/*
* Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.verifiedpermissions;
import org.w3c.dom.*;
import java.net.*;
import java.util.*;
import javax.annotation.Generated;
import org.apache.commons.logging.*;
import com.amazonaws.*;
import com.amazonaws.annotation.SdkInternalApi;
import com.amazonaws.auth.*;
import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.client.builder.AdvancedConfig;
import com.amazonaws.services.verifiedpermissions.AmazonVerifiedPermissionsClientBuilder;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.verifiedpermissions.model.*;
import com.amazonaws.services.verifiedpermissions.model.transform.*;
/**
* Client for accessing Amazon Verified Permissions. All service calls made using this client are blocking, and will not
* return until the service call completes.
*
*
* Amazon Verified Permissions is a permissions management service from Amazon Web Services. You can use Verified
* Permissions to manage permissions for your application, and authorize user access based on those permissions. Using
* Verified Permissions, application developers can grant access based on information about the users, resources, and
* requested actions. You can also evaluate additional information like group membership, attributes of the resources,
* and session context, such as time of request and IP addresses. Verified Permissions manages these permissions by
* letting you create and store authorization policies for your applications, such as consumer-facing web sites and
* enterprise business systems.
*
*
* Verified Permissions uses Cedar as the policy language to express your permission requirements. Cedar supports both
* role-based access control (RBAC) and attribute-based access control (ABAC) authorization models.
*
*
* For more information about configuring, administering, and using Amazon Verified Permissions in your applications,
* see the Amazon Verified Permissions User
* Guide.
*
*
* For more information about the Cedar policy language, see the Cedar Policy
* Language Guide.
*
*
*
* When you write Cedar policies that reference principals, resources and actions, you can define the unique identifiers
* used for each of those elements. We strongly recommend that you follow these best practices:
*
*
* -
*
* Use values like universally unique identifiers (UUIDs) for all principal and resource identifiers.
*
*
* For example, if user jane leaves the company, and you later let someone else use the name
* jane, then that new user automatically gets access to everything granted by policies that still
* reference User::"jane". Cedar can’t distinguish between the new user and the old. This applies to both
* principal and resource identifiers. Always use identifiers that are guaranteed unique and never reused to ensure that
* you don’t unintentionally grant access because of the presence of an old identifier in a policy.
*
*
* Where you use a UUID for an entity, we recommend that you follow it with the // comment specifier and the ‘friendly’
* name of your entity. This helps to make your policies easier to understand. For example: principal ==
* User::"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111", // alice
*
*
* -
*
* Do not include personally identifying, confidential, or sensitive information as part of the unique identifier for
* your principals or resources. These identifiers are included in log entries shared in CloudTrail trails.
*
*
*
*
*
* Several operations return structures that appear similar, but have different purposes. As new functionality is added
* to the product, the structure used in a parameter of one operation might need to change in a way that wouldn't make
* sense for the same parameter in a different operation. To help you understand the purpose of each, the following
* naming convention is used for the structures:
*
*
* -
*
* Parameter type structures that end in Detail are used in Get operations.
*
*
* -
*
* Parameter type structures that end in Item are used in List operations.
*
*
* -
*
* Parameter type structures that use neither suffix are used in the mutating (create and update) operations.
