verifiedpermissions

package
v0.0.0-...-930f148 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 26, 2024 License: Apache-2.0, Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package verifiedpermissions provides the client and types for making API requests to Amazon Verified Permissions.

Amazon Verified Permissions is a permissions management service from Amazon Web Services. You can use Verified Permissions to manage permissions for your application, and authorize user access based on those permissions. Using Verified Permissions, application developers can grant access based on information about the users, resources, and requested actions. You can also evaluate additional information like group membership, attributes of the resources, and session context, such as time of request and IP addresses. Verified Permissions manages these permissions by letting you create and store authorization policies for your applications, such as consumer-facing web sites and enterprise business systems.

Verified Permissions uses Cedar as the policy language to express your permission requirements. Cedar supports both role-based access control (RBAC) and attribute-based access control (ABAC) authorization models.

For more information about configuring, administering, and using Amazon Verified Permissions in your applications, see the Amazon Verified Permissions User Guide (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/).

For more information about the Cedar policy language, see the Cedar Policy Language Guide (https://docs.cedarpolicy.com/).

When you write Cedar policies that reference principals, resources and actions, you can define the unique identifiers used for each of those elements. We strongly recommend that you follow these best practices:

  • Use values like universally unique identifiers (UUIDs) for all principal and resource identifiers. For example, if user jane leaves the company, and you later let someone else use the name jane, then that new user automatically gets access to everything granted by policies that still reference User::"jane". Cedar can’t distinguish between the new user and the old. This applies to both principal and resource identifiers. Always use identifiers that are guaranteed unique and never reused to ensure that you don’t unintentionally grant access because of the presence of an old identifier in a policy. Where you use a UUID for an entity, we recommend that you follow it with the // comment specifier and the ‘friendly’ name of your entity. This helps to make your policies easier to understand. For example: principal == User::"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111", // alice

  • Do not include personally identifying, confidential, or sensitive information as part of the unique identifier for your principals or resources. These identifiers are included in log entries shared in CloudTrail trails.

Several operations return structures that appear similar, but have different purposes. As new functionality is added to the product, the structure used in a parameter of one operation might need to change in a way that wouldn't make sense for the same parameter in a different operation. To help you understand the purpose of each, the following naming convention is used for the structures:

  • Parameter type structures that end in Detail are used in Get operations.

  • Parameter type structures that end in Item are used in List operations.

  • Parameter type structures that use neither suffix are used in the mutating (create and update) operations.

See https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01 for more information on this service.

See verifiedpermissions package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/verifiedpermissions/

Using the Client

To contact Amazon Verified Permissions with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the Amazon Verified Permissions client VerifiedPermissions for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/verifiedpermissions/#New

Index

Constants

View Source
const (
	// DecisionAllow is a Decision enum value
	DecisionAllow = "ALLOW"

	// DecisionDeny is a Decision enum value
	DecisionDeny = "DENY"
)
View Source
const (
	// PolicyTypeStatic is a PolicyType enum value
	PolicyTypeStatic = "STATIC"

	// PolicyTypeTemplateLinked is a PolicyType enum value
	PolicyTypeTemplateLinked = "TEMPLATE_LINKED"
)
View Source
const (
	// ResourceTypeIdentitySource is a ResourceType enum value
	ResourceTypeIdentitySource = "IDENTITY_SOURCE"

	// ResourceTypePolicyStore is a ResourceType enum value
	ResourceTypePolicyStore = "POLICY_STORE"

	// ResourceTypePolicy is a ResourceType enum value
	ResourceTypePolicy = "POLICY"

	// ResourceTypePolicyTemplate is a ResourceType enum value
	ResourceTypePolicyTemplate = "POLICY_TEMPLATE"

	// ResourceTypeSchema is a ResourceType enum value
	ResourceTypeSchema = "SCHEMA"
)
View Source
const (
	// ValidationModeOff is a ValidationMode enum value
	ValidationModeOff = "OFF"

	// ValidationModeStrict is a ValidationMode enum value
	ValidationModeStrict = "STRICT"
)
View Source
const (

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// You don't have sufficient access to perform this action.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeConflictException for service response error code
	// "ConflictException".
	//
	// The request failed because another request to modify a resource occurred
	// at the same.
	ErrCodeConflictException = "ConflictException"

	// ErrCodeInternalServerException for service response error code
	// "InternalServerException".
	//
	// The request failed because of an internal error. Try your request again later
	ErrCodeInternalServerException = "InternalServerException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// The request failed because it references a resource that doesn't exist.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"

	// ErrCodeServiceQuotaExceededException for service response error code
	// "ServiceQuotaExceededException".
	//
	// The request failed because it would cause a service quota to be exceeded.
	ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException"

	// ErrCodeThrottlingException for service response error code
	// "ThrottlingException".
	//
	// The request failed because it exceeded a throttling quota.
	ErrCodeThrottlingException = "ThrottlingException"

	// ErrCodeValidationException for service response error code
	// "ValidationException".
	//
	// The request failed because one or more input parameters don't satisfy their
	// constraint requirements. The output is provided as a list of fields and a
	// reason for each field that isn't valid.
	//
	// The possible reasons include the following:
	//
	//    * UnrecognizedEntityType The policy includes an entity type that isn't
	//    found in the schema.
	//
	//    * UnrecognizedActionId The policy includes an action id that isn't found
	//    in the schema.
	//
	//    * InvalidActionApplication The policy includes an action that, according
	//    to the schema, doesn't support the specified principal and resource.
	//
	//    * UnexpectedType The policy included an operand that isn't a valid type
	//    for the specified operation.
	//
	//    * IncompatibleTypes The types of elements included in a set, or the types
	//    of expressions used in an if...then...else clause aren't compatible in
	//    this context.
	//
	//    * MissingAttribute The policy attempts to access a record or entity attribute
	//    that isn't specified in the schema. Test for the existence of the attribute
	//    first before attempting to access its value. For more information, see
	//    the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test)
	//    in the Cedar Policy Language Guide.
	//
	//    * UnsafeOptionalAttributeAccess The policy attempts to access a record
	//    or entity attribute that is optional and isn't guaranteed to be present.
	//    Test for the existence of the attribute first before attempting to access
	//    its value. For more information, see the has (presence of attribute test)
	//    operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test)
	//    in the Cedar Policy Language Guide.
	//
	//    * ImpossiblePolicy Cedar has determined that a policy condition always
	//    evaluates to false. If the policy is always false, it can never apply
	//    to any query, and so it can never affect an authorization decision.
	//
	//    * WrongNumberArguments The policy references an extension type with the
	//    wrong number of arguments.
	//
	//    * FunctionArgumentValidationError Cedar couldn't parse the argument passed
	//    to an extension type. For example, a string that is to be parsed as an
	//    IPv4 address can contain only digits and the period character.
	ErrCodeValidationException = "ValidationException"
)
View Source
const (
	ServiceName = "VerifiedPermissions" // Name of service.
	EndpointsID = "verifiedpermissions" // ID to lookup a service endpoint with.
	ServiceID   = "VerifiedPermissions" // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source
const (
	// OpenIdIssuerCognito is a OpenIdIssuer enum value
	OpenIdIssuerCognito = "COGNITO"
)

Variables

This section is empty.

Functions

func Decision_Values

func Decision_Values() []string

Decision_Values returns all elements of the Decision enum

func OpenIdIssuer_Values

func OpenIdIssuer_Values() []string

OpenIdIssuer_Values returns all elements of the OpenIdIssuer enum

func PolicyType_Values

func PolicyType_Values() []string

PolicyType_Values returns all elements of the PolicyType enum

func ResourceType_Values

func ResourceType_Values() []string

ResourceType_Values returns all elements of the ResourceType enum

func ValidationMode_Values

func ValidationMode_Values() []string

ValidationMode_Values returns all elements of the ValidationMode enum

Types

type AccessDeniedException

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

You don't have sufficient access to perform this action.

func (*AccessDeniedException) Code

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString

func (s AccessDeniedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessDeniedException) Message

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String

func (s AccessDeniedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ActionIdentifier

type ActionIdentifier struct {

	// The ID of an action.
	//
	// ActionId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ActionIdentifier's
	// String and GoString methods.
	//
	// ActionId is a required field
	ActionId *string `locationName:"actionId" min:"1" type:"string" required:"true" sensitive:"true"`

	// The type of an action.
	//
	// ActionType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ActionIdentifier's
	// String and GoString methods.
	//
	// ActionType is a required field
	ActionType *string `locationName:"actionType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains information about an action for a request for which an authorization decision is made.

This data type is used as a request parameter to the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

Example: { "actionId": "<action name>", "actionType": "Action" }

func (ActionIdentifier) GoString

func (s ActionIdentifier) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ActionIdentifier) SetActionId

func (s *ActionIdentifier) SetActionId(v string) *ActionIdentifier

SetActionId sets the ActionId field's value.

func (*ActionIdentifier) SetActionType

func (s *ActionIdentifier) SetActionType(v string) *ActionIdentifier

SetActionType sets the ActionType field's value.

func (ActionIdentifier) String

func (s ActionIdentifier) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ActionIdentifier) Validate

func (s *ActionIdentifier) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttributeValue

type AttributeValue struct {

	// An attribute value of Boolean (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#boolean)
	// type.
	//
	// Example: {"boolean": true}
	//
	// Boolean is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeValue's
	// String and GoString methods.
	Boolean *bool `locationName:"boolean" type:"boolean" sensitive:"true"`

	// An attribute value of type EntityIdentifier (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html).
	//
	// Example: "entityIdentifier": { "entityId": "<id>", "entityType": "<entity
	// type>"}
	EntityIdentifier *EntityIdentifier `locationName:"entityIdentifier" type:"structure"`

	// An attribute value of Long (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#long)
	// type.
	//
	// Example: {"long": 0}
	//
	// Long is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeValue's
	// String and GoString methods.
	Long *int64 `locationName:"long" type:"long" sensitive:"true"`

	// An attribute value of Record (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#record)
	// type.
	//
	// Example: {"record": { "keyName": {} } }
	Record map[string]*AttributeValue `locationName:"record" type:"map"`

	// An attribute value of Set (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#set)
	// type.
	//
	// Example: {"set": [ {} ] }
	Set []*AttributeValue `locationName:"set" type:"list"`

	// An attribute value of String (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#string)
	// type.
	//
	// Example: {"string": "abc"}
	//
	// String_ is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeValue's
	// String and GoString methods.
	String_ *string `locationName:"string" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The value of an attribute.

Contains information about the runtime context for a request for which an authorization decision is made.

This data type is used as a member of the ContextDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ContextDefinition.html) structure which is uses as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

func (AttributeValue) GoString

func (s AttributeValue) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttributeValue) SetBoolean

func (s *AttributeValue) SetBoolean(v bool) *AttributeValue

SetBoolean sets the Boolean field's value.

func (*AttributeValue) SetEntityIdentifier

func (s *AttributeValue) SetEntityIdentifier(v *EntityIdentifier) *AttributeValue

SetEntityIdentifier sets the EntityIdentifier field's value.

func (*AttributeValue) SetLong

func (s *AttributeValue) SetLong(v int64) *AttributeValue

SetLong sets the Long field's value.

func (*AttributeValue) SetRecord

func (s *AttributeValue) SetRecord(v map[string]*AttributeValue) *AttributeValue

SetRecord sets the Record field's value.

func (*AttributeValue) SetSet

func (s *AttributeValue) SetSet(v []*AttributeValue) *AttributeValue

SetSet sets the Set field's value.

func (*AttributeValue) SetString_

func (s *AttributeValue) SetString_(v string) *AttributeValue

SetString_ sets the String_ field's value.

func (AttributeValue) String

func (s AttributeValue) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttributeValue) Validate

func (s *AttributeValue) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedInput

type BatchIsAuthorizedInput struct {

	// Specifies the list of resources and principals and their associated attributes
	// that Verified Permissions can examine when evaluating the policies.
	//
	// You can include only principal and resource entities in this parameter; you
	// can't include actions. You must specify actions in the schema.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make the authorization decisions for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// An array of up to 30 requests that you want Verified Permissions to evaluate.
	//
	// Requests is a required field
	Requests []*BatchIsAuthorizedInputItem `locationName:"requests" min:"1" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (BatchIsAuthorizedInput) GoString

func (s BatchIsAuthorizedInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInput) SetEntities

SetEntities sets the Entities field's value.

func (*BatchIsAuthorizedInput) SetPolicyStoreId

func (s *BatchIsAuthorizedInput) SetPolicyStoreId(v string) *BatchIsAuthorizedInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*BatchIsAuthorizedInput) SetRequests

SetRequests sets the Requests field's value.

func (BatchIsAuthorizedInput) String

func (s BatchIsAuthorizedInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInput) Validate

func (s *BatchIsAuthorizedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedInputItem

type BatchIsAuthorizedInputItem struct {

	// Specifies the requested action to be authorized. For example, is the principal
	// authorized to perform this action on the resource?
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the principal for which the authorization decision is to be made.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// Specifies the resource for which the authorization decision is to be made.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

An authorization request that you include in a BatchIsAuthorized API request.

func (BatchIsAuthorizedInputItem) GoString

func (s BatchIsAuthorizedInputItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInputItem) SetAction

SetAction sets the Action field's value.

func (*BatchIsAuthorizedInputItem) SetContext

SetContext sets the Context field's value.

func (*BatchIsAuthorizedInputItem) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*BatchIsAuthorizedInputItem) SetResource

SetResource sets the Resource field's value.

func (BatchIsAuthorizedInputItem) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInputItem) Validate

func (s *BatchIsAuthorizedInputItem) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedOutput

type BatchIsAuthorizedOutput struct {

	// A series of Allow or Deny decisions for each request, and the policies that
	// produced them.
	//
	// Results is a required field
	Results []*BatchIsAuthorizedOutputItem `locationName:"results" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (BatchIsAuthorizedOutput) GoString

func (s BatchIsAuthorizedOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedOutput) SetResults

SetResults sets the Results field's value.

func (BatchIsAuthorizedOutput) String

func (s BatchIsAuthorizedOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type BatchIsAuthorizedOutputItem

type BatchIsAuthorizedOutputItem struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are two matching policies, where one is a forbid and
	// the other is a permit, then the forbid policy will be the determining policy.
	// In the case of multiple matching permit policies then there would be multiple
	// determining policies. In the case that no policies match, and hence the response
	// is DENY, there would be no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision, for example,
	// a policy references an Entity or entity Attribute that does not exist in
	// the slice.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`

	// The authorization request that initiated the decision.
	//
	// Request is a required field
	Request *BatchIsAuthorizedInputItem `locationName:"request" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

The decision, based on policy evaluation, from an individual authorization request in a BatchIsAuthorized API request.

func (BatchIsAuthorizedOutputItem) GoString

func (s BatchIsAuthorizedOutputItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedOutputItem) SetDecision

SetDecision sets the Decision field's value.

func (*BatchIsAuthorizedOutputItem) SetDeterminingPolicies

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*BatchIsAuthorizedOutputItem) SetErrors

SetErrors sets the Errors field's value.

func (*BatchIsAuthorizedOutputItem) SetRequest

SetRequest sets the Request field's value.

func (BatchIsAuthorizedOutputItem) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CognitoUserPoolConfiguration

type CognitoUserPoolConfiguration struct {

	// The unique application client IDs that are associated with the specified
	// Amazon Cognito user pool.
	//
	// Example: "ClientIds": ["&ExampleCogClientId;"]
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool that contains the identities to be authorized.
	//
	// Example: "UserPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"
	//
	// UserPoolArn is a required field
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The configuration for an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.

