/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the verifiedpermissions-2021-12-01.normal.json service model.
*/
using System;
using System.Runtime.ExceptionServices;
using System.Threading;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Net;
using Amazon.VerifiedPermissions.Model;
using Amazon.VerifiedPermissions.Model.Internal.MarshallTransformations;
using Amazon.VerifiedPermissions.Internal;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
using Amazon.Runtime.Internal.Auth;
using Amazon.Runtime.Internal.Transform;
namespace Amazon.VerifiedPermissions
{
///
/// Implementation for accessing VerifiedPermissions
///
/// Amazon Verified Permissions is a permissions management service from Amazon Web Services.
/// You can use Verified Permissions to manage permissions for your application, and authorize
/// user access based on those permissions. Using Verified Permissions, application developers
/// can grant access based on information about the users, resources, and requested actions.
/// You can also evaluate additional information like group membership, attributes of
/// the resources, and session context, such as time of request and IP addresses. Verified
/// Permissions manages these permissions by letting you create and store authorization
/// policies for your applications, such as consumer-facing web sites and enterprise business
/// systems.
///
///
///
/// Verified Permissions uses Cedar as the policy language to express your permission
/// requirements. Cedar supports both role-based access control (RBAC) and attribute-based
/// access control (ABAC) authorization models.
///
///
///
/// For more information about configuring, administering, and using Amazon Verified Permissions
/// in your applications, see the Amazon
/// Verified Permissions User Guide.
///
///
///
/// For more information about the Cedar policy language, see the Cedar
/// Policy Language Guide.
///
///
///
/// When you write Cedar policies that reference principals, resources and actions, you
/// can define the unique identifiers used for each of those elements. We strongly recommend
/// that you follow these best practices:
///
/// -
///
/// Use values like universally unique identifiers (UUIDs) for all principal and resource
/// identifiers.
///
///
///
/// For example, if user
jane leaves the company, and you later let someone
/// else use the name jane, then that new user automatically gets access
/// to everything granted by policies that still reference User::"jane".
/// Cedar can’t distinguish between the new user and the old. This applies to both principal
/// and resource identifiers. Always use identifiers that are guaranteed unique and never
/// reused to ensure that you don’t unintentionally grant access because of the presence
/// of an old identifier in a policy.
///
///
///
/// Where you use a UUID for an entity, we recommend that you follow it with the // comment
/// specifier and the ‘friendly’ name of your entity. This helps to make your policies
/// easier to understand. For example: principal == User::"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111",
/// // alice
///
/// -
///
/// Do not include personally identifying, confidential, or sensitive information
/// as part of the unique identifier for your principals or resources. These identifiers
/// are included in log entries shared in CloudTrail trails.
///
///
///
/// Several operations return structures that appear similar, but have different purposes.
/// As new functionality is added to the product, the structure used in a parameter of
/// one operation might need to change in a way that wouldn't make sense for the same
/// parameter in a different operation. To help you understand the purpose of each, the
/// following naming convention is used for the structures:
///
/// -
///
/// Parameter type structures that end in
Detail are used in Get
/// operations.
///
/// -
///
/// Parameter type structures that end in
Item are used in List
/// operations.
///
/// -
///
/// Parameter type structures that use neither suffix are used in the mutating (create
/// and update) operations.
///
///
///
public partial class AmazonVerifiedPermissionsClient : AmazonServiceClient, IAmazonVerifiedPermissions
{
private static IServiceMetadata serviceMetadata = new AmazonVerifiedPermissionsMetadata();
private IVerifiedPermissionsPaginatorFactory _paginators;
///
/// Paginators for the service
///
public IVerifiedPermissionsPaginatorFactory Paginators
{
get
{
if (this._paginators == null)
{
this._paginators = new VerifiedPermissionsPaginatorFactory(this);
}
return this._paginators;
}
}
#region Constructors
///
/// Constructs AmazonVerifiedPermissionsClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
public AmazonVerifiedPermissionsClient()
: base(FallbackCredentialsFactory.GetCredentials(), new AmazonVerifiedPermissionsConfig()) { }
///
/// Constructs AmazonVerifiedPermissionsClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
/// The region to connect.