*
*
*
*/
@ThreadSafe
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AmazonVerifiedPermissionsClient extends AmazonWebServiceClient implements AmazonVerifiedPermissions {
/** Provider for AWS credentials. */
private final AWSCredentialsProvider awsCredentialsProvider;
private static final Log log = LogFactory.getLog(AmazonVerifiedPermissions.class);
/** Default signing name for the service. */
private static final String DEFAULT_SIGNING_NAME = "verifiedpermissions";
/** Client configuration factory providing ClientConfigurations tailored to this client */
protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory();
private final AdvancedConfig advancedConfig;
private static final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory(
new JsonClientMetadata()
.withProtocolVersion("1.0")
.withSupportsCbor(false)
.withSupportsIon(false)
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("AccessDeniedException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.AccessDeniedExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ConflictException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.ConflictExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ResourceNotFoundException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.ResourceNotFoundExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ThrottlingException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.ThrottlingExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ValidationException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.ValidationExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ServiceQuotaExceededException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.ServiceQuotaExceededExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InternalServerException").withExceptionUnmarshaller(
com.amazonaws.services.verifiedpermissions.model.transform.InternalServerExceptionUnmarshaller.getInstance()))
.withBaseServiceExceptionClass(com.amazonaws.services.verifiedpermissions.model.AmazonVerifiedPermissionsException.class));
public static AmazonVerifiedPermissionsClientBuilder builder() {
return AmazonVerifiedPermissionsClientBuilder.standard();
}
/**
* Constructs a new client to invoke service methods on Amazon Verified Permissions using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AmazonVerifiedPermissionsClient(AwsSyncClientParams clientParams) {
this(clientParams, false);
}
/**
* Constructs a new client to invoke service methods on Amazon Verified Permissions using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AmazonVerifiedPermissionsClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled) {
super(clientParams);
this.awsCredentialsProvider = clientParams.getCredentialsProvider();
this.advancedConfig = clientParams.getAdvancedConfig();
init();
}
private void init() {
setServiceNameIntern(DEFAULT_SIGNING_NAME);
setEndpointPrefix(ENDPOINT_PREFIX);
// calling this.setEndPoint(...) will also modify the signer accordingly
setEndpoint("verifiedpermissions.us-east-1.amazonaws.com");
HandlerChainFactory chainFactory = new HandlerChainFactory();
requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/verifiedpermissions/request.handlers"));
requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/verifiedpermissions/request.handler2s"));
requestHandler2s.addAll(chainFactory.getGlobalHandlers());
}
/**
*
* Creates a reference to an Amazon Cognito user pool as an external identity provider (IdP).
*
*
* After you create an identity source, you can use the identities provided by the IdP as proxies for the principal
* in authorization queries that use the IsAuthorizedWithToken operation. These identities take the form of tokens that contain claims about the
* user, such as IDs, attributes and group memberships. Amazon Cognito provides both identity tokens and access
* tokens, and Verified Permissions can use either or both. Any combination of identity and access tokens results in
* the same Cedar principal. Verified Permissions automatically translates the information about the identities into
* the standard Cedar attributes that can be evaluated by your policies. Because the Amazon Cognito identity and
* access tokens can contain different information, the tokens you choose to use determine which principal
* attributes are available to access when evaluating Cedar policies.
*
*
*
* If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to
* be usable until they expire.
*
*
*
* To reference a user from this identity source in your Cedar policies, use the following syntax.
*
*
* IdentityType::"<CognitoUserPoolIdentifier>|<CognitoClientId>
*
*
* Where IdentityType is the string that you provide to the PrincipalEntityType parameter
* for this operation. The CognitoUserPoolId and CognitoClientId are defined by the Amazon
* Cognito user pool.
*
*
*
* @param createIdentitySourceRequest
* @return Result of the CreateIdentitySource operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ServiceQuotaExceededException
* The request failed because it would cause a service quota to be exceeded.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.CreateIdentitySource
* @see AWS API Documentation
*/
@Override
public CreateIdentitySourceResult createIdentitySource(CreateIdentitySourceRequest request) {
request = beforeClientExecution(request);
return executeCreateIdentitySource(request);
}
@SdkInternalApi
final CreateIdentitySourceResult executeCreateIdentitySource(CreateIdentitySourceRequest createIdentitySourceRequest) {
ExecutionContext executionContext = createExecutionContext(createIdentitySourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateIdentitySourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createIdentitySourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateIdentitySource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateIdentitySourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a
* policy linked to a policy template.
*
*
* -
*
* To create a static policy, provide the Cedar policy text in the StaticPolicy section of the
* PolicyDefinition.
*
*
* -
*
* To create a policy that is dynamically linked to a policy template, specify the policy template ID and the
* principal and resource to associate with this policy in the templateLinked section of the
* PolicyDefinition. If the policy template is ever updated, any policies linked to the policy template
* automatically use the updated template.
*
*
*
*
*
* Creating a policy causes it to be validated against the schema in the policy store. If the policy doesn't pass
* validation, the operation fails and the policy isn't stored.
*
*
*
* @param createPolicyRequest
* @return Result of the CreatePolicy operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ServiceQuotaExceededException
* The request failed because it would cause a service quota to be exceeded.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.CreatePolicy
* @see AWS API Documentation
*/
@Override
public CreatePolicyResult createPolicy(CreatePolicyRequest request) {
request = beforeClientExecution(request);
return executeCreatePolicy(request);
}
@SdkInternalApi
final CreatePolicyResult executeCreatePolicy(CreatePolicyRequest createPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(createPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreatePolicyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreatePolicy");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreatePolicyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a policy store. A policy store is a container for policy resources.