This data type is used as a field that is part of an Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html) structure that is used as a parameter to the Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html).

Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": ["a1b2c3d4e5f6g7h8i9j0kalbmc"]}

func (CognitoUserPoolConfiguration) GoString

func (s CognitoUserPoolConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoUserPoolConfiguration) SetClientIds

SetClientIds sets the ClientIds field's value.

func (*CognitoUserPoolConfiguration) SetUserPoolArn

SetUserPoolArn sets the UserPoolArn field's value.

func (CognitoUserPoolConfiguration) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoUserPoolConfiguration) Validate

func (s *CognitoUserPoolConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type Configuration

type Configuration struct {

	// Contains configuration details of a Amazon Cognito user pool that Verified
	// Permissions can use as a source of authenticated identities as entities.
	// It specifies the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of a Amazon Cognito user pool and one or more application client IDs.
	//
	// Example: "configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
	// ["a1b2c3d4e5f6g7h8i9j0kalbmc"]}}
	CognitoUserPoolConfiguration *CognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"`
	// contains filtered or unexported fields
}

Contains configuration information used when creating a new identity source.

At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.

You must specify a userPoolArn, and optionally, a ClientId.

This data type is used as a request parameter for the CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) operation.

func (Configuration) GoString

func (s Configuration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Configuration) SetCognitoUserPoolConfiguration

func (s *Configuration) SetCognitoUserPoolConfiguration(v *CognitoUserPoolConfiguration) *Configuration

SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value.

func (Configuration) String

func (s Configuration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Configuration) Validate

func (s *Configuration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ConflictException

type ConflictException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The list of resources referenced with this failed request.
	//
	// Resources is a required field
	Resources []*ResourceConflict `locationName:"resources" type:"list" required:"true"`
	// contains filtered or unexported fields
}

The request failed because another request to modify a resource occurred at the same.

func (*ConflictException) Code

func (s *ConflictException) Code() string

Code returns the exception type name.

func (*ConflictException) Error

func (s *ConflictException) Error() string

func (ConflictException) GoString

func (s ConflictException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConflictException) Message

func (s *ConflictException) Message() string

Message returns the exception's message.

func (*ConflictException) OrigErr

func (s *ConflictException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConflictException) RequestID

func (s *ConflictException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConflictException) StatusCode

func (s *ConflictException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConflictException) String

func (s ConflictException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ContextDefinition

type ContextDefinition struct {

	// An list of attributes that are needed to successfully evaluate an authorization
	// request. Each attribute in this array must include a map of a data type and
	// its value.
	//
	// Example: "contextMap":{"<KeyName1>":{"boolean":true},"<KeyName2>":{"long":1234}}
	ContextMap map[string]*AttributeValue `locationName:"contextMap" type:"map"`
	// contains filtered or unexported fields
}

Contains additional details about the context of the request. Verified Permissions evaluates this information in an authorization request as part of the when and unless clauses in a policy.

This data type is used as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

Example: "context":{"contextMap":{"<KeyName1>":{"boolean":true},"<KeyName2>":{"long":1234}}}

func (ContextDefinition) GoString

func (s ContextDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextDefinition) SetContextMap

func (s *ContextDefinition) SetContextMap(v map[string]*AttributeValue) *ContextDefinition

SetContextMap sets the ContextMap field's value.

func (ContextDefinition) String

func (s ContextDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextDefinition) Validate

func (s *ContextDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateIdentitySourceInput

type CreateIdentitySourceInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an IdempotentParameterMismatch error.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// Specifies the details required to communicate with the identity provider
	// (IdP) associated with this identity source.
	//
	// At this time, the only valid member of this structure is a Amazon Cognito
	// user pool configuration.
	//
	// You must specify a UserPoolArn, and optionally, a ClientId.
	//
	// Configuration is a required field
	Configuration *Configuration `locationName:"configuration" type:"structure" required:"true"`

	// Specifies the ID of the policy store in which you want to store this identity
	// source. Only policies and requests made using this policy store can reference
	// identities from the identity provider configured in the new identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the namespace and data type of the principals generated for identities
	// authenticated by the new identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreateIdentitySourceInput's
	// String and GoString methods.
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

func (CreateIdentitySourceInput) GoString

func (s CreateIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentitySourceInput) SetClientToken

SetClientToken sets the ClientToken field's value.

func (*CreateIdentitySourceInput) SetConfiguration

SetConfiguration sets the Configuration field's value.

func (*CreateIdentitySourceInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreateIdentitySourceInput) SetPrincipalEntityType

func (s *CreateIdentitySourceInput) SetPrincipalEntityType(v string) *CreateIdentitySourceInput

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (CreateIdentitySourceInput) String

func (s CreateIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentitySourceInput) Validate

func (s *CreateIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateIdentitySourceOutput

type CreateIdentitySourceOutput struct {

	// The date and time the identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the new identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateIdentitySourceOutput) GoString

func (s CreateIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentitySourceOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*CreateIdentitySourceOutput) SetIdentitySourceId

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*CreateIdentitySourceOutput) SetLastUpdatedDate

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreateIdentitySourceOutput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (CreateIdentitySourceOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyInput

type CreatePolicyInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an IdempotentParameterMismatch error.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// A structure that specifies the policy type and content to use for the new
	// policy. You must include either a static or a templateLinked element. The
	// policy content must be written in the Cedar policy language.
	//
	// Definition is a required field
	Definition *PolicyDefinition `locationName:"definition" type:"structure" required:"true"`

	// Specifies the PolicyStoreId of the policy store you want to store the policy
	// in.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyInput) GoString

func (s CreatePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyInput) SetClientToken

func (s *CreatePolicyInput) SetClientToken(v string) *CreatePolicyInput

SetClientToken sets the ClientToken field's value.

func (*CreatePolicyInput) SetDefinition

SetDefinition sets the Definition field's value.

func (*CreatePolicyInput) SetPolicyStoreId

func (s *CreatePolicyInput) SetPolicyStoreId(v string) *CreatePolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (CreatePolicyInput) String

func (s CreatePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyInput) Validate

func (s *CreatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyOutput

type CreatePolicyOutput struct {

	// The date and time the policy was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time the policy was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the new policy.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The ID of the policy store that contains the new policy.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The policy type of the new policy.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal specified in the new policy's scope. This response element
	// isn't present when principal isn't specified in the policy content.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource specified in the new policy's scope. This response element isn't
	// present when the resource isn't specified in the policy content.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (CreatePolicyOutput) GoString

func (s CreatePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyOutput) SetCreatedDate

func (s *CreatePolicyOutput) SetCreatedDate(v time.Time) *CreatePolicyOutput

SetCreatedDate sets the CreatedDate field's value.

func (*CreatePolicyOutput) SetLastUpdatedDate

func (s *CreatePolicyOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreatePolicyOutput) SetPolicyId

func (s *CreatePolicyOutput) SetPolicyId(v string) *CreatePolicyOutput

SetPolicyId sets the PolicyId field's value.

func (*CreatePolicyOutput) SetPolicyStoreId

func (s *CreatePolicyOutput) SetPolicyStoreId(v string) *CreatePolicyOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreatePolicyOutput) SetPolicyType

func (s *CreatePolicyOutput) SetPolicyType(v string) *CreatePolicyOutput

SetPolicyType sets the PolicyType field's value.

func (*CreatePolicyOutput) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*CreatePolicyOutput) SetResource

SetResource sets the Resource field's value.

func (CreatePolicyOutput) String

func (s CreatePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyStoreInput

type CreatePolicyStoreInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an IdempotentParameterMismatch error.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// Specifies the validation setting for this policy store.
	//
	// Currently, the only valid and required value is Mode.
	//
	// We recommend that you turn on STRICT mode only after you define a schema.
	// If a schema doesn't exist, then STRICT mode causes any policy to fail validation,
	// and Verified Permissions rejects the policy. You can turn off validation
	// by using the UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore).
	// Then, when you have a schema defined, use UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore)
	// again to turn validation back on.
	//
	// ValidationSettings is a required field
	ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyStoreInput) GoString

func (s CreatePolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyStoreInput) SetClientToken

SetClientToken sets the ClientToken field's value.

func (*CreatePolicyStoreInput) SetValidationSettings

SetValidationSettings sets the ValidationSettings field's value.

func (CreatePolicyStoreInput) String

func (s CreatePolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyStoreInput) Validate

func (s *CreatePolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyStoreOutput

type CreatePolicyStoreOutput struct {

	// The Amazon Resource Name (ARN) of the new policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time the policy store was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time the policy store was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the new policy store.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyStoreOutput) GoString

func (s CreatePolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyStoreOutput) SetArn

SetArn sets the Arn field's value.

func (*CreatePolicyStoreOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*CreatePolicyStoreOutput) SetLastUpdatedDate

func (s *CreatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyStoreOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreatePolicyStoreOutput) SetPolicyStoreId

func (s *CreatePolicyStoreOutput) SetPolicyStoreId(v string) *CreatePolicyStoreOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (CreatePolicyStoreOutput) String

func (s CreatePolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyTemplateInput

type CreatePolicyTemplateInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an IdempotentParameterMismatch error.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// Specifies a description for the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreatePolicyTemplateInput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The ID of the policy store in which to create the policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the content that you want to use for the new policy template, written
	// in the Cedar policy language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreatePolicyTemplateInput's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyTemplateInput) GoString

func (s CreatePolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyTemplateInput) SetClientToken

SetClientToken sets the ClientToken field's value.

func (*CreatePolicyTemplateInput) SetDescription

SetDescription sets the Description field's value.

func (*CreatePolicyTemplateInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreatePolicyTemplateInput) SetStatement

SetStatement sets the Statement field's value.

func (CreatePolicyTemplateInput) String

func (s CreatePolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyTemplateInput) Validate

func (s *CreatePolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyTemplateOutput

type CreatePolicyTemplateOutput struct {

	// The date and time the policy template was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The unique ID of the new policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyTemplateOutput) GoString

func (s CreatePolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyTemplateOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*CreatePolicyTemplateOutput) SetLastUpdatedDate

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreatePolicyTemplateOutput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreatePolicyTemplateOutput) SetPolicyTemplateId

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (CreatePolicyTemplateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteIdentitySourceInput

type DeleteIdentitySourceInput struct {

	// Specifies the ID of the identity source that you want to delete.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the identity source that
	// you want to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteIdentitySourceInput) GoString

func (s DeleteIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteIdentitySourceInput) SetIdentitySourceId

func (s *DeleteIdentitySourceInput) SetIdentitySourceId(v string) *DeleteIdentitySourceInput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*DeleteIdentitySourceInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (DeleteIdentitySourceInput) String

func (s DeleteIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteIdentitySourceInput) Validate

func (s *DeleteIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteIdentitySourceOutput

type DeleteIdentitySourceOutput struct {
	// contains filtered or unexported fields
}

func (DeleteIdentitySourceOutput) GoString

func (s DeleteIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteIdentitySourceOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyInput

type DeletePolicyInput struct {

	// Specifies the ID of the policy that you want to delete.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the policy that you want
	// to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyInput) GoString

func (s DeletePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyInput) SetPolicyId

func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput

SetPolicyId sets the PolicyId field's value.

func (*DeletePolicyInput) SetPolicyStoreId

func (s *DeletePolicyInput) SetPolicyStoreId(v string) *DeletePolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (DeletePolicyInput) String

func (s DeletePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyInput) Validate

func (s *DeletePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyOutput

type DeletePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyOutput) GoString

func (s DeletePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyOutput) String

func (s DeletePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyStoreInput

type DeletePolicyStoreInput struct {

	// Specifies the ID of the policy store that you want to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyStoreInput) GoString

func (s DeletePolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyStoreInput) SetPolicyStoreId

func (s *DeletePolicyStoreInput) SetPolicyStoreId(v string) *DeletePolicyStoreInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (DeletePolicyStoreInput) String

func (s DeletePolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyStoreInput) Validate

func (s *DeletePolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyStoreOutput

type DeletePolicyStoreOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyStoreOutput) GoString

func (s DeletePolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyStoreOutput) String

func (s DeletePolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyTemplateInput

type DeletePolicyTemplateInput struct {

	// Specifies the ID of the policy store that contains the policy template that
	// you want to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy template that you want to delete.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyTemplateInput) GoString

func (s DeletePolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyTemplateInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*DeletePolicyTemplateInput) SetPolicyTemplateId

func (s *DeletePolicyTemplateInput) SetPolicyTemplateId(v string) *DeletePolicyTemplateInput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (DeletePolicyTemplateInput) String

func (s DeletePolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyTemplateInput) Validate

func (s *DeletePolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyTemplateOutput

type DeletePolicyTemplateOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyTemplateOutput) GoString

func (s DeletePolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyTemplateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeterminingPolicyItem

type DeterminingPolicyItem struct {

	// The Id of a policy that determined to an authorization decision.
	//
	// Example: "policyId":"SPEXAMPLEabcdefg111111"
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about one of the policies that determined an authorization decision.

This data type is used as an element in a response parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

Example: "determiningPolicies":[{"policyId":"SPEXAMPLEabcdefg111111"}]

func (DeterminingPolicyItem) GoString

func (s DeterminingPolicyItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeterminingPolicyItem) SetPolicyId

SetPolicyId sets the PolicyId field's value.

func (DeterminingPolicyItem) String

func (s DeterminingPolicyItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EntitiesDefinition

type EntitiesDefinition struct {

	// An array of entities that are needed to successfully evaluate an authorization
	// request. Each entity in this array must include an identifier for the entity,
	// the attributes of the entity, and a list of any parent entities.
	EntityList []*EntityItem `locationName:"entityList" type:"list"`
	// contains filtered or unexported fields
}

Contains the list of entities to be considered during an authorization request. This includes all principals, resources, and actions required to successfully evaluate the request.

This data type is used as a field in the response parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

func (EntitiesDefinition) GoString

func (s EntitiesDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntitiesDefinition) SetEntityList

func (s *EntitiesDefinition) SetEntityList(v []*EntityItem) *EntitiesDefinition

SetEntityList sets the EntityList field's value.

func (EntitiesDefinition) String

func (s EntitiesDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntitiesDefinition) Validate

func (s *EntitiesDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EntityIdentifier

type EntityIdentifier struct {

	// The identifier of an entity.
	//
	// "entityId":"identifier"
	//
	// EntityId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by EntityIdentifier's
	// String and GoString methods.
	//
	// EntityId is a required field
	EntityId *string `locationName:"entityId" min:"1" type:"string" required:"true" sensitive:"true"`

	// The type of an entity.
	//
	// Example: "entityType":"typeName"
	//
	// EntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by EntityIdentifier's
	// String and GoString methods.
	//
	// EntityType is a required field
	EntityType *string `locationName:"entityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains the identifier of an entity, including its ID and type.

This data type is used as a request parameter for IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) operation, and as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html), GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html), and UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) operations.

