verifiedpermissions

package
v1.54.16 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 8, 2024 License: Apache-2.0 Imports: 10 Imported by: 5

Documentation

Overview

Package verifiedpermissions provides the client and types for making API requests to Amazon Verified Permissions.

Amazon Verified Permissions is a permissions management service from Amazon Web Services. You can use Verified Permissions to manage permissions for your application, and authorize user access based on those permissions. Using Verified Permissions, application developers can grant access based on information about the users, resources, and requested actions. You can also evaluate additional information like group membership, attributes of the resources, and session context, such as time of request and IP addresses. Verified Permissions manages these permissions by letting you create and store authorization policies for your applications, such as consumer-facing web sites and enterprise business systems.

Verified Permissions uses Cedar as the policy language to express your permission requirements. Cedar supports both role-based access control (RBAC) and attribute-based access control (ABAC) authorization models.

For more information about configuring, administering, and using Amazon Verified Permissions in your applications, see the Amazon Verified Permissions User Guide (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/).

For more information about the Cedar policy language, see the Cedar Policy Language Guide (https://docs.cedarpolicy.com/).

When you write Cedar policies that reference principals, resources and actions, you can define the unique identifiers used for each of those elements. We strongly recommend that you follow these best practices:

  • Use values like universally unique identifiers (UUIDs) for all principal and resource identifiers. For example, if user jane leaves the company, and you later let someone else use the name jane, then that new user automatically gets access to everything granted by policies that still reference User::"jane". Cedar can’t distinguish between the new user and the old. This applies to both principal and resource identifiers. Always use identifiers that are guaranteed unique and never reused to ensure that you don’t unintentionally grant access because of the presence of an old identifier in a policy. Where you use a UUID for an entity, we recommend that you follow it with the // comment specifier and the ‘friendly’ name of your entity. This helps to make your policies easier to understand. For example: principal == User::"a1b2c3d4-e5f6-a1b2-c3d4-EXAMPLE11111", // alice

  • Do not include personally identifying, confidential, or sensitive information as part of the unique identifier for your principals or resources. These identifiers are included in log entries shared in CloudTrail trails.

Several operations return structures that appear similar, but have different purposes. As new functionality is added to the product, the structure used in a parameter of one operation might need to change in a way that wouldn't make sense for the same parameter in a different operation. To help you understand the purpose of each, the following naming convention is used for the structures:

  • Parameter type structures that end in Detail are used in Get operations.

  • Parameter type structures that end in Item are used in List operations.

  • Parameter type structures that use neither suffix are used in the mutating (create and update) operations.

See https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01 for more information on this service.

See verifiedpermissions package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/verifiedpermissions/

Using the Client

To contact Amazon Verified Permissions with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the Amazon Verified Permissions client VerifiedPermissions for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/verifiedpermissions/#New

Index

Constants

View Source 
const (
	// DecisionAllow is a Decision enum value
	DecisionAllow = "ALLOW"

	// DecisionDeny is a Decision enum value
	DecisionDeny = "DENY"
)
View Source 
const (
	// PolicyEffectPermit is a PolicyEffect enum value
	PolicyEffectPermit = "Permit"

	// PolicyEffectForbid is a PolicyEffect enum value
	PolicyEffectForbid = "Forbid"
)
View Source 
const (
	// PolicyTypeStatic is a PolicyType enum value
	PolicyTypeStatic = "STATIC"

	// PolicyTypeTemplateLinked is a PolicyType enum value
	PolicyTypeTemplateLinked = "TEMPLATE_LINKED"
)
View Source 
const (
	// ResourceTypeIdentitySource is a ResourceType enum value
	ResourceTypeIdentitySource = "IDENTITY_SOURCE"

	// ResourceTypePolicyStore is a ResourceType enum value
	ResourceTypePolicyStore = "POLICY_STORE"

	// ResourceTypePolicy is a ResourceType enum value
	ResourceTypePolicy = "POLICY"

	// ResourceTypePolicyTemplate is a ResourceType enum value
	ResourceTypePolicyTemplate = "POLICY_TEMPLATE"

	// ResourceTypeSchema is a ResourceType enum value
	ResourceTypeSchema = "SCHEMA"
)
View Source 
const (
	// ValidationModeOff is a ValidationMode enum value
	ValidationModeOff = "OFF"

	// ValidationModeStrict is a ValidationMode enum value
	ValidationModeStrict = "STRICT"
)
View Source 
const (

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// You don't have sufficient access to perform this action.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeConflictException for service response error code
	// "ConflictException".
	//
	// The request failed because another request to modify a resource occurred
	// at the same.
	ErrCodeConflictException = "ConflictException"

	// ErrCodeInternalServerException for service response error code
	// "InternalServerException".
	//
	// The request failed because of an internal error. Try your request again later
	ErrCodeInternalServerException = "InternalServerException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// The request failed because it references a resource that doesn't exist.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"

	// ErrCodeServiceQuotaExceededException for service response error code
	// "ServiceQuotaExceededException".
	//
	// The request failed because it would cause a service quota to be exceeded.
	ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException"

	// ErrCodeThrottlingException for service response error code
	// "ThrottlingException".
	//
	// The request failed because it exceeded a throttling quota.
	ErrCodeThrottlingException = "ThrottlingException"

	// ErrCodeValidationException for service response error code
	// "ValidationException".
	//
	// The request failed because one or more input parameters don't satisfy their
	// constraint requirements. The output is provided as a list of fields and a
	// reason for each field that isn't valid.
	//
	// The possible reasons include the following:
	//
	//    * UnrecognizedEntityType The policy includes an entity type that isn't
	//    found in the schema.
	//
	//    * UnrecognizedActionId The policy includes an action id that isn't found
	//    in the schema.
	//
	//    * InvalidActionApplication The policy includes an action that, according
	//    to the schema, doesn't support the specified principal and resource.
	//
	//    * UnexpectedType The policy included an operand that isn't a valid type
	//    for the specified operation.
	//
	//    * IncompatibleTypes The types of elements included in a set, or the types
	//    of expressions used in an if...then...else clause aren't compatible in
	//    this context.
	//
	//    * MissingAttribute The policy attempts to access a record or entity attribute
	//    that isn't specified in the schema. Test for the existence of the attribute
	//    first before attempting to access its value. For more information, see
	//    the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test)
	//    in the Cedar Policy Language Guide.
	//
	//    * UnsafeOptionalAttributeAccess The policy attempts to access a record
	//    or entity attribute that is optional and isn't guaranteed to be present.
	//    Test for the existence of the attribute first before attempting to access
	//    its value. For more information, see the has (presence of attribute test)
	//    operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test)
	//    in the Cedar Policy Language Guide.
	//
	//    * ImpossiblePolicy Cedar has determined that a policy condition always
	//    evaluates to false. If the policy is always false, it can never apply
	//    to any query, and so it can never affect an authorization decision.
	//
	//    * WrongNumberArguments The policy references an extension type with the
	//    wrong number of arguments.
	//
	//    * FunctionArgumentValidationError Cedar couldn't parse the argument passed
	//    to an extension type. For example, a string that is to be parsed as an
	//    IPv4 address can contain only digits and the period character.
	ErrCodeValidationException = "ValidationException"
)
View Source 
const (
	ServiceName = "VerifiedPermissions" // Name of service.
	EndpointsID = "verifiedpermissions" // ID to lookup a service endpoint with.
	ServiceID   = "VerifiedPermissions" // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source 
const (
	// OpenIdIssuerCognito is a OpenIdIssuer enum value
	OpenIdIssuerCognito = "COGNITO"
)

Variables

This section is empty.

Functions

func Decision_Values 

func Decision_Values() []string

Decision_Values returns all elements of the Decision enum

func OpenIdIssuer_Values 

func OpenIdIssuer_Values() []string

OpenIdIssuer_Values returns all elements of the OpenIdIssuer enum

func PolicyEffect_Values added in v1.52.6 

func PolicyEffect_Values() []string

PolicyEffect_Values returns all elements of the PolicyEffect enum

func PolicyType_Values 

func PolicyType_Values() []string

PolicyType_Values returns all elements of the PolicyType enum

func ResourceType_Values 

func ResourceType_Values() []string

ResourceType_Values returns all elements of the ResourceType enum

func ValidationMode_Values 

func ValidationMode_Values() []string

ValidationMode_Values returns all elements of the ValidationMode enum

Types

type AccessDeniedException 

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

You don't have sufficient access to perform this action.

func (*AccessDeniedException) Code 

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error 

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString 

func (s AccessDeniedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessDeniedException) Message 

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr 

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID 

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode 

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String 

func (s AccessDeniedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ActionIdentifier 

type ActionIdentifier struct {

	// The ID of an action.
	//
	// ActionId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ActionIdentifier's
	// String and GoString methods.
	//
	// ActionId is a required field
	ActionId *string `locationName:"actionId" min:"1" type:"string" required:"true" sensitive:"true"`

	// The type of an action.
	//
	// ActionType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ActionIdentifier's
	// String and GoString methods.
	//
	// ActionType is a required field
	ActionType *string `locationName:"actionType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains information about an action for a request for which an authorization decision is made.