*
*
*
* Although Cedar supports multiple namespaces,
* Verified Permissions currently supports only one namespace per policy store.
*
*
*
* @param createPolicyStoreRequest
* @return Result of the CreatePolicyStore operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ServiceQuotaExceededException
* The request failed because it would cause a service quota to be exceeded.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.CreatePolicyStore
* @see AWS API Documentation
*/
@Override
public CreatePolicyStoreResult createPolicyStore(CreatePolicyStoreRequest request) {
request = beforeClientExecution(request);
return executeCreatePolicyStore(request);
}
@SdkInternalApi
final CreatePolicyStoreResult executeCreatePolicyStore(CreatePolicyStoreRequest createPolicyStoreRequest) {
ExecutionContext executionContext = createExecutionContext(createPolicyStoreRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreatePolicyStoreRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createPolicyStoreRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreatePolicyStore");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreatePolicyStoreResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a policy template. A template can use placeholders for the principal and resource. A template must be
* instantiated into a policy by associating it with specific principals and resources to use for the placeholders.
* That instantiated policy can then be considered in authorization decisions. The instantiated policy works
* identically to any other policy, except that it is dynamically linked to the template. If the template changes,
* then any policies that are linked to that template are immediately updated as well.
*
*
* @param createPolicyTemplateRequest
* @return Result of the CreatePolicyTemplate operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ServiceQuotaExceededException
* The request failed because it would cause a service quota to be exceeded.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.CreatePolicyTemplate
* @see AWS API Documentation
*/
@Override
public CreatePolicyTemplateResult createPolicyTemplate(CreatePolicyTemplateRequest request) {
request = beforeClientExecution(request);
return executeCreatePolicyTemplate(request);
}
@SdkInternalApi
final CreatePolicyTemplateResult executeCreatePolicyTemplate(CreatePolicyTemplateRequest createPolicyTemplateRequest) {
ExecutionContext executionContext = createExecutionContext(createPolicyTemplateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreatePolicyTemplateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createPolicyTemplateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreatePolicyTemplate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreatePolicyTemplateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes an identity source that references an identity provider (IdP) such as Amazon Cognito. After you delete
* the identity source, you can no longer use tokens for identities from that identity source to represent
* principals in authorization queries made using IsAuthorizedWithToken. operations.
*
*
* @param deleteIdentitySourceRequest
* @return Result of the DeleteIdentitySource operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.DeleteIdentitySource
* @see AWS API Documentation
*/
@Override
public DeleteIdentitySourceResult deleteIdentitySource(DeleteIdentitySourceRequest request) {
request = beforeClientExecution(request);
return executeDeleteIdentitySource(request);
}
@SdkInternalApi
final DeleteIdentitySourceResult executeDeleteIdentitySource(DeleteIdentitySourceRequest deleteIdentitySourceRequest) {
ExecutionContext executionContext = createExecutionContext(deleteIdentitySourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteIdentitySourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteIdentitySourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteIdentitySource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteIdentitySourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified policy from the policy store.
*
*
* This operation is idempotent; if you specify a policy that doesn't exist, the request response returns a
* successful HTTP 200 status code.
*
*
* @param deletePolicyRequest
* @return Result of the DeletePolicy operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.DeletePolicy
* @see AWS API Documentation
*/
@Override
public DeletePolicyResult deletePolicy(DeletePolicyRequest request) {
request = beforeClientExecution(request);
return executeDeletePolicy(request);
}
@SdkInternalApi
final DeletePolicyResult executeDeletePolicy(DeletePolicyRequest deletePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(deletePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeletePolicyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deletePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeletePolicy");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeletePolicyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified policy store.
*
*
* This operation is idempotent. If you specify a policy store that does not exist, the request response will still
* return a successful HTTP 200 status code.
*
*
* @param deletePolicyStoreRequest
* @return Result of the DeletePolicyStore operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.DeletePolicyStore
* @see AWS API Documentation
*/
@Override
public DeletePolicyStoreResult deletePolicyStore(DeletePolicyStoreRequest request) {
request = beforeClientExecution(request);
return executeDeletePolicyStore(request);
}
@SdkInternalApi
final DeletePolicyStoreResult executeDeletePolicyStore(DeletePolicyStoreRequest deletePolicyStoreRequest) {
ExecutionContext executionContext = createExecutionContext(deletePolicyStoreRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeletePolicyStoreRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deletePolicyStoreRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeletePolicyStore");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeletePolicyStoreResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified policy template from the policy store.