Example: {"entityId":"string","entityType":"string"}

func (EntityIdentifier) GoString

func (s EntityIdentifier) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityIdentifier) SetEntityId

func (s *EntityIdentifier) SetEntityId(v string) *EntityIdentifier

SetEntityId sets the EntityId field's value.

func (*EntityIdentifier) SetEntityType

func (s *EntityIdentifier) SetEntityType(v string) *EntityIdentifier

SetEntityType sets the EntityType field's value.

func (EntityIdentifier) String

func (s EntityIdentifier) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityIdentifier) Validate

func (s *EntityIdentifier) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EntityItem

type EntityItem struct {

	// A list of attributes for the entity.
	Attributes map[string]*AttributeValue `locationName:"attributes" type:"map"`

	// The identifier of the entity.
	//
	// Identifier is a required field
	Identifier *EntityIdentifier `locationName:"identifier" type:"structure" required:"true"`

	// The parents in the hierarchy that contains the entity.
	Parents []*EntityIdentifier `locationName:"parents" type:"list"`
	// contains filtered or unexported fields
}

Contains information about an entity that can be referenced in a Cedar policy.

This data type is used as one of the fields in the EntitiesDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntitiesDefinition.html) structure.

{ "identifier": { "entityType": "Photo", "entityId": "VacationPhoto94.jpg" }, "attributes": {}, "parents": [ { "entityType": "Album", "entityId": "alice_folder" } ] }

func (EntityItem) GoString

func (s EntityItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityItem) SetAttributes

func (s *EntityItem) SetAttributes(v map[string]*AttributeValue) *EntityItem

SetAttributes sets the Attributes field's value.

func (*EntityItem) SetIdentifier

func (s *EntityItem) SetIdentifier(v *EntityIdentifier) *EntityItem

SetIdentifier sets the Identifier field's value.

func (*EntityItem) SetParents

func (s *EntityItem) SetParents(v []*EntityIdentifier) *EntityItem

SetParents sets the Parents field's value.

func (EntityItem) String

func (s EntityItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityItem) Validate

func (s *EntityItem) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EntityReference

type EntityReference struct {

	// The identifier of the entity. It can consist of either an EntityType and
	// EntityId, a principal, or a resource.
	Identifier *EntityIdentifier `locationName:"identifier" type:"structure"`

	// Used to indicate that a principal or resource is not specified. This can
	// be used to search for policies that are not associated with a specific principal
	// or resource.
	Unspecified *bool `locationName:"unspecified" type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about a principal or resource that can be referenced in a Cedar policy.

This data type is used as part of the PolicyFilter (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyFilter.html) structure that is used as a request parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operation..

func (EntityReference) GoString

func (s EntityReference) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityReference) SetIdentifier

func (s *EntityReference) SetIdentifier(v *EntityIdentifier) *EntityReference

SetIdentifier sets the Identifier field's value.

func (*EntityReference) SetUnspecified

func (s *EntityReference) SetUnspecified(v bool) *EntityReference

SetUnspecified sets the Unspecified field's value.

func (EntityReference) String

func (s EntityReference) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityReference) Validate

func (s *EntityReference) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EvaluationErrorItem

type EvaluationErrorItem struct {

	// The error description.
	//
	// ErrorDescription is a required field
	ErrorDescription *string `locationName:"errorDescription" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains a description of an evaluation error.

This data type is a response parameter of the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

func (EvaluationErrorItem) GoString

func (s EvaluationErrorItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EvaluationErrorItem) SetErrorDescription

func (s *EvaluationErrorItem) SetErrorDescription(v string) *EvaluationErrorItem

SetErrorDescription sets the ErrorDescription field's value.

func (EvaluationErrorItem) String

func (s EvaluationErrorItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetIdentitySourceInput

type GetIdentitySourceInput struct {

	// Specifies the ID of the identity source you want information about.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the identity source you
	// want information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetIdentitySourceInput) GoString

func (s GetIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentitySourceInput) SetIdentitySourceId

func (s *GetIdentitySourceInput) SetIdentitySourceId(v string) *GetIdentitySourceInput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*GetIdentitySourceInput) SetPolicyStoreId

func (s *GetIdentitySourceInput) SetPolicyStoreId(v string) *GetIdentitySourceInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetIdentitySourceInput) String

func (s GetIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentitySourceInput) Validate

func (s *GetIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetIdentitySourceOutput

type GetIdentitySourceOutput struct {

	// The date and time that the identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A structure that describes the configuration of the identity source.
	//
	// Details is a required field
	Details *IdentitySourceDetails `locationName:"details" type:"structure" required:"true"`

	// The ID of the identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time that the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The data type of principals generated for identities authenticated by this
	// identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetIdentitySourceOutput's
	// String and GoString methods.
	//
	// PrincipalEntityType is a required field
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetIdentitySourceOutput) GoString

func (s GetIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentitySourceOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*GetIdentitySourceOutput) SetDetails

SetDetails sets the Details field's value.

func (*GetIdentitySourceOutput) SetIdentitySourceId

func (s *GetIdentitySourceOutput) SetIdentitySourceId(v string) *GetIdentitySourceOutput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*GetIdentitySourceOutput) SetLastUpdatedDate

func (s *GetIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *GetIdentitySourceOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetIdentitySourceOutput) SetPolicyStoreId

func (s *GetIdentitySourceOutput) SetPolicyStoreId(v string) *GetIdentitySourceOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetIdentitySourceOutput) SetPrincipalEntityType

func (s *GetIdentitySourceOutput) SetPrincipalEntityType(v string) *GetIdentitySourceOutput

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (GetIdentitySourceOutput) String

func (s GetIdentitySourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyInput

type GetPolicyInput struct {

	// Specifies the ID of the policy you want information about.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the policy that you want
	// information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyInput) GoString

func (s GetPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyInput) SetPolicyId

func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput

SetPolicyId sets the PolicyId field's value.

func (*GetPolicyInput) SetPolicyStoreId

func (s *GetPolicyInput) SetPolicyStoreId(v string) *GetPolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetPolicyInput) String

func (s GetPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyInput) Validate

func (s *GetPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyOutput

type GetPolicyOutput struct {

	// The date and time that the policy was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The definition of the requested policy.
	//
	// Definition is a required field
	Definition *PolicyDefinitionDetail `locationName:"definition" type:"structure" required:"true"`

	// The date and time that the policy was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the policy that you want information about.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The ID of the policy store that contains the policy that you want information
	// about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The type of the policy.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal specified in the policy's scope. This element isn't included
	// in the response when Principal isn't present in the policy content.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource specified in the policy's scope. This element isn't included
	// in the response when Resource isn't present in the policy content.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (GetPolicyOutput) GoString

func (s GetPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyOutput) SetCreatedDate

func (s *GetPolicyOutput) SetCreatedDate(v time.Time) *GetPolicyOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetPolicyOutput) SetDefinition

SetDefinition sets the Definition field's value.

func (*GetPolicyOutput) SetLastUpdatedDate

func (s *GetPolicyOutput) SetLastUpdatedDate(v time.Time) *GetPolicyOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetPolicyOutput) SetPolicyId

func (s *GetPolicyOutput) SetPolicyId(v string) *GetPolicyOutput

SetPolicyId sets the PolicyId field's value.

func (*GetPolicyOutput) SetPolicyStoreId

func (s *GetPolicyOutput) SetPolicyStoreId(v string) *GetPolicyOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyOutput) SetPolicyType

func (s *GetPolicyOutput) SetPolicyType(v string) *GetPolicyOutput

SetPolicyType sets the PolicyType field's value.

func (*GetPolicyOutput) SetPrincipal

func (s *GetPolicyOutput) SetPrincipal(v *EntityIdentifier) *GetPolicyOutput

SetPrincipal sets the Principal field's value.

func (*GetPolicyOutput) SetResource

func (s *GetPolicyOutput) SetResource(v *EntityIdentifier) *GetPolicyOutput

SetResource sets the Resource field's value.

func (GetPolicyOutput) String

func (s GetPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyStoreInput

type GetPolicyStoreInput struct {

	// Specifies the ID of the policy store that you want information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyStoreInput) GoString

func (s GetPolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyStoreInput) SetPolicyStoreId

func (s *GetPolicyStoreInput) SetPolicyStoreId(v string) *GetPolicyStoreInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetPolicyStoreInput) String

func (s GetPolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyStoreInput) Validate

func (s *GetPolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyStoreOutput

type GetPolicyStoreOutput struct {

	// The Amazon Resource Name (ARN) of the policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time that the policy store was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the policy store was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store;
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The current validation settings for the policy store.
	//
	// ValidationSettings is a required field
	ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyStoreOutput) GoString

func (s GetPolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyStoreOutput) SetArn

SetArn sets the Arn field's value.

func (*GetPolicyStoreOutput) SetCreatedDate

func (s *GetPolicyStoreOutput) SetCreatedDate(v time.Time) *GetPolicyStoreOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetPolicyStoreOutput) SetLastUpdatedDate

func (s *GetPolicyStoreOutput) SetLastUpdatedDate(v time.Time) *GetPolicyStoreOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetPolicyStoreOutput) SetPolicyStoreId

func (s *GetPolicyStoreOutput) SetPolicyStoreId(v string) *GetPolicyStoreOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyStoreOutput) SetValidationSettings

func (s *GetPolicyStoreOutput) SetValidationSettings(v *ValidationSettings) *GetPolicyStoreOutput

SetValidationSettings sets the ValidationSettings field's value.

func (GetPolicyStoreOutput) String

func (s GetPolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyTemplateInput

type GetPolicyTemplateInput struct {

	// Specifies the ID of the policy store that contains the policy template that
	// you want information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy template that you want information about.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyTemplateInput) GoString

func (s GetPolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyTemplateInput) SetPolicyStoreId

func (s *GetPolicyTemplateInput) SetPolicyStoreId(v string) *GetPolicyTemplateInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyTemplateInput) SetPolicyTemplateId

func (s *GetPolicyTemplateInput) SetPolicyTemplateId(v string) *GetPolicyTemplateInput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (GetPolicyTemplateInput) String

func (s GetPolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyTemplateInput) Validate

func (s *GetPolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyTemplateOutput

type GetPolicyTemplateOutput struct {

	// The date and time that the policy template was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The description of the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPolicyTemplateOutput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The date and time that the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The ID of the policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The content of the body of the policy template written in the Cedar policy
	// language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPolicyTemplateOutput's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyTemplateOutput) GoString

func (s GetPolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyTemplateOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*GetPolicyTemplateOutput) SetDescription

SetDescription sets the Description field's value.

func (*GetPolicyTemplateOutput) SetLastUpdatedDate

func (s *GetPolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *GetPolicyTemplateOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetPolicyTemplateOutput) SetPolicyStoreId

func (s *GetPolicyTemplateOutput) SetPolicyStoreId(v string) *GetPolicyTemplateOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyTemplateOutput) SetPolicyTemplateId

func (s *GetPolicyTemplateOutput) SetPolicyTemplateId(v string) *GetPolicyTemplateOutput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*GetPolicyTemplateOutput) SetStatement

SetStatement sets the Statement field's value.

func (GetPolicyTemplateOutput) String

func (s GetPolicyTemplateOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetSchemaInput

type GetSchemaInput struct {

	// Specifies the ID of the policy store that contains the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSchemaInput) GoString

func (s GetSchemaInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSchemaInput) SetPolicyStoreId

func (s *GetSchemaInput) SetPolicyStoreId(v string) *GetSchemaInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetSchemaInput) String

func (s GetSchemaInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSchemaInput) Validate

func (s *GetSchemaInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSchemaOutput

type GetSchemaOutput struct {

	// The date and time that the schema was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the schema was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The body of the schema, written in Cedar schema JSON.
	//
	// Schema is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetSchemaOutput's
	// String and GoString methods.
	//
	// Schema is a required field
	Schema *string `locationName:"schema" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetSchemaOutput) GoString

func (s GetSchemaOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSchemaOutput) SetCreatedDate

func (s *GetSchemaOutput) SetCreatedDate(v time.Time) *GetSchemaOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetSchemaOutput) SetLastUpdatedDate

func (s *GetSchemaOutput) SetLastUpdatedDate(v time.Time) *GetSchemaOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetSchemaOutput) SetPolicyStoreId

func (s *GetSchemaOutput) SetPolicyStoreId(v string) *GetSchemaOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetSchemaOutput) SetSchema

func (s *GetSchemaOutput) SetSchema(v string) *GetSchemaOutput

SetSchema sets the Schema field's value.

func (GetSchemaOutput) String

func (s GetSchemaOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentitySourceDetails

type IdentitySourceDetails struct {

	// The application client IDs associated with the specified Amazon Cognito user
	// pool that are enabled for this identity source.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The well-known URL that points to this user pool's OIDC discovery endpoint.
	// This is a URL string in the following format. This URL replaces the placeholders
	// for both the Amazon Web Services Region and the user pool identifier with
	// those appropriate for this user pool.
	//
	// https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration
	DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" type:"string"`

	// A string that identifies the type of OIDC service represented by this identity
	// source.
	//
	// At this time, the only valid value is cognito.
	OpenIdIssuer *string `locationName:"openIdIssuer" type:"string" enum:"OpenIdIssuer"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool whose identities are accessible to this Verified
	// Permissions policy store.
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string"`
	// contains filtered or unexported fields
}

A structure that contains configuration of the identity source.

This data type is used as a response parameter for the CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) operation.

func (IdentitySourceDetails) GoString

func (s IdentitySourceDetails) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceDetails) SetClientIds

func (s *IdentitySourceDetails) SetClientIds(v []*string) *IdentitySourceDetails

SetClientIds sets the ClientIds field's value.

func (*IdentitySourceDetails) SetDiscoveryUrl

func (s *IdentitySourceDetails) SetDiscoveryUrl(v string) *IdentitySourceDetails

SetDiscoveryUrl sets the DiscoveryUrl field's value.

func (*IdentitySourceDetails) SetOpenIdIssuer

func (s *IdentitySourceDetails) SetOpenIdIssuer(v string) *IdentitySourceDetails

SetOpenIdIssuer sets the OpenIdIssuer field's value.

func (*IdentitySourceDetails) SetUserPoolArn

func (s *IdentitySourceDetails) SetUserPoolArn(v string) *IdentitySourceDetails

SetUserPoolArn sets the UserPoolArn field's value.

func (IdentitySourceDetails) String

func (s IdentitySourceDetails) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentitySourceFilter

type IdentitySourceFilter struct {

	// The Cedar entity type of the principals returned by the identity provider
	// (IdP) associated with this identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IdentitySourceFilter's
	// String and GoString methods.
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that defines characteristics of an identity source that you can use to filter.

This data type is used as a request parameter for the ListIdentityStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) operation.

func (IdentitySourceFilter) GoString

func (s IdentitySourceFilter) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceFilter) SetPrincipalEntityType

func (s *IdentitySourceFilter) SetPrincipalEntityType(v string) *IdentitySourceFilter

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (IdentitySourceFilter) String

func (s IdentitySourceFilter) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceFilter) Validate

func (s *IdentitySourceFilter) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type IdentitySourceItem

type IdentitySourceItem struct {

	// The date and time the identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A structure that contains the details of the associated identity provider
	// (IdP).
	//
	// Details is a required field
	Details *IdentitySourceItemDetails `locationName:"details" type:"structure" required:"true"`

	// The unique identifier of the identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The identifier of the policy store that contains the identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The Cedar entity type of the principals returned from the IdP associated
	// with this identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IdentitySourceItem's
	// String and GoString methods.
	//
	// PrincipalEntityType is a required field
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that defines an identity source.