This data type is used as a request parameter to the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

Example: { "actionId": "<action name>", "actionType": "Action" }

func (ActionIdentifier) GoString 

func (s ActionIdentifier) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ActionIdentifier) SetActionId 

func (s *ActionIdentifier) SetActionId(v string) *ActionIdentifier

SetActionId sets the ActionId field's value.

func (*ActionIdentifier) SetActionType 

func (s *ActionIdentifier) SetActionType(v string) *ActionIdentifier

SetActionType sets the ActionType field's value.

func (ActionIdentifier) String 

func (s ActionIdentifier) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ActionIdentifier) Validate 

func (s *ActionIdentifier) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttributeValue 

type AttributeValue struct {

	// An attribute value of Boolean (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#boolean)
	// type.
	//
	// Example: {"boolean": true}
	//
	// Boolean is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeValue's
	// String and GoString methods.
	Boolean *bool `locationName:"boolean" type:"boolean" sensitive:"true"`

	// An attribute value of type EntityIdentifier (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html).
	//
	// Example: "entityIdentifier": { "entityId": "<id>", "entityType": "<entity
	// type>"}
	EntityIdentifier *EntityIdentifier `locationName:"entityIdentifier" type:"structure"`

	// An attribute value of Long (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#long)
	// type.
	//
	// Example: {"long": 0}
	//
	// Long is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeValue's
	// String and GoString methods.
	Long *int64 `locationName:"long" type:"long" sensitive:"true"`

	// An attribute value of Record (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#record)
	// type.
	//
	// Example: {"record": { "keyName": {} } }
	Record map[string]*AttributeValue `locationName:"record" type:"map"`

	// An attribute value of Set (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#set)
	// type.
	//
	// Example: {"set": [ {} ] }
	Set []*AttributeValue `locationName:"set" type:"list"`

	// An attribute value of String (https://docs.cedarpolicy.com/policies/syntax-datatypes.html#string)
	// type.
	//
	// Example: {"string": "abc"}
	//
	// String_ is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AttributeValue's
	// String and GoString methods.
	String_ *string `locationName:"string" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The value of an attribute.

Contains information about the runtime context for a request for which an authorization decision is made.

This data type is used as a member of the ContextDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ContextDefinition.html) structure which is uses as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

func (AttributeValue) GoString 

func (s AttributeValue) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttributeValue) SetBoolean 

func (s *AttributeValue) SetBoolean(v bool) *AttributeValue

SetBoolean sets the Boolean field's value.

func (*AttributeValue) SetEntityIdentifier 

func (s *AttributeValue) SetEntityIdentifier(v *EntityIdentifier) *AttributeValue

SetEntityIdentifier sets the EntityIdentifier field's value.

func (*AttributeValue) SetLong 

func (s *AttributeValue) SetLong(v int64) *AttributeValue

SetLong sets the Long field's value.

func (*AttributeValue) SetRecord 

func (s *AttributeValue) SetRecord(v map[string]*AttributeValue) *AttributeValue

SetRecord sets the Record field's value.

func (*AttributeValue) SetSet 

func (s *AttributeValue) SetSet(v []*AttributeValue) *AttributeValue

SetSet sets the Set field's value.

func (*AttributeValue) SetString_ 

func (s *AttributeValue) SetString_(v string) *AttributeValue

SetString_ sets the String_ field's value.

func (AttributeValue) String 

func (s AttributeValue) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttributeValue) Validate 

func (s *AttributeValue) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedInput added in v1.48.0 

type BatchIsAuthorizedInput struct {

	// Specifies the list of resources and principals and their associated attributes
	// that Verified Permissions can examine when evaluating the policies.
	//
	// You can include only principal and resource entities in this parameter; you
	// can't include actions. You must specify actions in the schema.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make the authorization decisions for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// An array of up to 30 requests that you want Verified Permissions to evaluate.
	//
	// Requests is a required field
	Requests []*BatchIsAuthorizedInputItem `locationName:"requests" min:"1" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (BatchIsAuthorizedInput) GoString added in v1.48.0 

func (s BatchIsAuthorizedInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInput) SetEntities added in v1.48.0 

func (s *BatchIsAuthorizedInput) SetEntities(v *EntitiesDefinition) *BatchIsAuthorizedInput

SetEntities sets the Entities field's value.

func (*BatchIsAuthorizedInput) SetPolicyStoreId added in v1.48.0 

func (s *BatchIsAuthorizedInput) SetPolicyStoreId(v string) *BatchIsAuthorizedInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*BatchIsAuthorizedInput) SetRequests added in v1.48.0 

func (s *BatchIsAuthorizedInput) SetRequests(v []*BatchIsAuthorizedInputItem) *BatchIsAuthorizedInput

SetRequests sets the Requests field's value.

func (BatchIsAuthorizedInput) String added in v1.48.0 

func (s BatchIsAuthorizedInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInput) Validate added in v1.48.0 

func (s *BatchIsAuthorizedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedInputItem added in v1.48.0 

type BatchIsAuthorizedInputItem struct {

	// Specifies the requested action to be authorized. For example, PhotoFlash::ReadPhoto.
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the principal for which the authorization decision is to be made.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// Specifies the resource that you want an authorization decision for. For example,
	// PhotoFlash::Photo.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

An authorization request that you include in a BatchIsAuthorized API request.

func (BatchIsAuthorizedInputItem) GoString added in v1.48.0 

func (s BatchIsAuthorizedInputItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInputItem) SetAction added in v1.48.0 

func (s *BatchIsAuthorizedInputItem) SetAction(v *ActionIdentifier) *BatchIsAuthorizedInputItem

SetAction sets the Action field's value.

func (*BatchIsAuthorizedInputItem) SetContext added in v1.48.0 

func (s *BatchIsAuthorizedInputItem) SetContext(v *ContextDefinition) *BatchIsAuthorizedInputItem

SetContext sets the Context field's value.

func (*BatchIsAuthorizedInputItem) SetPrincipal added in v1.48.0 

func (s *BatchIsAuthorizedInputItem) SetPrincipal(v *EntityIdentifier) *BatchIsAuthorizedInputItem

SetPrincipal sets the Principal field's value.

func (*BatchIsAuthorizedInputItem) SetResource added in v1.48.0 

func (s *BatchIsAuthorizedInputItem) SetResource(v *EntityIdentifier) *BatchIsAuthorizedInputItem

SetResource sets the Resource field's value.

func (BatchIsAuthorizedInputItem) String added in v1.48.0 

func (s BatchIsAuthorizedInputItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedInputItem) Validate added in v1.48.0 

func (s *BatchIsAuthorizedInputItem) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedOutput added in v1.48.0 

type BatchIsAuthorizedOutput struct {

	// A series of Allow or Deny decisions for each request, and the policies that
	// produced them.
	//
	// Results is a required field
	Results []*BatchIsAuthorizedOutputItem `locationName:"results" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (BatchIsAuthorizedOutput) GoString added in v1.48.0 

func (s BatchIsAuthorizedOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedOutput) SetResults added in v1.48.0 

func (s *BatchIsAuthorizedOutput) SetResults(v []*BatchIsAuthorizedOutputItem) *BatchIsAuthorizedOutput

SetResults sets the Results field's value.

func (BatchIsAuthorizedOutput) String added in v1.48.0 

func (s BatchIsAuthorizedOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type BatchIsAuthorizedOutputItem added in v1.48.0 

type BatchIsAuthorizedOutputItem struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are two matching policies, where one is a forbid and
	// the other is a permit, then the forbid policy will be the determining policy.
	// In the case of multiple matching permit policies then there would be multiple
	// determining policies. In the case that no policies match, and hence the response
	// is DENY, there would be no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision. For example,
	// a policy might reference an entity or attribute that doesn't exist in the
	// request.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`

	// The authorization request that initiated the decision.
	//
	// Request is a required field
	Request *BatchIsAuthorizedInputItem `locationName:"request" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

The decision, based on policy evaluation, from an individual authorization request in a BatchIsAuthorized API request.

func (BatchIsAuthorizedOutputItem) GoString added in v1.48.0 

func (s BatchIsAuthorizedOutputItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedOutputItem) SetDecision added in v1.48.0 

func (s *BatchIsAuthorizedOutputItem) SetDecision(v string) *BatchIsAuthorizedOutputItem

SetDecision sets the Decision field's value.

func (*BatchIsAuthorizedOutputItem) SetDeterminingPolicies added in v1.48.0 

func (s *BatchIsAuthorizedOutputItem) SetDeterminingPolicies(v []*DeterminingPolicyItem) *BatchIsAuthorizedOutputItem

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*BatchIsAuthorizedOutputItem) SetErrors added in v1.48.0 

func (s *BatchIsAuthorizedOutputItem) SetErrors(v []*EvaluationErrorItem) *BatchIsAuthorizedOutputItem

SetErrors sets the Errors field's value.