*
*
*
* This operation also deletes any policies that were created from the specified policy template. Those policies are
* immediately removed from all future API responses, and are asynchronously deleted from the policy store.
*
*
*
* @param deletePolicyTemplateRequest
* @return Result of the DeletePolicyTemplate operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.DeletePolicyTemplate
* @see AWS API Documentation
*/
@Override
public DeletePolicyTemplateResult deletePolicyTemplate(DeletePolicyTemplateRequest request) {
request = beforeClientExecution(request);
return executeDeletePolicyTemplate(request);
}
@SdkInternalApi
final DeletePolicyTemplateResult executeDeletePolicyTemplate(DeletePolicyTemplateRequest deletePolicyTemplateRequest) {
ExecutionContext executionContext = createExecutionContext(deletePolicyTemplateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeletePolicyTemplateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deletePolicyTemplateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeletePolicyTemplate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeletePolicyTemplateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves the details about the specified identity source.
*
*
* @param getIdentitySourceRequest
* @return Result of the GetIdentitySource operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.GetIdentitySource
* @see AWS API Documentation
*/
@Override
public GetIdentitySourceResult getIdentitySource(GetIdentitySourceRequest request) {
request = beforeClientExecution(request);
return executeGetIdentitySource(request);
}
@SdkInternalApi
final GetIdentitySourceResult executeGetIdentitySource(GetIdentitySourceRequest getIdentitySourceRequest) {
ExecutionContext executionContext = createExecutionContext(getIdentitySourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetIdentitySourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getIdentitySourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetIdentitySource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetIdentitySourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves information about the specified policy.
*
*
* @param getPolicyRequest
* @return Result of the GetPolicy operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.GetPolicy
* @see AWS
* API Documentation
*/
@Override
public GetPolicyResult getPolicy(GetPolicyRequest request) {
request = beforeClientExecution(request);
return executeGetPolicy(request);
}
@SdkInternalApi
final GetPolicyResult executeGetPolicy(GetPolicyRequest getPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetPolicyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetPolicy");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetPolicyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves details about a policy store.
*
*
* @param getPolicyStoreRequest
* @return Result of the GetPolicyStore operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.GetPolicyStore
* @see AWS API Documentation
*/
@Override
public GetPolicyStoreResult getPolicyStore(GetPolicyStoreRequest request) {
request = beforeClientExecution(request);
return executeGetPolicyStore(request);
}
@SdkInternalApi
final GetPolicyStoreResult executeGetPolicyStore(GetPolicyStoreRequest getPolicyStoreRequest) {
ExecutionContext executionContext = createExecutionContext(getPolicyStoreRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetPolicyStoreRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getPolicyStoreRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetPolicyStore");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetPolicyStoreResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieve the details for the specified policy template in the specified policy store.
*
*
* @param getPolicyTemplateRequest
* @return Result of the GetPolicyTemplate operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.GetPolicyTemplate
* @see AWS API Documentation
*/
@Override
public GetPolicyTemplateResult getPolicyTemplate(GetPolicyTemplateRequest request) {
request = beforeClientExecution(request);
return executeGetPolicyTemplate(request);
}
@SdkInternalApi
final GetPolicyTemplateResult executeGetPolicyTemplate(GetPolicyTemplateRequest getPolicyTemplateRequest) {
ExecutionContext executionContext = createExecutionContext(getPolicyTemplateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetPolicyTemplateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getPolicyTemplateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetPolicyTemplate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetPolicyTemplateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieve the details for the specified schema in the specified policy store.
*
*
* @param getSchemaRequest
* @return Result of the GetSchema operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.GetSchema
* @see AWS
* API Documentation
*/
@Override
public GetSchemaResult getSchema(GetSchemaRequest request) {
request = beforeClientExecution(request);
return executeGetSchema(request);
}
@SdkInternalApi
final GetSchemaResult executeGetSchema(GetSchemaRequest getSchemaRequest) {
ExecutionContext executionContext = createExecutionContext(getSchemaRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetSchemaRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getSchemaRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetSchema");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetSchemaResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Makes an authorization decision about a service request described in the parameters. The information in the
* parameters can also define additional context that Verified Permissions can include in the evaluation. The
* request is evaluated against all matching policies in the specified policy store. The result of the decision is
* either Allow or Deny, along with a list of the policies that resulted in the decision.