This data type is used as a request parameter for the ListIdentityStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) operation.

func (IdentitySourceItem) GoString

func (s IdentitySourceItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceItem) SetCreatedDate

func (s *IdentitySourceItem) SetCreatedDate(v time.Time) *IdentitySourceItem

SetCreatedDate sets the CreatedDate field's value.

func (*IdentitySourceItem) SetDetails

SetDetails sets the Details field's value.

func (*IdentitySourceItem) SetIdentitySourceId

func (s *IdentitySourceItem) SetIdentitySourceId(v string) *IdentitySourceItem

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*IdentitySourceItem) SetLastUpdatedDate

func (s *IdentitySourceItem) SetLastUpdatedDate(v time.Time) *IdentitySourceItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*IdentitySourceItem) SetPolicyStoreId

func (s *IdentitySourceItem) SetPolicyStoreId(v string) *IdentitySourceItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*IdentitySourceItem) SetPrincipalEntityType

func (s *IdentitySourceItem) SetPrincipalEntityType(v string) *IdentitySourceItem

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (IdentitySourceItem) String

func (s IdentitySourceItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentitySourceItemDetails

type IdentitySourceItemDetails struct {

	// The application client IDs associated with the specified Amazon Cognito user
	// pool that are enabled for this identity source.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The well-known URL that points to this user pool's OIDC discovery endpoint.
	// This is a URL string in the following format. This URL replaces the placeholders
	// for both the Amazon Web Services Region and the user pool identifier with
	// those appropriate for this user pool.
	//
	// https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration
	DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" type:"string"`

	// A string that identifies the type of OIDC service represented by this identity
	// source.
	//
	// At this time, the only valid value is cognito.
	OpenIdIssuer *string `locationName:"openIdIssuer" type:"string" enum:"OpenIdIssuer"`

	// The Amazon Cognito user pool whose identities are accessible to this Verified
	// Permissions policy store.
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string"`
	// contains filtered or unexported fields
}

A structure that contains configuration of the identity source.

This data type is used as a response parameter for the CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) operation.

func (IdentitySourceItemDetails) GoString

func (s IdentitySourceItemDetails) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceItemDetails) SetClientIds

SetClientIds sets the ClientIds field's value.

func (*IdentitySourceItemDetails) SetDiscoveryUrl

SetDiscoveryUrl sets the DiscoveryUrl field's value.

func (*IdentitySourceItemDetails) SetOpenIdIssuer

SetOpenIdIssuer sets the OpenIdIssuer field's value.

func (*IdentitySourceItemDetails) SetUserPoolArn

SetUserPoolArn sets the UserPoolArn field's value.

func (IdentitySourceItemDetails) String

func (s IdentitySourceItemDetails) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InternalServerException

type InternalServerException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

The request failed because of an internal error. Try your request again later

func (*InternalServerException) Code

func (s *InternalServerException) Code() string

Code returns the exception type name.

func (*InternalServerException) Error

func (s *InternalServerException) Error() string

func (InternalServerException) GoString

func (s InternalServerException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InternalServerException) Message

func (s *InternalServerException) Message() string

Message returns the exception's message.

func (*InternalServerException) OrigErr

func (s *InternalServerException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InternalServerException) RequestID

func (s *InternalServerException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InternalServerException) StatusCode

func (s *InternalServerException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InternalServerException) String

func (s InternalServerException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IsAuthorizedInput

type IsAuthorizedInput struct {

	// Specifies the requested action to be authorized. For example, is the principal
	// authorized to perform this action on the resource?
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the list of resources and principals and their associated attributes
	// that Verified Permissions can examine when evaluating the policies.
	//
	// You can include only principal and resource entities in this parameter; you
	// can't include actions. You must specify actions in the schema.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make an authorization decision for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the principal for which the authorization decision is to be made.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// Specifies the resource for which the authorization decision is to be made.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (IsAuthorizedInput) GoString

func (s IsAuthorizedInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedInput) SetAction

SetAction sets the Action field's value.

func (*IsAuthorizedInput) SetContext

SetContext sets the Context field's value.

func (*IsAuthorizedInput) SetEntities

SetEntities sets the Entities field's value.

func (*IsAuthorizedInput) SetPolicyStoreId

func (s *IsAuthorizedInput) SetPolicyStoreId(v string) *IsAuthorizedInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*IsAuthorizedInput) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*IsAuthorizedInput) SetResource

SetResource sets the Resource field's value.

func (IsAuthorizedInput) String

func (s IsAuthorizedInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedInput) Validate

func (s *IsAuthorizedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type IsAuthorizedOutput

type IsAuthorizedOutput struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are two matching policies, where one is a forbid and
	// the other is a permit, then the forbid policy will be the determining policy.
	// In the case of multiple matching permit policies then there would be multiple
	// determining policies. In the case that no policies match, and hence the response
	// is DENY, there would be no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision, for example,
	// a policy references an Entity or entity Attribute that does not exist in
	// the slice.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (IsAuthorizedOutput) GoString

func (s IsAuthorizedOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedOutput) SetDecision

func (s *IsAuthorizedOutput) SetDecision(v string) *IsAuthorizedOutput

SetDecision sets the Decision field's value.

func (*IsAuthorizedOutput) SetDeterminingPolicies

func (s *IsAuthorizedOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedOutput

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*IsAuthorizedOutput) SetErrors

SetErrors sets the Errors field's value.

func (IsAuthorizedOutput) String

func (s IsAuthorizedOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IsAuthorizedWithTokenInput

type IsAuthorizedWithTokenInput struct {

	// Specifies an access token for the principal to be authorized. This token
	// is provided to you by the identity provider (IdP) associated with the specified
	// identity source. You must specify either an AccessToken, or an IdentityToken,
	// or both.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IsAuthorizedWithTokenInput's
	// String and GoString methods.
	AccessToken *string `locationName:"accessToken" min:"1" type:"string" sensitive:"true"`

	// Specifies the requested action to be authorized. Is the specified principal
	// authorized to perform this action on the specified resource.
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the list of resources and their associated attributes that Verified
	// Permissions can examine when evaluating the policies.
	//
	// You can include only resource and action entities in this parameter; you
	// can't include principals.
	//
	//    * The IsAuthorizedWithToken operation takes principal attributes from
	//    only the identityToken or accessToken passed to the operation.
	//
	//    * For action entities, you can include only their Identifier and EntityType.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies an identity token for the principal to be authorized. This token
	// is provided to you by the identity provider (IdP) associated with the specified
	// identity source. You must specify either an AccessToken or an IdentityToken,
	// or both.
	//
	// IdentityToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IsAuthorizedWithTokenInput's
	// String and GoString methods.
	IdentityToken *string `locationName:"identityToken" min:"1" type:"string" sensitive:"true"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make an authorization decision for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the resource for which the authorization decision is made. For
	// example, is the principal allowed to perform the action on the resource?
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (IsAuthorizedWithTokenInput) GoString

func (s IsAuthorizedWithTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedWithTokenInput) SetAccessToken

SetAccessToken sets the AccessToken field's value.

func (*IsAuthorizedWithTokenInput) SetAction

SetAction sets the Action field's value.

func (*IsAuthorizedWithTokenInput) SetContext

SetContext sets the Context field's value.

func (*IsAuthorizedWithTokenInput) SetEntities

SetEntities sets the Entities field's value.

func (*IsAuthorizedWithTokenInput) SetIdentityToken

SetIdentityToken sets the IdentityToken field's value.

func (*IsAuthorizedWithTokenInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*IsAuthorizedWithTokenInput) SetResource

SetResource sets the Resource field's value.

func (IsAuthorizedWithTokenInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedWithTokenInput) Validate

func (s *IsAuthorizedWithTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type IsAuthorizedWithTokenOutput

type IsAuthorizedWithTokenOutput struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are multiple matching policies, where at least one
	// is a forbid policy, then because forbid always overrides permit the forbid
	// policies are the determining policies. If all matching policies are permit
	// policies, then those policies are the determining policies. When no policies
	// match and the response is the default DENY, there are no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision. For example,
	// a policy references an entity or entity attribute that does not exist in
	// the slice.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (IsAuthorizedWithTokenOutput) GoString

func (s IsAuthorizedWithTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedWithTokenOutput) SetDecision

SetDecision sets the Decision field's value.

func (*IsAuthorizedWithTokenOutput) SetDeterminingPolicies

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*IsAuthorizedWithTokenOutput) SetErrors

SetErrors sets the Errors field's value.

func (IsAuthorizedWithTokenOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListIdentitySourcesInput

type ListIdentitySourcesInput struct {

	// Specifies characteristics of an identity source that you can use to limit
	// the output to matching identity sources.
	Filters []*IdentitySourceFilter `locationName:"filters" type:"list"`

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 identity
	// sources per response. You can specify a maximum of 200 identity sources per
	// response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Specifies the ID of the policy store that contains the identity sources that
	// you want to list.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListIdentitySourcesInput) GoString

func (s ListIdentitySourcesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentitySourcesInput) SetFilters

SetFilters sets the Filters field's value.

func (*ListIdentitySourcesInput) SetMaxResults

SetMaxResults sets the MaxResults field's value.

func (*ListIdentitySourcesInput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListIdentitySourcesInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (ListIdentitySourcesInput) String

func (s ListIdentitySourcesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentitySourcesInput) Validate

func (s *ListIdentitySourcesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListIdentitySourcesOutput

type ListIdentitySourcesOutput struct {

	// The list of identity sources stored in the specified policy store.
	//
	// IdentitySources is a required field
	IdentitySources []*IdentitySourceItem `locationName:"identitySources" type:"list" required:"true"`

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListIdentitySourcesOutput) GoString

func (s ListIdentitySourcesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentitySourcesOutput) SetIdentitySources

SetIdentitySources sets the IdentitySources field's value.

func (*ListIdentitySourcesOutput) SetNextToken

SetNextToken sets the NextToken field's value.

func (ListIdentitySourcesOutput) String

func (s ListIdentitySourcesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPoliciesInput

type ListPoliciesInput struct {

	// Specifies a filter that limits the response to only policies that match the
	// specified criteria. For example, you list only the policies that reference
	// a specified principal.
	Filter *PolicyFilter `locationName:"filter" type:"structure"`

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 policies
	// per response. You can specify a maximum of 50 policies per response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Specifies the ID of the policy store you want to list policies from.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesInput) GoString

func (s ListPoliciesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesInput) SetFilter

SetFilter sets the Filter field's value.

func (*ListPoliciesInput) SetMaxResults

func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput

SetMaxResults sets the MaxResults field's value.

func (*ListPoliciesInput) SetNextToken

func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput

SetNextToken sets the NextToken field's value.

func (*ListPoliciesInput) SetPolicyStoreId

func (s *ListPoliciesInput) SetPolicyStoreId(v string) *ListPoliciesInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (ListPoliciesInput) String

func (s ListPoliciesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesInput) Validate

func (s *ListPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesOutput

type ListPoliciesOutput struct {

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Lists all policies that are available in the specified policy store.
	//
	// Policies is a required field
	Policies []*PolicyItem `locationName:"policies" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesOutput) GoString

func (s ListPoliciesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesOutput) SetNextToken

func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput

SetNextToken sets the NextToken field's value.

func (*ListPoliciesOutput) SetPolicies

func (s *ListPoliciesOutput) SetPolicies(v []*PolicyItem) *ListPoliciesOutput

SetPolicies sets the Policies field's value.

func (ListPoliciesOutput) String

func (s ListPoliciesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPolicyStoresInput

type ListPolicyStoresInput struct {

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 policy
	// stores per response. You can specify a maximum of 50 policy stores per response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListPolicyStoresInput) GoString

func (s ListPolicyStoresInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyStoresInput) SetMaxResults

func (s *ListPolicyStoresInput) SetMaxResults(v int64) *ListPolicyStoresInput

SetMaxResults sets the MaxResults field's value.

func (*ListPolicyStoresInput) SetNextToken

SetNextToken sets the NextToken field's value.

func (ListPolicyStoresInput) String

func (s ListPolicyStoresInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyStoresInput) Validate

func (s *ListPolicyStoresInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyStoresOutput

type ListPolicyStoresOutput struct {

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// The list of policy stores in the account.
	//
	// PolicyStores is a required field
	PolicyStores []*PolicyStoreItem `locationName:"policyStores" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyStoresOutput) GoString

func (s ListPolicyStoresOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyStoresOutput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListPolicyStoresOutput) SetPolicyStores

SetPolicyStores sets the PolicyStores field's value.

func (ListPolicyStoresOutput) String

func (s ListPolicyStoresOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPolicyTemplatesInput

type ListPolicyTemplatesInput struct {

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 policy
	// templates per response. You can specify a maximum of 50 policy templates
	// per response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Specifies the ID of the policy store that contains the policy templates you
	// want to list.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyTemplatesInput) GoString

func (s ListPolicyTemplatesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTemplatesInput) SetMaxResults

SetMaxResults sets the MaxResults field's value.

func (*ListPolicyTemplatesInput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListPolicyTemplatesInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (ListPolicyTemplatesInput) String

func (s ListPolicyTemplatesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTemplatesInput) Validate

func (s *ListPolicyTemplatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyTemplatesOutput

type ListPolicyTemplatesOutput struct {

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// The list of the policy templates in the specified policy store.
	//
	// PolicyTemplates is a required field
	PolicyTemplates []*PolicyTemplateItem `locationName:"policyTemplates" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyTemplatesOutput) GoString

func (s ListPolicyTemplatesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTemplatesOutput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListPolicyTemplatesOutput) SetPolicyTemplates

SetPolicyTemplates sets the PolicyTemplates field's value.

func (ListPolicyTemplatesOutput) String

func (s ListPolicyTemplatesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyDefinition

type PolicyDefinition struct {

	// A structure that describes a static policy. An static policy doesn't use
	// a template or allow placeholders for entities.
	Static *StaticPolicyDefinition `locationName:"static" type:"structure"`

	// A structure that describes a policy that was instantiated from a template.
	// The template can specify placeholders for principal and resource. When you
	// use CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html)
	// to create a policy from a template, you specify the exact principal and resource
	// to use for the instantiated policy.
	TemplateLinked *TemplateLinkedPolicyDefinition `locationName:"templateLinked" type:"structure"`
	// contains filtered or unexported fields
}

A structure that contains the details for a Cedar policy definition. It includes the policy type, a description, and a policy body. This is a top level data type used to create a policy.

This data type is used as a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation. This structure must always have either an static or a templateLinked element.

func (PolicyDefinition) GoString

func (s PolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinition) SetStatic

SetStatic sets the Static field's value.

func (*PolicyDefinition) SetTemplateLinked

SetTemplateLinked sets the TemplateLinked field's value.

func (PolicyDefinition) String

func (s PolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinition) Validate

func (s *PolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PolicyDefinitionDetail

type PolicyDefinitionDetail struct {

	// Information about a static policy that wasn't created with a policy template.
	Static *StaticPolicyDefinitionDetail `locationName:"static" type:"structure"`

	// Information about a template-linked policy that was created by instantiating
	// a policy template.
	TemplateLinked *TemplateLinkedPolicyDefinitionDetail `locationName:"templateLinked" type:"structure"`
	// contains filtered or unexported fields
}

A structure that describes a policy definition. It must always have either an static or a templateLinked element.