func (*BatchIsAuthorizedOutputItem) SetRequest added in v1.48.0 

func (s *BatchIsAuthorizedOutputItem) SetRequest(v *BatchIsAuthorizedInputItem) *BatchIsAuthorizedOutputItem

SetRequest sets the Request field's value.

func (BatchIsAuthorizedOutputItem) String added in v1.48.0 

func (s BatchIsAuthorizedOutputItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type BatchIsAuthorizedWithTokenInput added in v1.51.16 

type BatchIsAuthorizedWithTokenInput struct {

	// Specifies an access token for the principal that you want to authorize in
	// each request. This token is provided to you by the identity provider (IdP)
	// associated with the specified identity source. You must specify either an
	// accessToken, an identityToken, or both.
	//
	// Must be an access token. Verified Permissions returns an error if the token_use
	// claim in the submitted token isn't access.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by BatchIsAuthorizedWithTokenInput's
	// String and GoString methods.
	AccessToken *string `locationName:"accessToken" min:"1" type:"string" sensitive:"true"`

	// Specifies the list of resources and their associated attributes that Verified
	// Permissions can examine when evaluating the policies.
	//
	// You can't include principals in this parameter, only resource and action
	// entities. This parameter can't include any entities of a type that matches
	// the user or group entity types that you defined in your identity source.
	//
	//    * The BatchIsAuthorizedWithToken operation takes principal attributes
	//    from only the identityToken or accessToken passed to the operation.
	//
	//    * For action entities, you can include only their Identifier and EntityType.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies an identity (ID) token for the principal that you want to authorize
	// in each request. This token is provided to you by the identity provider (IdP)
	// associated with the specified identity source. You must specify either an
	// accessToken, an identityToken, or both.
	//
	// Must be an ID token. Verified Permissions returns an error if the token_use
	// claim in the submitted token isn't id.
	//
	// IdentityToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by BatchIsAuthorizedWithTokenInput's
	// String and GoString methods.
	IdentityToken *string `locationName:"identityToken" min:"1" type:"string" sensitive:"true"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make an authorization decision for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// An array of up to 30 requests that you want Verified Permissions to evaluate.
	//
	// Requests is a required field
	Requests []*BatchIsAuthorizedWithTokenInputItem `locationName:"requests" min:"1" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (BatchIsAuthorizedWithTokenInput) GoString added in v1.51.16 

func (s BatchIsAuthorizedWithTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedWithTokenInput) SetAccessToken added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInput) SetAccessToken(v string) *BatchIsAuthorizedWithTokenInput

SetAccessToken sets the AccessToken field's value.

func (*BatchIsAuthorizedWithTokenInput) SetEntities added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInput) SetEntities(v *EntitiesDefinition) *BatchIsAuthorizedWithTokenInput

SetEntities sets the Entities field's value.

func (*BatchIsAuthorizedWithTokenInput) SetIdentityToken added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInput) SetIdentityToken(v string) *BatchIsAuthorizedWithTokenInput

SetIdentityToken sets the IdentityToken field's value.

func (*BatchIsAuthorizedWithTokenInput) SetPolicyStoreId added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInput) SetPolicyStoreId(v string) *BatchIsAuthorizedWithTokenInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*BatchIsAuthorizedWithTokenInput) SetRequests added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInput) SetRequests(v []*BatchIsAuthorizedWithTokenInputItem) *BatchIsAuthorizedWithTokenInput

SetRequests sets the Requests field's value.

func (BatchIsAuthorizedWithTokenInput) String added in v1.51.16 

func (s BatchIsAuthorizedWithTokenInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedWithTokenInput) Validate added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedWithTokenInputItem added in v1.51.16 

type BatchIsAuthorizedWithTokenInputItem struct {

	// Specifies the requested action to be authorized. For example, PhotoFlash::ReadPhoto.
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the resource that you want an authorization decision for. For example,
	// PhotoFlash::Photo.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

An authorization request that you include in a BatchIsAuthorizedWithToken API request.

func (BatchIsAuthorizedWithTokenInputItem) GoString added in v1.51.16 

func (s BatchIsAuthorizedWithTokenInputItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedWithTokenInputItem) SetAction added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInputItem) SetAction(v *ActionIdentifier) *BatchIsAuthorizedWithTokenInputItem

SetAction sets the Action field's value.

func (*BatchIsAuthorizedWithTokenInputItem) SetContext added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInputItem) SetContext(v *ContextDefinition) *BatchIsAuthorizedWithTokenInputItem

SetContext sets the Context field's value.

func (*BatchIsAuthorizedWithTokenInputItem) SetResource added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInputItem) SetResource(v *EntityIdentifier) *BatchIsAuthorizedWithTokenInputItem

SetResource sets the Resource field's value.

func (BatchIsAuthorizedWithTokenInputItem) String added in v1.51.16 

func (s BatchIsAuthorizedWithTokenInputItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedWithTokenInputItem) Validate added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenInputItem) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type BatchIsAuthorizedWithTokenOutput added in v1.51.16 

type BatchIsAuthorizedWithTokenOutput struct {

	// The identifier of the principal in the ID or access token.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// A series of Allow or Deny decisions for each request, and the policies that
	// produced them.
	//
	// Results is a required field
	Results []*BatchIsAuthorizedWithTokenOutputItem `locationName:"results" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (BatchIsAuthorizedWithTokenOutput) GoString added in v1.51.16 

func (s BatchIsAuthorizedWithTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedWithTokenOutput) SetPrincipal added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenOutput) SetPrincipal(v *EntityIdentifier) *BatchIsAuthorizedWithTokenOutput

SetPrincipal sets the Principal field's value.

func (*BatchIsAuthorizedWithTokenOutput) SetResults added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenOutput) SetResults(v []*BatchIsAuthorizedWithTokenOutputItem) *BatchIsAuthorizedWithTokenOutput

SetResults sets the Results field's value.

func (BatchIsAuthorizedWithTokenOutput) String added in v1.51.16 

func (s BatchIsAuthorizedWithTokenOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type BatchIsAuthorizedWithTokenOutputItem added in v1.51.16 

type BatchIsAuthorizedWithTokenOutputItem struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are two matching policies, where one is a forbid and
	// the other is a permit, then the forbid policy will be the determining policy.
	// In the case of multiple matching permit policies then there would be multiple
	// determining policies. In the case that no policies match, and hence the response
	// is DENY, there would be no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision. For example,
	// a policy might reference an entity or attribute that doesn't exist in the
	// request.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`

	// The authorization request that initiated the decision.
	//
	// Request is a required field
	Request *BatchIsAuthorizedWithTokenInputItem `locationName:"request" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

The decision, based on policy evaluation, from an individual authorization request in a BatchIsAuthorizedWithToken API request.

func (BatchIsAuthorizedWithTokenOutputItem) GoString added in v1.51.16 

func (s BatchIsAuthorizedWithTokenOutputItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*BatchIsAuthorizedWithTokenOutputItem) SetDecision added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenOutputItem) SetDecision(v string) *BatchIsAuthorizedWithTokenOutputItem

SetDecision sets the Decision field's value.

func (*BatchIsAuthorizedWithTokenOutputItem) SetDeterminingPolicies added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenOutputItem) SetDeterminingPolicies(v []*DeterminingPolicyItem) *BatchIsAuthorizedWithTokenOutputItem

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*BatchIsAuthorizedWithTokenOutputItem) SetErrors added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenOutputItem) SetErrors(v []*EvaluationErrorItem) *BatchIsAuthorizedWithTokenOutputItem

SetErrors sets the Errors field's value.

func (*BatchIsAuthorizedWithTokenOutputItem) SetRequest added in v1.51.16 

func (s *BatchIsAuthorizedWithTokenOutputItem) SetRequest(v *BatchIsAuthorizedWithTokenInputItem) *BatchIsAuthorizedWithTokenOutputItem

SetRequest sets the Request field's value.

func (BatchIsAuthorizedWithTokenOutputItem) String added in v1.51.16 

func (s BatchIsAuthorizedWithTokenOutputItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CognitoGroupConfiguration added in v1.51.15 

type CognitoGroupConfiguration struct {

	// The name of the schema entity type that's mapped to the user pool group.
	// Defaults to AWS::CognitoGroup.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CognitoGroupConfiguration's
	// String and GoString methods.
	//
	// GroupEntityType is a required field
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.

This data type is part of a CognitoUserPoolConfiguration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfiguration.html) structure and is a request parameter in CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

func (CognitoGroupConfiguration) GoString added in v1.51.15 

func (s CognitoGroupConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoGroupConfiguration) SetGroupEntityType added in v1.51.15 

func (s *CognitoGroupConfiguration) SetGroupEntityType(v string) *CognitoGroupConfiguration

SetGroupEntityType sets the GroupEntityType field's value.

func (CognitoGroupConfiguration) String added in v1.51.15 

func (s CognitoGroupConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoGroupConfiguration) Validate added in v1.51.15 

func (s *CognitoGroupConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CognitoGroupConfigurationDetail added in v1.51.15 

type CognitoGroupConfigurationDetail struct {

	// The name of the schema entity type that's mapped to the user pool group.
	// Defaults to AWS::CognitoGroup.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CognitoGroupConfigurationDetail's
	// String and GoString methods.
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.

This data type is part of an CognitoUserPoolConfigurationDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfigurationItem.html) structure and is a response parameter to GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

func (CognitoGroupConfigurationDetail) GoString added in v1.51.15 

func (s CognitoGroupConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoGroupConfigurationDetail) SetGroupEntityType added in v1.51.15 

func (s *CognitoGroupConfigurationDetail) SetGroupEntityType(v string) *CognitoGroupConfigurationDetail

SetGroupEntityType sets the GroupEntityType field's value.

func (CognitoGroupConfigurationDetail) String added in v1.51.15 

func (s CognitoGroupConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CognitoGroupConfigurationItem added in v1.51.15 

type CognitoGroupConfigurationItem struct {

	// The name of the schema entity type that's mapped to the user pool group.
	// Defaults to AWS::CognitoGroup.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CognitoGroupConfigurationItem's
	// String and GoString methods.
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.

This data type is part of an CognitoUserPoolConfigurationItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfigurationDetail.html) structure and is a response parameter to ListIdentitySources (http://forums.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

func (CognitoGroupConfigurationItem) GoString added in v1.51.15 

func (s CognitoGroupConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoGroupConfigurationItem) SetGroupEntityType added in v1.51.15 

func (s *CognitoGroupConfigurationItem) SetGroupEntityType(v string) *CognitoGroupConfigurationItem

SetGroupEntityType sets the GroupEntityType field's value.

func (CognitoGroupConfigurationItem) String added in v1.51.15 

func (s CognitoGroupConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CognitoUserPoolConfiguration 

type CognitoUserPoolConfiguration struct {

	// The unique application client IDs that are associated with the specified
	// Amazon Cognito user pool.
	//
	// Example: "ClientIds": ["&ExampleCogClientId;"]
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The type of entity that a policy store maps to groups from an Amazon Cognito
	// user pool identity source.
	GroupConfiguration *CognitoGroupConfiguration `locationName:"groupConfiguration" type:"structure"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool that contains the identities to be authorized.
	//
	// Example: "UserPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"
	//
	// UserPoolArn is a required field
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The configuration for an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.

This data type part of a Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html) structure that is used as a parameter to CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType": "MyCorp::Group"}}

func (CognitoUserPoolConfiguration) GoString 

func (s CognitoUserPoolConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoUserPoolConfiguration) SetClientIds 

func (s *CognitoUserPoolConfiguration) SetClientIds(v []*string) *CognitoUserPoolConfiguration

SetClientIds sets the ClientIds field's value.

func (*CognitoUserPoolConfiguration) SetGroupConfiguration added in v1.51.15 

func (s *CognitoUserPoolConfiguration) SetGroupConfiguration(v *CognitoGroupConfiguration) *CognitoUserPoolConfiguration

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*CognitoUserPoolConfiguration) SetUserPoolArn 

func (s *CognitoUserPoolConfiguration) SetUserPoolArn(v string) *CognitoUserPoolConfiguration

SetUserPoolArn sets the UserPoolArn field's value.

func (CognitoUserPoolConfiguration) String 

func (s CognitoUserPoolConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoUserPoolConfiguration) Validate 

func (s *CognitoUserPoolConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CognitoUserPoolConfigurationDetail added in v1.50.33 

type CognitoUserPoolConfigurationDetail struct {

	// The unique application client IDs that are associated with the specified
	// Amazon Cognito user pool.
	//
	// Example: "clientIds": ["&ExampleCogClientId;"]
	//
	// ClientIds is a required field
	ClientIds []*string `locationName:"clientIds" type:"list" required:"true"`

	// The type of entity that a policy store maps to groups from an Amazon Cognito
	// user pool identity source.
	GroupConfiguration *CognitoGroupConfigurationDetail `locationName:"groupConfiguration" type:"structure"`

	// The OpenID Connect (OIDC) issuer ID of the Amazon Cognito user pool that
	// contains the identities to be authorized.
	//
	// Example: "issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"
	//
	// Issuer is a required field
	Issuer *string `locationName:"issuer" min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool that contains the identities to be authorized.
	//
	// Example: "userPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"
	//
	// UserPoolArn is a required field
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The configuration for an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.

This data type is used as a field that is part of an ConfigurationDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html) structure that is part of the response to GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType": "MyCorp::Group"}}

func (CognitoUserPoolConfigurationDetail) GoString added in v1.50.33 

func (s CognitoUserPoolConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoUserPoolConfigurationDetail) SetClientIds added in v1.50.33 

func (s *CognitoUserPoolConfigurationDetail) SetClientIds(v []*string) *CognitoUserPoolConfigurationDetail

SetClientIds sets the ClientIds field's value.

func (*CognitoUserPoolConfigurationDetail) SetGroupConfiguration added in v1.51.15 

func (s *CognitoUserPoolConfigurationDetail) SetGroupConfiguration(v *CognitoGroupConfigurationDetail) *CognitoUserPoolConfigurationDetail

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*CognitoUserPoolConfigurationDetail) SetIssuer added in v1.50.33 

func (s *CognitoUserPoolConfigurationDetail) SetIssuer(v string) *CognitoUserPoolConfigurationDetail

SetIssuer sets the Issuer field's value.

func (*CognitoUserPoolConfigurationDetail) SetUserPoolArn added in v1.50.33 

func (s *CognitoUserPoolConfigurationDetail) SetUserPoolArn(v string) *CognitoUserPoolConfigurationDetail

SetUserPoolArn sets the UserPoolArn field's value.

func (CognitoUserPoolConfigurationDetail) String added in v1.50.33 

func (s CognitoUserPoolConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CognitoUserPoolConfigurationItem added in v1.50.33 

type CognitoUserPoolConfigurationItem struct {

	// The unique application client IDs that are associated with the specified
	// Amazon Cognito user pool.
	//
	// Example: "clientIds": ["&ExampleCogClientId;"]
	//
	// ClientIds is a required field
	ClientIds []*string `locationName:"clientIds" type:"list" required:"true"`

	// The type of entity that a policy store maps to groups from an Amazon Cognito
	// user pool identity source.
	GroupConfiguration *CognitoGroupConfigurationItem `locationName:"groupConfiguration" type:"structure"`

	// The OpenID Connect (OIDC) issuer ID of the Amazon Cognito user pool that
	// contains the identities to be authorized.
	//
	// Example: "issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"
	//
	// Issuer is a required field
	Issuer *string `locationName:"issuer" min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool that contains the identities to be authorized.
	//
	// Example: "userPoolArn": "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"
	//
	// UserPoolArn is a required field
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

The configuration for an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.

This data type is used as a field that is part of the ConfigurationItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationItem.html) structure that is part of the response to ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

Example:"CognitoUserPoolConfiguration":{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds": ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType": "MyCorp::Group"}}

func (CognitoUserPoolConfigurationItem) GoString added in v1.50.33 

func (s CognitoUserPoolConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CognitoUserPoolConfigurationItem) SetClientIds added in v1.50.33 

func (s *CognitoUserPoolConfigurationItem) SetClientIds(v []*string) *CognitoUserPoolConfigurationItem

SetClientIds sets the ClientIds field's value.

func (*CognitoUserPoolConfigurationItem) SetGroupConfiguration added in v1.51.15 

func (s *CognitoUserPoolConfigurationItem) SetGroupConfiguration(v *CognitoGroupConfigurationItem) *CognitoUserPoolConfigurationItem

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*CognitoUserPoolConfigurationItem) SetIssuer added in v1.50.33 

func (s *CognitoUserPoolConfigurationItem) SetIssuer(v string) *CognitoUserPoolConfigurationItem

SetIssuer sets the Issuer field's value.

func (*CognitoUserPoolConfigurationItem) SetUserPoolArn added in v1.50.33 

func (s *CognitoUserPoolConfigurationItem) SetUserPoolArn(v string) *CognitoUserPoolConfigurationItem

SetUserPoolArn sets the UserPoolArn field's value.

func (CognitoUserPoolConfigurationItem) String added in v1.50.33 

func (s CognitoUserPoolConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Configuration 

type Configuration struct {

	// Contains configuration details of a Amazon Cognito user pool that Verified
	// Permissions can use as a source of authenticated identities as entities.
	// It specifies the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of a Amazon Cognito user pool and one or more application client IDs.
	//
	// Example: "configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
	// ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType":
	// "MyCorp::Group"}}}
	CognitoUserPoolConfiguration *CognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"`

	// Contains configuration details of an OpenID Connect (OIDC) identity provider,
	// or identity source, that Verified Permissions can use to generate entities
	// from authenticated identities. It specifies the issuer URL, token type that
	// you want to use, and policy store entity details.
	//
	// Example:"configuration":{"openIdConnectConfiguration":{"issuer":"https://auth.example.com","tokenSelection":{"accessTokenOnly":{"audiences":["https://myapp.example.com","https://myapp2.example.com"],"principalIdClaim":"sub"}},"entityIdPrefix":"MyOIDCProvider","groupConfiguration":{"groupClaim":"groups","groupEntityType":"MyCorp::UserGroup"}}}
	OpenIdConnectConfiguration *OpenIdConnectConfiguration `locationName:"openIdConnectConfiguration" type:"structure"`
	// contains filtered or unexported fields
}

Contains configuration information used when creating a new identity source.

This data type is used as a request parameter for the CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html) operation.

func (Configuration) GoString 

func (s Configuration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Configuration) SetCognitoUserPoolConfiguration 

func (s *Configuration) SetCognitoUserPoolConfiguration(v *CognitoUserPoolConfiguration) *Configuration

SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value.

func (*Configuration) SetOpenIdConnectConfiguration added in v1.53.19 

func (s *Configuration) SetOpenIdConnectConfiguration(v *OpenIdConnectConfiguration) *Configuration

SetOpenIdConnectConfiguration sets the OpenIdConnectConfiguration field's value.

func (Configuration) String 

func (s Configuration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Configuration) Validate 

func (s *Configuration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ConfigurationDetail added in v1.50.33 

type ConfigurationDetail struct {

	// Contains configuration details of a Amazon Cognito user pool that Verified
	// Permissions can use as a source of authenticated identities as entities.
	// It specifies the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of a Amazon Cognito user pool, the policy store entity that you want to assign
	// to user groups, and one or more application client IDs.
	//
	// Example: "configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
	// ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType":
	// "MyCorp::Group"}}}
	CognitoUserPoolConfiguration *CognitoUserPoolConfigurationDetail `locationName:"cognitoUserPoolConfiguration" type:"structure"`

	// Contains configuration details of an OpenID Connect (OIDC) identity provider,
	// or identity source, that Verified Permissions can use to generate entities
	// from authenticated identities. It specifies the issuer URL, token type that
	// you want to use, and policy store entity details.
	//
	// Example:"configuration":{"openIdConnectConfiguration":{"issuer":"https://auth.example.com","tokenSelection":{"accessTokenOnly":{"audiences":["https://myapp.example.com","https://myapp2.example.com"],"principalIdClaim":"sub"}},"entityIdPrefix":"MyOIDCProvider","groupConfiguration":{"groupClaim":"groups","groupEntityType":"MyCorp::UserGroup"}}}
	OpenIdConnectConfiguration *OpenIdConnectConfigurationDetail `locationName:"openIdConnectConfiguration" type:"structure"`
	// contains filtered or unexported fields
}

Contains configuration information about an identity source.

This data type is a response parameter to the GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html) operation.

func (ConfigurationDetail) GoString added in v1.50.33 

func (s ConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfigurationDetail) SetCognitoUserPoolConfiguration added in v1.50.33 

func (s *ConfigurationDetail) SetCognitoUserPoolConfiguration(v *CognitoUserPoolConfigurationDetail) *ConfigurationDetail

SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value.

func (*ConfigurationDetail) SetOpenIdConnectConfiguration added in v1.53.19 

func (s *ConfigurationDetail) SetOpenIdConnectConfiguration(v *OpenIdConnectConfigurationDetail) *ConfigurationDetail

SetOpenIdConnectConfiguration sets the OpenIdConnectConfiguration field's value.

func (ConfigurationDetail) String added in v1.50.33 

func (s ConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConfigurationItem added in v1.50.33 

type ConfigurationItem struct {

	// Contains configuration details of a Amazon Cognito user pool that Verified
	// Permissions can use as a source of authenticated identities as entities.
	// It specifies the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of a Amazon Cognito user pool, the policy store entity that you want to assign
	// to user groups, and one or more application client IDs.
	//
	// Example: "configuration":{"cognitoUserPoolConfiguration":{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
	// ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration": {"groupEntityType":
	// "MyCorp::Group"}}}
	CognitoUserPoolConfiguration *CognitoUserPoolConfigurationItem `locationName:"cognitoUserPoolConfiguration" type:"structure"`

	// Contains configuration details of an OpenID Connect (OIDC) identity provider,
	// or identity source, that Verified Permissions can use to generate entities
	// from authenticated identities. It specifies the issuer URL, token type that
	// you want to use, and policy store entity details.
	//
	// Example:"configuration":{"openIdConnectConfiguration":{"issuer":"https://auth.example.com","tokenSelection":{"accessTokenOnly":{"audiences":["https://myapp.example.com","https://myapp2.example.com"],"principalIdClaim":"sub"}},"entityIdPrefix":"MyOIDCProvider","groupConfiguration":{"groupClaim":"groups","groupEntityType":"MyCorp::UserGroup"}}}
	OpenIdConnectConfiguration *OpenIdConnectConfigurationItem `locationName:"openIdConnectConfiguration" type:"structure"`
	// contains filtered or unexported fields
}

Contains configuration information about an identity source.

This data type is a response parameter to the ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html) operation.

func (ConfigurationItem) GoString added in v1.50.33 

func (s ConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConfigurationItem) SetCognitoUserPoolConfiguration added in v1.50.33 

func (s *ConfigurationItem) SetCognitoUserPoolConfiguration(v *CognitoUserPoolConfigurationItem) *ConfigurationItem

SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value.

func (*ConfigurationItem) SetOpenIdConnectConfiguration added in v1.53.19 

func (s *ConfigurationItem) SetOpenIdConnectConfiguration(v *OpenIdConnectConfigurationItem) *ConfigurationItem

SetOpenIdConnectConfiguration sets the OpenIdConnectConfiguration field's value.

func (ConfigurationItem) String added in v1.50.33 

func (s ConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConflictException 

type ConflictException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The list of resources referenced with this failed request.
	//
	// Resources is a required field
	Resources []*ResourceConflict `locationName:"resources" type:"list" required:"true"`
	// contains filtered or unexported fields
}

The request failed because another request to modify a resource occurred at the same.

func (*ConflictException) Code 

func (s *ConflictException) Code() string

Code returns the exception type name.

func (*ConflictException) Error 

func (s *ConflictException) Error() string

func (ConflictException) GoString 

func (s ConflictException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConflictException) Message 

func (s *ConflictException) Message() string

Message returns the exception's message.

func (*ConflictException) OrigErr 

func (s *ConflictException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConflictException) RequestID 

func (s *ConflictException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConflictException) StatusCode 

func (s *ConflictException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConflictException) String 

func (s ConflictException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ContextDefinition 

type ContextDefinition struct {

	// An list of attributes that are needed to successfully evaluate an authorization
	// request. Each attribute in this array must include a map of a data type and
	// its value.
	//
	// Example: "contextMap":{"<KeyName1>":{"boolean":true},"<KeyName2>":{"long":1234}}
	//
	// ContextMap is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ContextDefinition's
	// String and GoString methods.
	ContextMap map[string]*AttributeValue `locationName:"contextMap" type:"map" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains additional details about the context of the request. Verified Permissions evaluates this information in an authorization request as part of the when and unless clauses in a policy.

This data type is used as a request parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

Example: "context":{"contextMap":{"<KeyName1>":{"boolean":true},"<KeyName2>":{"long":1234}}}

func (ContextDefinition) GoString 

func (s ContextDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextDefinition) SetContextMap 

func (s *ContextDefinition) SetContextMap(v map[string]*AttributeValue) *ContextDefinition

SetContextMap sets the ContextMap field's value.

func (ContextDefinition) String 

func (s ContextDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextDefinition) Validate 

func (s *ContextDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateIdentitySourceInput 

type CreateIdentitySourceInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an ConflictException error.
	//
	// Verified Permissions recognizes a ClientToken for eight hours. After eight
	// hours, the next request with the same parameters performs the operation again
	// regardless of the value of ClientToken.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// Specifies the details required to communicate with the identity provider
	// (IdP) associated with this identity source.
	//
	// Configuration is a required field
	Configuration *Configuration `locationName:"configuration" type:"structure" required:"true"`

	// Specifies the ID of the policy store in which you want to store this identity
	// source. Only policies and requests made using this policy store can reference
	// identities from the identity provider configured in the new identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the namespace and data type of the principals generated for identities
	// authenticated by the new identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreateIdentitySourceInput's
	// String and GoString methods.
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

func (CreateIdentitySourceInput) GoString 

func (s CreateIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentitySourceInput) SetClientToken 

func (s *CreateIdentitySourceInput) SetClientToken(v string) *CreateIdentitySourceInput

SetClientToken sets the ClientToken field's value.

func (*CreateIdentitySourceInput) SetConfiguration 

func (s *CreateIdentitySourceInput) SetConfiguration(v *Configuration) *CreateIdentitySourceInput

SetConfiguration sets the Configuration field's value.

func (*CreateIdentitySourceInput) SetPolicyStoreId 

func (s *CreateIdentitySourceInput) SetPolicyStoreId(v string) *CreateIdentitySourceInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreateIdentitySourceInput) SetPrincipalEntityType 

func (s *CreateIdentitySourceInput) SetPrincipalEntityType(v string) *CreateIdentitySourceInput

