens: []string{"nextToken"}, OutputTokens: []string{"nextToken"}, LimitToken: "maxResults", TruncationToken: "", }, } if input == nil { input = &ListIdentitySourcesInput{} } output = &ListIdentitySourcesOutput{} req = c.newRequest(op, input, output) return } // ListIdentitySources API operation for Amazon Verified Permissions. // // Returns a paginated list of all of the identity sources defined in the specified // policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation ListIdentitySources for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources func (c *VerifiedPermissions) ListIdentitySources(input *ListIdentitySourcesInput) (*ListIdentitySourcesOutput, error) { req, out := c.ListIdentitySourcesRequest(input) return out, req.Send() } // ListIdentitySourcesWithContext is the same as ListIdentitySources with the addition of // the ability to pass a context and additional request options. // // See ListIdentitySources for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListIdentitySourcesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, opts ...request.Option) (*ListIdentitySourcesOutput, error) { req, out := c.ListIdentitySourcesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } // ListIdentitySourcesPages iterates over the pages of a ListIdentitySources operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // // See ListIdentitySources method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // // // Example iterating over at most 3 pages of a ListIdentitySources operation. // pageNum := 0 // err := client.ListIdentitySourcesPages(params, // func(page *verifiedpermissions.ListIdentitySourcesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) func (c *VerifiedPermissions) ListIdentitySourcesPages(input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool) error { return c.ListIdentitySourcesPagesWithContext(aws.BackgroundContext(), input, fn) } // ListIdentitySourcesPagesWithContext same as ListIdentitySourcesPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListIdentitySourcesPagesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { var inCpy *ListIdentitySourcesInput if input != nil { tmp := *input inCpy = &tmp } req, _ := c.ListIdentitySourcesRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil }, } for p.Next() { if !fn(p.Page().(*ListIdentitySourcesOutput), !p.HasNextPage()) { break } } return p.Err() } const opListPolicies = "ListPolicies" // ListPoliciesRequest generates a "aws/request.Request" representing the // client's request for the ListPolicies operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See ListPolicies for more information on using the ListPolicies // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the ListPoliciesRequest method. // req, resp := client.ListPoliciesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies func (c *VerifiedPermissions) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) { op := &request.Operation{ Name: opListPolicies, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ InputTokens: []string{"nextToken"}, OutputTokens: []string{"nextToken"}, LimitToken: "maxResults", TruncationToken: "", }, } if input == nil { input = &ListPoliciesInput{} } output = &ListPoliciesOutput{} req = c.newRequest(op, input, output) return } // ListPolicies API operation for Amazon Verified Permissions. // // Returns a paginated list of all policies stored in the specified policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation ListPolicies for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies func (c *VerifiedPermissions) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) { req, out := c.ListPoliciesRequest(input) return out, req.Send() } // ListPoliciesWithContext is the same as ListPolicies with the addition of // the ability to pass a context and additional request options. // // See ListPolicies for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) { req, out := c.ListPoliciesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } // ListPoliciesPages iterates over the pages of a ListPolicies operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // // See ListPolicies method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // // // Example iterating over at most 3 pages of a ListPolicies operation. // pageNum := 0 // err := client.ListPoliciesPages(params, // func(page *verifiedpermissions.ListPoliciesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) func (c *VerifiedPermissions) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error { return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn) } // ListPoliciesPagesWithContext same as ListPoliciesPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { var inCpy *ListPoliciesInput if input != nil { tmp := *input inCpy = &tmp } req, _ := c.ListPoliciesRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil }, } for p.Next() { if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) { break } } return p.Err() } const opListPolicyStores = "ListPolicyStores" // ListPolicyStoresRequest generates a "aws/request.Request" representing the // client's request for the ListPolicyStores operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See ListPolicyStores for more information on using the ListPolicyStores // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the ListPolicyStoresRequest method. // req, resp := client.ListPolicyStoresRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores func (c *VerifiedPermissions) ListPolicyStoresRequest(input *ListPolicyStoresInput) (req *request.Request, output *ListPolicyStoresOutput) { op := &request.Operation{ Name: opListPolicyStores, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ InputTokens: []string{"nextToken"}, OutputTokens: []string{"nextToken"}, LimitToken: "maxResults", TruncationToken: "", }, } if input == nil { input = &ListPolicyStoresInput{} } output = &ListPolicyStoresOutput{} req = c.newRequest(op, input, output) return } // ListPolicyStores API operation for Amazon Verified Permissions. // // Returns a paginated list of all policy stores in the calling Amazon Web Services // account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation ListPolicyStores for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores func (c *VerifiedPermissions) ListPolicyStores(input *ListPolicyStoresInput) (*ListPolicyStoresOutput, error) { req, out := c.ListPolicyStoresRequest(input) return out, req.Send() } // ListPolicyStoresWithContext is the same as ListPolicyStores with the addition of // the ability to pass a context and additional request options. // // See ListPolicyStores for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListPolicyStoresWithContext(ctx aws.Context, input *ListPolicyStoresInput, opts ...request.Option) (*ListPolicyStoresOutput, error) { req, out := c.ListPolicyStoresRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } // ListPolicyStoresPages iterates over the pages of a ListPolicyStores operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // // See ListPolicyStores method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // // // Example iterating over at most 3 pages of a ListPolicyStores operation. // pageNum := 0 // err := client.ListPolicyStoresPages(params, // func(page *verifiedpermissions.ListPolicyStoresOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) func (c *VerifiedPermissions) ListPolicyStoresPages(input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool) error { return c.ListPolicyStoresPagesWithContext(aws.BackgroundContext(), input, fn) } // ListPolicyStoresPagesWithContext same as ListPolicyStoresPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListPolicyStoresPagesWithContext(ctx aws.Context, input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { var inCpy *ListPolicyStoresInput if input != nil { tmp := *input inCpy = &tmp } req, _ := c.ListPolicyStoresRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil }, } for p.Next() { if !fn(p.Page().(*ListPolicyStoresOutput), !p.HasNextPage()) { break } } return p.Err() } const opListPolicyTemplates = "ListPolicyTemplates" // ListPolicyTemplatesRequest generates a "aws/request.Request" representing the // client's request for the ListPolicyTemplates operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See ListPolicyTemplates for more information on using the ListPolicyTemplates // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the ListPolicyTemplatesRequest method. // req, resp := client.ListPolicyTemplatesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates func (c *VerifiedPermissions) ListPolicyTemplatesRequest(input *ListPolicyTemplatesInput) (req *request.Request, output *ListPolicyTemplatesOutput) { op := &request.Operation{ Name: opListPolicyTemplates, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ InputTokens: []string{"nextToken"}, OutputTokens: []string{"nextToken"}, LimitToken: "maxResults", TruncationToken: "", }, } if input == nil { input = &ListPolicyTemplatesInput{} } output = &ListPolicyTemplatesOutput{} req = c.newRequest(op, input, output) return } // ListPolicyTemplates API operation for Amazon Verified Permissions. // // Returns a paginated list of all policy templates in the specified policy // store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation ListPolicyTemplates for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates func (c *VerifiedPermissions) ListPolicyTemplates(input *ListPolicyTemplatesInput) (*ListPolicyTemplatesOutput, error) { req, out := c.ListPolicyTemplatesRequest(input) return out, req.Send() } // ListPolicyTemplatesWithContext is the same as ListPolicyTemplates with the addition of // the ability to pass a context and additional request options. // // See ListPolicyTemplates for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListPolicyTemplatesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, opts ...request.Option) (*ListPolicyTemplatesOutput, error) { req, out := c.ListPolicyTemplatesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } // ListPolicyTemplatesPages iterates over the pages of a ListPolicyTemplates operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // // See ListPolicyTemplates method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // // // Example iterating over at most 3 pages of a ListPolicyTemplates operation. // pageNum := 0 // err := client.ListPolicyTemplatesPages(params, // func(page *verifiedpermissions.ListPolicyTemplatesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) func (c *VerifiedPermissions) ListPolicyTemplatesPages(input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool) error { return c.ListPolicyTemplatesPagesWithContext(aws.BackgroundContext(), input, fn) } // ListPolicyTemplatesPagesWithContext same as ListPolicyTemplatesPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) ListPolicyTemplatesPagesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { var inCpy *ListPolicyTemplatesInput if input != nil { tmp := *input inCpy = &tmp } req, _ := c.ListPolicyTemplatesRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil }, } for p.Next() { if !fn(p.Page().(*ListPolicyTemplatesOutput), !p.HasNextPage()) { break } } return p.Err() } const opPutSchema = "PutSchema" // PutSchemaRequest generates a "aws/request.Request" representing the // client's request for the PutSchema operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See PutSchema for more information on using the PutSchema // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the PutSchemaRequest method. // req, resp := client.PutSchemaRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema func (c *VerifiedPermissions) PutSchemaRequest(input *PutSchemaInput) (req *request.Request, output *PutSchemaOutput) { op := &request.Operation{ Name: opPutSchema, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &PutSchemaInput{} } output = &PutSchemaOutput{} req = c.newRequest(op, input, output) return } // PutSchema API operation for Amazon Verified Permissions. // // Creates or updates the policy schema in the specified policy store. The schema // is used to validate any Cedar policies and policy templates submitted to // the policy store. Any changes to the schema validate only policies and templates // submitted after the schema change. Existing policies and templates are not // re-evaluated against the changed schema. If you later update a policy, then // it is evaluated against the new schema at that time. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation PutSchema for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ServiceQuotaExceededException // The request failed because it would cause a service quota to be exceeded. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema func (c *VerifiedPermissions) PutSchema(input *PutSchemaInput) (*PutSchemaOutput, error) { req, out := c.PutSchemaRequest(input) return out, req.Send() } // PutSchemaWithContext is the same as PutSchema with the addition of // the ability to pass a context and additional request options. // // See PutSchema for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) PutSchemaWithContext(ctx aws.Context, input *PutSchemaInput, opts ...request.Option) (*PutSchemaOutput, error) { req, out := c.PutSchemaRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opUpdateIdentitySource = "UpdateIdentitySource" // UpdateIdentitySourceRequest generates a "aws/request.Request" representing the // client's request for the UpdateIdentitySource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See UpdateIdentitySource for more information on using the UpdateIdentitySource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the UpdateIdentitySourceRequest method. // req, resp := client.UpdateIdentitySourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource func (c *VerifiedPermissions) UpdateIdentitySourceRequest(input *UpdateIdentitySourceInput) (req *request.Request, output *UpdateIdentitySourceOutput) { op := &request.Operation{ Name: opUpdateIdentitySource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &UpdateIdentitySourceInput{} } output = &UpdateIdentitySourceOutput{} req = c.newRequest(op, input, output) return } // UpdateIdentitySource API operation for Amazon Verified Permissions. // // Updates the specified identity source to use a new identity provider (IdP) // source, or to change the mapping of identities from the IdP to a different // principal entity type. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation UpdateIdentitySource for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource func (c *VerifiedPermissions) UpdateIdentitySource(input *UpdateIdentitySourceInput) (*UpdateIdentitySourceOutput, error) { req, out := c.UpdateIdentitySourceRequest(input) return out, req.Send() } // UpdateIdentitySourceWithContext is the same as UpdateIdentitySource with the addition of // the ability to pass a context and additional request options. // // See UpdateIdentitySource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) UpdateIdentitySourceWithContext(ctx aws.Context, input *UpdateIdentitySourceInput, opts ...request.Option) (*UpdateIdentitySourceOutput, error) { req, out := c.UpdateIdentitySourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opUpdatePolicy = "UpdatePolicy" // UpdatePolicyRequest generates a "aws/request.Request" representing the // client's request for the UpdatePolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See UpdatePolicy for more information on using the UpdatePolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the UpdatePolicyRequest method. // req, resp := client.UpdatePolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy func (c *VerifiedPermissions) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput) { op := &request.Operation{ Name: opUpdatePolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &UpdatePolicyInput{} } output = &UpdatePolicyOutput{} req = c.newRequest(op, input, output) return } // UpdatePolicy API operation for Amazon Verified Permissions. // // Modifies a Cedar static policy in the specified policy store. You can change // only certain elements of the UpdatePolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyInput.html#amazonverifiedpermissions-UpdatePolicy-request-UpdatePolicyDefinition) // parameter. You can directly update only static policies. To change a template-linked // policy, you must update the template instead, using UpdatePolicyTemplate // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html). // // If policy validation is enabled in the policy store, then updating a static // policy causes Verified Permissions to validate the policy against the schema // in the policy store. If the updated static policy doesn't pass validation, // the operation fails and the update isn't stored. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation UpdatePolicy for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ServiceQuotaExceededException // The request failed because it would cause a service quota to be exceeded. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy func (c *VerifiedPermissions) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error) { req, out := c.UpdatePolicyRequest(input) return out, req.Send() } // UpdatePolicyWithContext is the same as UpdatePolicy with the addition of // the ability to pass a context and additional request options. // // See UpdatePolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error) { req, out := c.UpdatePolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opUpdatePolicyStore = "UpdatePolicyStore" // UpdatePolicyStoreRequest generates a "aws/request.Request" representing the // client's request for the UpdatePolicyStore operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See UpdatePolicyStore for more information on using the UpdatePolicyStore // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the UpdatePolicyStoreRequest method. // req, resp := client.UpdatePolicyStoreRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore func (c *VerifiedPermissions) UpdatePolicyStoreRequest(input *UpdatePolicyStoreInput) (req *request.Request, output *UpdatePolicyStoreOutput) { op := &request.Operation{ Name: opUpdatePolicyStore, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &UpdatePolicyStoreInput{} } output = &UpdatePolicyStoreOutput{} req = c.newRequest(op, input, output) return } // UpdatePolicyStore API operation for Amazon Verified Permissions. // // Modifies the validation setting for a policy store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation UpdatePolicyStore for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore func (c *VerifiedPermissions) UpdatePolicyStore(input *UpdatePolicyStoreInput) (*UpdatePolicyStoreOutput, error) { req, out := c.UpdatePolicyStoreRequest(input) return out, req.Send() } // UpdatePolicyStoreWithContext is the same as UpdatePolicyStore with the addition of // the ability to pass a context and additional request options. // // See UpdatePolicyStore for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) UpdatePolicyStoreWithContext(ctx aws.Context, input *UpdatePolicyStoreInput, opts ...request.Option) (*UpdatePolicyStoreOutput, error) { req, out := c.UpdatePolicyStoreRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } const opUpdatePolicyTemplate = "UpdatePolicyTemplate" // UpdatePolicyTemplateRequest generates a "aws/request.Request" representing the // client's request for the UpdatePolicyTemplate operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // // See UpdatePolicyTemplate for more information on using the UpdatePolicyTemplate // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // // // Example sending a request using the UpdatePolicyTemplateRequest method. // req, resp := client.UpdatePolicyTemplateRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate func (c *VerifiedPermissions) UpdatePolicyTemplateRequest(input *UpdatePolicyTemplateInput) (req *request.Request, output *UpdatePolicyTemplateOutput) { op := &request.Operation{ Name: opUpdatePolicyTemplate, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { input = &UpdatePolicyTemplateInput{} } output = &UpdatePolicyTemplateOutput{} req = c.newRequest(op, input, output) return } // UpdatePolicyTemplate API operation for Amazon Verified Permissions. // // Updates the specified policy template. You can update only the description // and the some elements of the policyBody (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html#amazonverifiedpermissions-UpdatePolicyTemplate-request-policyBody). // // Changes you make to the policy template content are immediately reflected // in authorization decisions that involve all template-linked policies instantiated // from this template. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Verified Permissions's // API operation UpdatePolicyTemplate for usage and error information. // // Returned Error Types: // // - ValidationException // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. // // - ConflictException // The request failed because another request to modify a resource occurred // at the same. // // - AccessDeniedException // You don't have sufficient access to perform this action. // // - ResourceNotFoundException // The request failed because it references a resource that doesn't exist. // // - ThrottlingException // The request failed because it exceeded a throttling quota. // // - InternalServerException // The request failed because of an internal error. Try your request again later // // See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate func (c *VerifiedPermissions) UpdatePolicyTemplate(input *UpdatePolicyTemplateInput) (*UpdatePolicyTemplateOutput, error) { req, out := c.UpdatePolicyTemplateRequest(input) return out, req.Send() } // UpdatePolicyTemplateWithContext is the same as UpdatePolicyTemplate with the addition of // the ability to pass a context and additional request options. // // See UpdatePolicyTemplate for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. func (c *VerifiedPermissions) UpdatePolicyTemplateWithContext(ctx aws.Context, input *UpdatePolicyTemplateInput, opts ...request.Option) (*UpdatePolicyTemplateOutput, error) { req, out := c.UpdatePolicyTemplateRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } // You don't have sufficient access to perform this action. type AccessDeniedException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s AccessDeniedException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s AccessDeniedException) GoString() string { return s.String() } func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { return &AccessDeniedException{ RespMetadata: v, } } // Code returns the exception type name. func (s *AccessDeniedException) Code() string { return "AccessDeniedException" } // Message returns the exception's message. func (s *AccessDeniedException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *AccessDeniedException) OrigErr() error { return nil } func (s *AccessDeniedException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. func (s *AccessDeniedException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *AccessDeniedException) RequestID() string { return s.RespMetadata.RequestID } // Contains information about an action for a request for which an authorization // decision is made. // // This data type is used as an request parameter to the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. // // Example: { "actionId": "", "actionType": "Action" } type ActionIdentifier struct { _ struct{} `type:"structure"` // The ID of an action. // // ActionId is a required field ActionId *string `locationName:"actionId" min:"1" type:"string" required:"true"` // The type of an action. // // ActionType is a required field ActionType *string `locationName:"actionType" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ActionIdentifier) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ActionIdentifier) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ActionIdentifier) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ActionIdentifier"} if s.ActionId == nil { invalidParams.Add(request.NewErrParamRequired("ActionId")) } if s.ActionId != nil && len(*s.ActionId) < 1 { invalidParams.Add(request.NewErrParamMinLen("ActionId", 1)) } if s.ActionType == nil { invalidParams.Add(request.NewErrParamRequired("ActionType")) } if s.ActionType != nil && len(*s.ActionType) < 1 { invalidParams.Add(request.NewErrParamMinLen("ActionType", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetActionId sets the ActionId field's value. func (s *ActionIdentifier) SetActionId(v string) *ActionIdentifier { s.ActionId = &v return s } // SetActionType sets the ActionType field's value. func (s *ActionIdentifier) SetActionType(v string) *ActionIdentifier { s.ActionType = &v return s } // The value of an attribute. // // Contains information about the runtime context for a request for which an // authorization decision is made. // // This data type is used as a member of the ContextDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ContextDefinition.html) // structure which is uses as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. type AttributeValue struct { _ struct{} `type:"structure"` // An attribute value of Boolean (https://docs.cedarpolicy.com/syntax-datatypes.html#boolean) // type. // // Example: {"boolean": true} Boolean *bool `locationName:"boolean" type:"boolean"` // An attribute value of type EntityIdentifier (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html). // // Example: "entityIdentifier": { "entityId": "", "entityType": ""} EntityIdentifier *EntityIdentifier `locationName:"entityIdentifier" type:"structure"` // An attribute value of Long (https://docs.cedarpolicy.com/syntax-datatypes.html#long) // type. // // Example: {"long": 0} Long *int64 `locationName:"long" type:"long"` // An attribute value of Record (https://docs.cedarpolicy.com/syntax-datatypes.html#record) // type. // // Example: {"record": { "keyName": {} } } Record map[string]*AttributeValue `locationName:"record" type:"map"` // An attribute value of Set (https://docs.cedarpolicy.com/syntax-datatypes.html#set) // type. // // Example: {"set": [ {} ] } Set []*AttributeValue `locationName:"set" type:"list"` // An attribute value of String (https://docs.cedarpolicy.com/syntax-datatypes.html#string) // type. // // Example: {"string": "abc"} String_ *string `locationName:"string" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s AttributeValue) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s AttributeValue) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *AttributeValue) Validate() error { invalidParams := request.ErrInvalidParams{Context: "AttributeValue"} if s.EntityIdentifier != nil { if err := s.EntityIdentifier.Validate(); err != nil { invalidParams.AddNested("EntityIdentifier", err.(request.ErrInvalidParams)) } } if s.Record != nil { for i, v := range s.Record { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Record", i), err.(request.ErrInvalidParams)) } } } if s.Set != nil { for i, v := range s.Set { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Set", i), err.(request.ErrInvalidParams)) } } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetBoolean sets the Boolean field's value. func (s *AttributeValue) SetBoolean(v bool) *AttributeValue { s.Boolean = &v return s } // SetEntityIdentifier sets the EntityIdentifier field's value. func (s *AttributeValue) SetEntityIdentifier(v *EntityIdentifier) *AttributeValue { s.EntityIdentifier = v return s } // SetLong sets the Long field's value. func (s *AttributeValue) SetLong(v int64) *AttributeValue { s.Long = &v return s } // SetRecord sets the Record field's value. func (s *AttributeValue) SetRecord(v map[string]*AttributeValue) *AttributeValue { s.Record = v return s } // SetSet sets the Set field's value. func (s *AttributeValue) SetSet(v []*AttributeValue) *AttributeValue { s.Set = v return s } // SetString_ sets the String_ field's value. func (s *AttributeValue) SetString_(v string) *AttributeValue { s.String_ = &v return s } // The configuration for an identity source that represents a connection to // an Amazon Cognito user pool used as an identity provider for Verified Permissions. // // This data type is used as a field that is part of an Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html) // structure that is used as a parameter to the Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html). // // Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": // ["a1b2c3d4e5f6g7h8i9j0kalbmc"]} type CognitoUserPoolConfiguration struct { _ struct{} `type:"structure"` // The unique application client IDs that are associated with the specified // Amazon Cognito user pool. // // Example: "ClientIds": ["&ExampleCogClientId;"] ClientIds []*string `locationName:"clientIds" type:"list"` // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of the Amazon Cognito user pool that contains the identities to be authorized. // // Example: "UserPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5" // // UserPoolArn is a required field UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CognitoUserPoolConfiguration) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CognitoUserPoolConfiguration) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *CognitoUserPoolConfiguration) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CognitoUserPoolConfiguration"} if s.UserPoolArn == nil { invalidParams.Add(request.NewErrParamRequired("UserPoolArn")) } if s.UserPoolArn != nil && len(*s.UserPoolArn) < 1 { invalidParams.Add(request.NewErrParamMinLen("UserPoolArn", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetClientIds sets the ClientIds field's value. func (s *CognitoUserPoolConfiguration) SetClientIds(v []*string) *CognitoUserPoolConfiguration { s.ClientIds = v return s } // SetUserPoolArn sets the UserPoolArn field's value. func (s *CognitoUserPoolConfiguration) SetUserPoolArn(v string) *CognitoUserPoolConfiguration { s.UserPoolArn = &v return s } // Contains configuration information used when creating a new identity source. // // At this time, the only valid member of this structure is a Amazon Cognito // user pool configuration. // // You must specify a userPoolArn, and optionally, a ClientId. // // This data type is used as a request parameter for the CreateIdentitySource // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) // operation. type Configuration struct { _ struct{} `type:"structure"` // Contains configuration details of a Amazon Cognito user pool that Verified // Permissions can use as a source of authenticated identities as entities. // It specifies the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of a Amazon Cognito user pool and one or more application client IDs. // // Example: "configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds": // ["a1b2c3d4e5f6g7h8i9j0kalbmc"]}} CognitoUserPoolConfiguration *CognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s Configuration) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s Configuration) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *Configuration) Validate() error { invalidParams := request.ErrInvalidParams{Context: "Configuration"} if s.CognitoUserPoolConfiguration != nil { if err := s.CognitoUserPoolConfiguration.Validate(); err != nil { invalidParams.AddNested("CognitoUserPoolConfiguration", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value. func (s *Configuration) SetCognitoUserPoolConfiguration(v *CognitoUserPoolConfiguration) *Configuration { s.CognitoUserPoolConfiguration = v return s } // The request failed because another request to modify a resource occurred // at the same. type ConflictException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // The list of resources referenced with this failed request. // // Resources is a required field Resources []*ResourceConflict `locationName:"resources" type:"list" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ConflictException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ConflictException) GoString() string { return s.String() } func newErrorConflictException(v protocol.ResponseMetadata) error { return &ConflictException{ RespMetadata: v, } } // Code returns the exception type name. func (s *ConflictException) Code() string { return "ConflictException" } // Message returns the exception's message. func (s *ConflictException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *ConflictException) OrigErr() error { return nil } func (s *ConflictException) Error() string { return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. func (s *ConflictException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *ConflictException) RequestID() string { return s.RespMetadata.RequestID } // Contains additional details about the context of the request. Verified Permissions // evaluates this information in an authorization request as part of the when // and unless clauses in a policy. // // This data type is used as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. // // Example: "context":{"Context":{"":{"boolean":true},"":{"long":1234}}} type ContextDefinition struct { _ struct{} `type:"structure"` // An list of attributes that are needed to successfully evaluate an authorization // request. Each attribute in this array must include a map of a data type and // its value. // // Example: "Context":{"":{"boolean":true},"":{"long":1234}} ContextMap map[string]*AttributeValue `locationName:"contextMap" type:"map"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ContextDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ContextDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ContextDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ContextDefinition"} if s.ContextMap != nil { for i, v := range s.ContextMap { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ContextMap", i), err.(request.ErrInvalidParams)) } } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetContextMap sets the ContextMap field's value. func (s *ContextDefinition) SetContextMap(v map[string]*AttributeValue) *ContextDefinition { s.ContextMap = v return s } type CreateIdentitySourceInput struct { _ struct{} `type:"structure"` // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency // of the request. This lets you safely retry the request without accidentally // performing the same operation a second time. Passing the same value to a // later call to an operation requires that you also pass the same value for // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier). // // If you don't provide this value, then Amazon Web Services generates a random // one for you. // // If you retry the operation with the same ClientToken, but with different // parameters, the retry fails with an IdempotentParameterMismatch error. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` // Specifies the details required to communicate with the identity provider // (IdP) associated with this identity source. // // At this time, the only valid member of this structure is a Amazon Cognito // user pool configuration. // // You must specify a UserPoolArn, and optionally, a ClientId. // // Configuration is a required field Configuration *Configuration `locationName:"configuration" type:"structure" required:"true"` // Specifies the ID of the policy store in which you want to store this identity // source. Only policies and requests made using this policy store can reference // identities from the identity provider configured in the new identity source. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the namespace and data type of the principals generated for identities // authenticated by the new identity source. PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreateIdentitySourceInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreateIdentitySourceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *CreateIdentitySourceInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateIdentitySourceInput"} if s.ClientToken != nil && len(*s.ClientToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) } if s.Configuration == nil { invalidParams.Add(request.NewErrParamRequired("Configuration")) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.PrincipalEntityType != nil && len(*s.PrincipalEntityType) < 1 { invalidParams.Add(request.NewErrParamMinLen("PrincipalEntityType", 1)) } if s.Configuration != nil { if err := s.Configuration.Validate(); err != nil { invalidParams.AddNested("Configuration", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetClientToken sets the ClientToken field's value. func (s *CreateIdentitySourceInput) SetClientToken(v string) *CreateIdentitySourceInput { s.ClientToken = &v return s } // SetConfiguration sets the Configuration field's value. func (s *CreateIdentitySourceInput) SetConfiguration(v *Configuration) *CreateIdentitySourceInput { s.Configuration = v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreateIdentitySourceInput) SetPolicyStoreId(v string) *CreateIdentitySourceInput { s.PolicyStoreId = &v return s } // SetPrincipalEntityType sets the PrincipalEntityType field's value. func (s *CreateIdentitySourceInput) SetPrincipalEntityType(v string) *CreateIdentitySourceInput { s.PrincipalEntityType = &v return s } type CreateIdentitySourceOutput struct { _ struct{} `type:"structure"` // The date and time the identity source was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The unique ID of the new identity source. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // The date and time the identity source was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the identity source. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreateIdentitySourceOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreateIdentitySourceOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *CreateIdentitySourceOutput) SetCreatedDate(v time.Time) *CreateIdentitySourceOutput { s.CreatedDate = &v return s } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *CreateIdentitySourceOutput) SetIdentitySourceId(v string) *CreateIdentitySourceOutput { s.IdentitySourceId = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *CreateIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *CreateIdentitySourceOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreateIdentitySourceOutput) SetPolicyStoreId(v string) *CreateIdentitySourceOutput { s.PolicyStoreId = &v return s } type CreatePolicyInput struct { _ struct{} `type:"structure"` // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency // of the request. This lets you safely retry the request without accidentally // performing the same operation a second time. Passing the same value to a // later call to an operation requires that you also pass the same value for // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier). // // If you don't provide this value, then Amazon Web Services generates a random // one for you. // // If you retry the operation with the same ClientToken, but with different // parameters, the retry fails with an IdempotentParameterMismatch error. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` // A structure that specifies the policy type and content to use for the new // policy. You must include either a static or a templateLinked element. The // policy content must be written in the Cedar policy language. // // Definition is a required field Definition *PolicyDefinition `locationName:"definition" type:"structure" required:"true"` // Specifies the PolicyStoreId of the policy store you want to store the policy // in. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *CreatePolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"} if s.ClientToken != nil && len(*s.ClientToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) } if s.Definition == nil { invalidParams.Add(request.NewErrParamRequired("Definition")) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Definition != nil { if err := s.Definition.Validate(); err != nil { invalidParams.AddNested("Definition", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetClientToken sets the ClientToken field's value. func (s *CreatePolicyInput) SetClientToken(v string) *CreatePolicyInput { s.ClientToken = &v return s } // SetDefinition sets the Definition field's value. func (s *CreatePolicyInput) SetDefinition(v *PolicyDefinition) *CreatePolicyInput { s.Definition = v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreatePolicyInput) SetPolicyStoreId(v string) *CreatePolicyInput { s.PolicyStoreId = &v return s } type CreatePolicyOutput struct { _ struct{} `type:"structure"` // The date and time the policy was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time the policy was last updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The unique ID of the new policy. // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // The ID of the policy store that contains the new policy. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The policy type of the new policy. // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` // The principal specified in the new policy's scope. This response element // isn't present when principal isn't specified in the policy content. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource specified in the new policy's scope. This response element isn't // present when the resource isn't specified in the policy content. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *CreatePolicyOutput) SetCreatedDate(v time.Time) *CreatePolicyOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *CreatePolicyOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyOutput { s.LastUpdatedDate = &v return s } // SetPolicyId sets the PolicyId field's value. func (s *CreatePolicyOutput) SetPolicyId(v string) *CreatePolicyOutput { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreatePolicyOutput) SetPolicyStoreId(v string) *CreatePolicyOutput { s.PolicyStoreId = &v return s } // SetPolicyType sets the PolicyType field's value. func (s *CreatePolicyOutput) SetPolicyType(v string) *CreatePolicyOutput { s.PolicyType = &v return s } // SetPrincipal sets the Principal field's value. func (s *CreatePolicyOutput) SetPrincipal(v *EntityIdentifier) *CreatePolicyOutput { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *CreatePolicyOutput) SetResource(v *EntityIdentifier) *CreatePolicyOutput { s.Resource = v return s } type CreatePolicyStoreInput struct { _ struct{} `type:"structure"` // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency // of the request. This lets you safely retry the request without accidentally // performing the same operation a second time. Passing the same value to a // later call to an operation requires that you also pass the same value for // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier). // // If you don't provide this value, then Amazon Web Services generates a random // one for you. // // If you retry the operation with the same ClientToken, but with different // parameters, the retry fails with an IdempotentParameterMismatch error. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` // Specifies the validation setting for this policy store. // // Currently, the only valid and required value is Mode. // // We recommend that you turn on STRICT mode only after you define a schema. // If a schema doesn't exist, then STRICT mode causes any policy to fail validation, // and Verified Permissions rejects the policy. You can turn off validation // by using the UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore). // Then, when you have a schema defined, use UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) // again to turn validation back on. // // ValidationSettings is a required field ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyStoreInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyStoreInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *CreatePolicyStoreInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreatePolicyStoreInput"} if s.ClientToken != nil && len(*s.ClientToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) } if s.ValidationSettings == nil { invalidParams.Add(request.NewErrParamRequired("ValidationSettings")) } if s.ValidationSettings != nil { if err := s.ValidationSettings.Validate(); err != nil { invalidParams.AddNested("ValidationSettings", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetClientToken sets the ClientToken field's value. func (s *CreatePolicyStoreInput) SetClientToken(v string) *CreatePolicyStoreInput { s.ClientToken = &v return s } // SetValidationSettings sets the ValidationSettings field's value. func (s *CreatePolicyStoreInput) SetValidationSettings(v *ValidationSettings) *CreatePolicyStoreInput { s.ValidationSettings = v return s } type CreatePolicyStoreOutput struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) of the new policy store. // // Arn is a required field Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` // The date and time the policy store was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time the policy store was last updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The unique ID of the new policy store. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyStoreOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyStoreOutput) GoString() string { return s.String() } // SetArn sets the Arn field's value. func (s *CreatePolicyStoreOutput) SetArn(v string) *CreatePolicyStoreOutput { s.Arn = &v return s } // SetCreatedDate sets the CreatedDate field's value. func (s *CreatePolicyStoreOutput) SetCreatedDate(v time.Time) *CreatePolicyStoreOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *CreatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyStoreOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreatePolicyStoreOutput) SetPolicyStoreId(v string) *CreatePolicyStoreOutput { s.PolicyStoreId = &v return s } type CreatePolicyTemplateInput struct { _ struct{} `type:"structure"` // Specifies a unique, case-sensitive ID that you provide to ensure the idempotency // of the request. This lets you safely retry the request without accidentally // performing the same operation a second time. Passing the same value to a // later call to an operation requires that you also pass the same value for // all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier). // // If you don't provide this value, then Amazon Web Services generates a random // one for you. // // If you retry the operation with the same ClientToken, but with different // parameters, the retry fails with an IdempotentParameterMismatch error. ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"` // Specifies a description for the policy template. Description *string `locationName:"description" type:"string"` // The ID of the policy store in which to create the policy template. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the content that you want to use for the new policy template, written // in the Cedar policy language. // // Statement is a required field Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyTemplateInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyTemplateInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *CreatePolicyTemplateInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreatePolicyTemplateInput"} if s.ClientToken != nil && len(*s.ClientToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("ClientToken", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Statement == nil { invalidParams.Add(request.NewErrParamRequired("Statement")) } if s.Statement != nil && len(*s.Statement) < 1 { invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetClientToken sets the ClientToken field's value. func (s *CreatePolicyTemplateInput) SetClientToken(v string) *CreatePolicyTemplateInput { s.ClientToken = &v return s } // SetDescription sets the Description field's value. func (s *CreatePolicyTemplateInput) SetDescription(v string) *CreatePolicyTemplateInput { s.Description = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreatePolicyTemplateInput) SetPolicyStoreId(v string) *CreatePolicyTemplateInput { s.PolicyStoreId = &v return s } // SetStatement sets the Statement field's value. func (s *CreatePolicyTemplateInput) SetStatement(v string) *CreatePolicyTemplateInput { s.Statement = &v return s } type CreatePolicyTemplateOutput struct { _ struct{} `type:"structure"` // The date and time the policy template was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time the policy template was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the policy template. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The unique ID of the new policy template. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyTemplateOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s CreatePolicyTemplateOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *CreatePolicyTemplateOutput) SetCreatedDate(v time.Time) *CreatePolicyTemplateOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *CreatePolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyTemplateOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *CreatePolicyTemplateOutput) SetPolicyStoreId(v string) *CreatePolicyTemplateOutput { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *CreatePolicyTemplateOutput) SetPolicyTemplateId(v string) *CreatePolicyTemplateOutput { s.PolicyTemplateId = &v return s } type DeleteIdentitySourceInput struct { _ struct{} `type:"structure"` // Specifies the ID of the identity source that you want to delete. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy store that contains the identity source that // you want to delete. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeleteIdentitySourceInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeleteIdentitySourceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *DeleteIdentitySourceInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DeleteIdentitySourceInput"} if s.IdentitySourceId == nil { invalidParams.Add(request.NewErrParamRequired("IdentitySourceId")) } if s.IdentitySourceId != nil && len(*s.IdentitySourceId) < 1 { invalidParams.Add(request.NewErrParamMinLen("IdentitySourceId", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *DeleteIdentitySourceInput) SetIdentitySourceId(v string) *DeleteIdentitySourceInput { s.IdentitySourceId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *DeleteIdentitySourceInput) SetPolicyStoreId(v string) *DeleteIdentitySourceInput { s.PolicyStoreId = &v return s } type DeleteIdentitySourceOutput struct { _ struct{} `type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeleteIdentitySourceOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeleteIdentitySourceOutput) GoString() string { return s.String() } type DeletePolicyInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy that you want to delete. // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy store that contains the policy that you want // to delete. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *DeletePolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"} if s.PolicyId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyId")) } if s.PolicyId != nil && len(*s.PolicyId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyId", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyId sets the PolicyId field's value. func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *DeletePolicyInput) SetPolicyStoreId(v string) *DeletePolicyInput { s.PolicyStoreId = &v return s } type DeletePolicyOutput struct { _ struct{} `type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyOutput) GoString() string { return s.String() } type DeletePolicyStoreInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy store that you want to delete. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyStoreInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyStoreInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *DeletePolicyStoreInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DeletePolicyStoreInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *DeletePolicyStoreInput) SetPolicyStoreId(v string) *DeletePolicyStoreInput { s.PolicyStoreId = &v return s } type DeletePolicyStoreOutput struct { _ struct{} `type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyStoreOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyStoreOutput) GoString() string { return s.String() } type DeletePolicyTemplateInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy store that contains the policy template that // you want to delete. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy template that you want to delete. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyTemplateInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyTemplateInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *DeletePolicyTemplateInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DeletePolicyTemplateInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.PolicyTemplateId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) } if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *DeletePolicyTemplateInput) SetPolicyStoreId(v string) *DeletePolicyTemplateInput { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *DeletePolicyTemplateInput) SetPolicyTemplateId(v string) *DeletePolicyTemplateInput { s.PolicyTemplateId = &v return s } type DeletePolicyTemplateOutput struct { _ struct{} `type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyTemplateOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeletePolicyTemplateOutput) GoString() string { return s.String() } // Contains information about one of the policies that determined an authorization // decision. // // This data type is used as an element in a response parameter for the IsAuthorized // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. // // Example: "determiningPolicies":[{"policyId":"SPEXAMPLEabcdefg111111"}] type DeterminingPolicyItem struct { _ struct{} `type:"structure"` // The Id of a policy that determined to an authorization decision. // // Example: "policyId":"SPEXAMPLEabcdefg111111" // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeterminingPolicyItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s DeterminingPolicyItem) GoString() string { return s.String() } // SetPolicyId sets the PolicyId field's value. func (s *DeterminingPolicyItem) SetPolicyId(v string) *DeterminingPolicyItem { s.PolicyId = &v return s } // Contains the list of entities to be considered during an authorization request. // This includes all principals, resources, and actions required to successfully // evaluate the request. // // This data type is used as a field in the response parameter for the IsAuthorized // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. type EntitiesDefinition struct { _ struct{} `type:"structure"` // An array of entities that are needed to successfully evaluate an authorization // request. Each entity in this array must include an identifier for the entity, // the attributes of the entity, and a list of any parent entities. EntityList []*EntityItem `locationName:"entityList" type:"list"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntitiesDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntitiesDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *EntitiesDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "EntitiesDefinition"} if s.EntityList != nil { for i, v := range s.EntityList { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "EntityList", i), err.(request.ErrInvalidParams)) } } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetEntityList sets the EntityList field's value. func (s *EntitiesDefinition) SetEntityList(v []*EntityItem) *EntitiesDefinition { s.EntityList = v return s } // Contains the identifier of an entity, including its ID and type. // // This data type is used as a request parameter for IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // operation, and as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html), // GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html), // and UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) // operations. // // Example: {"entityId":"string","entityType":"string"} type EntityIdentifier struct { _ struct{} `type:"structure"` // The identifier of an entity. // // "entityId":"identifier" // // EntityId is a required field EntityId *string `locationName:"entityId" min:"1" type:"string" required:"true"` // The type of an entity. // // Example: "entityType":"typeName" // // EntityType is a required field EntityType *string `locationName:"entityType" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntityIdentifier) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntityIdentifier) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *EntityIdentifier) Validate() error { invalidParams := request.ErrInvalidParams{Context: "EntityIdentifier"} if s.EntityId == nil { invalidParams.Add(request.NewErrParamRequired("EntityId")) } if s.EntityId != nil && len(*s.EntityId) < 1 { invalidParams.Add(request.NewErrParamMinLen("EntityId", 1)) } if s.EntityType == nil { invalidParams.Add(request.NewErrParamRequired("EntityType")) } if s.EntityType != nil && len(*s.EntityType) < 1 { invalidParams.Add(request.NewErrParamMinLen("EntityType", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetEntityId sets the EntityId field's value. func (s *EntityIdentifier) SetEntityId(v string) *EntityIdentifier { s.EntityId = &v return s } // SetEntityType sets the EntityType field's value. func (s *EntityIdentifier) SetEntityType(v string) *EntityIdentifier { s.EntityType = &v return s } // Contains information about an entity that can be referenced in a Cedar policy. // // This data type is used as one of the fields in the EntitiesDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntitiesDefinition.html) // structure. // // { "id": { "entityType": "Photo", "entityId": "VacationPhoto94.jpg" }, "Attributes": // {}, "Parents": [ { "entityType": "Album", "entityId": "alice_folder" } ] // } type EntityItem struct { _ struct{} `type:"structure"` // A list of attributes for the entity. Attributes map[string]*AttributeValue `locationName:"attributes" type:"map"` // The identifier of the entity. // // Identifier is a required field Identifier *EntityIdentifier `locationName:"identifier" type:"structure" required:"true"` // The parents in the hierarchy that contains the entity. Parents []*EntityIdentifier `locationName:"parents" type:"list"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntityItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntityItem) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *EntityItem) Validate() error { invalidParams := request.ErrInvalidParams{Context: "EntityItem"} if s.Identifier == nil { invalidParams.Add(request.NewErrParamRequired("Identifier")) } if s.Attributes != nil { for i, v := range s.Attributes { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Attributes", i), err.(request.ErrInvalidParams)) } } } if s.Identifier != nil { if err := s.Identifier.Validate(); err != nil { invalidParams.AddNested("Identifier", err.(request.ErrInvalidParams)) } } if s.Parents != nil { for i, v := range s.Parents { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Parents", i), err.(request.ErrInvalidParams)) } } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetAttributes sets the Attributes field's value. func (s *EntityItem) SetAttributes(v map[string]*AttributeValue) *EntityItem { s.Attributes = v return s } // SetIdentifier sets the Identifier field's value. func (s *EntityItem) SetIdentifier(v *EntityIdentifier) *EntityItem { s.Identifier = v return s } // SetParents sets the Parents field's value. func (s *EntityItem) SetParents(v []*EntityIdentifier) *EntityItem { s.Parents = v return s } // Contains information about a principal or resource that can be referenced // in a Cedar policy. // // This data type is used as part of the PolicyFilter (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyFilter.html) // structure that is used as a request parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) // operation.. type EntityReference struct { _ struct{} `type:"structure"` // The identifier of the entity. It can consist of either an EntityType and // EntityId, a principal, or a resource. Identifier *EntityIdentifier `locationName:"identifier" type:"structure"` // Used to indicate that a principal or resource is not specified. This can // be used to search for policies that are not associated with a specific principal // or resource. Unspecified *bool `locationName:"unspecified" type:"boolean"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntityReference) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EntityReference) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *EntityReference) Validate() error { invalidParams := request.ErrInvalidParams{Context: "EntityReference"} if s.Identifier != nil { if err := s.Identifier.Validate(); err != nil { invalidParams.AddNested("Identifier", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetIdentifier sets the Identifier field's value. func (s *EntityReference) SetIdentifier(v *EntityIdentifier) *EntityReference { s.Identifier = v return s } // SetUnspecified sets the Unspecified field's value. func (s *EntityReference) SetUnspecified(v bool) *EntityReference { s.Unspecified = &v return s } // Contains a description of an evaluation error. // // This data type is used as a request parameter in the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) // and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) // operations. type EvaluationErrorItem struct { _ struct{} `type:"structure"` // The error description. // // ErrorDescription is a required field ErrorDescription *string `locationName:"errorDescription" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EvaluationErrorItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s EvaluationErrorItem) GoString() string { return s.String() } // SetErrorDescription sets the ErrorDescription field's value. func (s *EvaluationErrorItem) SetErrorDescription(v string) *EvaluationErrorItem { s.ErrorDescription = &v return s } type GetIdentitySourceInput struct { _ struct{} `type:"structure"` // Specifies the ID of the identity source you want information about. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy store that contains the identity source you // want information about. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetIdentitySourceInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetIdentitySourceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *GetIdentitySourceInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetIdentitySourceInput"} if s.IdentitySourceId == nil { invalidParams.Add(request.NewErrParamRequired("IdentitySourceId")) } if s.IdentitySourceId != nil && len(*s.IdentitySourceId) < 1 { invalidParams.Add(request.NewErrParamMinLen("IdentitySourceId", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *GetIdentitySourceInput) SetIdentitySourceId(v string) *GetIdentitySourceInput { s.IdentitySourceId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetIdentitySourceInput) SetPolicyStoreId(v string) *GetIdentitySourceInput { s.PolicyStoreId = &v return s } type GetIdentitySourceOutput struct { _ struct{} `type:"structure"` // The date and time that the identity source was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // A structure that describes the configuration of the identity source. // // Details is a required field Details *IdentitySourceDetails `locationName:"details" type:"structure" required:"true"` // The ID of the identity source. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // The date and time that the identity source was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the identity source. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The data type of principals generated for identities authenticated by this // identity source. // // PrincipalEntityType is a required field PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetIdentitySourceOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetIdentitySourceOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *GetIdentitySourceOutput) SetCreatedDate(v time.Time) *GetIdentitySourceOutput { s.CreatedDate = &v return s } // SetDetails sets the Details field's value. func (s *GetIdentitySourceOutput) SetDetails(v *IdentitySourceDetails) *GetIdentitySourceOutput { s.Details = v return s } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *GetIdentitySourceOutput) SetIdentitySourceId(v string) *GetIdentitySourceOutput { s.IdentitySourceId = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *GetIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *GetIdentitySourceOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetIdentitySourceOutput) SetPolicyStoreId(v string) *GetIdentitySourceOutput { s.PolicyStoreId = &v return s } // SetPrincipalEntityType sets the PrincipalEntityType field's value. func (s *GetIdentitySourceOutput) SetPrincipalEntityType(v string) *GetIdentitySourceOutput { s.PrincipalEntityType = &v return s } type GetPolicyInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy you want information about. // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy store that contains the policy that you want // information about. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *GetPolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"} if s.PolicyId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyId")) } if s.PolicyId != nil && len(*s.PolicyId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyId", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyId sets the PolicyId field's value. func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetPolicyInput) SetPolicyStoreId(v string) *GetPolicyInput { s.PolicyStoreId = &v return s } type GetPolicyOutput struct { _ struct{} `type:"structure"` // The date and time that the policy was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The definition of the requested policy. // // Definition is a required field Definition *PolicyDefinitionDetail `locationName:"definition" type:"structure" required:"true"` // The date and time that the policy was last updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The unique ID of the policy that you want information about. // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // The ID of the policy store that contains the policy that you want information // about. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The type of the policy. // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` // The principal specified in the policy's scope. This element isn't included // in the response when Principal isn't present in the policy content. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource specified in the policy's scope. This element isn't included // in the response when Resource isn't present in the policy content. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *GetPolicyOutput) SetCreatedDate(v time.Time) *GetPolicyOutput { s.CreatedDate = &v return s } // SetDefinition sets the Definition field's value. func (s *GetPolicyOutput) SetDefinition(v *PolicyDefinitionDetail) *GetPolicyOutput { s.Definition = v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *GetPolicyOutput) SetLastUpdatedDate(v time.Time) *GetPolicyOutput { s.LastUpdatedDate = &v return s } // SetPolicyId sets the PolicyId field's value. func (s *GetPolicyOutput) SetPolicyId(v string) *GetPolicyOutput { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetPolicyOutput) SetPolicyStoreId(v string) *GetPolicyOutput { s.PolicyStoreId = &v return s } // SetPolicyType sets the PolicyType field's value. func (s *GetPolicyOutput) SetPolicyType(v string) *GetPolicyOutput { s.PolicyType = &v return s } // SetPrincipal sets the Principal field's value. func (s *GetPolicyOutput) SetPrincipal(v *EntityIdentifier) *GetPolicyOutput { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *GetPolicyOutput) SetResource(v *EntityIdentifier) *GetPolicyOutput { s.Resource = v return s } type GetPolicyStoreInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy store that you want information about. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyStoreInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyStoreInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *GetPolicyStoreInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetPolicyStoreInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetPolicyStoreInput) SetPolicyStoreId(v string) *GetPolicyStoreInput { s.PolicyStoreId = &v return s } type GetPolicyStoreOutput struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) of the policy store. // // Arn is a required field Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` // The date and time that the policy store was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time that the policy store was last updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store; // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The current validation settings for the policy store. // // ValidationSettings is a required field ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyStoreOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyStoreOutput) GoString() string { return s.String() } // SetArn sets the Arn field's value. func (s *GetPolicyStoreOutput) SetArn(v string) *GetPolicyStoreOutput { s.Arn = &v return s } // SetCreatedDate sets the CreatedDate field's value. func (s *GetPolicyStoreOutput) SetCreatedDate(v time.Time) *GetPolicyStoreOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *GetPolicyStoreOutput) SetLastUpdatedDate(v time.Time) *GetPolicyStoreOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetPolicyStoreOutput) SetPolicyStoreId(v string) *GetPolicyStoreOutput { s.PolicyStoreId = &v return s } // SetValidationSettings sets the ValidationSettings field's value. func (s *GetPolicyStoreOutput) SetValidationSettings(v *ValidationSettings) *GetPolicyStoreOutput { s.ValidationSettings = v return s } type GetPolicyTemplateInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy store that contains the policy template that // you want information about. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy template that you want information about. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyTemplateInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyTemplateInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *GetPolicyTemplateInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetPolicyTemplateInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.PolicyTemplateId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) } if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetPolicyTemplateInput) SetPolicyStoreId(v string) *GetPolicyTemplateInput { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *GetPolicyTemplateInput) SetPolicyTemplateId(v string) *GetPolicyTemplateInput { s.PolicyTemplateId = &v return s } type GetPolicyTemplateOutput struct { _ struct{} `type:"structure"` // The date and time that the policy template was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The description of the policy template. Description *string `locationName:"description" type:"string"` // The date and time that the policy template was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the policy template. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The ID of the policy template. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` // The content of the body of the policy template written in the Cedar policy // language. // // Statement is a required field Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyTemplateOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetPolicyTemplateOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *GetPolicyTemplateOutput) SetCreatedDate(v time.Time) *GetPolicyTemplateOutput { s.CreatedDate = &v return s } // SetDescription sets the Description field's value. func (s *GetPolicyTemplateOutput) SetDescription(v string) *GetPolicyTemplateOutput { s.Description = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *GetPolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *GetPolicyTemplateOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetPolicyTemplateOutput) SetPolicyStoreId(v string) *GetPolicyTemplateOutput { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *GetPolicyTemplateOutput) SetPolicyTemplateId(v string) *GetPolicyTemplateOutput { s.PolicyTemplateId = &v return s } // SetStatement sets the Statement field's value. func (s *GetPolicyTemplateOutput) SetStatement(v string) *GetPolicyTemplateOutput { s.Statement = &v return s } type GetSchemaInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy store that contains the schema. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetSchemaInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetSchemaInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *GetSchemaInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetSchemaInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetSchemaInput) SetPolicyStoreId(v string) *GetSchemaInput { s.PolicyStoreId = &v return s } type GetSchemaOutput struct { _ struct{} `type:"structure"` // The date and time that the schema was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time that the schema was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the schema. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The body of the schema, written in Cedar schema JSON. // // Schema is a required field Schema *string `locationName:"schema" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetSchemaOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s GetSchemaOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *GetSchemaOutput) SetCreatedDate(v time.Time) *GetSchemaOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *GetSchemaOutput) SetLastUpdatedDate(v time.Time) *GetSchemaOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *GetSchemaOutput) SetPolicyStoreId(v string) *GetSchemaOutput { s.PolicyStoreId = &v return s } // SetSchema sets the Schema field's value. func (s *GetSchemaOutput) SetSchema(v string) *GetSchemaOutput { s.Schema = &v return s } // A structure that contains configuration of the identity source. // // This data type is used as a response parameter for the CreateIdentitySource // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) // operation. type IdentitySourceDetails struct { _ struct{} `type:"structure"` // The application client IDs associated with the specified Amazon Cognito user // pool that are enabled for this identity source. ClientIds []*string `locationName:"clientIds" type:"list"` // The well-known URL that points to this user pool's OIDC discovery endpoint. // This is a URL string in the following format. This URL replaces the placeholders // for both the Amazon Web Services Region and the user pool identifier with // those appropriate for this user pool. // // https://cognito-idp..amazonaws.com//.well-known/openid-configuration DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" type:"string"` // A string that identifies the type of OIDC service represented by this identity // source. // // At this time, the only valid value is cognito. OpenIdIssuer *string `locationName:"openIdIssuer" type:"string" enum:"OpenIdIssuer"` // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of the Amazon Cognito user pool whose identities are accessible to this Verified // Permissions policy store. UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceDetails) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceDetails) GoString() string { return s.String() } // SetClientIds sets the ClientIds field's value. func (s *IdentitySourceDetails) SetClientIds(v []*string) *IdentitySourceDetails { s.ClientIds = v return s } // SetDiscoveryUrl sets the DiscoveryUrl field's value. func (s *IdentitySourceDetails) SetDiscoveryUrl(v string) *IdentitySourceDetails { s.DiscoveryUrl = &v return s } // SetOpenIdIssuer sets the OpenIdIssuer field's value. func (s *IdentitySourceDetails) SetOpenIdIssuer(v string) *IdentitySourceDetails { s.OpenIdIssuer = &v return s } // SetUserPoolArn sets the UserPoolArn field's value. func (s *IdentitySourceDetails) SetUserPoolArn(v string) *IdentitySourceDetails { s.UserPoolArn = &v return s } // A structure that defines characteristics of an identity source that you can // use to filter. // // This data type is used as a request parameter for the ListIdentityStores // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) // operation. type IdentitySourceFilter struct { _ struct{} `type:"structure"` // The Cedar entity type of the principals returned by the identity provider // (IdP) associated with this identity source. PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceFilter) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceFilter) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *IdentitySourceFilter) Validate() error { invalidParams := request.ErrInvalidParams{Context: "IdentitySourceFilter"} if s.PrincipalEntityType != nil && len(*s.PrincipalEntityType) < 1 { invalidParams.Add(request.NewErrParamMinLen("PrincipalEntityType", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPrincipalEntityType sets the PrincipalEntityType field's value. func (s *IdentitySourceFilter) SetPrincipalEntityType(v string) *IdentitySourceFilter { s.PrincipalEntityType = &v return s } // A structure that defines an identity source. // // This data type is used as a request parameter for the ListIdentityStores // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) // operation. type IdentitySourceItem struct { _ struct{} `type:"structure"` // The date and time the identity source was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // A structure that contains the details of the associated identity provider // (IdP). // // Details is a required field Details *IdentitySourceItemDetails `locationName:"details" type:"structure" required:"true"` // The unique identifier of the identity source. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // The date and time the identity source was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The identifier of the policy store that contains the identity source. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The Cedar entity type of the principals returned from the IdP associated // with this identity source. // // PrincipalEntityType is a required field PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceItem) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *IdentitySourceItem) SetCreatedDate(v time.Time) *IdentitySourceItem { s.CreatedDate = &v return s } // SetDetails sets the Details field's value. func (s *IdentitySourceItem) SetDetails(v *IdentitySourceItemDetails) *IdentitySourceItem { s.Details = v return s } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *IdentitySourceItem) SetIdentitySourceId(v string) *IdentitySourceItem { s.IdentitySourceId = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *IdentitySourceItem) SetLastUpdatedDate(v time.Time) *IdentitySourceItem { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *IdentitySourceItem) SetPolicyStoreId(v string) *IdentitySourceItem { s.PolicyStoreId = &v return s } // SetPrincipalEntityType sets the PrincipalEntityType field's value. func (s *IdentitySourceItem) SetPrincipalEntityType(v string) *IdentitySourceItem { s.PrincipalEntityType = &v return s } // A structure that contains configuration of the identity source. // // This data type is used as a response parameter for the CreateIdentitySource // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) // operation. type IdentitySourceItemDetails struct { _ struct{} `type:"structure"` // The application client IDs associated with the specified Amazon Cognito user // pool that are enabled for this identity source. ClientIds []*string `locationName:"clientIds" type:"list"` // The well-known URL that points to this user pool's OIDC discovery endpoint. // This is a URL string in the following format. This URL replaces the placeholders // for both the Amazon Web Services Region and the user pool identifier with // those appropriate for this user pool. // // https://cognito-idp..amazonaws.com//.well-known/openid-configuration DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" type:"string"` // A string that identifies the type of OIDC service represented by this identity // source. // // At this time, the only valid value is cognito. OpenIdIssuer *string `locationName:"openIdIssuer" type:"string" enum:"OpenIdIssuer"` // The Amazon Cognito user pool whose identities are accessible to this Verified // Permissions policy store. UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceItemDetails) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IdentitySourceItemDetails) GoString() string { return s.String() } // SetClientIds sets the ClientIds field's value. func (s *IdentitySourceItemDetails) SetClientIds(v []*string) *IdentitySourceItemDetails { s.ClientIds = v return s } // SetDiscoveryUrl sets the DiscoveryUrl field's value. func (s *IdentitySourceItemDetails) SetDiscoveryUrl(v string) *IdentitySourceItemDetails { s.DiscoveryUrl = &v return s } // SetOpenIdIssuer sets the OpenIdIssuer field's value. func (s *IdentitySourceItemDetails) SetOpenIdIssuer(v string) *IdentitySourceItemDetails { s.OpenIdIssuer = &v return s } // SetUserPoolArn sets the UserPoolArn field's value. func (s *IdentitySourceItemDetails) SetUserPoolArn(v string) *IdentitySourceItemDetails { s.UserPoolArn = &v return s } // The request failed because of an internal error. Try your request again later type InternalServerException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s InternalServerException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s InternalServerException) GoString() string { return s.String() } func newErrorInternalServerException(v protocol.ResponseMetadata) error { return &InternalServerException{ RespMetadata: v, } } // Code returns the exception type name. func (s *InternalServerException) Code() string { return "InternalServerException" } // Message returns the exception's message. func (s *InternalServerException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *InternalServerException) OrigErr() error { return nil } func (s *InternalServerException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. func (s *InternalServerException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *InternalServerException) RequestID() string { return s.RespMetadata.RequestID } type IsAuthorizedInput struct { _ struct{} `type:"structure"` // Specifies the requested action to be authorized. For example, is the principal // authorized to perform this action on the resource? Action *ActionIdentifier `locationName:"action" type:"structure"` // Specifies additional context that can be used to make more granular authorization // decisions. Context *ContextDefinition `locationName:"context" type:"structure"` // Specifies the list of resources and principals and their associated attributes // that Verified Permissions can examine when evaluating the policies. // // You can include only principal and resource entities in this parameter; you // can't include actions. You must specify actions in the schema. Entities *EntitiesDefinition `locationName:"entities" type:"structure"` // Specifies the ID of the policy store. Policies in this policy store will // be used to make an authorization decision for the input. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the principal for which the authorization decision is to be made. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // Specifies the resource for which the authorization decision is to be made. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *IsAuthorizedInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "IsAuthorizedInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Action != nil { if err := s.Action.Validate(); err != nil { invalidParams.AddNested("Action", err.(request.ErrInvalidParams)) } } if s.Context != nil { if err := s.Context.Validate(); err != nil { invalidParams.AddNested("Context", err.(request.ErrInvalidParams)) } } if s.Entities != nil { if err := s.Entities.Validate(); err != nil { invalidParams.AddNested("Entities", err.(request.ErrInvalidParams)) } } if s.Principal != nil { if err := s.Principal.Validate(); err != nil { invalidParams.AddNested("Principal", err.(request.ErrInvalidParams)) } } if s.Resource != nil { if err := s.Resource.Validate(); err != nil { invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetAction sets the Action field's value. func (s *IsAuthorizedInput) SetAction(v *ActionIdentifier) *IsAuthorizedInput { s.Action = v return s } // SetContext sets the Context field's value. func (s *IsAuthorizedInput) SetContext(v *ContextDefinition) *IsAuthorizedInput { s.Context = v return s } // SetEntities sets the Entities field's value. func (s *IsAuthorizedInput) SetEntities(v *EntitiesDefinition) *IsAuthorizedInput { s.Entities = v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *IsAuthorizedInput) SetPolicyStoreId(v string) *IsAuthorizedInput { s.PolicyStoreId = &v return s } // SetPrincipal sets the Principal field's value. func (s *IsAuthorizedInput) SetPrincipal(v *EntityIdentifier) *IsAuthorizedInput { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *IsAuthorizedInput) SetResource(v *EntityIdentifier) *IsAuthorizedInput { s.Resource = v return s } type IsAuthorizedOutput struct { _ struct{} `type:"structure"` // An authorization decision that indicates if the authorization request should // be allowed or denied. // // Decision is a required field Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"` // The list of determining policies used to make the authorization decision. // For example, if there are two matching policies, where one is a forbid and // the other is a permit, then the forbid policy will be the determining policy. // In the case of multiple matching permit policies then there would be multiple // determining policies. In the case that no policies match, and hence the response // is DENY, there would be no determining policies. // // DeterminingPolicies is a required field DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"` // Errors that occurred while making an authorization decision, for example, // a policy references an Entity or entity Attribute that does not exist in // the slice. // // Errors is a required field Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedOutput) GoString() string { return s.String() } // SetDecision sets the Decision field's value. func (s *IsAuthorizedOutput) SetDecision(v string) *IsAuthorizedOutput { s.Decision = &v return s } // SetDeterminingPolicies sets the DeterminingPolicies field's value. func (s *IsAuthorizedOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedOutput { s.DeterminingPolicies = v return s } // SetErrors sets the Errors field's value. func (s *IsAuthorizedOutput) SetErrors(v []*EvaluationErrorItem) *IsAuthorizedOutput { s.Errors = v return s } type IsAuthorizedWithTokenInput struct { _ struct{} `type:"structure"` // Specifies an access token for the principal to be authorized. This token // is provided to you by the identity provider (IdP) associated with the specified // identity source. You must specify either an AccessToken or an IdentityToken, // but not both. AccessToken *string `locationName:"accessToken" min:"1" type:"string"` // Specifies the requested action to be authorized. Is the specified principal // authorized to perform this action on the specified resource. Action *ActionIdentifier `locationName:"action" type:"structure"` // Specifies additional context that can be used to make more granular authorization // decisions. Context *ContextDefinition `locationName:"context" type:"structure"` // Specifies the list of resources and principals and their associated attributes // that Verified Permissions can examine when evaluating the policies. // // You can include only principal and resource entities in this parameter; you // can't include actions. You must specify actions in the schema. Entities *EntitiesDefinition `locationName:"entities" type:"structure"` // Specifies an identity token for the principal to be authorized. This token // is provided to you by the identity provider (IdP) associated with the specified // identity source. You must specify either an AccessToken or an IdentityToken, // but not both. IdentityToken *string `locationName:"identityToken" min:"1" type:"string"` // Specifies the ID of the policy store. Policies in this policy store will // be used to make an authorization decision for the input. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the resource for which the authorization decision is made. For // example, is the principal allowed to perform the action on the resource? Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedWithTokenInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedWithTokenInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *IsAuthorizedWithTokenInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "IsAuthorizedWithTokenInput"} if s.AccessToken != nil && len(*s.AccessToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("AccessToken", 1)) } if s.IdentityToken != nil && len(*s.IdentityToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("IdentityToken", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Action != nil { if err := s.Action.Validate(); err != nil { invalidParams.AddNested("Action", err.(request.ErrInvalidParams)) } } if s.Context != nil { if err := s.Context.Validate(); err != nil { invalidParams.AddNested("Context", err.(request.ErrInvalidParams)) } } if s.Entities != nil { if err := s.Entities.Validate(); err != nil { invalidParams.AddNested("Entities", err.(request.ErrInvalidParams)) } } if s.Resource != nil { if err := s.Resource.Validate(); err != nil { invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetAccessToken sets the AccessToken field's value. func (s *IsAuthorizedWithTokenInput) SetAccessToken(v string) *IsAuthorizedWithTokenInput { s.AccessToken = &v return s } // SetAction sets the Action field's value. func (s *IsAuthorizedWithTokenInput) SetAction(v *ActionIdentifier) *IsAuthorizedWithTokenInput { s.Action = v return s } // SetContext sets the Context field's value. func (s *IsAuthorizedWithTokenInput) SetContext(v *ContextDefinition) *IsAuthorizedWithTokenInput { s.Context = v return s } // SetEntities sets the Entities field's value. func (s *IsAuthorizedWithTokenInput) SetEntities(v *EntitiesDefinition) *IsAuthorizedWithTokenInput { s.Entities = v return s } // SetIdentityToken sets the IdentityToken field's value. func (s *IsAuthorizedWithTokenInput) SetIdentityToken(v string) *IsAuthorizedWithTokenInput { s.IdentityToken = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *IsAuthorizedWithTokenInput) SetPolicyStoreId(v string) *IsAuthorizedWithTokenInput { s.PolicyStoreId = &v return s } // SetResource sets the Resource field's value. func (s *IsAuthorizedWithTokenInput) SetResource(v *EntityIdentifier) *IsAuthorizedWithTokenInput { s.Resource = v return s } type IsAuthorizedWithTokenOutput struct { _ struct{} `type:"structure"` // An authorization decision that indicates if the authorization request should // be allowed or denied. // // Decision is a required field Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"` // The list of determining policies used to make the authorization decision. // For example, if there are multiple matching policies, where at least one // is a forbid policy, then because forbid always overrides permit the forbid // policies are the determining policies. If all matching policies are permit // policies, then those policies are the determining policies. When no policies // match and the response is the default DENY, there are no determining policies. // // DeterminingPolicies is a required field DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"` // Errors that occurred while making an authorization decision. For example, // a policy references an entity or entity attribute that does not exist in // the slice. // // Errors is a required field Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedWithTokenOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s IsAuthorizedWithTokenOutput) GoString() string { return s.String() } // SetDecision sets the Decision field's value. func (s *IsAuthorizedWithTokenOutput) SetDecision(v string) *IsAuthorizedWithTokenOutput { s.Decision = &v return s } // SetDeterminingPolicies sets the DeterminingPolicies field's value. func (s *IsAuthorizedWithTokenOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedWithTokenOutput { s.DeterminingPolicies = v return s } // SetErrors sets the Errors field's value. func (s *IsAuthorizedWithTokenOutput) SetErrors(v []*EvaluationErrorItem) *IsAuthorizedWithTokenOutput { s.Errors = v return s } type ListIdentitySourcesInput struct { _ struct{} `type:"structure"` // Specifies characteristics of an identity source that you can use to limit // the output to matching identity sources. Filters []*IdentitySourceFilter `locationName:"filters" type:"list"` // Specifies the total number of results that you want included on each page // of the response. If you do not include this parameter, it defaults to a value // that is specific to the operation. If additional items exist beyond the number // you specify, the NextToken response element is returned with a value (not // null). Include the specified value as the NextToken request parameter in // the next call to the operation to get the next part of the results. Note // that the service might return fewer results than the maximum even when there // are more results available. You should check NextToken after every operation // to ensure that you receive all of the results. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if // you received a NextToken response in the previous request. If you did, it // indicates that more output is available. Set this parameter to the value // provided by the previous call's NextToken response to request the next page // of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Specifies the ID of the policy store that contains the identity sources that // you want to list. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListIdentitySourcesInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListIdentitySourcesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ListIdentitySourcesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ListIdentitySourcesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if s.NextToken != nil && len(*s.NextToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Filters != nil { for i, v := range s.Filters { if v == nil { continue } if err := v.Validate(); err != nil { invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) } } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetFilters sets the Filters field's value. func (s *ListIdentitySourcesInput) SetFilters(v []*IdentitySourceFilter) *ListIdentitySourcesInput { s.Filters = v return s } // SetMaxResults sets the MaxResults field's value. func (s *ListIdentitySourcesInput) SetMaxResults(v int64) *ListIdentitySourcesInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. func (s *ListIdentitySourcesInput) SetNextToken(v string) *ListIdentitySourcesInput { s.NextToken = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *ListIdentitySourcesInput) SetPolicyStoreId(v string) *ListIdentitySourcesInput { s.PolicyStoreId = &v return s } type ListIdentitySourcesOutput struct { _ struct{} `type:"structure"` // The list of identity sources stored in the specified policy store. // // IdentitySources is a required field IdentitySources []*IdentitySourceItem `locationName:"identitySources" type:"list" required:"true"` // If present, this value indicates that more output is available than is included // in the current response. Use this value in the NextToken request parameter // in a subsequent call to the operation to get the next part of the output. // You should repeat this until the NextToken response element comes back as // null. This indicates that this is the last page of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListIdentitySourcesOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListIdentitySourcesOutput) GoString() string { return s.String() } // SetIdentitySources sets the IdentitySources field's value. func (s *ListIdentitySourcesOutput) SetIdentitySources(v []*IdentitySourceItem) *ListIdentitySourcesOutput { s.IdentitySources = v return s } // SetNextToken sets the NextToken field's value. func (s *ListIdentitySourcesOutput) SetNextToken(v string) *ListIdentitySourcesOutput { s.NextToken = &v return s } type ListPoliciesInput struct { _ struct{} `type:"structure"` // Specifies a filter that limits the response to only policies that match the // specified criteria. For example, you list only the policies that reference // a specified principal. Filter *PolicyFilter `locationName:"filter" type:"structure"` // Specifies the total number of results that you want included on each page // of the response. If you do not include this parameter, it defaults to a value // that is specific to the operation. If additional items exist beyond the number // you specify, the NextToken response element is returned with a value (not // null). Include the specified value as the NextToken request parameter in // the next call to the operation to get the next part of the results. Note // that the service might return fewer results than the maximum even when there // are more results available. You should check NextToken after every operation // to ensure that you receive all of the results. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if // you received a NextToken response in the previous request. If you did, it // indicates that more output is available. Set this parameter to the value // provided by the previous call's NextToken response to request the next page // of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Specifies the ID of the policy store you want to list policies from. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPoliciesInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPoliciesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ListPoliciesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if s.NextToken != nil && len(*s.NextToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Filter != nil { if err := s.Filter.Validate(); err != nil { invalidParams.AddNested("Filter", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetFilter sets the Filter field's value. func (s *ListPoliciesInput) SetFilter(v *PolicyFilter) *ListPoliciesInput { s.Filter = v return s } // SetMaxResults sets the MaxResults field's value. func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput { s.NextToken = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *ListPoliciesInput) SetPolicyStoreId(v string) *ListPoliciesInput { s.PolicyStoreId = &v return s } type ListPoliciesOutput struct { _ struct{} `type:"structure"` // If present, this value indicates that more output is available than is included // in the current response. Use this value in the NextToken request parameter // in a subsequent call to the operation to get the next part of the output. // You should repeat this until the NextToken response element comes back as // null. This indicates that this is the last page of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Lists all policies that are available in the specified policy store. // // Policies is a required field Policies []*PolicyItem `locationName:"policies" type:"list" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPoliciesOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPoliciesOutput) GoString() string { return s.String() } // SetNextToken sets the NextToken field's value. func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput { s.NextToken = &v return s } // SetPolicies sets the Policies field's value. func (s *ListPoliciesOutput) SetPolicies(v []*PolicyItem) *ListPoliciesOutput { s.Policies = v return s } type ListPolicyStoresInput struct { _ struct{} `type:"structure"` // Specifies the total number of results that you want included on each page // of the response. If you do not include this parameter, it defaults to a value // that is specific to the operation. If additional items exist beyond the number // you specify, the NextToken response element is returned with a value (not // null). Include the specified value as the NextToken request parameter in // the next call to the operation to get the next part of the results. Note // that the service might return fewer results than the maximum even when there // are more results available. You should check NextToken after every operation // to ensure that you receive all of the results. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if // you received a NextToken response in the previous request. If you did, it // indicates that more output is available. Set this parameter to the value // provided by the previous call's NextToken response to request the next page // of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyStoresInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyStoresInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ListPolicyStoresInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ListPolicyStoresInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if s.NextToken != nil && len(*s.NextToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetMaxResults sets the MaxResults field's value. func (s *ListPolicyStoresInput) SetMaxResults(v int64) *ListPolicyStoresInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. func (s *ListPolicyStoresInput) SetNextToken(v string) *ListPolicyStoresInput { s.NextToken = &v return s } type ListPolicyStoresOutput struct { _ struct{} `type:"structure"` // If present, this value indicates that more output is available than is included // in the current response. Use this value in the NextToken request parameter // in a subsequent call to the operation to get the next part of the output. // You should repeat this until the NextToken response element comes back as // null. This indicates that this is the last page of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // The list of policy stores in the account. // // PolicyStores is a required field PolicyStores []*PolicyStoreItem `locationName:"policyStores" type:"list" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyStoresOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyStoresOutput) GoString() string { return s.String() } // SetNextToken sets the NextToken field's value. func (s *ListPolicyStoresOutput) SetNextToken(v string) *ListPolicyStoresOutput { s.NextToken = &v return s } // SetPolicyStores sets the PolicyStores field's value. func (s *ListPolicyStoresOutput) SetPolicyStores(v []*PolicyStoreItem) *ListPolicyStoresOutput { s.PolicyStores = v return s } type ListPolicyTemplatesInput struct { _ struct{} `type:"structure"` // Specifies the total number of results that you want included on each page // of the response. If you do not include this parameter, it defaults to a value // that is specific to the operation. If additional items exist beyond the number // you specify, the NextToken response element is returned with a value (not // null). Include the specified value as the NextToken request parameter in // the next call to the operation to get the next part of the results. Note // that the service might return fewer results than the maximum even when there // are more results available. You should check NextToken after every operation // to ensure that you receive all of the results. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // Specifies that you want to receive the next page of results. Valid only if // you received a NextToken response in the previous request. If you did, it // indicates that more output is available. Set this parameter to the value // provided by the previous call's NextToken response to request the next page // of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Specifies the ID of the policy store that contains the policy templates you // want to list. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyTemplatesInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyTemplatesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ListPolicyTemplatesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ListPolicyTemplatesInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if s.NextToken != nil && len(*s.NextToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetMaxResults sets the MaxResults field's value. func (s *ListPolicyTemplatesInput) SetMaxResults(v int64) *ListPolicyTemplatesInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. func (s *ListPolicyTemplatesInput) SetNextToken(v string) *ListPolicyTemplatesInput { s.NextToken = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *ListPolicyTemplatesInput) SetPolicyStoreId(v string) *ListPolicyTemplatesInput { s.PolicyStoreId = &v return s } type ListPolicyTemplatesOutput struct { _ struct{} `type:"structure"` // If present, this value indicates that more output is available than is included // in the current response. Use this value in the NextToken request parameter // in a subsequent call to the operation to get the next part of the output. // You should repeat this until the NextToken response element comes back as // null. This indicates that this is the last page of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // The list of the policy templates in the specified policy store. // // PolicyTemplates is a required field PolicyTemplates []*PolicyTemplateItem `locationName:"policyTemplates" type:"list" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyTemplatesOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ListPolicyTemplatesOutput) GoString() string { return s.String() } // SetNextToken sets the NextToken field's value. func (s *ListPolicyTemplatesOutput) SetNextToken(v string) *ListPolicyTemplatesOutput { s.NextToken = &v return s } // SetPolicyTemplates sets the PolicyTemplates field's value. func (s *ListPolicyTemplatesOutput) SetPolicyTemplates(v []*PolicyTemplateItem) *ListPolicyTemplatesOutput { s.PolicyTemplates = v return s } // A structure that contains the details for a Cedar policy definition. It includes // the policy type, a description, and a policy body. This is a top level data // type used to create a policy. // // This data type is used as a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) // operation. This structure must always have either an static or a templateLinked // element. type PolicyDefinition struct { _ struct{} `type:"structure"` // A structure that describes a static policy. An static policy doesn't use // a template or allow placeholders for entities. Static *StaticPolicyDefinition `locationName:"static" type:"structure"` // A structure that describes a policy that was instantiated from a template. // The template can specify placeholders for principal and resource. When you // use CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) // to create a policy from a template, you specify the exact principal and resource // to use for the instantiated policy. TemplateLinked *TemplateLinkedPolicyDefinition `locationName:"templateLinked" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *PolicyDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "PolicyDefinition"} if s.Static != nil { if err := s.Static.Validate(); err != nil { invalidParams.AddNested("Static", err.(request.ErrInvalidParams)) } } if s.TemplateLinked != nil { if err := s.TemplateLinked.Validate(); err != nil { invalidParams.AddNested("TemplateLinked", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetStatic sets the Static field's value. func (s *PolicyDefinition) SetStatic(v *StaticPolicyDefinition) *PolicyDefinition { s.Static = v return s } // SetTemplateLinked sets the TemplateLinked field's value. func (s *PolicyDefinition) SetTemplateLinked(v *TemplateLinkedPolicyDefinition) *PolicyDefinition { s.TemplateLinked = v return s } // A structure that describes a policy definition. It must always have either // an static or a templateLinked element. // // This data type is used as a response parameter for the GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html) // operation. type PolicyDefinitionDetail struct { _ struct{} `type:"structure"` // Information about a static policy that wasn't created with a policy template. Static *StaticPolicyDefinitionDetail `locationName:"static" type:"structure"` // Information about a template-linked policy that was created by instantiating // a policy template. TemplateLinked *TemplateLinkedPolicyDefinitionDetail `locationName:"templateLinked" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyDefinitionDetail) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyDefinitionDetail) GoString() string { return s.String() } // SetStatic sets the Static field's value. func (s *PolicyDefinitionDetail) SetStatic(v *StaticPolicyDefinitionDetail) *PolicyDefinitionDetail { s.Static = v return s } // SetTemplateLinked sets the TemplateLinked field's value. func (s *PolicyDefinitionDetail) SetTemplateLinked(v *TemplateLinkedPolicyDefinitionDetail) *PolicyDefinitionDetail { s.TemplateLinked = v return s } // A structure that describes a PolicyDefinintion (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinintion.html). // It will always have either an StaticPolicy or a TemplateLinkedPolicy element. // // This data type is used as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) // and ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) // operations. type PolicyDefinitionItem struct { _ struct{} `type:"structure"` // Information about a static policy that wasn't created with a policy template. Static *StaticPolicyDefinitionItem `locationName:"static" type:"structure"` // Information about a template-linked policy that was created by instantiating // a policy template. TemplateLinked *TemplateLinkedPolicyDefinitionItem `locationName:"templateLinked" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyDefinitionItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyDefinitionItem) GoString() string { return s.String() } // SetStatic sets the Static field's value. func (s *PolicyDefinitionItem) SetStatic(v *StaticPolicyDefinitionItem) *PolicyDefinitionItem { s.Static = v return s } // SetTemplateLinked sets the TemplateLinked field's value. func (s *PolicyDefinitionItem) SetTemplateLinked(v *TemplateLinkedPolicyDefinitionItem) *PolicyDefinitionItem { s.TemplateLinked = v return s } // Contains information about a filter to refine policies returned in a query. // // This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) // operation. type PolicyFilter struct { _ struct{} `type:"structure"` // Filters the output to only template-linked policies that were instantiated // from the specified policy template. PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string"` // Filters the output to only policies of the specified type. PolicyType *string `locationName:"policyType" type:"string" enum:"PolicyType"` // Filters the output to only policies that reference the specified principal. Principal *EntityReference `locationName:"principal" type:"structure"` // Filters the output to only policies that reference the specified resource. Resource *EntityReference `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyFilter) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyFilter) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *PolicyFilter) Validate() error { invalidParams := request.ErrInvalidParams{Context: "PolicyFilter"} if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) } if s.Principal != nil { if err := s.Principal.Validate(); err != nil { invalidParams.AddNested("Principal", err.(request.ErrInvalidParams)) } } if s.Resource != nil { if err := s.Resource.Validate(); err != nil { invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *PolicyFilter) SetPolicyTemplateId(v string) *PolicyFilter { s.PolicyTemplateId = &v return s } // SetPolicyType sets the PolicyType field's value. func (s *PolicyFilter) SetPolicyType(v string) *PolicyFilter { s.PolicyType = &v return s } // SetPrincipal sets the Principal field's value. func (s *PolicyFilter) SetPrincipal(v *EntityReference) *PolicyFilter { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *PolicyFilter) SetResource(v *EntityReference) *PolicyFilter { s.Resource = v return s } // Contains information about a policy. // // This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) // operation. type PolicyItem struct { _ struct{} `type:"structure"` // The date and time the policy was created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The policy definition of an item in the list of policies returned. // // Definition is a required field Definition *PolicyDefinitionItem `locationName:"definition" type:"structure" required:"true"` // The date and time the policy was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The identifier of the policy you want information about. // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // The identifier of the PolicyStore where the policy you want information about // is stored. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The type of the policy. This is one of the following values: // // * static // // * templateLinked // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` // The principal associated with the policy. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource associated with the policy. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyItem) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *PolicyItem) SetCreatedDate(v time.Time) *PolicyItem { s.CreatedDate = &v return s } // SetDefinition sets the Definition field's value. func (s *PolicyItem) SetDefinition(v *PolicyDefinitionItem) *PolicyItem { s.Definition = v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *PolicyItem) SetLastUpdatedDate(v time.Time) *PolicyItem { s.LastUpdatedDate = &v return s } // SetPolicyId sets the PolicyId field's value. func (s *PolicyItem) SetPolicyId(v string) *PolicyItem { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *PolicyItem) SetPolicyStoreId(v string) *PolicyItem { s.PolicyStoreId = &v return s } // SetPolicyType sets the PolicyType field's value. func (s *PolicyItem) SetPolicyType(v string) *PolicyItem { s.PolicyType = &v return s } // SetPrincipal sets the Principal field's value. func (s *PolicyItem) SetPrincipal(v *EntityIdentifier) *PolicyItem { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *PolicyItem) SetResource(v *EntityIdentifier) *PolicyItem { s.Resource = v return s } // Contains information about a policy store. // // This data type is used as a response parameter for the ListPolicyStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html) // operation. type PolicyStoreItem struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) of the policy store. // // Arn is a required field Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` // The date and time the policy was created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The unique identifier of the policy store. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyStoreItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyStoreItem) GoString() string { return s.String() } // SetArn sets the Arn field's value. func (s *PolicyStoreItem) SetArn(v string) *PolicyStoreItem { s.Arn = &v return s } // SetCreatedDate sets the CreatedDate field's value. func (s *PolicyStoreItem) SetCreatedDate(v time.Time) *PolicyStoreItem { s.CreatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *PolicyStoreItem) SetPolicyStoreId(v string) *PolicyStoreItem { s.PolicyStoreId = &v return s } // Contains details about a policy template // // This data type is used as a response parameter for the ListPolicyTemplates // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html) // operation. type PolicyTemplateItem struct { _ struct{} `type:"structure"` // The date and time that the policy template was created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The description attached to the policy template. Description *string `locationName:"description" type:"string"` // The date and time that the policy template was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The unique identifier of the policy store that contains the template. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The unique identifier of the policy template. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyTemplateItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PolicyTemplateItem) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *PolicyTemplateItem) SetCreatedDate(v time.Time) *PolicyTemplateItem { s.CreatedDate = &v return s } // SetDescription sets the Description field's value. func (s *PolicyTemplateItem) SetDescription(v string) *PolicyTemplateItem { s.Description = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *PolicyTemplateItem) SetLastUpdatedDate(v time.Time) *PolicyTemplateItem { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *PolicyTemplateItem) SetPolicyStoreId(v string) *PolicyTemplateItem { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *PolicyTemplateItem) SetPolicyTemplateId(v string) *PolicyTemplateItem { s.PolicyTemplateId = &v return s } type PutSchemaInput struct { _ struct{} `type:"structure"` // Specifies the definition of the schema to be stored. The schema definition // must be written in Cedar schema JSON. // // Definition is a required field Definition *SchemaDefinition `locationName:"definition" type:"structure" required:"true"` // Specifies the ID of the policy store in which to place the schema. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PutSchemaInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PutSchemaInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *PutSchemaInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "PutSchemaInput"} if s.Definition == nil { invalidParams.Add(request.NewErrParamRequired("Definition")) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Definition != nil { if err := s.Definition.Validate(); err != nil { invalidParams.AddNested("Definition", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetDefinition sets the Definition field's value. func (s *PutSchemaInput) SetDefinition(v *SchemaDefinition) *PutSchemaInput { s.Definition = v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *PutSchemaInput) SetPolicyStoreId(v string) *PutSchemaInput { s.PolicyStoreId = &v return s } type PutSchemaOutput struct { _ struct{} `type:"structure"` // The date and time that the schema was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time that the schema was last updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // Identifies the namespaces of the entities referenced by this schema. // // Namespaces is a required field Namespaces []*string `locationName:"namespaces" type:"list" required:"true"` // The unique ID of the policy store that contains the schema. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PutSchemaOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s PutSchemaOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *PutSchemaOutput) SetCreatedDate(v time.Time) *PutSchemaOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *PutSchemaOutput) SetLastUpdatedDate(v time.Time) *PutSchemaOutput { s.LastUpdatedDate = &v return s } // SetNamespaces sets the Namespaces field's value. func (s *PutSchemaOutput) SetNamespaces(v []*string) *PutSchemaOutput { s.Namespaces = v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *PutSchemaOutput) SetPolicyStoreId(v string) *PutSchemaOutput { s.PolicyStoreId = &v return s } // Contains information about a resource conflict. type ResourceConflict struct { _ struct{} `type:"structure"` // The unique identifier of the resource involved in a conflict. // // ResourceId is a required field ResourceId *string `locationName:"resourceId" type:"string" required:"true"` // The type of the resource involved in a conflict. // // ResourceType is a required field ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ResourceConflict) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ResourceConflict) GoString() string { return s.String() } // SetResourceId sets the ResourceId field's value. func (s *ResourceConflict) SetResourceId(v string) *ResourceConflict { s.ResourceId = &v return s } // SetResourceType sets the ResourceType field's value. func (s *ResourceConflict) SetResourceType(v string) *ResourceConflict { s.ResourceType = &v return s } // The request failed because it references a resource that doesn't exist. type ResourceNotFoundException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // The unique ID of the resource referenced in the failed request. // // ResourceId is a required field ResourceId *string `locationName:"resourceId" type:"string" required:"true"` // The resource type of the resource referenced in the failed request. // // ResourceType is a required field ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ResourceNotFoundException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ResourceNotFoundException) GoString() string { return s.String() } func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { return &ResourceNotFoundException{ RespMetadata: v, } } // Code returns the exception type name. func (s *ResourceNotFoundException) Code() string { return "ResourceNotFoundException" } // Message returns the exception's message. func (s *ResourceNotFoundException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *ResourceNotFoundException) OrigErr() error { return nil } func (s *ResourceNotFoundException) Error() string { return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. func (s *ResourceNotFoundException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *ResourceNotFoundException) RequestID() string { return s.RespMetadata.RequestID } // Contains a list of principal types, resource types, and actions that can // be specified in policies stored in the same policy store. If the validation // mode for the policy store is set to STRICT, then policies that can't be validated // by this schema are rejected by Verified Permissions and can't be stored in // the policy store. type SchemaDefinition struct { _ struct{} `type:"structure"` // A JSON string representation of the schema supported by applications that // use this policy store. For more information, see Policy store schema (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) // in the Amazon Verified Permissions User Guide. CedarJson *string `locationName:"cedarJson" min:"1" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s SchemaDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s SchemaDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *SchemaDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "SchemaDefinition"} if s.CedarJson != nil && len(*s.CedarJson) < 1 { invalidParams.Add(request.NewErrParamMinLen("CedarJson", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetCedarJson sets the CedarJson field's value. func (s *SchemaDefinition) SetCedarJson(v string) *SchemaDefinition { s.CedarJson = &v return s } // The request failed because it would cause a service quota to be exceeded. type ServiceQuotaExceededException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // The quota code recognized by the Amazon Web Services Service Quotas service. QuotaCode *string `locationName:"quotaCode" type:"string"` // The unique ID of the resource referenced in the failed request. ResourceId *string `locationName:"resourceId" type:"string"` // The resource type of the resource referenced in the failed request. // // ResourceType is a required field ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"` // The code for the Amazon Web Service that owns the quota. ServiceCode *string `locationName:"serviceCode" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ServiceQuotaExceededException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ServiceQuotaExceededException) GoString() string { return s.String() } func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error { return &ServiceQuotaExceededException{ RespMetadata: v, } } // Code returns the exception type name. func (s *ServiceQuotaExceededException) Code() string { return "ServiceQuotaExceededException" } // Message returns the exception's message. func (s *ServiceQuotaExceededException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *ServiceQuotaExceededException) OrigErr() error { return nil } func (s *ServiceQuotaExceededException) Error() string { return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. func (s *ServiceQuotaExceededException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *ServiceQuotaExceededException) RequestID() string { return s.RespMetadata.RequestID } // Contains information about a static policy. // // This data type is used as a field that is part of the PolicyDefinitionDetail // (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinitionDetail.html) // type. type StaticPolicyDefinition struct { _ struct{} `type:"structure"` // The description of the static policy. Description *string `locationName:"description" type:"string"` // The policy content of the static policy, written in the Cedar policy language. // // Statement is a required field Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s StaticPolicyDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s StaticPolicyDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *StaticPolicyDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "StaticPolicyDefinition"} if s.Statement == nil { invalidParams.Add(request.NewErrParamRequired("Statement")) } if s.Statement != nil && len(*s.Statement) < 1 { invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetDescription sets the Description field's value. func (s *StaticPolicyDefinition) SetDescription(v string) *StaticPolicyDefinition { s.Description = &v return s } // SetStatement sets the Statement field's value. func (s *StaticPolicyDefinition) SetStatement(v string) *StaticPolicyDefinition { s.Statement = &v return s } // A structure that contains details about a static policy. It includes the // description and policy body. // // This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) // structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) // operation. type StaticPolicyDefinitionDetail struct { _ struct{} `type:"structure"` // A description of the static policy. Description *string `locationName:"description" type:"string"` // The content of the static policy written in the Cedar policy language. // // Statement is a required field Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s StaticPolicyDefinitionDetail) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s StaticPolicyDefinitionDetail) GoString() string { return s.String() } // SetDescription sets the Description field's value. func (s *StaticPolicyDefinitionDetail) SetDescription(v string) *StaticPolicyDefinitionDetail { s.Description = &v return s } // SetStatement sets the Statement field's value. func (s *StaticPolicyDefinitionDetail) SetStatement(v string) *StaticPolicyDefinitionDetail { s.Statement = &v return s } // A structure that contains details about a static policy. It includes the // description and policy statement. // // This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) // structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) // operation. type StaticPolicyDefinitionItem struct { _ struct{} `type:"structure"` // A description of the static policy. Description *string `locationName:"description" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s StaticPolicyDefinitionItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s StaticPolicyDefinitionItem) GoString() string { return s.String() } // SetDescription sets the Description field's value. func (s *StaticPolicyDefinitionItem) SetDescription(v string) *StaticPolicyDefinitionItem { s.Description = &v return s } // Contains information about a policy created by instantiating a policy template. type TemplateLinkedPolicyDefinition struct { _ struct{} `type:"structure"` // The unique identifier of the policy template used to create this policy. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` // The principal associated with this template-linked policy. Verified Permissions // substitutes this principal for the ?principal placeholder in the policy template // when it evaluates an authorization request. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource associated with this template-linked policy. Verified Permissions // substitutes this resource for the ?resource placeholder in the policy template // when it evaluates an authorization request. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s TemplateLinkedPolicyDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s TemplateLinkedPolicyDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *TemplateLinkedPolicyDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "TemplateLinkedPolicyDefinition"} if s.PolicyTemplateId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) } if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) } if s.Principal != nil { if err := s.Principal.Validate(); err != nil { invalidParams.AddNested("Principal", err.(request.ErrInvalidParams)) } } if s.Resource != nil { if err := s.Resource.Validate(); err != nil { invalidParams.AddNested("Resource", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *TemplateLinkedPolicyDefinition) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinition { s.PolicyTemplateId = &v return s } // SetPrincipal sets the Principal field's value. func (s *TemplateLinkedPolicyDefinition) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinition { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *TemplateLinkedPolicyDefinition) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinition { s.Resource = v return s } // Contains information about a policy that was // // created by instantiating a policy template. // // This type TemplateLinkedPolicyDefinitionDetail struct { _ struct{} `type:"structure"` // The unique identifier of the policy template used to create this policy. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` // The principal associated with this template-linked policy. Verified Permissions // substitutes this principal for the ?principal placeholder in the policy template // when it evaluates an authorization request. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource associated with this template-linked policy. Verified Permissions // substitutes this resource for the ?resource placeholder in the policy template // when it evaluates an authorization request. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s TemplateLinkedPolicyDefinitionDetail) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s TemplateLinkedPolicyDefinitionDetail) GoString() string { return s.String() } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *TemplateLinkedPolicyDefinitionDetail) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinitionDetail { s.PolicyTemplateId = &v return s } // SetPrincipal sets the Principal field's value. func (s *TemplateLinkedPolicyDefinitionDetail) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionDetail { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *TemplateLinkedPolicyDefinitionDetail) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionDetail { s.Resource = v return s } // Contains information about a policy created by instantiating a policy template. // // This type TemplateLinkedPolicyDefinitionItem struct { _ struct{} `type:"structure"` // The unique identifier of the policy template used to create this policy. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` // The principal associated with this template-linked policy. Verified Permissions // substitutes this principal for the ?principal placeholder in the policy template // when it evaluates an authorization request. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource associated with this template-linked policy. Verified Permissions // substitutes this resource for the ?resource placeholder in the policy template // when it evaluates an authorization request. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s TemplateLinkedPolicyDefinitionItem) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s TemplateLinkedPolicyDefinitionItem) GoString() string { return s.String() } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *TemplateLinkedPolicyDefinitionItem) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinitionItem { s.PolicyTemplateId = &v return s } // SetPrincipal sets the Principal field's value. func (s *TemplateLinkedPolicyDefinitionItem) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionItem { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *TemplateLinkedPolicyDefinitionItem) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionItem { s.Resource = v return s } // The request failed because it exceeded a throttling quota. type ThrottlingException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` Message_ *string `locationName:"message" type:"string"` // The quota code recognized by the Amazon Web Services Service Quotas service. QuotaCode *string `locationName:"quotaCode" type:"string"` // The code for the Amazon Web Service that owns the quota. ServiceCode *string `locationName:"serviceCode" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ThrottlingException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ThrottlingException) GoString() string { return s.String() } func newErrorThrottlingException(v protocol.ResponseMetadata) error { return &ThrottlingException{ RespMetadata: v, } } // Code returns the exception type name. func (s *ThrottlingException) Code() string { return "ThrottlingException" } // Message returns the exception's message. func (s *ThrottlingException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *ThrottlingException) OrigErr() error { return nil } func (s *ThrottlingException) Error() string { return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. func (s *ThrottlingException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *ThrottlingException) RequestID() string { return s.RespMetadata.RequestID } // Contains configuration details of a Amazon Cognito user pool for use with // an identity source. type UpdateCognitoUserPoolConfiguration struct { _ struct{} `type:"structure"` // The client ID of an app client that is configured for the specified Amazon // Cognito user pool. ClientIds []*string `locationName:"clientIds" type:"list"` // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of the Amazon Cognito user pool associated with this identity source. // // UserPoolArn is a required field UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateCognitoUserPoolConfiguration) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateCognitoUserPoolConfiguration) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdateCognitoUserPoolConfiguration) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdateCognitoUserPoolConfiguration"} if s.UserPoolArn == nil { invalidParams.Add(request.NewErrParamRequired("UserPoolArn")) } if s.UserPoolArn != nil && len(*s.UserPoolArn) < 1 { invalidParams.Add(request.NewErrParamMinLen("UserPoolArn", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetClientIds sets the ClientIds field's value. func (s *UpdateCognitoUserPoolConfiguration) SetClientIds(v []*string) *UpdateCognitoUserPoolConfiguration { s.ClientIds = v return s } // SetUserPoolArn sets the UserPoolArn field's value. func (s *UpdateCognitoUserPoolConfiguration) SetUserPoolArn(v string) *UpdateCognitoUserPoolConfiguration { s.UserPoolArn = &v return s } // Contains an updated configuration to replace the configuration in an existing // identity source. // // At this time, the only valid member of this structure is a Amazon Cognito // user pool configuration. // // You must specify a userPoolArn, and optionally, a ClientId. type UpdateConfiguration struct { _ struct{} `type:"structure"` // Contains configuration details of a Amazon Cognito user pool. CognitoUserPoolConfiguration *UpdateCognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateConfiguration) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateConfiguration) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdateConfiguration) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdateConfiguration"} if s.CognitoUserPoolConfiguration != nil { if err := s.CognitoUserPoolConfiguration.Validate(); err != nil { invalidParams.AddNested("CognitoUserPoolConfiguration", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value. func (s *UpdateConfiguration) SetCognitoUserPoolConfiguration(v *UpdateCognitoUserPoolConfiguration) *UpdateConfiguration { s.CognitoUserPoolConfiguration = v return s } type UpdateIdentitySourceInput struct { _ struct{} `type:"structure"` // Specifies the ID of the identity source that you want to update. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy store that contains the identity source that // you want to update. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the data type of principals generated for identities authenticated // by the identity source. PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string"` // Specifies the details required to communicate with the identity provider // (IdP) associated with this identity source. // // At this time, the only valid member of this structure is a Amazon Cognito // user pool configuration. // // You must specify a userPoolArn, and optionally, a ClientId. // // UpdateConfiguration is a required field UpdateConfiguration *UpdateConfiguration `locationName:"updateConfiguration" type:"structure" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateIdentitySourceInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateIdentitySourceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdateIdentitySourceInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdateIdentitySourceInput"} if s.IdentitySourceId == nil { invalidParams.Add(request.NewErrParamRequired("IdentitySourceId")) } if s.IdentitySourceId != nil && len(*s.IdentitySourceId) < 1 { invalidParams.Add(request.NewErrParamMinLen("IdentitySourceId", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.PrincipalEntityType != nil && len(*s.PrincipalEntityType) < 1 { invalidParams.Add(request.NewErrParamMinLen("PrincipalEntityType", 1)) } if s.UpdateConfiguration == nil { invalidParams.Add(request.NewErrParamRequired("UpdateConfiguration")) } if s.UpdateConfiguration != nil { if err := s.UpdateConfiguration.Validate(); err != nil { invalidParams.AddNested("UpdateConfiguration", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *UpdateIdentitySourceInput) SetIdentitySourceId(v string) *UpdateIdentitySourceInput { s.IdentitySourceId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdateIdentitySourceInput) SetPolicyStoreId(v string) *UpdateIdentitySourceInput { s.PolicyStoreId = &v return s } // SetPrincipalEntityType sets the PrincipalEntityType field's value. func (s *UpdateIdentitySourceInput) SetPrincipalEntityType(v string) *UpdateIdentitySourceInput { s.PrincipalEntityType = &v return s } // SetUpdateConfiguration sets the UpdateConfiguration field's value. func (s *UpdateIdentitySourceInput) SetUpdateConfiguration(v *UpdateConfiguration) *UpdateIdentitySourceInput { s.UpdateConfiguration = v return s } type UpdateIdentitySourceOutput struct { _ struct{} `type:"structure"` // The date and time that the updated identity source was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the updated identity source. // // IdentitySourceId is a required field IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"` // The date and time that the identity source was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the updated identity source. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateIdentitySourceOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateIdentitySourceOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *UpdateIdentitySourceOutput) SetCreatedDate(v time.Time) *UpdateIdentitySourceOutput { s.CreatedDate = &v return s } // SetIdentitySourceId sets the IdentitySourceId field's value. func (s *UpdateIdentitySourceOutput) SetIdentitySourceId(v string) *UpdateIdentitySourceOutput { s.IdentitySourceId = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *UpdateIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *UpdateIdentitySourceOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdateIdentitySourceOutput) SetPolicyStoreId(v string) *UpdateIdentitySourceOutput { s.PolicyStoreId = &v return s } // Contains information about updates to be applied to a policy. // // This data type is used as a request parameter in the UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) // operation. type UpdatePolicyDefinition struct { _ struct{} `type:"structure"` // Contains details about the updates to be applied to a static policy. Static *UpdateStaticPolicyDefinition `locationName:"static" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdatePolicyDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyDefinition"} if s.Static != nil { if err := s.Static.Validate(); err != nil { invalidParams.AddNested("Static", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetStatic sets the Static field's value. func (s *UpdatePolicyDefinition) SetStatic(v *UpdateStaticPolicyDefinition) *UpdatePolicyDefinition { s.Static = v return s } type UpdatePolicyInput struct { _ struct{} `type:"structure"` // Specifies the updated policy content that you want to replace on the specified // policy. The content must be valid Cedar policy language text. // // You can change only the following elements from the policy definition: // // * The action referenced by the policy. // // * Any conditional clauses, such as when or unless clauses. // // You can't change the following elements: // // * Changing from static to templateLinked. // // * Changing the effect of the policy from permit or forbid. // // * The principal referenced by the policy. // // * The resource referenced by the policy. // // Definition is a required field Definition *UpdatePolicyDefinition `locationName:"definition" type:"structure" required:"true"` // Specifies the ID of the policy that you want to update. To find this value, // you can use ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html). // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy store that contains the policy that you want // to update. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdatePolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyInput"} if s.Definition == nil { invalidParams.Add(request.NewErrParamRequired("Definition")) } if s.PolicyId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyId")) } if s.PolicyId != nil && len(*s.PolicyId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyId", 1)) } if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.Definition != nil { if err := s.Definition.Validate(); err != nil { invalidParams.AddNested("Definition", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetDefinition sets the Definition field's value. func (s *UpdatePolicyInput) SetDefinition(v *UpdatePolicyDefinition) *UpdatePolicyInput { s.Definition = v return s } // SetPolicyId sets the PolicyId field's value. func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdatePolicyInput) SetPolicyStoreId(v string) *UpdatePolicyInput { s.PolicyStoreId = &v return s } type UpdatePolicyOutput struct { _ struct{} `type:"structure"` // The date and time that the policy was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time that the policy was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy that was updated. // // PolicyId is a required field PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"` // The ID of the policy store that contains the policy that was updated. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The type of the policy that was updated. // // PolicyType is a required field PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` // The principal specified in the policy's scope. This element isn't included // in the response when Principal isn't present in the policy content. Principal *EntityIdentifier `locationName:"principal" type:"structure"` // The resource specified in the policy's scope. This element isn't included // in the response when Resource isn't present in the policy content. Resource *EntityIdentifier `locationName:"resource" type:"structure"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *UpdatePolicyOutput) SetCreatedDate(v time.Time) *UpdatePolicyOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *UpdatePolicyOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyOutput { s.LastUpdatedDate = &v return s } // SetPolicyId sets the PolicyId field's value. func (s *UpdatePolicyOutput) SetPolicyId(v string) *UpdatePolicyOutput { s.PolicyId = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdatePolicyOutput) SetPolicyStoreId(v string) *UpdatePolicyOutput { s.PolicyStoreId = &v return s } // SetPolicyType sets the PolicyType field's value. func (s *UpdatePolicyOutput) SetPolicyType(v string) *UpdatePolicyOutput { s.PolicyType = &v return s } // SetPrincipal sets the Principal field's value. func (s *UpdatePolicyOutput) SetPrincipal(v *EntityIdentifier) *UpdatePolicyOutput { s.Principal = v return s } // SetResource sets the Resource field's value. func (s *UpdatePolicyOutput) SetResource(v *EntityIdentifier) *UpdatePolicyOutput { s.Resource = v return s } type UpdatePolicyStoreInput struct { _ struct{} `type:"structure"` // Specifies the ID of the policy store that you want to update // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // A structure that defines the validation settings that want to enable for // the policy store. // // ValidationSettings is a required field ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyStoreInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyStoreInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdatePolicyStoreInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyStoreInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.ValidationSettings == nil { invalidParams.Add(request.NewErrParamRequired("ValidationSettings")) } if s.ValidationSettings != nil { if err := s.ValidationSettings.Validate(); err != nil { invalidParams.AddNested("ValidationSettings", err.(request.ErrInvalidParams)) } } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdatePolicyStoreInput) SetPolicyStoreId(v string) *UpdatePolicyStoreInput { s.PolicyStoreId = &v return s } // SetValidationSettings sets the ValidationSettings field's value. func (s *UpdatePolicyStoreInput) SetValidationSettings(v *ValidationSettings) *UpdatePolicyStoreInput { s.ValidationSettings = v return s } type UpdatePolicyStoreOutput struct { _ struct{} `type:"structure"` // The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of the updated policy store. // // Arn is a required field Arn *string `locationName:"arn" min:"1" type:"string" required:"true"` // The date and time that the policy store was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time that the policy store was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the updated policy store. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyStoreOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyStoreOutput) GoString() string { return s.String() } // SetArn sets the Arn field's value. func (s *UpdatePolicyStoreOutput) SetArn(v string) *UpdatePolicyStoreOutput { s.Arn = &v return s } // SetCreatedDate sets the CreatedDate field's value. func (s *UpdatePolicyStoreOutput) SetCreatedDate(v time.Time) *UpdatePolicyStoreOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *UpdatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyStoreOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdatePolicyStoreOutput) SetPolicyStoreId(v string) *UpdatePolicyStoreOutput { s.PolicyStoreId = &v return s } type UpdatePolicyTemplateInput struct { _ struct{} `type:"structure"` // Specifies a new description to apply to the policy template. Description *string `locationName:"description" type:"string"` // Specifies the ID of the policy store that contains the policy template that // you want to update. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // Specifies the ID of the policy template that you want to update. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` // Specifies new statement content written in Cedar policy language to replace // the current body of the policy template. // // You can change only the following elements of the policy body: // // * The action referenced by the policy template. // // * Any conditional clauses, such as when or unless clauses. // // You can't change the following elements: // // * The effect (permit or forbid) of the policy template. // // * The principal referenced by the policy template. // // * The resource referenced by the policy template. // // Statement is a required field Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyTemplateInput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyTemplateInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdatePolicyTemplateInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyTemplateInput"} if s.PolicyStoreId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyStoreId")) } if s.PolicyStoreId != nil && len(*s.PolicyStoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyStoreId", 1)) } if s.PolicyTemplateId == nil { invalidParams.Add(request.NewErrParamRequired("PolicyTemplateId")) } if s.PolicyTemplateId != nil && len(*s.PolicyTemplateId) < 1 { invalidParams.Add(request.NewErrParamMinLen("PolicyTemplateId", 1)) } if s.Statement == nil { invalidParams.Add(request.NewErrParamRequired("Statement")) } if s.Statement != nil && len(*s.Statement) < 1 { invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetDescription sets the Description field's value. func (s *UpdatePolicyTemplateInput) SetDescription(v string) *UpdatePolicyTemplateInput { s.Description = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdatePolicyTemplateInput) SetPolicyStoreId(v string) *UpdatePolicyTemplateInput { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *UpdatePolicyTemplateInput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateInput { s.PolicyTemplateId = &v return s } // SetStatement sets the Statement field's value. func (s *UpdatePolicyTemplateInput) SetStatement(v string) *UpdatePolicyTemplateInput { s.Statement = &v return s } type UpdatePolicyTemplateOutput struct { _ struct{} `type:"structure"` // The date and time that the policy template was originally created. // // CreatedDate is a required field CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The date and time that the policy template was most recently updated. // // LastUpdatedDate is a required field LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"` // The ID of the policy store that contains the updated policy template. // // PolicyStoreId is a required field PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"` // The ID of the updated policy template. // // PolicyTemplateId is a required field PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyTemplateOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdatePolicyTemplateOutput) GoString() string { return s.String() } // SetCreatedDate sets the CreatedDate field's value. func (s *UpdatePolicyTemplateOutput) SetCreatedDate(v time.Time) *UpdatePolicyTemplateOutput { s.CreatedDate = &v return s } // SetLastUpdatedDate sets the LastUpdatedDate field's value. func (s *UpdatePolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyTemplateOutput { s.LastUpdatedDate = &v return s } // SetPolicyStoreId sets the PolicyStoreId field's value. func (s *UpdatePolicyTemplateOutput) SetPolicyStoreId(v string) *UpdatePolicyTemplateOutput { s.PolicyStoreId = &v return s } // SetPolicyTemplateId sets the PolicyTemplateId field's value. func (s *UpdatePolicyTemplateOutput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateOutput { s.PolicyTemplateId = &v return s } // Contains information about an update to a static policy. type UpdateStaticPolicyDefinition struct { _ struct{} `type:"structure"` // Specifies the description to be added to or replaced on the static policy. Description *string `locationName:"description" type:"string"` // Specifies the Cedar policy language text to be added to or replaced on the // static policy. // // You can change only the following elements from the original content: // // * The action referenced by the policy. // // * Any conditional clauses, such as when or unless clauses. // // You can't change the following elements: // // * Changing from StaticPolicy to TemplateLinkedPolicy. // // * The effect (permit or forbid) of the policy. // // * The principal referenced by the policy. // // * The resource referenced by the policy. // // Statement is a required field Statement *string `locationName:"statement" min:"1" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateStaticPolicyDefinition) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s UpdateStaticPolicyDefinition) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *UpdateStaticPolicyDefinition) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdateStaticPolicyDefinition"} if s.Statement == nil { invalidParams.Add(request.NewErrParamRequired("Statement")) } if s.Statement != nil && len(*s.Statement) < 1 { invalidParams.Add(request.NewErrParamMinLen("Statement", 1)) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetDescription sets the Description field's value. func (s *UpdateStaticPolicyDefinition) SetDescription(v string) *UpdateStaticPolicyDefinition { s.Description = &v return s } // SetStatement sets the Statement field's value. func (s *UpdateStaticPolicyDefinition) SetStatement(v string) *UpdateStaticPolicyDefinition { s.Statement = &v return s } // The request failed because one or more input parameters don't satisfy their // constraint requirements. The output is provided as a list of fields and a // reason for each field that isn't valid. // // The possible reasons include the following: // // - UnrecognizedEntityType The policy includes an entity type that isn't // found in the schema. // // - UnrecognizedActionId The policy includes an action id that isn't found // in the schema. // // - InvalidActionApplication The policy includes an action that, according // to the schema, doesn't support the specified principal and resource. // // - UnexpectedType The policy included an operand that isn't a valid type // for the specified operation. // // - IncompatibleTypes The types of elements included in a set, or the types // of expressions used in an if...then...else clause aren't compatible in // this context. // // - MissingAttribute The policy attempts to access a record or entity attribute // that isn't specified in the schema. Test for the existence of the attribute // first before attempting to access its value. For more information, see // the has (presence of attribute test) operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - UnsafeOptionalAttributeAccess The policy attempts to access a record // or entity attribute that is optional and isn't guaranteed to be present. // Test for the existence of the attribute first before attempting to access // its value. For more information, see the has (presence of attribute test) // operator (https://docs.cedarpolicy.com/syntax-operators.html#has-presence-of-attribute-test) // in the Cedar Policy Language Guide. // // - ImpossiblePolicy Cedar has determined that a policy condition always // evaluates to false. If the policy is always false, it can never apply // to any query, and so it can never affect an authorization decision. // // - WrongNumberArguments The policy references an extension type with the // wrong number of arguments. // // - FunctionArgumentValidationError Cedar couldn't parse the argument passed // to an extension type. For example, a string that is to be parsed as an // IPv4 address can contain only digits and the period character. type ValidationException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` // The list of fields that aren't valid. FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"` Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ValidationException) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ValidationException) GoString() string { return s.String() } func newErrorValidationException(v protocol.ResponseMetadata) error { return &ValidationException{ RespMetadata: v, } } // Code returns the exception type name. func (s *ValidationException) Code() string { return "ValidationException" } // Message returns the exception's message. func (s *ValidationException) Message() string { if s.Message_ != nil { return *s.Message_ } return "" } // OrigErr always returns nil, satisfies awserr.Error interface. func (s *ValidationException) OrigErr() error { return nil } func (s *ValidationException) Error() string { return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } // Status code returns the HTTP status code for the request's response error. func (s *ValidationException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. func (s *ValidationException) RequestID() string { return s.RespMetadata.RequestID } // Details about a field that failed policy validation. type ValidationExceptionField struct { _ struct{} `type:"structure"` // Describes the policy validation error. // // Message is a required field Message *string `locationName:"message" type:"string" required:"true"` // The path to the specific element that Verified Permissions found to be not // valid. // // Path is a required field Path *string `locationName:"path" type:"string" required:"true"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ValidationExceptionField) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ValidationExceptionField) GoString() string { return s.String() } // SetMessage sets the Message field's value. func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField { s.Message = &v return s } // SetPath sets the Path field's value. func (s *ValidationExceptionField) SetPath(v string) *ValidationExceptionField { s.Path = &v return s } // A structure that contains Cedar policy validation settings for the policy // store. The validation mode determines which validation failures that Cedar // considers serious enough to block acceptance of a new or edited static policy // or policy template. // // This data type is used as a request parameter in the CreatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html) // and UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html) // operations. type ValidationSettings struct { _ struct{} `type:"structure"` // The validation mode currently configured for this policy store. The valid // values are: // // * OFF – Neither Verified Permissions nor Cedar perform any validation // on policies. No validation errors are reported by either service. // // * STRICT – Requires a schema to be present in the policy store. Cedar // performs validation on all submitted new or updated static policies and // policy templates. Any that fail validation are rejected and Cedar doesn't // store them in the policy store. // // If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions // rejects all static policies and policy templates because there is no schema // to validate against. // // To submit a static policy or policy template without a schema, you must turn // off validation. // // Mode is a required field Mode *string `locationName:"mode" type:"string" required:"true" enum:"ValidationMode"` } // String returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ValidationSettings) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". func (s ValidationSettings) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. func (s *ValidationSettings) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ValidationSettings"} if s.Mode == nil { invalidParams.Add(request.NewErrParamRequired("Mode")) } if invalidParams.Len() > 0 { return invalidParams } return nil } // SetMode sets the Mode field's value. func (s *ValidationSettings) SetMode(v string) *ValidationSettings { s.Mode = &v return s } const ( // DecisionAllow is a Decision enum value DecisionAllow = "ALLOW" // DecisionDeny is a Decision enum value DecisionDeny = "DENY" ) // Decision_Values returns all elements of the Decision enum func Decision_Values() []string { return []string{ DecisionAllow, DecisionDeny, } } const ( // OpenIdIssuerCognito is a OpenIdIssuer enum value OpenIdIssuerCognito = "COGNITO" ) // OpenIdIssuer_Values returns all elements of the OpenIdIssuer enum func OpenIdIssuer_Values() []string { return []string{ OpenIdIssuerCognito, } } const ( // PolicyTypeStatic is a PolicyType enum value PolicyTypeStatic = "STATIC" // PolicyTypeTemplateLinked is a PolicyType enum value PolicyTypeTemplateLinked = "TEMPLATE_LINKED" ) // PolicyType_Values returns all elements of the PolicyType enum func PolicyType_Values() []string { return []string{ PolicyTypeStatic, PolicyTypeTemplateLinked, } } const ( // ResourceTypeIdentitySource is a ResourceType enum value ResourceTypeIdentitySource = "IDENTITY_SOURCE" // ResourceTypePolicyStore is a ResourceType enum value ResourceTypePolicyStore = "POLICY_STORE" // ResourceTypePolicy is a ResourceType enum value ResourceTypePolicy = "POLICY" // ResourceTypePolicyTemplate is a ResourceType enum value ResourceTypePolicyTemplate = "POLICY_TEMPLATE" // ResourceTypeSchema is a ResourceType enum value ResourceTypeSchema = "SCHEMA" ) // ResourceType_Values returns all elements of the ResourceType enum func ResourceType_Values() []string { return []string{ ResourceTypeIdentitySource, ResourceTypePolicyStore, ResourceTypePolicy, ResourceTypePolicyTemplate, ResourceTypeSchema, } } const ( // ValidationModeOff is a ValidationMode enum value ValidationModeOff = "OFF" // ValidationModeStrict is a ValidationMode enum value ValidationModeStrict = "STRICT" ) // ValidationMode_Values returns all elements of the ValidationMode enum func ValidationMode_Values() []string { return []string{ ValidationModeOff, ValidationModeStrict, } }