This data type is used as a response parameter for the GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html) operation.

func (PolicyDefinitionDetail) GoString

func (s PolicyDefinitionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinitionDetail) SetStatic

SetStatic sets the Static field's value.

func (*PolicyDefinitionDetail) SetTemplateLinked

SetTemplateLinked sets the TemplateLinked field's value.

func (PolicyDefinitionDetail) String

func (s PolicyDefinitionDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyDefinitionItem

type PolicyDefinitionItem struct {

	// Information about a static policy that wasn't created with a policy template.
	Static *StaticPolicyDefinitionItem `locationName:"static" type:"structure"`

	// Information about a template-linked policy that was created by instantiating
	// a policy template.
	TemplateLinked *TemplateLinkedPolicyDefinitionItem `locationName:"templateLinked" type:"structure"`
	// contains filtered or unexported fields
}

A structure that describes a PolicyDefinintion (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinintion.html). It will always have either an StaticPolicy or a TemplateLinkedPolicy element.

This data type is used as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) and ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operations.

func (PolicyDefinitionItem) GoString

func (s PolicyDefinitionItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinitionItem) SetStatic

SetStatic sets the Static field's value.

func (*PolicyDefinitionItem) SetTemplateLinked

SetTemplateLinked sets the TemplateLinked field's value.

func (PolicyDefinitionItem) String

func (s PolicyDefinitionItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyFilter

type PolicyFilter struct {

	// Filters the output to only template-linked policies that were instantiated
	// from the specified policy template.
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string"`

	// Filters the output to only policies of the specified type.
	PolicyType *string `locationName:"policyType" type:"string" enum:"PolicyType"`

	// Filters the output to only policies that reference the specified principal.
	Principal *EntityReference `locationName:"principal" type:"structure"`

	// Filters the output to only policies that reference the specified resource.
	Resource *EntityReference `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a filter to refine policies returned in a query.

This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operation.

func (PolicyFilter) GoString

func (s PolicyFilter) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyFilter) SetPolicyTemplateId

func (s *PolicyFilter) SetPolicyTemplateId(v string) *PolicyFilter

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*PolicyFilter) SetPolicyType

func (s *PolicyFilter) SetPolicyType(v string) *PolicyFilter

SetPolicyType sets the PolicyType field's value.

func (*PolicyFilter) SetPrincipal

func (s *PolicyFilter) SetPrincipal(v *EntityReference) *PolicyFilter

SetPrincipal sets the Principal field's value.

func (*PolicyFilter) SetResource

func (s *PolicyFilter) SetResource(v *EntityReference) *PolicyFilter

SetResource sets the Resource field's value.

func (PolicyFilter) String

func (s PolicyFilter) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyFilter) Validate

func (s *PolicyFilter) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PolicyItem

type PolicyItem struct {

	// The date and time the policy was created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The policy definition of an item in the list of policies returned.
	//
	// Definition is a required field
	Definition *PolicyDefinitionItem `locationName:"definition" type:"structure" required:"true"`

	// The date and time the policy was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The identifier of the policy you want information about.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The identifier of the PolicyStore where the policy you want information about
	// is stored.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The type of the policy. This is one of the following values:
	//
	//    * static
	//
	//    * templateLinked
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal associated with the policy.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with the policy.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy.

This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operation.

func (PolicyItem) GoString

func (s PolicyItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyItem) SetCreatedDate

func (s *PolicyItem) SetCreatedDate(v time.Time) *PolicyItem

SetCreatedDate sets the CreatedDate field's value.

func (*PolicyItem) SetDefinition

func (s *PolicyItem) SetDefinition(v *PolicyDefinitionItem) *PolicyItem

SetDefinition sets the Definition field's value.

func (*PolicyItem) SetLastUpdatedDate

func (s *PolicyItem) SetLastUpdatedDate(v time.Time) *PolicyItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PolicyItem) SetPolicyId

func (s *PolicyItem) SetPolicyId(v string) *PolicyItem

SetPolicyId sets the PolicyId field's value.

func (*PolicyItem) SetPolicyStoreId

func (s *PolicyItem) SetPolicyStoreId(v string) *PolicyItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*PolicyItem) SetPolicyType

func (s *PolicyItem) SetPolicyType(v string) *PolicyItem

SetPolicyType sets the PolicyType field's value.

func (*PolicyItem) SetPrincipal

func (s *PolicyItem) SetPrincipal(v *EntityIdentifier) *PolicyItem

SetPrincipal sets the Principal field's value.

func (*PolicyItem) SetResource

func (s *PolicyItem) SetResource(v *EntityIdentifier) *PolicyItem

SetResource sets the Resource field's value.

func (PolicyItem) String

func (s PolicyItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyStoreItem

type PolicyStoreItem struct {

	// The Amazon Resource Name (ARN) of the policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time the policy was created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique identifier of the policy store.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about a policy store.

This data type is used as a response parameter for the ListPolicyStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html) operation.

func (PolicyStoreItem) GoString

func (s PolicyStoreItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyStoreItem) SetArn

func (s *PolicyStoreItem) SetArn(v string) *PolicyStoreItem

SetArn sets the Arn field's value.

func (*PolicyStoreItem) SetCreatedDate

func (s *PolicyStoreItem) SetCreatedDate(v time.Time) *PolicyStoreItem

SetCreatedDate sets the CreatedDate field's value.

func (*PolicyStoreItem) SetPolicyStoreId

func (s *PolicyStoreItem) SetPolicyStoreId(v string) *PolicyStoreItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (PolicyStoreItem) String

func (s PolicyStoreItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyTemplateItem

type PolicyTemplateItem struct {

	// The date and time that the policy template was created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The description attached to the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by PolicyTemplateItem's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The date and time that the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique identifier of the policy store that contains the template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The unique identifier of the policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains details about a policy template

This data type is used as a response parameter for the ListPolicyTemplates (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html) operation.

func (PolicyTemplateItem) GoString

func (s PolicyTemplateItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyTemplateItem) SetCreatedDate

func (s *PolicyTemplateItem) SetCreatedDate(v time.Time) *PolicyTemplateItem

SetCreatedDate sets the CreatedDate field's value.

func (*PolicyTemplateItem) SetDescription

func (s *PolicyTemplateItem) SetDescription(v string) *PolicyTemplateItem

SetDescription sets the Description field's value.

func (*PolicyTemplateItem) SetLastUpdatedDate

func (s *PolicyTemplateItem) SetLastUpdatedDate(v time.Time) *PolicyTemplateItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PolicyTemplateItem) SetPolicyStoreId

func (s *PolicyTemplateItem) SetPolicyStoreId(v string) *PolicyTemplateItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*PolicyTemplateItem) SetPolicyTemplateId

func (s *PolicyTemplateItem) SetPolicyTemplateId(v string) *PolicyTemplateItem

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (PolicyTemplateItem) String

func (s PolicyTemplateItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutSchemaInput

type PutSchemaInput struct {

	// Specifies the definition of the schema to be stored. The schema definition
	// must be written in Cedar schema JSON.
	//
	// Definition is a required field
	Definition *SchemaDefinition `locationName:"definition" type:"structure" required:"true"`

	// Specifies the ID of the policy store in which to place the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutSchemaInput) GoString

func (s PutSchemaInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutSchemaInput) SetDefinition

func (s *PutSchemaInput) SetDefinition(v *SchemaDefinition) *PutSchemaInput

SetDefinition sets the Definition field's value.

func (*PutSchemaInput) SetPolicyStoreId

func (s *PutSchemaInput) SetPolicyStoreId(v string) *PutSchemaInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (PutSchemaInput) String

func (s PutSchemaInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutSchemaInput) Validate

func (s *PutSchemaInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutSchemaOutput

type PutSchemaOutput struct {

	// The date and time that the schema was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the schema was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// Identifies the namespaces of the entities referenced by this schema.
	//
	// Namespaces is a required field
	Namespaces []*string `locationName:"namespaces" type:"list" required:"true"`

	// The unique ID of the policy store that contains the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutSchemaOutput) GoString

func (s PutSchemaOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutSchemaOutput) SetCreatedDate

func (s *PutSchemaOutput) SetCreatedDate(v time.Time) *PutSchemaOutput

SetCreatedDate sets the CreatedDate field's value.

func (*PutSchemaOutput) SetLastUpdatedDate

func (s *PutSchemaOutput) SetLastUpdatedDate(v time.Time) *PutSchemaOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PutSchemaOutput) SetNamespaces

func (s *PutSchemaOutput) SetNamespaces(v []*string) *PutSchemaOutput

SetNamespaces sets the Namespaces field's value.

func (*PutSchemaOutput) SetPolicyStoreId

func (s *PutSchemaOutput) SetPolicyStoreId(v string) *PutSchemaOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (PutSchemaOutput) String

func (s PutSchemaOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceConflict

type ResourceConflict struct {

	// The unique identifier of the resource involved in a conflict.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The type of the resource involved in a conflict.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
	// contains filtered or unexported fields
}

Contains information about a resource conflict.

func (ResourceConflict) GoString

func (s ResourceConflict) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceConflict) SetResourceId

func (s *ResourceConflict) SetResourceId(v string) *ResourceConflict

SetResourceId sets the ResourceId field's value.

func (*ResourceConflict) SetResourceType

func (s *ResourceConflict) SetResourceType(v string) *ResourceConflict

SetResourceType sets the ResourceType field's value.

func (ResourceConflict) String

func (s ResourceConflict) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceNotFoundException

type ResourceNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The unique ID of the resource referenced in the failed request.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The resource type of the resource referenced in the failed request.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
	// contains filtered or unexported fields
}

The request failed because it references a resource that doesn't exist.

func (*ResourceNotFoundException) Code

Code returns the exception type name.

func (*ResourceNotFoundException) Error

func (s *ResourceNotFoundException) Error() string

func (ResourceNotFoundException) GoString

func (s ResourceNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceNotFoundException) Message

func (s *ResourceNotFoundException) Message() string

Message returns the exception's message.

func (*ResourceNotFoundException) OrigErr

func (s *ResourceNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ResourceNotFoundException) RequestID

func (s *ResourceNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ResourceNotFoundException) StatusCode

func (s *ResourceNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ResourceNotFoundException) String

func (s ResourceNotFoundException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SchemaDefinition

type SchemaDefinition struct {

	// A JSON string representation of the schema supported by applications that
	// use this policy store. For more information, see Policy store schema (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html)
	// in the Amazon Verified Permissions User Guide.
	//
	// CedarJson is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SchemaDefinition's
	// String and GoString methods.
	CedarJson *string `locationName:"cedarJson" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains a list of principal types, resource types, and actions that can be specified in policies stored in the same policy store. If the validation mode for the policy store is set to STRICT, then policies that can't be validated by this schema are rejected by Verified Permissions and can't be stored in the policy store.

func (SchemaDefinition) GoString

func (s SchemaDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SchemaDefinition) SetCedarJson

func (s *SchemaDefinition) SetCedarJson(v string) *SchemaDefinition

SetCedarJson sets the CedarJson field's value.

func (SchemaDefinition) String

func (s SchemaDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SchemaDefinition) Validate

func (s *SchemaDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ServiceQuotaExceededException

type ServiceQuotaExceededException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The quota code recognized by the Amazon Web Services Service Quotas service.
	QuotaCode *string `locationName:"quotaCode" type:"string"`

	// The unique ID of the resource referenced in the failed request.
	ResourceId *string `locationName:"resourceId" type:"string"`

	// The resource type of the resource referenced in the failed request.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The code for the Amazon Web Service that owns the quota.
	ServiceCode *string `locationName:"serviceCode" type:"string"`
	// contains filtered or unexported fields
}

The request failed because it would cause a service quota to be exceeded.

func (*ServiceQuotaExceededException) Code

Code returns the exception type name.

func (*ServiceQuotaExceededException) Error

func (ServiceQuotaExceededException) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceQuotaExceededException) Message

Message returns the exception's message.

func (*ServiceQuotaExceededException) OrigErr

func (s *ServiceQuotaExceededException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ServiceQuotaExceededException) RequestID

func (s *ServiceQuotaExceededException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ServiceQuotaExceededException) StatusCode

func (s *ServiceQuotaExceededException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ServiceQuotaExceededException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StaticPolicyDefinition

type StaticPolicyDefinition struct {

	// The description of the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinition's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The policy content of the static policy, written in the Cedar policy language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinition's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains information about a static policy.

This data type is used as a field that is part of the PolicyDefinitionDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinitionDetail.html) type.

func (StaticPolicyDefinition) GoString

func (s StaticPolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinition) SetDescription

SetDescription sets the Description field's value.

func (*StaticPolicyDefinition) SetStatement

SetStatement sets the Statement field's value.

func (StaticPolicyDefinition) String

func (s StaticPolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinition) Validate

func (s *StaticPolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StaticPolicyDefinitionDetail

type StaticPolicyDefinitionDetail struct {

	// A description of the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinitionDetail's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The content of the static policy written in the Cedar policy language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinitionDetail's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that contains details about a static policy. It includes the description and policy body.

This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation.

func (StaticPolicyDefinitionDetail) GoString

func (s StaticPolicyDefinitionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinitionDetail) SetDescription

SetDescription sets the Description field's value.

func (*StaticPolicyDefinitionDetail) SetStatement

SetStatement sets the Statement field's value.

func (StaticPolicyDefinitionDetail) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StaticPolicyDefinitionItem

type StaticPolicyDefinitionItem struct {

	// A description of the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinitionItem's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that contains details about a static policy. It includes the description and policy statement.

This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation.

func (StaticPolicyDefinitionItem) GoString

func (s StaticPolicyDefinitionItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinitionItem) SetDescription

SetDescription sets the Description field's value.

func (StaticPolicyDefinitionItem) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TemplateLinkedPolicyDefinition

type TemplateLinkedPolicyDefinition struct {

	// The unique identifier of the policy template used to create this policy.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The principal associated with this template-linked policy. Verified Permissions
	// substitutes this principal for the ?principal placeholder in the policy template
	// when it evaluates an authorization request.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with this template-linked policy. Verified Permissions
	// substitutes this resource for the ?resource placeholder in the policy template
	// when it evaluates an authorization request.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy created by instantiating a policy template.

func (TemplateLinkedPolicyDefinition) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinition) SetPolicyTemplateId

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*TemplateLinkedPolicyDefinition) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*TemplateLinkedPolicyDefinition) SetResource

SetResource sets the Resource field's value.

func (TemplateLinkedPolicyDefinition) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinition) Validate

func (s *TemplateLinkedPolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TemplateLinkedPolicyDefinitionDetail

type TemplateLinkedPolicyDefinitionDetail struct {

	// The unique identifier of the policy template used to create this policy.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The principal associated with this template-linked policy. Verified Permissions
	// substitutes this principal for the ?principal placeholder in the policy template
	// when it evaluates an authorization request.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with this template-linked policy. Verified Permissions
	// substitutes this resource for the ?resource placeholder in the policy template
	// when it evaluates an authorization request.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy that was

created by instantiating a policy template.