*
*
* @param isAuthorizedRequest
* @return Result of the IsAuthorized operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.IsAuthorized
* @see AWS API Documentation
*/
@Override
public IsAuthorizedResult isAuthorized(IsAuthorizedRequest request) {
request = beforeClientExecution(request);
return executeIsAuthorized(request);
}
@SdkInternalApi
final IsAuthorizedResult executeIsAuthorized(IsAuthorizedRequest isAuthorizedRequest) {
ExecutionContext executionContext = createExecutionContext(isAuthorizedRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new IsAuthorizedRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(isAuthorizedRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "IsAuthorized");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new IsAuthorizedResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Makes an authorization decision about a service request described in the parameters. The principal in this
* request comes from an external identity source. The information in the parameters can also define additional
* context that Verified Permissions can include in the evaluation. The request is evaluated against all matching
* policies in the specified policy store. The result of the decision is either Allow or
* Deny, along with a list of the policies that resulted in the decision.
*
*
*
* If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to
* be usable until they expire.
*
*
*
* @param isAuthorizedWithTokenRequest
* @return Result of the IsAuthorizedWithToken operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.IsAuthorizedWithToken
* @see AWS API Documentation
*/
@Override
public IsAuthorizedWithTokenResult isAuthorizedWithToken(IsAuthorizedWithTokenRequest request) {
request = beforeClientExecution(request);
return executeIsAuthorizedWithToken(request);
}
@SdkInternalApi
final IsAuthorizedWithTokenResult executeIsAuthorizedWithToken(IsAuthorizedWithTokenRequest isAuthorizedWithTokenRequest) {
ExecutionContext executionContext = createExecutionContext(isAuthorizedWithTokenRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new IsAuthorizedWithTokenRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(isAuthorizedWithTokenRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "IsAuthorizedWithToken");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory
.createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new IsAuthorizedWithTokenResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a paginated list of all of the identity sources defined in the specified policy store.
*
*
* @param listIdentitySourcesRequest
* @return Result of the ListIdentitySources operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.ListIdentitySources
* @see AWS API Documentation
*/
@Override
public ListIdentitySourcesResult listIdentitySources(ListIdentitySourcesRequest request) {
request = beforeClientExecution(request);
return executeListIdentitySources(request);
}
@SdkInternalApi
final ListIdentitySourcesResult executeListIdentitySources(ListIdentitySourcesRequest listIdentitySourcesRequest) {
ExecutionContext executionContext = createExecutionContext(listIdentitySourcesRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListIdentitySourcesRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listIdentitySourcesRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListIdentitySources");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListIdentitySourcesResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a paginated list of all policies stored in the specified policy store.
*
*
* @param listPoliciesRequest
* @return Result of the ListPolicies operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.ListPolicies
* @see AWS API Documentation
*/
@Override
public ListPoliciesResult listPolicies(ListPoliciesRequest request) {
request = beforeClientExecution(request);
return executeListPolicies(request);
}
@SdkInternalApi
final ListPoliciesResult executeListPolicies(ListPoliciesRequest listPoliciesRequest) {
ExecutionContext executionContext = createExecutionContext(listPoliciesRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListPoliciesRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listPoliciesRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListPolicies");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListPoliciesResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a paginated list of all policy stores in the calling Amazon Web Services account.
*
*
* @param listPolicyStoresRequest
* @return Result of the ListPolicyStores operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.ListPolicyStores
* @see AWS API Documentation
*/
@Override
public ListPolicyStoresResult listPolicyStores(ListPolicyStoresRequest request) {
request = beforeClientExecution(request);
return executeListPolicyStores(request);
}
@SdkInternalApi
final ListPolicyStoresResult executeListPolicyStores(ListPolicyStoresRequest listPolicyStoresRequest) {
ExecutionContext executionContext = createExecutionContext(listPolicyStoresRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListPolicyStoresRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listPolicyStoresRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListPolicyStores");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListPolicyStoresResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a paginated list of all policy templates in the specified policy store.