public AmazonVerifiedPermissionsClient(RegionEndpoint region)
: base(FallbackCredentialsFactory.GetCredentials(), new AmazonVerifiedPermissionsConfig{RegionEndpoint = region}) { }
///
/// Constructs AmazonVerifiedPermissionsClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
/// The AmazonVerifiedPermissionsClient Configuration Object
public AmazonVerifiedPermissionsClient(AmazonVerifiedPermissionsConfig config)
: base(FallbackCredentialsFactory.GetCredentials(config), config){}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Credentials
///
/// AWS Credentials
public AmazonVerifiedPermissionsClient(AWSCredentials credentials)
: this(credentials, new AmazonVerifiedPermissionsConfig())
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Credentials
///
/// AWS Credentials
/// The region to connect.
public AmazonVerifiedPermissionsClient(AWSCredentials credentials, RegionEndpoint region)
: this(credentials, new AmazonVerifiedPermissionsConfig{RegionEndpoint = region})
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Credentials and an
/// AmazonVerifiedPermissionsClient Configuration object.
///
/// AWS Credentials
/// The AmazonVerifiedPermissionsClient Configuration Object
public AmazonVerifiedPermissionsClient(AWSCredentials credentials, AmazonVerifiedPermissionsConfig clientConfig)
: base(credentials, clientConfig)
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
public AmazonVerifiedPermissionsClient(string awsAccessKeyId, string awsSecretAccessKey)
: this(awsAccessKeyId, awsSecretAccessKey, new AmazonVerifiedPermissionsConfig())
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// The region to connect.
public AmazonVerifiedPermissionsClient(string awsAccessKeyId, string awsSecretAccessKey, RegionEndpoint region)
: this(awsAccessKeyId, awsSecretAccessKey, new AmazonVerifiedPermissionsConfig() {RegionEndpoint=region})
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Access Key ID, AWS Secret Key and an
/// AmazonVerifiedPermissionsClient Configuration object.
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// The AmazonVerifiedPermissionsClient Configuration Object
public AmazonVerifiedPermissionsClient(string awsAccessKeyId, string awsSecretAccessKey, AmazonVerifiedPermissionsConfig clientConfig)
: base(awsAccessKeyId, awsSecretAccessKey, clientConfig)
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
public AmazonVerifiedPermissionsClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken)
: this(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, new AmazonVerifiedPermissionsConfig())
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
/// The region to connect.
public AmazonVerifiedPermissionsClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, RegionEndpoint region)
: this(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, new AmazonVerifiedPermissionsConfig{RegionEndpoint = region})
{
}
///
/// Constructs AmazonVerifiedPermissionsClient with AWS Access Key ID, AWS Secret Key and an
/// AmazonVerifiedPermissionsClient Configuration object.
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
/// The AmazonVerifiedPermissionsClient Configuration Object
public AmazonVerifiedPermissionsClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, AmazonVerifiedPermissionsConfig clientConfig)
: base(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, clientConfig)
{
}
#endregion
#region Overrides
///
/// Creates the signer for the service.
///
protected override AbstractAWSSigner CreateSigner()
{
return new AWS4Signer();
}
///
/// Customize the pipeline
///
///
protected override void CustomizeRuntimePipeline(RuntimePipeline pipeline)
{
pipeline.RemoveHandler();
pipeline.AddHandlerAfter(new AmazonVerifiedPermissionsEndpointResolver());
}
///
/// Capture metadata for the service.
///
protected override IServiceMetadata ServiceMetadata
{
get
{
return serviceMetadata;
}
}
#endregion
#region Dispose
///
/// Disposes the service client.
///
protected override void Dispose(bool disposing)
{
base.Dispose(disposing);
}
#endregion
#region CreateIdentitySource
///
/// Creates a reference to an Amazon Cognito user pool as an external identity provider
/// (IdP).
///
///
///
/// After you create an identity source, you can use the identities provided by the IdP
/// as proxies for the principal in authorization queries that use the IsAuthorizedWithToken
/// operation. These identities take the form of tokens that contain claims about the
/// user, such as IDs, attributes and group memberships. Amazon Cognito provides both
/// identity tokens and access tokens, and Verified Permissions can use either or both.
/// Any combination of identity and access tokens results in the same Cedar principal.
/// Verified Permissions automatically translates the information about the identities
/// into the standard Cedar attributes that can be evaluated by your policies. Because
/// the Amazon Cognito identity and access tokens can contain different information, the
/// tokens you choose to use determine which principal attributes are available to access
/// when evaluating Cedar policies.
///
///
///
/// If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or
/// that deleted user continue to be usable until they expire.
///
///
///
/// To reference a user from this identity source in your Cedar policies, use the following
/// syntax.
///
///
///
/// IdentityType::"<CognitoUserPoolIdentifier>|<CognitoClientId>
///
///
///
/// Where IdentityType is the string that you provide to the PrincipalEntityType
/// parameter for this operation. The CognitoUserPoolId and CognitoClientId
/// are defined by the Amazon Cognito user pool.