This

func (TemplateLinkedPolicyDefinitionDetail) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinitionDetail) SetPolicyTemplateId

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*TemplateLinkedPolicyDefinitionDetail) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*TemplateLinkedPolicyDefinitionDetail) SetResource

SetResource sets the Resource field's value.

func (TemplateLinkedPolicyDefinitionDetail) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TemplateLinkedPolicyDefinitionItem

type TemplateLinkedPolicyDefinitionItem struct {

	// The unique identifier of the policy template used to create this policy.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The principal associated with this template-linked policy. Verified Permissions
	// substitutes this principal for the ?principal placeholder in the policy template
	// when it evaluates an authorization request.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with this template-linked policy. Verified Permissions
	// substitutes this resource for the ?resource placeholder in the policy template
	// when it evaluates an authorization request.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy created by instantiating a policy template.

This

func (TemplateLinkedPolicyDefinitionItem) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinitionItem) SetPolicyTemplateId

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*TemplateLinkedPolicyDefinitionItem) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*TemplateLinkedPolicyDefinitionItem) SetResource

SetResource sets the Resource field's value.

func (TemplateLinkedPolicyDefinitionItem) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ThrottlingException

type ThrottlingException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The quota code recognized by the Amazon Web Services Service Quotas service.
	QuotaCode *string `locationName:"quotaCode" type:"string"`

	// The code for the Amazon Web Service that owns the quota.
	ServiceCode *string `locationName:"serviceCode" type:"string"`
	// contains filtered or unexported fields
}

The request failed because it exceeded a throttling quota.

func (*ThrottlingException) Code

func (s *ThrottlingException) Code() string

Code returns the exception type name.

func (*ThrottlingException) Error

func (s *ThrottlingException) Error() string

func (ThrottlingException) GoString

func (s ThrottlingException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ThrottlingException) Message

func (s *ThrottlingException) Message() string

Message returns the exception's message.

func (*ThrottlingException) OrigErr

func (s *ThrottlingException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ThrottlingException) RequestID

func (s *ThrottlingException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ThrottlingException) StatusCode

func (s *ThrottlingException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ThrottlingException) String

func (s ThrottlingException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateCognitoUserPoolConfiguration

type UpdateCognitoUserPoolConfiguration struct {

	// The client ID of an app client that is configured for the specified Amazon
	// Cognito user pool.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool associated with this identity source.
	//
	// UserPoolArn is a required field
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains configuration details of a Amazon Cognito user pool for use with an identity source.

func (UpdateCognitoUserPoolConfiguration) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateCognitoUserPoolConfiguration) SetClientIds

SetClientIds sets the ClientIds field's value.

func (*UpdateCognitoUserPoolConfiguration) SetUserPoolArn

SetUserPoolArn sets the UserPoolArn field's value.

func (UpdateCognitoUserPoolConfiguration) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateCognitoUserPoolConfiguration) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateConfiguration

type UpdateConfiguration struct {

	// Contains configuration details of a Amazon Cognito user pool.
	CognitoUserPoolConfiguration *UpdateCognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"`
	// contains filtered or unexported fields
}

Contains an updated configuration to replace the configuration in an existing identity source.

At this time, the only valid member of this structure is a Amazon Cognito user pool configuration.

You must specify a userPoolArn, and optionally, a ClientId.

func (UpdateConfiguration) GoString

func (s UpdateConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateConfiguration) SetCognitoUserPoolConfiguration

func (s *UpdateConfiguration) SetCognitoUserPoolConfiguration(v *UpdateCognitoUserPoolConfiguration) *UpdateConfiguration

SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value.

func (UpdateConfiguration) String

func (s UpdateConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateConfiguration) Validate

func (s *UpdateConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateIdentitySourceInput

type UpdateIdentitySourceInput struct {

	// Specifies the ID of the identity source that you want to update.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the identity source that
	// you want to update.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the data type of principals generated for identities authenticated
	// by the identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateIdentitySourceInput's
	// String and GoString methods.
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"`

	// Specifies the details required to communicate with the identity provider
	// (IdP) associated with this identity source.
	//
	// At this time, the only valid member of this structure is a Amazon Cognito
	// user pool configuration.
	//
	// You must specify a userPoolArn, and optionally, a ClientId.
	//
	// UpdateConfiguration is a required field
	UpdateConfiguration *UpdateConfiguration `locationName:"updateConfiguration" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateIdentitySourceInput) GoString

func (s UpdateIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentitySourceInput) SetIdentitySourceId

func (s *UpdateIdentitySourceInput) SetIdentitySourceId(v string) *UpdateIdentitySourceInput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*UpdateIdentitySourceInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdateIdentitySourceInput) SetPrincipalEntityType

func (s *UpdateIdentitySourceInput) SetPrincipalEntityType(v string) *UpdateIdentitySourceInput

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (*UpdateIdentitySourceInput) SetUpdateConfiguration

SetUpdateConfiguration sets the UpdateConfiguration field's value.

func (UpdateIdentitySourceInput) String

func (s UpdateIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentitySourceInput) Validate

func (s *UpdateIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateIdentitySourceOutput

type UpdateIdentitySourceOutput struct {

	// The date and time that the updated identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the updated identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time that the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the updated identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateIdentitySourceOutput) GoString

func (s UpdateIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentitySourceOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*UpdateIdentitySourceOutput) SetIdentitySourceId

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*UpdateIdentitySourceOutput) SetLastUpdatedDate

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdateIdentitySourceOutput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (UpdateIdentitySourceOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdatePolicyDefinition

type UpdatePolicyDefinition struct {

	// Contains details about the updates to be applied to a static policy.
	Static *UpdateStaticPolicyDefinition `locationName:"static" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about updates to be applied to a policy.

This data type is used as a request parameter in the UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) operation.

func (UpdatePolicyDefinition) GoString

func (s UpdatePolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyDefinition) SetStatic

SetStatic sets the Static field's value.

func (UpdatePolicyDefinition) String

func (s UpdatePolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyDefinition) Validate

func (s *UpdatePolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyInput

type UpdatePolicyInput struct {

	// Specifies the updated policy content that you want to replace on the specified
	// policy. The content must be valid Cedar policy language text.
	//
	// You can change only the following elements from the policy definition:
	//
	//    * The action referenced by the policy.
	//
	//    * Any conditional clauses, such as when or unless clauses.
	//
	// You can't change the following elements:
	//
	//    * Changing from static to templateLinked.
	//
	//    * Changing the effect of the policy from permit or forbid.
	//
	//    * The principal referenced by the policy.
	//
	//    * The resource referenced by the policy.
	//
	// Definition is a required field
	Definition *UpdatePolicyDefinition `locationName:"definition" type:"structure" required:"true"`

	// Specifies the ID of the policy that you want to update. To find this value,
	// you can use ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html).
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the policy that you want
	// to update.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyInput) GoString

func (s UpdatePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyInput) SetDefinition

SetDefinition sets the Definition field's value.

func (*UpdatePolicyInput) SetPolicyId

func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput

SetPolicyId sets the PolicyId field's value.

func (*UpdatePolicyInput) SetPolicyStoreId

func (s *UpdatePolicyInput) SetPolicyStoreId(v string) *UpdatePolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (UpdatePolicyInput) String

func (s UpdatePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyInput) Validate

func (s *UpdatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyOutput

type UpdatePolicyOutput struct {

	// The date and time that the policy was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the policy was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy that was updated.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The ID of the policy store that contains the policy that was updated.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The type of the policy that was updated.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal specified in the policy's scope. This element isn't included
	// in the response when Principal isn't present in the policy content.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource specified in the policy's scope. This element isn't included
	// in the response when Resource isn't present in the policy content.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (UpdatePolicyOutput) GoString

func (s UpdatePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyOutput) SetCreatedDate

func (s *UpdatePolicyOutput) SetCreatedDate(v time.Time) *UpdatePolicyOutput

SetCreatedDate sets the CreatedDate field's value.

func (*UpdatePolicyOutput) SetLastUpdatedDate

func (s *UpdatePolicyOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdatePolicyOutput) SetPolicyId

func (s *UpdatePolicyOutput) SetPolicyId(v string) *UpdatePolicyOutput

SetPolicyId sets the PolicyId field's value.

func (*UpdatePolicyOutput) SetPolicyStoreId

func (s *UpdatePolicyOutput) SetPolicyStoreId(v string) *UpdatePolicyOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyOutput) SetPolicyType

func (s *UpdatePolicyOutput) SetPolicyType(v string) *UpdatePolicyOutput

SetPolicyType sets the PolicyType field's value.

func (*UpdatePolicyOutput) SetPrincipal

SetPrincipal sets the Principal field's value.

func (*UpdatePolicyOutput) SetResource

SetResource sets the Resource field's value.

func (UpdatePolicyOutput) String

func (s UpdatePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdatePolicyStoreInput

type UpdatePolicyStoreInput struct {

	// Specifies the ID of the policy store that you want to update
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// A structure that defines the validation settings that want to enable for
	// the policy store.
	//
	// ValidationSettings is a required field
	ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyStoreInput) GoString

func (s UpdatePolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyStoreInput) SetPolicyStoreId

func (s *UpdatePolicyStoreInput) SetPolicyStoreId(v string) *UpdatePolicyStoreInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyStoreInput) SetValidationSettings

SetValidationSettings sets the ValidationSettings field's value.

func (UpdatePolicyStoreInput) String

func (s UpdatePolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyStoreInput) Validate

func (s *UpdatePolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyStoreOutput

type UpdatePolicyStoreOutput struct {

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the updated policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time that the policy store was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the policy store was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the updated policy store.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyStoreOutput) GoString

func (s UpdatePolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyStoreOutput) SetArn

SetArn sets the Arn field's value.

func (*UpdatePolicyStoreOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*UpdatePolicyStoreOutput) SetLastUpdatedDate

func (s *UpdatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyStoreOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdatePolicyStoreOutput) SetPolicyStoreId

func (s *UpdatePolicyStoreOutput) SetPolicyStoreId(v string) *UpdatePolicyStoreOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (UpdatePolicyStoreOutput) String

func (s UpdatePolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdatePolicyTemplateInput

type UpdatePolicyTemplateInput struct {

	// Specifies a new description to apply to the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdatePolicyTemplateInput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// Specifies the ID of the policy store that contains the policy template that
	// you want to update.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy template that you want to update.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// Specifies new statement content written in Cedar policy language to replace
	// the current body of the policy template.
	//
	// You can change only the following elements of the policy body:
	//
	//    * The action referenced by the policy template.
	//
	//    * Any conditional clauses, such as when or unless clauses.
	//
	// You can't change the following elements:
	//
	//    * The effect (permit or forbid) of the policy template.
	//
	//    * The principal referenced by the policy template.
	//
	//    * The resource referenced by the policy template.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdatePolicyTemplateInput's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyTemplateInput) GoString

func (s UpdatePolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyTemplateInput) SetDescription

SetDescription sets the Description field's value.

func (*UpdatePolicyTemplateInput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyTemplateInput) SetPolicyTemplateId

func (s *UpdatePolicyTemplateInput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateInput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*UpdatePolicyTemplateInput) SetStatement

SetStatement sets the Statement field's value.

func (UpdatePolicyTemplateInput) String

func (s UpdatePolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyTemplateInput) Validate

func (s *UpdatePolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyTemplateOutput

type UpdatePolicyTemplateOutput struct {

	// The date and time that the policy template was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the updated policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The ID of the updated policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyTemplateOutput) GoString

func (s UpdatePolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyTemplateOutput) SetCreatedDate

SetCreatedDate sets the CreatedDate field's value.

func (*UpdatePolicyTemplateOutput) SetLastUpdatedDate

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdatePolicyTemplateOutput) SetPolicyStoreId

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyTemplateOutput) SetPolicyTemplateId

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (UpdatePolicyTemplateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateStaticPolicyDefinition

type UpdateStaticPolicyDefinition struct {

	// Specifies the description to be added to or replaced on the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateStaticPolicyDefinition's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// Specifies the Cedar policy language text to be added to or replaced on the
	// static policy.
	//
	// You can change only the following elements from the original content:
	//
	//    * The action referenced by the policy.
	//
	//    * Any conditional clauses, such as when or unless clauses.
	//
	// You can't change the following elements:
	//
	//    * Changing from StaticPolicy to TemplateLinkedPolicy.
	//
	//    * The effect (permit or forbid) of the policy.
	//
	//    * The principal referenced by the policy.
	//
	//    * The resource referenced by the policy.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateStaticPolicyDefinition's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains information about an update to a static policy.

func (UpdateStaticPolicyDefinition) GoString

func (s UpdateStaticPolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateStaticPolicyDefinition) SetDescription

SetDescription sets the Description field's value.

func (*UpdateStaticPolicyDefinition) SetStatement

SetStatement sets the Statement field's value.

func (UpdateStaticPolicyDefinition) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateStaticPolicyDefinition) Validate

func (s *UpdateStaticPolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ValidationException

type ValidationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The list of fields that aren't valid.
	FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

func (*ValidationException) Code

func (s *ValidationException) Code() string

Code returns the exception type name.

func (*ValidationException) Error

func (s *ValidationException) Error() string

func (ValidationException) GoString

func (s ValidationException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationException) Message

func (s *ValidationException) Message() string

Message returns the exception's message.

func (*ValidationException) OrigErr

func (s *ValidationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ValidationException) RequestID

func (s *ValidationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ValidationException) StatusCode

func (s *ValidationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ValidationException) String

func (s ValidationException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ValidationExceptionField

type ValidationExceptionField struct {

	// Describes the policy validation error.
	//
	// Message is a required field
	Message *string `locationName:"message" type:"string" required:"true"`

	// The path to the specific element that Verified Permissions found to be not
	// valid.
	//
	// Path is a required field
	Path *string `locationName:"path" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Details about a field that failed policy validation.

func (ValidationExceptionField) GoString

func (s ValidationExceptionField) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationExceptionField) SetMessage

SetMessage sets the Message field's value.

func (*ValidationExceptionField) SetPath

SetPath sets the Path field's value.

func (ValidationExceptionField) String

func (s ValidationExceptionField) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ValidationSettings

type ValidationSettings struct {

	// The validation mode currently configured for this policy store. The valid
	// values are:
	//
	//    * OFF – Neither Verified Permissions nor Cedar perform any validation
	//    on policies. No validation errors are reported by either service.
	//
	//    * STRICT – Requires a schema to be present in the policy store. Cedar
	//    performs validation on all submitted new or updated static policies and
	//    policy templates. Any that fail validation are rejected and Cedar doesn't
	//    store them in the policy store.
	//
	// If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions
	// rejects all static policies and policy templates because there is no schema
	// to validate against.
	//
	// To submit a static policy or policy template without a schema, you must turn
	// off validation.
	//
	// Mode is a required field
	Mode *string `locationName:"mode" type:"string" required:"true" enum:"ValidationMode"`
	// contains filtered or unexported fields
}

A structure that contains Cedar policy validation settings for the policy store. The validation mode determines which validation failures that Cedar considers serious enough to block acceptance of a new or edited static policy or policy template.