*
*
* @param listPolicyTemplatesRequest
* @return Result of the ListPolicyTemplates operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.ListPolicyTemplates
* @see AWS API Documentation
*/
@Override
public ListPolicyTemplatesResult listPolicyTemplates(ListPolicyTemplatesRequest request) {
request = beforeClientExecution(request);
return executeListPolicyTemplates(request);
}
@SdkInternalApi
final ListPolicyTemplatesResult executeListPolicyTemplates(ListPolicyTemplatesRequest listPolicyTemplatesRequest) {
ExecutionContext executionContext = createExecutionContext(listPolicyTemplatesRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListPolicyTemplatesRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listPolicyTemplatesRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListPolicyTemplates");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListPolicyTemplatesResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates or updates the policy schema in the specified policy store. The schema is used to validate any Cedar
* policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and
* templates submitted after the schema change. Existing policies and templates are not re-evaluated against the
* changed schema. If you later update a policy, then it is evaluated against the new schema at that time.
*
*
* @param putSchemaRequest
* @return Result of the PutSchema operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ServiceQuotaExceededException
* The request failed because it would cause a service quota to be exceeded.
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.PutSchema
* @see AWS
* API Documentation
*/
@Override
public PutSchemaResult putSchema(PutSchemaRequest request) {
request = beforeClientExecution(request);
return executePutSchema(request);
}
@SdkInternalApi
final PutSchemaResult executePutSchema(PutSchemaRequest putSchemaRequest) {
ExecutionContext executionContext = createExecutionContext(putSchemaRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new PutSchemaRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(putSchemaRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "PutSchema");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new PutSchemaResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates the specified identity source to use a new identity provider (IdP) source, or to change the mapping of
* identities from the IdP to a different principal entity type.
*
*
* @param updateIdentitySourceRequest
* @return Result of the UpdateIdentitySource operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.UpdateIdentitySource
* @see AWS API Documentation
*/
@Override
public UpdateIdentitySourceResult updateIdentitySource(UpdateIdentitySourceRequest request) {
request = beforeClientExecution(request);
return executeUpdateIdentitySource(request);
}
@SdkInternalApi
final UpdateIdentitySourceResult executeUpdateIdentitySource(UpdateIdentitySourceRequest updateIdentitySourceRequest) {
ExecutionContext executionContext = createExecutionContext(updateIdentitySourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateIdentitySourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateIdentitySourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateIdentitySource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateIdentitySourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Modifies a Cedar static policy in the specified policy store. You can change only certain elements of the UpdatePolicyDefinition parameter. You can directly update only static policies. To change a template-linked
* policy, you must update the template instead, using UpdatePolicyTemplate.
*
*
*
* If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to
* validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation,
* the operation fails and the update isn't stored.
*
*
*
* @param updatePolicyRequest
* @return Result of the UpdatePolicy operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ServiceQuotaExceededException
* The request failed because it would cause a service quota to be exceeded.
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.UpdatePolicy
* @see AWS API Documentation
*/
@Override
public UpdatePolicyResult updatePolicy(UpdatePolicyRequest request) {
request = beforeClientExecution(request);
return executeUpdatePolicy(request);
}
@SdkInternalApi
final UpdatePolicyResult executeUpdatePolicy(UpdatePolicyRequest updatePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(updatePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdatePolicyRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updatePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdatePolicy");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdatePolicyResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Modifies the validation setting for a policy store.
*
*
* @param updatePolicyStoreRequest
* @return Result of the UpdatePolicyStore operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.UpdatePolicyStore
* @see AWS API Documentation
*/
@Override
public UpdatePolicyStoreResult updatePolicyStore(UpdatePolicyStoreRequest request) {
request = beforeClientExecution(request);
return executeUpdatePolicyStore(request);
}
@SdkInternalApi
final UpdatePolicyStoreResult executeUpdatePolicyStore(UpdatePolicyStoreRequest updatePolicyStoreRequest) {
ExecutionContext executionContext = createExecutionContext(updatePolicyStoreRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdatePolicyStoreRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updatePolicyStoreRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdatePolicyStore");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdatePolicyStoreResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates the specified policy template. You can update only the description and the some elements of the policyBody.
*
*
*
* Changes you make to the policy template content are immediately reflected in authorization decisions that involve
* all template-linked policies instantiated from this template.
*
*
*
* @param updatePolicyTemplateRequest
* @return Result of the UpdatePolicyTemplate operation returned by the service.