///
///
///
/// Container for the necessary parameters to execute the CreateIdentitySource service method.
///
/// The response from the CreateIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreateIdentitySource Operation
public virtual CreateIdentitySourceResponse CreateIdentitySource(CreateIdentitySourceRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = CreateIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreateIdentitySourceResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Creates a reference to an Amazon Cognito user pool as an external identity provider
/// (IdP).
///
///
///
/// After you create an identity source, you can use the identities provided by the IdP
/// as proxies for the principal in authorization queries that use the IsAuthorizedWithToken
/// operation. These identities take the form of tokens that contain claims about the
/// user, such as IDs, attributes and group memberships. Amazon Cognito provides both
/// identity tokens and access tokens, and Verified Permissions can use either or both.
/// Any combination of identity and access tokens results in the same Cedar principal.
/// Verified Permissions automatically translates the information about the identities
/// into the standard Cedar attributes that can be evaluated by your policies. Because
/// the Amazon Cognito identity and access tokens can contain different information, the
/// tokens you choose to use determine which principal attributes are available to access
/// when evaluating Cedar policies.
///
///
///
/// If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or
/// that deleted user continue to be usable until they expire.
///
///
///
/// To reference a user from this identity source in your Cedar policies, use the following
/// syntax.
///
///
///
/// IdentityType::"<CognitoUserPoolIdentifier>|<CognitoClientId>
///
///
///
/// Where IdentityType is the string that you provide to the PrincipalEntityType
/// parameter for this operation. The CognitoUserPoolId and CognitoClientId
/// are defined by the Amazon Cognito user pool.
///
///
///
/// Container for the necessary parameters to execute the CreateIdentitySource service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the CreateIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreateIdentitySource Operation
public virtual Task CreateIdentitySourceAsync(CreateIdentitySourceRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = CreateIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreateIdentitySourceResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region CreatePolicy
///
/// Creates a Cedar policy and saves it in the specified policy store. You can create
/// either a static policy or a policy linked to a policy template.
///
/// -
///
/// To create a static policy, provide the Cedar policy text in the
StaticPolicy
/// section of the PolicyDefinition.
///
/// -
///
/// To create a policy that is dynamically linked to a policy template, specify the policy
/// template ID and the principal and resource to associate with this policy in the
templateLinked
/// section of the PolicyDefinition. If the policy template is ever updated,
/// any policies linked to the policy template automatically use the updated template.
///
///
///
/// Creating a policy causes it to be validated against the schema in the policy store.
/// If the policy doesn't pass validation, the operation fails and the policy isn't stored.
///
///
///
/// Container for the necessary parameters to execute the CreatePolicy service method.
///
/// The response from the CreatePolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreatePolicy Operation
public virtual CreatePolicyResponse CreatePolicy(CreatePolicyRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = CreatePolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreatePolicyResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Creates a Cedar policy and saves it in the specified policy store. You can create
/// either a static policy or a policy linked to a policy template.
///
/// -
///
/// To create a static policy, provide the Cedar policy text in the
StaticPolicy
/// section of the PolicyDefinition.
///
/// -
///
/// To create a policy that is dynamically linked to a policy template, specify the policy
/// template ID and the principal and resource to associate with this policy in the
templateLinked
/// section of the PolicyDefinition. If the policy template is ever updated,
/// any policies linked to the policy template automatically use the updated template.
///
///
///
/// Creating a policy causes it to be validated against the schema in the policy store.
/// If the policy doesn't pass validation, the operation fails and the policy isn't stored.
///
///
///
/// Container for the necessary parameters to execute the CreatePolicy service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the CreatePolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreatePolicy Operation
public virtual Task CreatePolicyAsync(CreatePolicyRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = CreatePolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreatePolicyResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region CreatePolicyStore
///
/// Creates a policy store. A policy store is a container for policy resources.
///
///
///
/// Although Cedar supports
/// multiple namespaces, Verified Permissions currently supports only one namespace
/// per policy store.
///
///
///
/// Container for the necessary parameters to execute the CreatePolicyStore service method.
///
/// The response from the CreatePolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreatePolicyStore Operation
public virtual CreatePolicyStoreResponse CreatePolicyStore(CreatePolicyStoreRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = CreatePolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreatePolicyStoreResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Creates a policy store. A policy store is a container for policy resources.
///
///
///
/// Although Cedar supports
/// multiple namespaces, Verified Permissions currently supports only one namespace
/// per policy store.
///
///
///
/// Container for the necessary parameters to execute the CreatePolicyStore service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the CreatePolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreatePolicyStore Operation
public virtual Task CreatePolicyStoreAsync(CreatePolicyStoreRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = CreatePolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreatePolicyStoreResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region CreatePolicyTemplate
///
/// Creates a policy template. A template can use placeholders for the principal and resource.
/// A template must be instantiated into a policy by associating it with specific principals
/// and resources to use for the placeholders. That instantiated policy can then be considered
/// in authorization decisions. The instantiated policy works identically to any other
/// policy, except that it is dynamically linked to the template. If the template changes,
/// then any policies that are linked to that template are immediately updated as well.
///
/// Container for the necessary parameters to execute the CreatePolicyTemplate service method.
///
/// The response from the CreatePolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreatePolicyTemplate Operation
public virtual CreatePolicyTemplateResponse CreatePolicyTemplate(CreatePolicyTemplateRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = CreatePolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreatePolicyTemplateResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Creates a policy template. A template can use placeholders for the principal and resource.
/// A template must be instantiated into a policy by associating it with specific principals
/// and resources to use for the placeholders. That instantiated policy can then be considered
/// in authorization decisions. The instantiated policy works identically to any other
/// policy, except that it is dynamically linked to the template. If the template changes,
/// then any policies that are linked to that template are immediately updated as well.
///
/// Container for the necessary parameters to execute the CreatePolicyTemplate service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the CreatePolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for CreatePolicyTemplate Operation
public virtual Task CreatePolicyTemplateAsync(CreatePolicyTemplateRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = CreatePolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = CreatePolicyTemplateResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region DeleteIdentitySource
///
/// Deletes an identity source that references an identity provider (IdP) such as Amazon
/// Cognito. After you delete the identity source, you can no longer use tokens for identities
/// from that identity source to represent principals in authorization queries made using
/// IsAuthorizedWithToken.
/// operations.
///
/// Container for the necessary parameters to execute the DeleteIdentitySource service method.
///
/// The response from the DeleteIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeleteIdentitySource Operation
public virtual DeleteIdentitySourceResponse DeleteIdentitySource(DeleteIdentitySourceRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = DeleteIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeleteIdentitySourceResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Deletes an identity source that references an identity provider (IdP) such as Amazon
/// Cognito. After you delete the identity source, you can no longer use tokens for identities
/// from that identity source to represent principals in authorization queries made using
/// IsAuthorizedWithToken.
/// operations.
///
/// Container for the necessary parameters to execute the DeleteIdentitySource service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the DeleteIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeleteIdentitySource Operation
public virtual Task DeleteIdentitySourceAsync(DeleteIdentitySourceRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = DeleteIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeleteIdentitySourceResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region DeletePolicy
///
/// Deletes the specified policy from the policy store.
///
///
///
/// This operation is idempotent; if you specify a policy that doesn't exist, the request
/// response returns a successful HTTP 200 status code.
///
///
/// Container for the necessary parameters to execute the DeletePolicy service method.
///
/// The response from the DeletePolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeletePolicy Operation
public virtual DeletePolicyResponse DeletePolicy(DeletePolicyRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = DeletePolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeletePolicyResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Deletes the specified policy from the policy store.
///
///
///
/// This operation is idempotent; if you specify a policy that doesn't exist, the request
/// response returns a successful HTTP 200 status code.
///
///
/// Container for the necessary parameters to execute the DeletePolicy service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the DeletePolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeletePolicy Operation
public virtual Task DeletePolicyAsync(DeletePolicyRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = DeletePolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeletePolicyResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region DeletePolicyStore
///
/// Deletes the specified policy store.
///
///
///
/// This operation is idempotent. If you specify a policy store that does not exist, the
/// request response will still return a successful HTTP 200 status code.
///
///
/// Container for the necessary parameters to execute the DeletePolicyStore service method.
///
/// The response from the DeletePolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeletePolicyStore Operation
public virtual DeletePolicyStoreResponse DeletePolicyStore(DeletePolicyStoreRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = DeletePolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeletePolicyStoreResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Deletes the specified policy store.
///
///
///
/// This operation is idempotent. If you specify a policy store that does not exist, the
/// request response will still return a successful HTTP 200 status code.
///
///
/// Container for the necessary parameters to execute the DeletePolicyStore service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the DeletePolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeletePolicyStore Operation
public virtual Task DeletePolicyStoreAsync(DeletePolicyStoreRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = DeletePolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeletePolicyStoreResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region DeletePolicyTemplate
///
/// Deletes the specified policy template from the policy store.
///
///
///
/// This operation also deletes any policies that were created from the specified policy
/// template. Those policies are immediately removed from all future API responses, and
/// are asynchronously deleted from the policy store.
///
///
///
/// Container for the necessary parameters to execute the DeletePolicyTemplate service method.
///
/// The response from the DeletePolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeletePolicyTemplate Operation
public virtual DeletePolicyTemplateResponse DeletePolicyTemplate(DeletePolicyTemplateRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = DeletePolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeletePolicyTemplateResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Deletes the specified policy template from the policy store.
///
///
///
/// This operation also deletes any policies that were created from the specified policy
/// template. Those policies are immediately removed from all future API responses, and
/// are asynchronously deleted from the policy store.
///
///
///
/// Container for the necessary parameters to execute the DeletePolicyTemplate service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the DeletePolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for DeletePolicyTemplate Operation
public virtual Task DeletePolicyTemplateAsync(DeletePolicyTemplateRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = DeletePolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = DeletePolicyTemplateResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GetIdentitySource
///
/// Retrieves the details about the specified identity source.
///
/// Container for the necessary parameters to execute the GetIdentitySource service method.
///
/// The response from the GetIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetIdentitySource Operation
public virtual GetIdentitySourceResponse GetIdentitySource(GetIdentitySourceRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GetIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetIdentitySourceResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Retrieves the details about the specified identity source.
///
/// Container for the necessary parameters to execute the GetIdentitySource service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GetIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetIdentitySource Operation
public virtual Task GetIdentitySourceAsync(GetIdentitySourceRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GetIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetIdentitySourceResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GetPolicy
///
/// Retrieves information about the specified policy.
///
/// Container for the necessary parameters to execute the GetPolicy service method.
///
/// The response from the GetPolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetPolicy Operation
public virtual GetPolicyResponse GetPolicy(GetPolicyRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GetPolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetPolicyResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Retrieves information about the specified policy.
///
/// Container for the necessary parameters to execute the GetPolicy service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GetPolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetPolicy Operation
public virtual Task GetPolicyAsync(GetPolicyRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GetPolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetPolicyResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GetPolicyStore
///
/// Retrieves details about a policy store.
///
/// Container for the necessary parameters to execute the GetPolicyStore service method.
///
/// The response from the GetPolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetPolicyStore Operation
public virtual GetPolicyStoreResponse GetPolicyStore(GetPolicyStoreRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GetPolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetPolicyStoreResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Retrieves details about a policy store.
///
/// Container for the necessary parameters to execute the GetPolicyStore service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GetPolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetPolicyStore Operation
public virtual Task GetPolicyStoreAsync(GetPolicyStoreRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GetPolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetPolicyStoreResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GetPolicyTemplate
///
/// Retrieve the details for the specified policy template in the specified policy store.
///
/// Container for the necessary parameters to execute the GetPolicyTemplate service method.
///
/// The response from the GetPolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetPolicyTemplate Operation
public virtual GetPolicyTemplateResponse GetPolicyTemplate(GetPolicyTemplateRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GetPolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetPolicyTemplateResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Retrieve the details for the specified policy template in the specified policy store.
///
/// Container for the necessary parameters to execute the GetPolicyTemplate service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GetPolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetPolicyTemplate Operation
public virtual Task GetPolicyTemplateAsync(GetPolicyTemplateRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GetPolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetPolicyTemplateResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GetSchema
///
/// Retrieve the details for the specified schema in the specified policy store.
///
/// Container for the necessary parameters to execute the GetSchema service method.
///
/// The response from the GetSchema service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetSchema Operation
public virtual GetSchemaResponse GetSchema(GetSchemaRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GetSchemaRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetSchemaResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Retrieve the details for the specified schema in the specified policy store.
///
/// Container for the necessary parameters to execute the GetSchema service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GetSchema service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for GetSchema Operation
public virtual Task GetSchemaAsync(GetSchemaRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GetSchemaRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetSchemaResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region IsAuthorized
///
/// Makes an authorization decision about a service request described in the parameters.
/// The information in the parameters can also define additional context that Verified
/// Permissions can include in the evaluation. The request is evaluated against all matching
/// policies in the specified policy store. The result of the decision is either Allow
/// or Deny, along with a list of the policies that resulted in the decision.
///
/// Container for the necessary parameters to execute the IsAuthorized service method.