This data type is used as a request parameter in the CreatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html) and UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html) operations.

func (ValidationSettings) GoString

func (s ValidationSettings) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationSettings) SetMode

SetMode sets the Mode field's value.

func (ValidationSettings) String

func (s ValidationSettings) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationSettings) Validate

func (s *ValidationSettings) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type VerifiedPermissions

type VerifiedPermissions struct {
	*client.Client
}

VerifiedPermissions provides the API operation methods for making requests to Amazon Verified Permissions. See this package's package overview docs for details on the service.

VerifiedPermissions methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

New creates a new instance of the VerifiedPermissions client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

mySession := session.Must(session.NewSession())

// Create a VerifiedPermissions client from just a session.
svc := verifiedpermissions.New(mySession)

// Create a VerifiedPermissions client with additional configuration
svc := verifiedpermissions.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*VerifiedPermissions) BatchIsAuthorized

BatchIsAuthorized API operation for Amazon Verified Permissions.

Makes a series of decisions about multiple authorization requests for one principal or resource. Each request contains the equivalent content of an IsAuthorized request: principal, action, resource, and context. Either the principal or the resource parameter must be identical across all requests. For example, Verified Permissions won't evaluate a pair of requests where bob views photo1 and alice views photo2. Authorization of bob to view photo1 and photo2, or bob and alice to view photo1, are valid batches.

The request is evaluated against all policies in the specified policy store that match the entities that you declare. The result of the decisions is a series of Allow or Deny responses, along with the IDs of the policies that produced each decision.

The entities of a BatchIsAuthorized API request can contain up to 100 principals and up to 100 resources. The requests of a BatchIsAuthorized API request can contain up to 30 requests.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation BatchIsAuthorized for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorized

func (*VerifiedPermissions) BatchIsAuthorizedRequest

func (c *VerifiedPermissions) BatchIsAuthorizedRequest(input *BatchIsAuthorizedInput) (req *request.Request, output *BatchIsAuthorizedOutput)

BatchIsAuthorizedRequest generates a "aws/request.Request" representing the client's request for the BatchIsAuthorized operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See BatchIsAuthorized for more information on using the BatchIsAuthorized API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the BatchIsAuthorizedRequest method.
req, resp := client.BatchIsAuthorizedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorized

func (*VerifiedPermissions) BatchIsAuthorizedWithContext

func (c *VerifiedPermissions) BatchIsAuthorizedWithContext(ctx aws.Context, input *BatchIsAuthorizedInput, opts ...request.Option) (*BatchIsAuthorizedOutput, error)

BatchIsAuthorizedWithContext is the same as BatchIsAuthorized with the addition of the ability to pass a context and additional request options.

See BatchIsAuthorized for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreateIdentitySource

CreateIdentitySource API operation for Amazon Verified Permissions.

Creates a reference to an Amazon Cognito user pool as an external identity provider (IdP).

After you create an identity source, you can use the identities provided by the IdP as proxies for the principal in authorization queries that use the IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operation. These identities take the form of tokens that contain claims about the user, such as IDs, attributes and group memberships. Amazon Cognito provides both identity tokens and access tokens, and Verified Permissions can use either or both. Any combination of identity and access tokens results in the same Cedar principal. Verified Permissions automatically translates the information about the identities into the standard Cedar attributes that can be evaluated by your policies. Because the Amazon Cognito identity and access tokens can contain different information, the tokens you choose to use determine which principal attributes are available to access when evaluating Cedar policies.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

To reference a user from this identity source in your Cedar policies, use the following syntax.

IdentityType::"<CognitoUserPoolIdentifier>|<CognitoClientId>

Where IdentityType is the string that you provide to the PrincipalEntityType parameter for this operation. The CognitoUserPoolId and CognitoClientId are defined by the Amazon Cognito user pool.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreateIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource

func (*VerifiedPermissions) CreateIdentitySourceRequest

func (c *VerifiedPermissions) CreateIdentitySourceRequest(input *CreateIdentitySourceInput) (req *request.Request, output *CreateIdentitySourceOutput)

CreateIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the CreateIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateIdentitySource for more information on using the CreateIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateIdentitySourceRequest method.
req, resp := client.CreateIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource

func (*VerifiedPermissions) CreateIdentitySourceWithContext

func (c *VerifiedPermissions) CreateIdentitySourceWithContext(ctx aws.Context, input *CreateIdentitySourceInput, opts ...request.Option) (*CreateIdentitySourceOutput, error)

CreateIdentitySourceWithContext is the same as CreateIdentitySource with the addition of the ability to pass a context and additional request options.

See CreateIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreatePolicy

func (c *VerifiedPermissions) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error)

CreatePolicy API operation for Amazon Verified Permissions.

Creates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template.

  • To create a static policy, provide the Cedar policy text in the StaticPolicy section of the PolicyDefinition.

  • To create a policy that is dynamically linked to a policy template, specify the policy template ID and the principal and resource to associate with this policy in the templateLinked section of the PolicyDefinition. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template.

Creating a policy causes it to be validated against the schema in the policy store. If the policy doesn't pass validation, the operation fails and the policy isn't stored.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreatePolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy

func (*VerifiedPermissions) CreatePolicyRequest

func (c *VerifiedPermissions) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput)

CreatePolicyRequest generates a "aws/request.Request" representing the client's request for the CreatePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicy for more information on using the CreatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyRequest method.
req, resp := client.CreatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy

func (*VerifiedPermissions) CreatePolicyStore

CreatePolicyStore API operation for Amazon Verified Permissions.

Creates a policy store. A policy store is a container for policy resources.

Although Cedar supports multiple namespaces (https://docs.cedarpolicy.com/schema/schema.html#namespace), Verified Permissions currently supports only one namespace per policy store.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreatePolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore

func (*VerifiedPermissions) CreatePolicyStoreRequest

func (c *VerifiedPermissions) CreatePolicyStoreRequest(input *CreatePolicyStoreInput) (req *request.Request, output *CreatePolicyStoreOutput)

CreatePolicyStoreRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyStore for more information on using the CreatePolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyStoreRequest method.
req, resp := client.CreatePolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore

func (*VerifiedPermissions) CreatePolicyStoreWithContext

func (c *VerifiedPermissions) CreatePolicyStoreWithContext(ctx aws.Context, input *CreatePolicyStoreInput, opts ...request.Option) (*CreatePolicyStoreOutput, error)

CreatePolicyStoreWithContext is the same as CreatePolicyStore with the addition of the ability to pass a context and additional request options.

See CreatePolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreatePolicyTemplate

CreatePolicyTemplate API operation for Amazon Verified Permissions.

Creates a policy template. A template can use placeholders for the principal and resource. A template must be instantiated into a policy by associating it with specific principals and resources to use for the placeholders. That instantiated policy can then be considered in authorization decisions. The instantiated policy works identically to any other policy, except that it is dynamically linked to the template. If the template changes, then any policies that are linked to that template are immediately updated as well.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreatePolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate

func (*VerifiedPermissions) CreatePolicyTemplateRequest

func (c *VerifiedPermissions) CreatePolicyTemplateRequest(input *CreatePolicyTemplateInput) (req *request.Request, output *CreatePolicyTemplateOutput)

CreatePolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyTemplate for more information on using the CreatePolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyTemplateRequest method.
req, resp := client.CreatePolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate

func (*VerifiedPermissions) CreatePolicyTemplateWithContext

func (c *VerifiedPermissions) CreatePolicyTemplateWithContext(ctx aws.Context, input *CreatePolicyTemplateInput, opts ...request.Option) (*CreatePolicyTemplateOutput, error)

CreatePolicyTemplateWithContext is the same as CreatePolicyTemplate with the addition of the ability to pass a context and additional request options.

See CreatePolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreatePolicyWithContext

func (c *VerifiedPermissions) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error)

CreatePolicyWithContext is the same as CreatePolicy with the addition of the ability to pass a context and additional request options.

See CreatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeleteIdentitySource

DeleteIdentitySource API operation for Amazon Verified Permissions.

Deletes an identity source that references an identity provider (IdP) such as Amazon Cognito. After you delete the identity source, you can no longer use tokens for identities from that identity source to represent principals in authorization queries made using IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html). operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeleteIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource

func (*VerifiedPermissions) DeleteIdentitySourceRequest

func (c *VerifiedPermissions) DeleteIdentitySourceRequest(input *DeleteIdentitySourceInput) (req *request.Request, output *DeleteIdentitySourceOutput)

DeleteIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the DeleteIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteIdentitySource for more information on using the DeleteIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteIdentitySourceRequest method.
req, resp := client.DeleteIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource

func (*VerifiedPermissions) DeleteIdentitySourceWithContext

func (c *VerifiedPermissions) DeleteIdentitySourceWithContext(ctx aws.Context, input *DeleteIdentitySourceInput, opts ...request.Option) (*DeleteIdentitySourceOutput, error)

DeleteIdentitySourceWithContext is the same as DeleteIdentitySource with the addition of the ability to pass a context and additional request options.

See DeleteIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeletePolicy

func (c *VerifiedPermissions) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error)

DeletePolicy API operation for Amazon Verified Permissions.

Deletes the specified policy from the policy store.

This operation is idempotent; if you specify a policy that doesn't exist, the request response returns a successful HTTP 200 status code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeletePolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy

func (*VerifiedPermissions) DeletePolicyRequest

func (c *VerifiedPermissions) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput)

DeletePolicyRequest generates a "aws/request.Request" representing the client's request for the DeletePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicy for more information on using the DeletePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyRequest method.
req, resp := client.DeletePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy

func (*VerifiedPermissions) DeletePolicyStore

DeletePolicyStore API operation for Amazon Verified Permissions.

Deletes the specified policy store.

This operation is idempotent. If you specify a policy store that does not exist, the request response will still return a successful HTTP 200 status code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeletePolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore

func (*VerifiedPermissions) DeletePolicyStoreRequest

func (c *VerifiedPermissions) DeletePolicyStoreRequest(input *DeletePolicyStoreInput) (req *request.Request, output *DeletePolicyStoreOutput)

DeletePolicyStoreRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyStore for more information on using the DeletePolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyStoreRequest method.
req, resp := client.DeletePolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore

func (*VerifiedPermissions) DeletePolicyStoreWithContext

func (c *VerifiedPermissions) DeletePolicyStoreWithContext(ctx aws.Context, input *DeletePolicyStoreInput, opts ...request.Option) (*DeletePolicyStoreOutput, error)

DeletePolicyStoreWithContext is the same as DeletePolicyStore with the addition of the ability to pass a context and additional request options.

See DeletePolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeletePolicyTemplate

DeletePolicyTemplate API operation for Amazon Verified Permissions.

Deletes the specified policy template from the policy store.

This operation also deletes any policies that were created from the specified policy template. Those policies are immediately removed from all future API responses, and are asynchronously deleted from the policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeletePolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate

func (*VerifiedPermissions) DeletePolicyTemplateRequest

func (c *VerifiedPermissions) DeletePolicyTemplateRequest(input *DeletePolicyTemplateInput) (req *request.Request, output *DeletePolicyTemplateOutput)

DeletePolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyTemplate for more information on using the DeletePolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyTemplateRequest method.
req, resp := client.DeletePolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate

func (*VerifiedPermissions) DeletePolicyTemplateWithContext

func (c *VerifiedPermissions) DeletePolicyTemplateWithContext(ctx aws.Context, input *DeletePolicyTemplateInput, opts ...request.Option) (*DeletePolicyTemplateOutput, error)

DeletePolicyTemplateWithContext is the same as DeletePolicyTemplate with the addition of the ability to pass a context and additional request options.

See DeletePolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeletePolicyWithContext

func (c *VerifiedPermissions) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error)

DeletePolicyWithContext is the same as DeletePolicy with the addition of the ability to pass a context and additional request options.

See DeletePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetIdentitySource

GetIdentitySource API operation for Amazon Verified Permissions.

Retrieves the details about the specified identity source.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource

func (*VerifiedPermissions) GetIdentitySourceRequest

func (c *VerifiedPermissions) GetIdentitySourceRequest(input *GetIdentitySourceInput) (req *request.Request, output *GetIdentitySourceOutput)

GetIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the GetIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetIdentitySource for more information on using the GetIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetIdentitySourceRequest method.
req, resp := client.GetIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource

func (*VerifiedPermissions) GetIdentitySourceWithContext

func (c *VerifiedPermissions) GetIdentitySourceWithContext(ctx aws.Context, input *GetIdentitySourceInput, opts ...request.Option) (*GetIdentitySourceOutput, error)

GetIdentitySourceWithContext is the same as GetIdentitySource with the addition of the ability to pass a context and additional request options.

See GetIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetPolicy

func (c *VerifiedPermissions) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error)

GetPolicy API operation for Amazon Verified Permissions.

Retrieves information about the specified policy.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetPolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy

func (*VerifiedPermissions) GetPolicyRequest

func (c *VerifiedPermissions) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput)

GetPolicyRequest generates a "aws/request.Request" representing the client's request for the GetPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicy for more information on using the GetPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyRequest method.
req, resp := client.GetPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy

func (*VerifiedPermissions) GetPolicyStore

func (c *VerifiedPermissions) GetPolicyStore(input *GetPolicyStoreInput) (*GetPolicyStoreOutput, error)

GetPolicyStore API operation for Amazon Verified Permissions.

Retrieves details about a policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetPolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore

func (*VerifiedPermissions) GetPolicyStoreRequest

func (c *VerifiedPermissions) GetPolicyStoreRequest(input *GetPolicyStoreInput) (req *request.Request, output *GetPolicyStoreOutput)

GetPolicyStoreRequest generates a "aws/request.Request" representing the client's request for the GetPolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyStore for more information on using the GetPolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyStoreRequest method.
req, resp := client.GetPolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore

func (*VerifiedPermissions) GetPolicyStoreWithContext

func (c *VerifiedPermissions) GetPolicyStoreWithContext(ctx aws.Context, input *GetPolicyStoreInput, opts ...request.Option) (*GetPolicyStoreOutput, error)

GetPolicyStoreWithContext is the same as GetPolicyStore with the addition of the ability to pass a context and additional request options.

See GetPolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetPolicyTemplate

GetPolicyTemplate API operation for Amazon Verified Permissions.

Retrieve the details for the specified policy template in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetPolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate

func (*VerifiedPermissions) GetPolicyTemplateRequest

func (c *VerifiedPermissions) GetPolicyTemplateRequest(input *GetPolicyTemplateInput) (req *request.Request, output *GetPolicyTemplateOutput)

GetPolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the GetPolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyTemplate for more information on using the GetPolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyTemplateRequest method.
req, resp := client.GetPolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate

func (*VerifiedPermissions) GetPolicyTemplateWithContext

func (c *VerifiedPermissions) GetPolicyTemplateWithContext(ctx aws.Context, input *GetPolicyTemplateInput, opts ...request.Option) (*GetPolicyTemplateOutput, error)

GetPolicyTemplateWithContext is the same as GetPolicyTemplate with the addition of the ability to pass a context and additional request options.

See GetPolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetPolicyWithContext

func (c *VerifiedPermissions) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error)

GetPolicyWithContext is the same as GetPolicy with the addition of the ability to pass a context and additional request options.

See GetPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetSchema

func (c *VerifiedPermissions) GetSchema(input *GetSchemaInput) (*GetSchemaOutput, error)

GetSchema API operation for Amazon Verified Permissions.