* @throws ValidationException
* The request failed because one or more input parameters don't satisfy their constraint requirements. The
* output is provided as a list of fields and a reason for each field that isn't valid.
*
* The possible reasons include the following:
*
*
* -
*
* UnrecognizedEntityType
*
*
* The policy includes an entity type that isn't found in the schema.
*
*
* -
*
* UnrecognizedActionId
*
*
* The policy includes an action id that isn't found in the schema.
*
*
* -
*
* InvalidActionApplication
*
*
* The policy includes an action that, according to the schema, doesn't support the specified principal and
* resource.
*
*
* -
*
* UnexpectedType
*
*
* The policy included an operand that isn't a valid type for the specified operation.
*
*
* -
*
* IncompatibleTypes
*
*
* The types of elements included in a set, or the types of expressions used in an
* if...then...else clause aren't compatible in this context.
*
*
* -
*
* MissingAttribute
*
*
* The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for
* the existence of the attribute first before attempting to access its value. For more information, see the
* has (presence
* of attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* UnsafeOptionalAttributeAccess
*
*
* The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be
* present. Test for the existence of the attribute first before attempting to access its value. For more
* information, see the has (presence of
* attribute test) operator in the Cedar Policy Language Guide.
*
*
* -
*
* ImpossiblePolicy
*
*
* Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it
* can never apply to any query, and so it can never affect an authorization decision.
*
*
* -
*
* WrongNumberArguments
*
*
* The policy references an extension type with the wrong number of arguments.
*
*
* -
*
* FunctionArgumentValidationError
*
*
* Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed
* as an IPv4 address can contain only digits and the period character.
*
*
* @throws ConflictException
* The request failed because another request to modify a resource occurred at the same.
* @throws AccessDeniedException
* You don't have sufficient access to perform this action.
* @throws ResourceNotFoundException
* The request failed because it references a resource that doesn't exist.
* @throws ThrottlingException
* The request failed because it exceeded a throttling quota.
* @throws InternalServerException
* The request failed because of an internal error. Try your request again later
* @sample AmazonVerifiedPermissions.UpdatePolicyTemplate
* @see AWS API Documentation
*/
@Override
public UpdatePolicyTemplateResult updatePolicyTemplate(UpdatePolicyTemplateRequest request) {
request = beforeClientExecution(request);
return executeUpdatePolicyTemplate(request);
}
@SdkInternalApi
final UpdatePolicyTemplateResult executeUpdatePolicyTemplate(UpdatePolicyTemplateRequest updatePolicyTemplateRequest) {
ExecutionContext executionContext = createExecutionContext(updatePolicyTemplateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdatePolicyTemplateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updatePolicyTemplateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "VerifiedPermissions");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdatePolicyTemplate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdatePolicyTemplateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
* Returns additional metadata for a previously executed successful, request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing the request.
*
* @param request
* The originally executed request
*
* @return The response metadata for the specified request, or null if none is available.
*/
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) {
return client.getResponseMetadataForRequest(request);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext) {
return invoke(request, responseHandler, executionContext, null, null);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI cachedEndpoint, URI uriFromEndpointTrait) {
executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider));
return doInvoke(request, responseHandler, executionContext, cachedEndpoint, uriFromEndpointTrait);
}
/**
* Invoke with no authentication. Credentials are not required and any credentials set on the client or request will
* be ignored for this operation.
**/
private Response anonymousInvoke(Request request,
HttpResponseHandler> responseHandler, ExecutionContext executionContext) {
return doInvoke(request, responseHandler, executionContext, null, null);
}
/**
* Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the
* ExecutionContext beforehand.
**/
private Response doInvoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI discoveredEndpoint, URI uriFromEndpointTrait) {
if (discoveredEndpoint != null) {
request.setEndpoint(discoveredEndpoint);
request.getOriginalRequest().getRequestClientOptions().appendUserAgent("endpoint-discovery");
} else if (uriFromEndpointTrait != null) {
request.setEndpoint(uriFromEndpointTrait);
} else {
request.setEndpoint(endpoint);
}
request.setTimeOffset(timeOffset);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata());
return client.execute(request, responseHandler, errorResponseHandler, executionContext);
}
@com.amazonaws.annotation.SdkInternalApi
static com.amazonaws.protocol.json.SdkJsonProtocolFactory getProtocolFactory() {
return protocolFactory;
}
@Override
public void shutdown() {
super.shutdown();
}
}