///
/// The response from the IsAuthorized service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for IsAuthorized Operation
public virtual IsAuthorizedResponse IsAuthorized(IsAuthorizedRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = IsAuthorizedRequestMarshaller.Instance;
options.ResponseUnmarshaller = IsAuthorizedResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Makes an authorization decision about a service request described in the parameters.
/// The information in the parameters can also define additional context that Verified
/// Permissions can include in the evaluation. The request is evaluated against all matching
/// policies in the specified policy store. The result of the decision is either Allow
/// or Deny, along with a list of the policies that resulted in the decision.
///
/// Container for the necessary parameters to execute the IsAuthorized service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the IsAuthorized service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for IsAuthorized Operation
public virtual Task IsAuthorizedAsync(IsAuthorizedRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = IsAuthorizedRequestMarshaller.Instance;
options.ResponseUnmarshaller = IsAuthorizedResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region IsAuthorizedWithToken
///
/// Makes an authorization decision about a service request described in the parameters.
/// The principal in this request comes from an external identity source. The information
/// in the parameters can also define additional context that Verified Permissions can
/// include in the evaluation. The request is evaluated against all matching policies
/// in the specified policy store. The result of the decision is either Allow
/// or Deny, along with a list of the policies that resulted in the decision.
///
///
///
/// If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or
/// that deleted user continue to be usable until they expire.
///
///
///
/// Container for the necessary parameters to execute the IsAuthorizedWithToken service method.
///
/// The response from the IsAuthorizedWithToken service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for IsAuthorizedWithToken Operation
public virtual IsAuthorizedWithTokenResponse IsAuthorizedWithToken(IsAuthorizedWithTokenRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = IsAuthorizedWithTokenRequestMarshaller.Instance;
options.ResponseUnmarshaller = IsAuthorizedWithTokenResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Makes an authorization decision about a service request described in the parameters.
/// The principal in this request comes from an external identity source. The information
/// in the parameters can also define additional context that Verified Permissions can
/// include in the evaluation. The request is evaluated against all matching policies
/// in the specified policy store. The result of the decision is either Allow
/// or Deny, along with a list of the policies that resulted in the decision.
///
///
///
/// If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or
/// that deleted user continue to be usable until they expire.
///
///
///
/// Container for the necessary parameters to execute the IsAuthorizedWithToken service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the IsAuthorizedWithToken service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for IsAuthorizedWithToken Operation
public virtual Task IsAuthorizedWithTokenAsync(IsAuthorizedWithTokenRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = IsAuthorizedWithTokenRequestMarshaller.Instance;
options.ResponseUnmarshaller = IsAuthorizedWithTokenResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region ListIdentitySources
///
/// Returns a paginated list of all of the identity sources defined in the specified policy
/// store.
///
/// Container for the necessary parameters to execute the ListIdentitySources service method.
///
/// The response from the ListIdentitySources service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListIdentitySources Operation
public virtual ListIdentitySourcesResponse ListIdentitySources(ListIdentitySourcesRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = ListIdentitySourcesRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListIdentitySourcesResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Returns a paginated list of all of the identity sources defined in the specified policy
/// store.
///
/// Container for the necessary parameters to execute the ListIdentitySources service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the ListIdentitySources service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListIdentitySources Operation
public virtual Task ListIdentitySourcesAsync(ListIdentitySourcesRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = ListIdentitySourcesRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListIdentitySourcesResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region ListPolicies
///
/// Returns a paginated list of all policies stored in the specified policy store.
///
/// Container for the necessary parameters to execute the ListPolicies service method.
///
/// The response from the ListPolicies service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListPolicies Operation
public virtual ListPoliciesResponse ListPolicies(ListPoliciesRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = ListPoliciesRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListPoliciesResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Returns a paginated list of all policies stored in the specified policy store.
///
/// Container for the necessary parameters to execute the ListPolicies service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the ListPolicies service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListPolicies Operation
public virtual Task ListPoliciesAsync(ListPoliciesRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = ListPoliciesRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListPoliciesResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region ListPolicyStores
///
/// Returns a paginated list of all policy stores in the calling Amazon Web Services account.
///
/// Container for the necessary parameters to execute the ListPolicyStores service method.
///
/// The response from the ListPolicyStores service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListPolicyStores Operation
public virtual ListPolicyStoresResponse ListPolicyStores(ListPolicyStoresRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = ListPolicyStoresRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListPolicyStoresResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Returns a paginated list of all policy stores in the calling Amazon Web Services account.
///
/// Container for the necessary parameters to execute the ListPolicyStores service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the ListPolicyStores service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListPolicyStores Operation
public virtual Task ListPolicyStoresAsync(ListPolicyStoresRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = ListPolicyStoresRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListPolicyStoresResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region ListPolicyTemplates
///
/// Returns a paginated list of all policy templates in the specified policy store.
///
/// Container for the necessary parameters to execute the ListPolicyTemplates service method.
///
/// The response from the ListPolicyTemplates service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListPolicyTemplates Operation
public virtual ListPolicyTemplatesResponse ListPolicyTemplates(ListPolicyTemplatesRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = ListPolicyTemplatesRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListPolicyTemplatesResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Returns a paginated list of all policy templates in the specified policy store.
///
/// Container for the necessary parameters to execute the ListPolicyTemplates service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the ListPolicyTemplates service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for ListPolicyTemplates Operation
public virtual Task ListPolicyTemplatesAsync(ListPolicyTemplatesRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = ListPolicyTemplatesRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListPolicyTemplatesResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region PutSchema
///
/// Creates or updates the policy schema in the specified policy store. The schema is
/// used to validate any Cedar policies and policy templates submitted to the policy store.
/// Any changes to the schema validate only policies and templates submitted after the
/// schema change. Existing policies and templates are not re-evaluated against the changed
/// schema. If you later update a policy, then it is evaluated against the new schema
/// at that time.
///
/// Container for the necessary parameters to execute the PutSchema service method.
///
/// The response from the PutSchema service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for PutSchema Operation
public virtual PutSchemaResponse PutSchema(PutSchemaRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = PutSchemaRequestMarshaller.Instance;
options.ResponseUnmarshaller = PutSchemaResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Creates or updates the policy schema in the specified policy store. The schema is
/// used to validate any Cedar policies and policy templates submitted to the policy store.
/// Any changes to the schema validate only policies and templates submitted after the
/// schema change. Existing policies and templates are not re-evaluated against the changed
/// schema. If you later update a policy, then it is evaluated against the new schema
/// at that time.
///
/// Container for the necessary parameters to execute the PutSchema service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the PutSchema service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for PutSchema Operation
public virtual Task PutSchemaAsync(PutSchemaRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = PutSchemaRequestMarshaller.Instance;
options.ResponseUnmarshaller = PutSchemaResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region UpdateIdentitySource
///
/// Updates the specified identity source to use a new identity provider (IdP) source,
/// or to change the mapping of identities from the IdP to a different principal entity
/// type.
///
/// Container for the necessary parameters to execute the UpdateIdentitySource service method.
///
/// The response from the UpdateIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdateIdentitySource Operation
public virtual UpdateIdentitySourceResponse UpdateIdentitySource(UpdateIdentitySourceRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdateIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdateIdentitySourceResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Updates the specified identity source to use a new identity provider (IdP) source,
/// or to change the mapping of identities from the IdP to a different principal entity
/// type.
///
/// Container for the necessary parameters to execute the UpdateIdentitySource service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the UpdateIdentitySource service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdateIdentitySource Operation
public virtual Task UpdateIdentitySourceAsync(UpdateIdentitySourceRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdateIdentitySourceRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdateIdentitySourceResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region UpdatePolicy
///
/// Modifies a Cedar static policy in the specified policy store. You can change only
/// certain elements of the UpdatePolicyDefinition
/// parameter. You can directly update only static policies. To change a template-linked
/// policy, you must update the template instead, using UpdatePolicyTemplate.
///
///
///
/// If policy validation is enabled in the policy store, then updating a static policy
/// causes Verified Permissions to validate the policy against the schema in the policy
/// store. If the updated static policy doesn't pass validation, the operation fails and
/// the update isn't stored.
///
///
///
/// Container for the necessary parameters to execute the UpdatePolicy service method.
///
/// The response from the UpdatePolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdatePolicy Operation
public virtual UpdatePolicyResponse UpdatePolicy(UpdatePolicyRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdatePolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdatePolicyResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Modifies a Cedar static policy in the specified policy store. You can change only
/// certain elements of the UpdatePolicyDefinition
/// parameter. You can directly update only static policies. To change a template-linked
/// policy, you must update the template instead, using UpdatePolicyTemplate.
///
///
///
/// If policy validation is enabled in the policy store, then updating a static policy
/// causes Verified Permissions to validate the policy against the schema in the policy
/// store. If the updated static policy doesn't pass validation, the operation fails and
/// the update isn't stored.