Retrieve the details for the specified schema in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetSchema for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema

func (*VerifiedPermissions) GetSchemaRequest

func (c *VerifiedPermissions) GetSchemaRequest(input *GetSchemaInput) (req *request.Request, output *GetSchemaOutput)

GetSchemaRequest generates a "aws/request.Request" representing the client's request for the GetSchema operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSchema for more information on using the GetSchema API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSchemaRequest method.
req, resp := client.GetSchemaRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema

func (*VerifiedPermissions) GetSchemaWithContext

func (c *VerifiedPermissions) GetSchemaWithContext(ctx aws.Context, input *GetSchemaInput, opts ...request.Option) (*GetSchemaOutput, error)

GetSchemaWithContext is the same as GetSchema with the addition of the ability to pass a context and additional request options.

See GetSchema for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) IsAuthorized

func (c *VerifiedPermissions) IsAuthorized(input *IsAuthorizedInput) (*IsAuthorizedOutput, error)

IsAuthorized API operation for Amazon Verified Permissions.

Makes an authorization decision about a service request described in the parameters. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation IsAuthorized for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized

func (*VerifiedPermissions) IsAuthorizedRequest

func (c *VerifiedPermissions) IsAuthorizedRequest(input *IsAuthorizedInput) (req *request.Request, output *IsAuthorizedOutput)

IsAuthorizedRequest generates a "aws/request.Request" representing the client's request for the IsAuthorized operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See IsAuthorized for more information on using the IsAuthorized API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the IsAuthorizedRequest method.
req, resp := client.IsAuthorizedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized

func (*VerifiedPermissions) IsAuthorizedWithContext

func (c *VerifiedPermissions) IsAuthorizedWithContext(ctx aws.Context, input *IsAuthorizedInput, opts ...request.Option) (*IsAuthorizedOutput, error)

IsAuthorizedWithContext is the same as IsAuthorized with the addition of the ability to pass a context and additional request options.

See IsAuthorized for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) IsAuthorizedWithToken

IsAuthorizedWithToken API operation for Amazon Verified Permissions.

Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source in the form of an identity token formatted as a JSON web token (JWT) (https://wikipedia.org/wiki/JSON_Web_Token). The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

If you specify the identityToken parameter, then this operation derives the principal from that token. You must not also include that principal in the entities parameter or the operation fails and reports a conflict between the two entity sources.

If you provide only an accessToken, then you can include the entity as part of the entities parameter to provide additional attributes.

At this time, Verified Permissions accepts tokens from only Amazon Cognito.

Verified Permissions validates each token that is specified in a request by checking its expiration date and its signature.

If you delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted user continue to be usable until they expire.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation IsAuthorizedWithToken for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken

func (*VerifiedPermissions) IsAuthorizedWithTokenRequest

func (c *VerifiedPermissions) IsAuthorizedWithTokenRequest(input *IsAuthorizedWithTokenInput) (req *request.Request, output *IsAuthorizedWithTokenOutput)

IsAuthorizedWithTokenRequest generates a "aws/request.Request" representing the client's request for the IsAuthorizedWithToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See IsAuthorizedWithToken for more information on using the IsAuthorizedWithToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the IsAuthorizedWithTokenRequest method.
req, resp := client.IsAuthorizedWithTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken

func (*VerifiedPermissions) IsAuthorizedWithTokenWithContext

func (c *VerifiedPermissions) IsAuthorizedWithTokenWithContext(ctx aws.Context, input *IsAuthorizedWithTokenInput, opts ...request.Option) (*IsAuthorizedWithTokenOutput, error)

IsAuthorizedWithTokenWithContext is the same as IsAuthorizedWithToken with the addition of the ability to pass a context and additional request options.

See IsAuthorizedWithToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListIdentitySources

ListIdentitySources API operation for Amazon Verified Permissions.

Returns a paginated list of all of the identity sources defined in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListIdentitySources for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources

func (*VerifiedPermissions) ListIdentitySourcesPages

func (c *VerifiedPermissions) ListIdentitySourcesPages(input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool) error

ListIdentitySourcesPages iterates over the pages of a ListIdentitySources operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListIdentitySources method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListIdentitySources operation.
pageNum := 0
err := client.ListIdentitySourcesPages(params,
    func(page *verifiedpermissions.ListIdentitySourcesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListIdentitySourcesPagesWithContext

func (c *VerifiedPermissions) ListIdentitySourcesPagesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool, opts ...request.Option) error

ListIdentitySourcesPagesWithContext same as ListIdentitySourcesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListIdentitySourcesRequest

func (c *VerifiedPermissions) ListIdentitySourcesRequest(input *ListIdentitySourcesInput) (req *request.Request, output *ListIdentitySourcesOutput)

ListIdentitySourcesRequest generates a "aws/request.Request" representing the client's request for the ListIdentitySources operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListIdentitySources for more information on using the ListIdentitySources API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListIdentitySourcesRequest method.
req, resp := client.ListIdentitySourcesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources

func (*VerifiedPermissions) ListIdentitySourcesWithContext

func (c *VerifiedPermissions) ListIdentitySourcesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, opts ...request.Option) (*ListIdentitySourcesOutput, error)

ListIdentitySourcesWithContext is the same as ListIdentitySources with the addition of the ability to pass a context and additional request options.

See ListIdentitySources for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicies

func (c *VerifiedPermissions) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error)

ListPolicies API operation for Amazon Verified Permissions.

Returns a paginated list of all policies stored in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListPolicies for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies

func (*VerifiedPermissions) ListPoliciesPages

func (c *VerifiedPermissions) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error

ListPoliciesPages iterates over the pages of a ListPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicies operation.
pageNum := 0
err := client.ListPoliciesPages(params,
    func(page *verifiedpermissions.ListPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListPoliciesPagesWithContext

func (c *VerifiedPermissions) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error

ListPoliciesPagesWithContext same as ListPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPoliciesRequest

func (c *VerifiedPermissions) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput)

ListPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicies for more information on using the ListPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPoliciesRequest method.
req, resp := client.ListPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies

func (*VerifiedPermissions) ListPoliciesWithContext

func (c *VerifiedPermissions) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error)

ListPoliciesWithContext is the same as ListPolicies with the addition of the ability to pass a context and additional request options.

See ListPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyStores

ListPolicyStores API operation for Amazon Verified Permissions.

Returns a paginated list of all policy stores in the calling Amazon Web Services account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListPolicyStores for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores

func (*VerifiedPermissions) ListPolicyStoresPages

func (c *VerifiedPermissions) ListPolicyStoresPages(input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool) error

ListPolicyStoresPages iterates over the pages of a ListPolicyStores operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyStores method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicyStores operation.
pageNum := 0
err := client.ListPolicyStoresPages(params,
    func(page *verifiedpermissions.ListPolicyStoresOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListPolicyStoresPagesWithContext

func (c *VerifiedPermissions) ListPolicyStoresPagesWithContext(ctx aws.Context, input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool, opts ...request.Option) error

ListPolicyStoresPagesWithContext same as ListPolicyStoresPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyStoresRequest

func (c *VerifiedPermissions) ListPolicyStoresRequest(input *ListPolicyStoresInput) (req *request.Request, output *ListPolicyStoresOutput)

ListPolicyStoresRequest generates a "aws/request.Request" representing the client's request for the ListPolicyStores operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyStores for more information on using the ListPolicyStores API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPolicyStoresRequest method.
req, resp := client.ListPolicyStoresRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores

func (*VerifiedPermissions) ListPolicyStoresWithContext

func (c *VerifiedPermissions) ListPolicyStoresWithContext(ctx aws.Context, input *ListPolicyStoresInput, opts ...request.Option) (*ListPolicyStoresOutput, error)

ListPolicyStoresWithContext is the same as ListPolicyStores with the addition of the ability to pass a context and additional request options.

See ListPolicyStores for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyTemplates

ListPolicyTemplates API operation for Amazon Verified Permissions.

Returns a paginated list of all policy templates in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListPolicyTemplates for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates

func (*VerifiedPermissions) ListPolicyTemplatesPages

func (c *VerifiedPermissions) ListPolicyTemplatesPages(input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool) error

ListPolicyTemplatesPages iterates over the pages of a ListPolicyTemplates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyTemplates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicyTemplates operation.
pageNum := 0
err := client.ListPolicyTemplatesPages(params,
    func(page *verifiedpermissions.ListPolicyTemplatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListPolicyTemplatesPagesWithContext

func (c *VerifiedPermissions) ListPolicyTemplatesPagesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool, opts ...request.Option) error

ListPolicyTemplatesPagesWithContext same as ListPolicyTemplatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyTemplatesRequest

func (c *VerifiedPermissions) ListPolicyTemplatesRequest(input *ListPolicyTemplatesInput) (req *request.Request, output *ListPolicyTemplatesOutput)

ListPolicyTemplatesRequest generates a "aws/request.Request" representing the client's request for the ListPolicyTemplates operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyTemplates for more information on using the ListPolicyTemplates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPolicyTemplatesRequest method.
req, resp := client.ListPolicyTemplatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates

func (*VerifiedPermissions) ListPolicyTemplatesWithContext

func (c *VerifiedPermissions) ListPolicyTemplatesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, opts ...request.Option) (*ListPolicyTemplatesOutput, error)

ListPolicyTemplatesWithContext is the same as ListPolicyTemplates with the addition of the ability to pass a context and additional request options.

See ListPolicyTemplates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) PutSchema

func (c *VerifiedPermissions) PutSchema(input *PutSchemaInput) (*PutSchemaOutput, error)

PutSchema API operation for Amazon Verified Permissions.

Creates or updates the policy schema in the specified policy store. The schema is used to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation PutSchema for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema

func (*VerifiedPermissions) PutSchemaRequest

func (c *VerifiedPermissions) PutSchemaRequest(input *PutSchemaInput) (req *request.Request, output *PutSchemaOutput)

PutSchemaRequest generates a "aws/request.Request" representing the client's request for the PutSchema operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutSchema for more information on using the PutSchema API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutSchemaRequest method.
req, resp := client.PutSchemaRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema

func (*VerifiedPermissions) PutSchemaWithContext

func (c *VerifiedPermissions) PutSchemaWithContext(ctx aws.Context, input *PutSchemaInput, opts ...request.Option) (*PutSchemaOutput, error)

PutSchemaWithContext is the same as PutSchema with the addition of the ability to pass a context and additional request options.

See PutSchema for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdateIdentitySource

UpdateIdentitySource API operation for Amazon Verified Permissions.

Updates the specified identity source to use a new identity provider (IdP) source, or to change the mapping of identities from the IdP to a different principal entity type.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdateIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource

func (*VerifiedPermissions) UpdateIdentitySourceRequest

func (c *VerifiedPermissions) UpdateIdentitySourceRequest(input *UpdateIdentitySourceInput) (req *request.Request, output *UpdateIdentitySourceOutput)

UpdateIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the UpdateIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateIdentitySource for more information on using the UpdateIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateIdentitySourceRequest method.
req, resp := client.UpdateIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource

func (*VerifiedPermissions) UpdateIdentitySourceWithContext

func (c *VerifiedPermissions) UpdateIdentitySourceWithContext(ctx aws.Context, input *UpdateIdentitySourceInput, opts ...request.Option) (*UpdateIdentitySourceOutput, error)

UpdateIdentitySourceWithContext is the same as UpdateIdentitySource with the addition of the ability to pass a context and additional request options.

See UpdateIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdatePolicy

func (c *VerifiedPermissions) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error)

UpdatePolicy API operation for Amazon Verified Permissions.

Modifies a Cedar static policy in the specified policy store. You can change only certain elements of the UpdatePolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyInput.html#amazonverifiedpermissions-UpdatePolicy-request-UpdatePolicyDefinition) parameter. You can directly update only static policies. To change a template-linked policy, you must update the template instead, using UpdatePolicyTemplate (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html).

  • If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation, the operation fails and the update isn't stored.

  • When you edit a static policy, You can change only certain elements of a static policy: The action referenced by the policy. A condition clause, such as when and unless. You can't change these elements of a static policy: Changing a policy from a static policy to a template-linked policy. Changing the effect of a static policy from permit or forbid. The principal referenced by a static policy. The resource referenced by a static policy.

  • To update a template-linked policy, you must update the template instead.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdatePolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy

func (*VerifiedPermissions) UpdatePolicyRequest

func (c *VerifiedPermissions) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput)

UpdatePolicyRequest generates a "aws/request.Request" representing the client's request for the UpdatePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdatePolicy for more information on using the UpdatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdatePolicyRequest method.
req, resp := client.UpdatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy

func (*VerifiedPermissions) UpdatePolicyStore

UpdatePolicyStore API operation for Amazon Verified Permissions.

Modifies the validation setting for a policy store.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdatePolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore

func (*VerifiedPermissions) UpdatePolicyStoreRequest

func (c *VerifiedPermissions) UpdatePolicyStoreRequest(input *UpdatePolicyStoreInput) (req *request.Request, output *UpdatePolicyStoreOutput)

UpdatePolicyStoreRequest generates a "aws/request.Request" representing the client's request for the UpdatePolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdatePolicyStore for more information on using the UpdatePolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdatePolicyStoreRequest method.
req, resp := client.UpdatePolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore

func (*VerifiedPermissions) UpdatePolicyStoreWithContext

func (c *VerifiedPermissions) UpdatePolicyStoreWithContext(ctx aws.Context, input *UpdatePolicyStoreInput, opts ...request.Option) (*UpdatePolicyStoreOutput, error)

UpdatePolicyStoreWithContext is the same as UpdatePolicyStore with the addition of the ability to pass a context and additional request options.

See UpdatePolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdatePolicyTemplate

UpdatePolicyTemplate API operation for Amazon Verified Permissions.

Updates the specified policy template. You can update only the description and the some elements of the policyBody (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html#amazonverifiedpermissions-UpdatePolicyTemplate-request-policyBody).

Changes you make to the policy template content are immediately (within the constraints of eventual consistency) reflected in authorization decisions that involve all template-linked policies instantiated from this template.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to be propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdatePolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate

func (*VerifiedPermissions) UpdatePolicyTemplateRequest

func (c *VerifiedPermissions) UpdatePolicyTemplateRequest(input *UpdatePolicyTemplateInput) (req *request.Request, output *UpdatePolicyTemplateOutput)

UpdatePolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the UpdatePolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdatePolicyTemplate for more information on using the UpdatePolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdatePolicyTemplateRequest method.
req, resp := client.UpdatePolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate

func (*VerifiedPermissions) UpdatePolicyTemplateWithContext

func (c *VerifiedPermissions) UpdatePolicyTemplateWithContext(ctx aws.Context, input *UpdatePolicyTemplateInput, opts ...request.Option) (*UpdatePolicyTemplateOutput, error)

UpdatePolicyTemplateWithContext is the same as UpdatePolicyTemplate with the addition of the ability to pass a context and additional request options.

See UpdatePolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdatePolicyWithContext

func (c *VerifiedPermissions) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error)

UpdatePolicyWithContext is the same as UpdatePolicy with the addition of the ability to pass a context and additional request options.

See UpdatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

Directories

Path Synopsis
Package verifiedpermissionsiface provides an interface to enable mocking the Amazon Verified Permissions service client for testing your code.
Package verifiedpermissionsiface provides an interface to enable mocking the Amazon Verified Permissions service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL