#foreach( $tag in $ctx.args.tags )
    #set($tag.key = $util.urlDecode($tag.key))
    $util.validate($util.matches("^[\w\s_.:\/=+\-@]{1,128}$", $tag.key), "Invalid key. Keys can contain alphanumeric characters, spaces, or any of the following: _.:/=+-@")
    #set($tag.value = $util.urlDecode($tag.value))
    $util.validate($util.matches("^[\w\s_.:\/=+\-@]{0,256}$", $tag.value), "Invalid value. Values can contain alphanumeric characters, spaces, or any of the following: _.:/=+-@")
#end

$util.validate($util.matches("^vpc-[a-z0-9]{8,1020}$", $ctx.args.aosParams.vpc.vpcId), "Invalid VPC ID")
$util.validate($util.matches("^subnet-[a-z0-9]{8,1017}(,subnet-[a-z0-9]{8,1017})+$", $ctx.args.aosParams.vpc.privateSubnetIds), "Invalid Subnet IDs")
$util.validate($util.matches("^sg-[a-z0-9]{8,1021}$", $ctx.args.aosParams.vpc.securityGroupId), "Invalid Security Group ID")
$util.validate($util.matches("^arn:([^:\n]*):([^:\n]*):([^:\n]*):([^:\n]*):(([^:\/\n]*)[:\/])?(.*)$", $ctx.args.aosParams.opensearchArn), "Invalid OpenSearch ARN")
$util.validate($util.matches("[a-zA-Z0-9-]{1,1024}", $ctx.args.aosParams.domainName), "Invalid OpenSearch domain name")
$util.validate($util.matches("^(?!(^((\d{1,3}[.]){3}\d{1,3}$)|.*\.\.|.*\.-|.*-\.|.*\._|.*_\.))[a-z\d][\w.-]{1,253}[a-z\d]$", $ctx.args.aosParams.failedLogBucket), "Invalid Bucket Name")
$util.validate($util.matches('(^$)|[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+\.?', $ctx.args.aosParams.opensearchEndpoint), "Invalid OpenSearch Endpoint")
#set($aosParams=$ctx.args.aosParams)
#set($aosParams.indexSuffix = $aosParams.indexSuffix.replace("_","-"))


{"version": "2017-02-28", "operation": "Invoke", "payload": $util.toJson($ctx)}