///
///
///
/// Container for the necessary parameters to execute the UpdatePolicy service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the UpdatePolicy service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it would cause a service quota to be exceeded.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdatePolicy Operation
public virtual Task UpdatePolicyAsync(UpdatePolicyRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdatePolicyRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdatePolicyResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region UpdatePolicyStore
///
/// Modifies the validation setting for a policy store.
///
/// Container for the necessary parameters to execute the UpdatePolicyStore service method.
///
/// The response from the UpdatePolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdatePolicyStore Operation
public virtual UpdatePolicyStoreResponse UpdatePolicyStore(UpdatePolicyStoreRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdatePolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdatePolicyStoreResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Modifies the validation setting for a policy store.
///
/// Container for the necessary parameters to execute the UpdatePolicyStore service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the UpdatePolicyStore service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdatePolicyStore Operation
public virtual Task UpdatePolicyStoreAsync(UpdatePolicyStoreRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdatePolicyStoreRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdatePolicyStoreResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region UpdatePolicyTemplate
///
/// Updates the specified policy template. You can update only the description and the
/// some elements of the policyBody.
///
///
///
///
/// Changes you make to the policy template content are immediately reflected in authorization
/// decisions that involve all template-linked policies instantiated from this template.
///
///
///
/// Container for the necessary parameters to execute the UpdatePolicyTemplate service method.
///
/// The response from the UpdatePolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdatePolicyTemplate Operation
public virtual UpdatePolicyTemplateResponse UpdatePolicyTemplate(UpdatePolicyTemplateRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdatePolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdatePolicyTemplateResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Updates the specified policy template. You can update only the description and the
/// some elements of the policyBody.
///
///
///
///
/// Changes you make to the policy template content are immediately reflected in authorization
/// decisions that involve all template-linked policies instantiated from this template.
///
///
///
/// Container for the necessary parameters to execute the UpdatePolicyTemplate service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the UpdatePolicyTemplate service method, as returned by VerifiedPermissions.
///
/// You don't have sufficient access to perform this action.
///
///
/// The request failed because another request to modify a resource occurred at the same.
///
///
/// The request failed because of an internal error. Try your request again later
///
///
/// The request failed because it references a resource that doesn't exist.
///
///
/// The request failed because it exceeded a throttling quota.
///
///
/// The request failed because one or more input parameters don't satisfy their constraint
/// requirements. The output is provided as a list of fields and a reason for each field
/// that isn't valid.
///
///
///
/// The possible reasons include the following:
///
/// -
///
/// UnrecognizedEntityType
///
///
///
/// The policy includes an entity type that isn't found in the schema.
///
///
-
///
/// UnrecognizedActionId
///
///
///
/// The policy includes an action id that isn't found in the schema.
///
///
-
///
/// InvalidActionApplication
///
///
///
/// The policy includes an action that, according to the schema, doesn't support the specified
/// principal and resource.
///
///
-
///
/// UnexpectedType
///
///
///
/// The policy included an operand that isn't a valid type for the specified operation.
///
///
-
///
/// IncompatibleTypes
///
///
///
/// The types of elements included in a
set, or the types of expressions
/// used in an if...then...else clause aren't compatible in this context.
///
/// -
///
/// MissingAttribute
///
///
///
/// The policy attempts to access a record or entity attribute that isn't specified in
/// the schema. Test for the existence of the attribute first before attempting to access
/// its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// UnsafeOptionalAttributeAccess
///
///
///
/// The policy attempts to access a record or entity attribute that is optional and isn't
/// guaranteed to be present. Test for the existence of the attribute first before attempting
/// to access its value. For more information, see the has
/// (presence of attribute test) operator in the Cedar Policy Language Guide.
///
///
-
///
/// ImpossiblePolicy
///
///
///
/// Cedar has determined that a policy condition always evaluates to false. If the policy
/// is always false, it can never apply to any query, and so it can never affect an authorization
/// decision.
///
///
-
///
/// WrongNumberArguments
///
///
///
/// The policy references an extension type with the wrong number of arguments.
///
///
-
///
/// FunctionArgumentValidationError
///
///
///
/// Cedar couldn't parse the argument passed to an extension type. For example, a string
/// that is to be parsed as an IPv4 address can contain only digits and the period character.
///
///
///
/// REST API Reference for UpdatePolicyTemplate Operation
public virtual Task UpdatePolicyTemplateAsync(UpdatePolicyTemplateRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = UpdatePolicyTemplateRequestMarshaller.Instance;
options.ResponseUnmarshaller = UpdatePolicyTemplateResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
}
}