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (CreateIdentitySourceInput) String 

func (s CreateIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentitySourceInput) Validate 

func (s *CreateIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateIdentitySourceOutput 

type CreateIdentitySourceOutput struct {

	// The date and time the identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the new identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateIdentitySourceOutput) GoString 

func (s CreateIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateIdentitySourceOutput) SetCreatedDate 

func (s *CreateIdentitySourceOutput) SetCreatedDate(v time.Time) *CreateIdentitySourceOutput

SetCreatedDate sets the CreatedDate field's value.

func (*CreateIdentitySourceOutput) SetIdentitySourceId 

func (s *CreateIdentitySourceOutput) SetIdentitySourceId(v string) *CreateIdentitySourceOutput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*CreateIdentitySourceOutput) SetLastUpdatedDate 

func (s *CreateIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *CreateIdentitySourceOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreateIdentitySourceOutput) SetPolicyStoreId 

func (s *CreateIdentitySourceOutput) SetPolicyStoreId(v string) *CreateIdentitySourceOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (CreateIdentitySourceOutput) String 

func (s CreateIdentitySourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyInput 

type CreatePolicyInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an ConflictException error.
	//
	// Verified Permissions recognizes a ClientToken for eight hours. After eight
	// hours, the next request with the same parameters performs the operation again
	// regardless of the value of ClientToken.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// A structure that specifies the policy type and content to use for the new
	// policy. You must include either a static or a templateLinked element. The
	// policy content must be written in the Cedar policy language.
	//
	// Definition is a required field
	Definition *PolicyDefinition `locationName:"definition" type:"structure" required:"true"`

	// Specifies the PolicyStoreId of the policy store you want to store the policy
	// in.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyInput) GoString 

func (s CreatePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyInput) SetClientToken 

func (s *CreatePolicyInput) SetClientToken(v string) *CreatePolicyInput

SetClientToken sets the ClientToken field's value.

func (*CreatePolicyInput) SetDefinition 

func (s *CreatePolicyInput) SetDefinition(v *PolicyDefinition) *CreatePolicyInput

SetDefinition sets the Definition field's value.

func (*CreatePolicyInput) SetPolicyStoreId 

func (s *CreatePolicyInput) SetPolicyStoreId(v string) *CreatePolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (CreatePolicyInput) String 

func (s CreatePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyInput) Validate 

func (s *CreatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyOutput 

type CreatePolicyOutput struct {

	// The action that a policy permits or forbids. For example, {"actions": [{"actionId":
	// "ViewPhoto", "actionType": "PhotoFlash::Action"}, {"entityID": "SharePhoto",
	// "entityType": "PhotoFlash::Action"}]}.
	Actions []*ActionIdentifier `locationName:"actions" type:"list"`

	// The date and time the policy was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The effect of the decision that a policy returns to an authorization request.
	// For example, "effect": "Permit".
	Effect *string `locationName:"effect" type:"string" enum:"PolicyEffect"`

	// The date and time the policy was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the new policy.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The ID of the policy store that contains the new policy.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The policy type of the new policy.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal specified in the new policy's scope. This response element
	// isn't present when principal isn't specified in the policy content.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource specified in the new policy's scope. This response element isn't
	// present when the resource isn't specified in the policy content.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (CreatePolicyOutput) GoString 

func (s CreatePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyOutput) SetActions added in v1.52.6 

func (s *CreatePolicyOutput) SetActions(v []*ActionIdentifier) *CreatePolicyOutput

SetActions sets the Actions field's value.

func (*CreatePolicyOutput) SetCreatedDate 

func (s *CreatePolicyOutput) SetCreatedDate(v time.Time) *CreatePolicyOutput

SetCreatedDate sets the CreatedDate field's value.

func (*CreatePolicyOutput) SetEffect added in v1.52.6 

func (s *CreatePolicyOutput) SetEffect(v string) *CreatePolicyOutput

SetEffect sets the Effect field's value.

func (*CreatePolicyOutput) SetLastUpdatedDate 

func (s *CreatePolicyOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreatePolicyOutput) SetPolicyId 

func (s *CreatePolicyOutput) SetPolicyId(v string) *CreatePolicyOutput

SetPolicyId sets the PolicyId field's value.

func (*CreatePolicyOutput) SetPolicyStoreId 

func (s *CreatePolicyOutput) SetPolicyStoreId(v string) *CreatePolicyOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreatePolicyOutput) SetPolicyType 

func (s *CreatePolicyOutput) SetPolicyType(v string) *CreatePolicyOutput

SetPolicyType sets the PolicyType field's value.

func (*CreatePolicyOutput) SetPrincipal 

func (s *CreatePolicyOutput) SetPrincipal(v *EntityIdentifier) *CreatePolicyOutput

SetPrincipal sets the Principal field's value.

func (*CreatePolicyOutput) SetResource 

func (s *CreatePolicyOutput) SetResource(v *EntityIdentifier) *CreatePolicyOutput

SetResource sets the Resource field's value.

func (CreatePolicyOutput) String 

func (s CreatePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyStoreInput 

type CreatePolicyStoreInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an ConflictException error.
	//
	// Verified Permissions recognizes a ClientToken for eight hours. After eight
	// hours, the next request with the same parameters performs the operation again
	// regardless of the value of ClientToken.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// Descriptive text that you can provide to help with identification of the
	// current policy store.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreatePolicyStoreInput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// Specifies the validation setting for this policy store.
	//
	// Currently, the only valid and required value is Mode.
	//
	// We recommend that you turn on STRICT mode only after you define a schema.
	// If a schema doesn't exist, then STRICT mode causes any policy to fail validation,
	// and Verified Permissions rejects the policy. You can turn off validation
	// by using the UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore).
	// Then, when you have a schema defined, use UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore)
	// again to turn validation back on.
	//
	// ValidationSettings is a required field
	ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyStoreInput) GoString 

func (s CreatePolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyStoreInput) SetClientToken 

func (s *CreatePolicyStoreInput) SetClientToken(v string) *CreatePolicyStoreInput

SetClientToken sets the ClientToken field's value.

func (*CreatePolicyStoreInput) SetDescription added in v1.48.11 

func (s *CreatePolicyStoreInput) SetDescription(v string) *CreatePolicyStoreInput

SetDescription sets the Description field's value.

func (*CreatePolicyStoreInput) SetValidationSettings 

func (s *CreatePolicyStoreInput) SetValidationSettings(v *ValidationSettings) *CreatePolicyStoreInput

SetValidationSettings sets the ValidationSettings field's value.

func (CreatePolicyStoreInput) String 

func (s CreatePolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyStoreInput) Validate 

func (s *CreatePolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyStoreOutput 

type CreatePolicyStoreOutput struct {

	// The Amazon Resource Name (ARN) of the new policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time the policy store was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time the policy store was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the new policy store.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyStoreOutput) GoString 

func (s CreatePolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyStoreOutput) SetArn 

func (s *CreatePolicyStoreOutput) SetArn(v string) *CreatePolicyStoreOutput

SetArn sets the Arn field's value.

func (*CreatePolicyStoreOutput) SetCreatedDate 

func (s *CreatePolicyStoreOutput) SetCreatedDate(v time.Time) *CreatePolicyStoreOutput

SetCreatedDate sets the CreatedDate field's value.

func (*CreatePolicyStoreOutput) SetLastUpdatedDate 

func (s *CreatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyStoreOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreatePolicyStoreOutput) SetPolicyStoreId 

func (s *CreatePolicyStoreOutput) SetPolicyStoreId(v string) *CreatePolicyStoreOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (CreatePolicyStoreOutput) String 

func (s CreatePolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyTemplateInput 

type CreatePolicyTemplateInput struct {

	// Specifies a unique, case-sensitive ID that you provide to ensure the idempotency
	// of the request. This lets you safely retry the request without accidentally
	// performing the same operation a second time. Passing the same value to a
	// later call to an operation requires that you also pass the same value for
	// all other parameters. We recommend that you use a UUID type of value. (https://wikipedia.org/wiki/Universally_unique_identifier).
	//
	// If you don't provide this value, then Amazon Web Services generates a random
	// one for you.
	//
	// If you retry the operation with the same ClientToken, but with different
	// parameters, the retry fails with an ConflictException error.
	//
	// Verified Permissions recognizes a ClientToken for eight hours. After eight
	// hours, the next request with the same parameters performs the operation again
	// regardless of the value of ClientToken.
	ClientToken *string `locationName:"clientToken" min:"1" type:"string" idempotencyToken:"true"`

	// Specifies a description for the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreatePolicyTemplateInput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The ID of the policy store in which to create the policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the content that you want to use for the new policy template, written
	// in the Cedar policy language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreatePolicyTemplateInput's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyTemplateInput) GoString 

func (s CreatePolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyTemplateInput) SetClientToken 

func (s *CreatePolicyTemplateInput) SetClientToken(v string) *CreatePolicyTemplateInput

SetClientToken sets the ClientToken field's value.

func (*CreatePolicyTemplateInput) SetDescription 

func (s *CreatePolicyTemplateInput) SetDescription(v string) *CreatePolicyTemplateInput

SetDescription sets the Description field's value.

func (*CreatePolicyTemplateInput) SetPolicyStoreId 

func (s *CreatePolicyTemplateInput) SetPolicyStoreId(v string) *CreatePolicyTemplateInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreatePolicyTemplateInput) SetStatement 

func (s *CreatePolicyTemplateInput) SetStatement(v string) *CreatePolicyTemplateInput

SetStatement sets the Statement field's value.

func (CreatePolicyTemplateInput) String 

func (s CreatePolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyTemplateInput) Validate 

func (s *CreatePolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyTemplateOutput 

type CreatePolicyTemplateOutput struct {

	// The date and time the policy template was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The unique ID of the new policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyTemplateOutput) GoString 

func (s CreatePolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyTemplateOutput) SetCreatedDate 

func (s *CreatePolicyTemplateOutput) SetCreatedDate(v time.Time) *CreatePolicyTemplateOutput

SetCreatedDate sets the CreatedDate field's value.

func (*CreatePolicyTemplateOutput) SetLastUpdatedDate 

func (s *CreatePolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *CreatePolicyTemplateOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*CreatePolicyTemplateOutput) SetPolicyStoreId 

func (s *CreatePolicyTemplateOutput) SetPolicyStoreId(v string) *CreatePolicyTemplateOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*CreatePolicyTemplateOutput) SetPolicyTemplateId 

func (s *CreatePolicyTemplateOutput) SetPolicyTemplateId(v string) *CreatePolicyTemplateOutput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (CreatePolicyTemplateOutput) String 

func (s CreatePolicyTemplateOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteIdentitySourceInput 

type DeleteIdentitySourceInput struct {

	// Specifies the ID of the identity source that you want to delete.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the identity source that
	// you want to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteIdentitySourceInput) GoString 

func (s DeleteIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteIdentitySourceInput) SetIdentitySourceId 

func (s *DeleteIdentitySourceInput) SetIdentitySourceId(v string) *DeleteIdentitySourceInput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*DeleteIdentitySourceInput) SetPolicyStoreId 

func (s *DeleteIdentitySourceInput) SetPolicyStoreId(v string) *DeleteIdentitySourceInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (DeleteIdentitySourceInput) String 

func (s DeleteIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteIdentitySourceInput) Validate 

func (s *DeleteIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteIdentitySourceOutput 

type DeleteIdentitySourceOutput struct {
	// contains filtered or unexported fields
}

func (DeleteIdentitySourceOutput) GoString 

func (s DeleteIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteIdentitySourceOutput) String 

func (s DeleteIdentitySourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyInput 

type DeletePolicyInput struct {

	// Specifies the ID of the policy that you want to delete.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the policy that you want
	// to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyInput) GoString 

func (s DeletePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyInput) SetPolicyId 

func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput

SetPolicyId sets the PolicyId field's value.

func (*DeletePolicyInput) SetPolicyStoreId 

func (s *DeletePolicyInput) SetPolicyStoreId(v string) *DeletePolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (DeletePolicyInput) String 

func (s DeletePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyInput) Validate 

func (s *DeletePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyOutput 

type DeletePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyOutput) GoString 

func (s DeletePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyOutput) String 

func (s DeletePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyStoreInput 

type DeletePolicyStoreInput struct {

	// Specifies the ID of the policy store that you want to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyStoreInput) GoString 

func (s DeletePolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyStoreInput) SetPolicyStoreId 

func (s *DeletePolicyStoreInput) SetPolicyStoreId(v string) *DeletePolicyStoreInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (DeletePolicyStoreInput) String 

func (s DeletePolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyStoreInput) Validate 

func (s *DeletePolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyStoreOutput 

type DeletePolicyStoreOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyStoreOutput) GoString 

func (s DeletePolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyStoreOutput) String 

func (s DeletePolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyTemplateInput 

type DeletePolicyTemplateInput struct {

	// Specifies the ID of the policy store that contains the policy template that
	// you want to delete.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy template that you want to delete.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyTemplateInput) GoString 

func (s DeletePolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyTemplateInput) SetPolicyStoreId 

func (s *DeletePolicyTemplateInput) SetPolicyStoreId(v string) *DeletePolicyTemplateInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*DeletePolicyTemplateInput) SetPolicyTemplateId 

func (s *DeletePolicyTemplateInput) SetPolicyTemplateId(v string) *DeletePolicyTemplateInput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (DeletePolicyTemplateInput) String 

func (s DeletePolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyTemplateInput) Validate 

func (s *DeletePolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyTemplateOutput 

type DeletePolicyTemplateOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyTemplateOutput) GoString 

func (s DeletePolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyTemplateOutput) String 

func (s DeletePolicyTemplateOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeterminingPolicyItem 

type DeterminingPolicyItem struct {

	// The Id of a policy that determined to an authorization decision.
	//
	// Example: "policyId":"SPEXAMPLEabcdefg111111"
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about one of the policies that determined an authorization decision.

This data type is used as an element in a response parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

Example: "determiningPolicies":[{"policyId":"SPEXAMPLEabcdefg111111"}]

func (DeterminingPolicyItem) GoString 

func (s DeterminingPolicyItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeterminingPolicyItem) SetPolicyId 

func (s *DeterminingPolicyItem) SetPolicyId(v string) *DeterminingPolicyItem

SetPolicyId sets the PolicyId field's value.

func (DeterminingPolicyItem) String 

func (s DeterminingPolicyItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EntitiesDefinition 

type EntitiesDefinition struct {

	// An array of entities that are needed to successfully evaluate an authorization
	// request. Each entity in this array must include an identifier for the entity,
	// the attributes of the entity, and a list of any parent entities.
	EntityList []*EntityItem `locationName:"entityList" type:"list"`
	// contains filtered or unexported fields
}

Contains the list of entities to be considered during an authorization request. This includes all principals, resources, and actions required to successfully evaluate the request.

This data type is used as a field in the response parameter for the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

func (EntitiesDefinition) GoString 

func (s EntitiesDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntitiesDefinition) SetEntityList 

func (s *EntitiesDefinition) SetEntityList(v []*EntityItem) *EntitiesDefinition

SetEntityList sets the EntityList field's value.

func (EntitiesDefinition) String 

func (s EntitiesDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntitiesDefinition) Validate 

func (s *EntitiesDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EntityIdentifier 

type EntityIdentifier struct {

	// The identifier of an entity.
	//
	// "entityId":"identifier"
	//
	// EntityId is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by EntityIdentifier's
	// String and GoString methods.
	//
	// EntityId is a required field
	EntityId *string `locationName:"entityId" min:"1" type:"string" required:"true" sensitive:"true"`

	// The type of an entity.
	//
	// Example: "entityType":"typeName"
	//
	// EntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by EntityIdentifier's
	// String and GoString methods.
	//
	// EntityType is a required field
	EntityType *string `locationName:"entityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains the identifier of an entity, including its ID and type.

This data type is used as a request parameter for IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html) operation, and as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html), GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html), and UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) operations.

Example: {"entityId":"string","entityType":"string"}

func (EntityIdentifier) GoString 

func (s EntityIdentifier) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityIdentifier) SetEntityId 

func (s *EntityIdentifier) SetEntityId(v string) *EntityIdentifier

SetEntityId sets the EntityId field's value.

func (*EntityIdentifier) SetEntityType 

func (s *EntityIdentifier) SetEntityType(v string) *EntityIdentifier

SetEntityType sets the EntityType field's value.

func (EntityIdentifier) String 

func (s EntityIdentifier) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityIdentifier) Validate 

func (s *EntityIdentifier) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EntityItem 

type EntityItem struct {

	// A list of attributes for the entity.
	Attributes map[string]*AttributeValue `locationName:"attributes" type:"map"`

	// The identifier of the entity.
	//
	// Identifier is a required field
	Identifier *EntityIdentifier `locationName:"identifier" type:"structure" required:"true"`

	// The parent entities in the hierarchy that contains the entity. A principal
	// or resource entity can be defined with at most 99 transitive parents per
	// authorization request.
	//
	// A transitive parent is an entity in the hierarchy of entities including all
	// direct parents, and parents of parents. For example, a user can be a member
	// of 91 groups if one of those groups is a member of eight groups, for a total
	// of 100: one entity, 91 entity parents, and eight parents of parents.
	Parents []*EntityIdentifier `locationName:"parents" type:"list"`
	// contains filtered or unexported fields
}

Contains information about an entity that can be referenced in a Cedar policy.

This data type is used as one of the fields in the EntitiesDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntitiesDefinition.html) structure.

{ "identifier": { "entityType": "Photo", "entityId": "VacationPhoto94.jpg" }, "attributes": {}, "parents": [ { "entityType": "Album", "entityId": "alice_folder" } ] }

func (EntityItem) GoString 

func (s EntityItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityItem) SetAttributes 

func (s *EntityItem) SetAttributes(v map[string]*AttributeValue) *EntityItem

SetAttributes sets the Attributes field's value.

func (*EntityItem) SetIdentifier 

func (s *EntityItem) SetIdentifier(v *EntityIdentifier) *EntityItem

SetIdentifier sets the Identifier field's value.

func (*EntityItem) SetParents 

func (s *EntityItem) SetParents(v []*EntityIdentifier) *EntityItem

SetParents sets the Parents field's value.

func (EntityItem) String 

func (s EntityItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityItem) Validate 

func (s *EntityItem) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EntityReference 

type EntityReference struct {

	// The identifier of the entity. It can consist of either an EntityType and
	// EntityId, a principal, or a resource.
	Identifier *EntityIdentifier `locationName:"identifier" type:"structure"`

	// Used to indicate that a principal or resource is not specified. This can
	// be used to search for policies that are not associated with a specific principal
	// or resource.
	Unspecified *bool `locationName:"unspecified" type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about a principal or resource that can be referenced in a Cedar policy.

This data type is used as part of the PolicyFilter (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyFilter.html) structure that is used as a request parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operation..

func (EntityReference) GoString 

func (s EntityReference) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityReference) SetIdentifier 

func (s *EntityReference) SetIdentifier(v *EntityIdentifier) *EntityReference

SetIdentifier sets the Identifier field's value.

func (*EntityReference) SetUnspecified 

func (s *EntityReference) SetUnspecified(v bool) *EntityReference

SetUnspecified sets the Unspecified field's value.

func (EntityReference) String 

func (s EntityReference) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityReference) Validate 

func (s *EntityReference) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EvaluationErrorItem 

type EvaluationErrorItem struct {

	// The error description.
	//
	// ErrorDescription is a required field
	ErrorDescription *string `locationName:"errorDescription" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains a description of an evaluation error.

This data type is a response parameter of the IsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html), BatchIsAuthorized (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html), and IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) operations.

func (EvaluationErrorItem) GoString 

func (s EvaluationErrorItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EvaluationErrorItem) SetErrorDescription 

func (s *EvaluationErrorItem) SetErrorDescription(v string) *EvaluationErrorItem

SetErrorDescription sets the ErrorDescription field's value.

func (EvaluationErrorItem) String 

func (s EvaluationErrorItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetIdentitySourceInput 

type GetIdentitySourceInput struct {

	// Specifies the ID of the identity source you want information about.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the identity source you
	// want information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetIdentitySourceInput) GoString 

func (s GetIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentitySourceInput) SetIdentitySourceId 

func (s *GetIdentitySourceInput) SetIdentitySourceId(v string) *GetIdentitySourceInput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*GetIdentitySourceInput) SetPolicyStoreId 

func (s *GetIdentitySourceInput) SetPolicyStoreId(v string) *GetIdentitySourceInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetIdentitySourceInput) String 

func (s GetIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentitySourceInput) Validate 

func (s *GetIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetIdentitySourceOutput 

type GetIdentitySourceOutput struct {

	// Contains configuration information about an identity source.
	Configuration *ConfigurationDetail `locationName:"configuration" type:"structure"`

	// The date and time that the identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A structure that describes the configuration of the identity source.
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration
	Details *IdentitySourceDetails `locationName:"details" deprecated:"true" type:"structure"`

	// The ID of the identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time that the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The data type of principals generated for identities authenticated by this
	// identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetIdentitySourceOutput's
	// String and GoString methods.
	//
	// PrincipalEntityType is a required field
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetIdentitySourceOutput) GoString 

func (s GetIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetIdentitySourceOutput) SetConfiguration added in v1.50.33 

func (s *GetIdentitySourceOutput) SetConfiguration(v *ConfigurationDetail) *GetIdentitySourceOutput

SetConfiguration sets the Configuration field's value.

func (*GetIdentitySourceOutput) SetCreatedDate 

func (s *GetIdentitySourceOutput) SetCreatedDate(v time.Time) *GetIdentitySourceOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetIdentitySourceOutput) SetDetails 

func (s *GetIdentitySourceOutput) SetDetails(v *IdentitySourceDetails) *GetIdentitySourceOutput

SetDetails sets the Details field's value.

func (*GetIdentitySourceOutput) SetIdentitySourceId 

func (s *GetIdentitySourceOutput) SetIdentitySourceId(v string) *GetIdentitySourceOutput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*GetIdentitySourceOutput) SetLastUpdatedDate 

func (s *GetIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *GetIdentitySourceOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetIdentitySourceOutput) SetPolicyStoreId 

func (s *GetIdentitySourceOutput) SetPolicyStoreId(v string) *GetIdentitySourceOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetIdentitySourceOutput) SetPrincipalEntityType 

func (s *GetIdentitySourceOutput) SetPrincipalEntityType(v string) *GetIdentitySourceOutput

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (GetIdentitySourceOutput) String 

func (s GetIdentitySourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyInput 

type GetPolicyInput struct {

	// Specifies the ID of the policy you want information about.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the policy that you want
	// information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyInput) GoString 

func (s GetPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyInput) SetPolicyId 

func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput

SetPolicyId sets the PolicyId field's value.

func (*GetPolicyInput) SetPolicyStoreId 

func (s *GetPolicyInput) SetPolicyStoreId(v string) *GetPolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetPolicyInput) String 

func (s GetPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyInput) Validate 

func (s *GetPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyOutput 

type GetPolicyOutput struct {

	// The action that a policy permits or forbids. For example, {"actions": [{"actionId":
	// "ViewPhoto", "actionType": "PhotoFlash::Action"}, {"entityID": "SharePhoto",
	// "entityType": "PhotoFlash::Action"}]}.
	Actions []*ActionIdentifier `locationName:"actions" type:"list"`

	// The date and time that the policy was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The definition of the requested policy.
	//
	// Definition is a required field
	Definition *PolicyDefinitionDetail `locationName:"definition" type:"structure" required:"true"`

	// The effect of the decision that a policy returns to an authorization request.
	// For example, "effect": "Permit".
	Effect *string `locationName:"effect" type:"string" enum:"PolicyEffect"`

	// The date and time that the policy was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique ID of the policy that you want information about.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The ID of the policy store that contains the policy that you want information
	// about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The type of the policy.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal specified in the policy's scope. This element isn't included
	// in the response when Principal isn't present in the policy content.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource specified in the policy's scope. This element isn't included
	// in the response when Resource isn't present in the policy content.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (GetPolicyOutput) GoString 

func (s GetPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyOutput) SetActions added in v1.52.6 

func (s *GetPolicyOutput) SetActions(v []*ActionIdentifier) *GetPolicyOutput

SetActions sets the Actions field's value.

func (*GetPolicyOutput) SetCreatedDate 

func (s *GetPolicyOutput) SetCreatedDate(v time.Time) *GetPolicyOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetPolicyOutput) SetDefinition 

func (s *GetPolicyOutput) SetDefinition(v *PolicyDefinitionDetail) *GetPolicyOutput

SetDefinition sets the Definition field's value.

func (*GetPolicyOutput) SetEffect added in v1.52.6 

func (s *GetPolicyOutput) SetEffect(v string) *GetPolicyOutput

SetEffect sets the Effect field's value.

func (*GetPolicyOutput) SetLastUpdatedDate 

func (s *GetPolicyOutput) SetLastUpdatedDate(v time.Time) *GetPolicyOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetPolicyOutput) SetPolicyId 

func (s *GetPolicyOutput) SetPolicyId(v string) *GetPolicyOutput

SetPolicyId sets the PolicyId field's value.

func (*GetPolicyOutput) SetPolicyStoreId 

func (s *GetPolicyOutput) SetPolicyStoreId(v string) *GetPolicyOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyOutput) SetPolicyType 

func (s *GetPolicyOutput) SetPolicyType(v string) *GetPolicyOutput

SetPolicyType sets the PolicyType field's value.

func (*GetPolicyOutput) SetPrincipal 

func (s *GetPolicyOutput) SetPrincipal(v *EntityIdentifier) *GetPolicyOutput

SetPrincipal sets the Principal field's value.

func (*GetPolicyOutput) SetResource 

func (s *GetPolicyOutput) SetResource(v *EntityIdentifier) *GetPolicyOutput

SetResource sets the Resource field's value.

func (GetPolicyOutput) String 

func (s GetPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyStoreInput 

type GetPolicyStoreInput struct {

	// Specifies the ID of the policy store that you want information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyStoreInput) GoString 

func (s GetPolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyStoreInput) SetPolicyStoreId 

func (s *GetPolicyStoreInput) SetPolicyStoreId(v string) *GetPolicyStoreInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetPolicyStoreInput) String 

func (s GetPolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyStoreInput) Validate 

func (s *GetPolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyStoreOutput 

type GetPolicyStoreOutput struct {

	// The Amazon Resource Name (ARN) of the policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time that the policy store was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// Descriptive text that you can provide to help with identification of the
	// current policy store.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPolicyStoreOutput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The date and time that the policy store was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store;
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The current validation settings for the policy store.
	//
	// ValidationSettings is a required field
	ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyStoreOutput) GoString 

func (s GetPolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyStoreOutput) SetArn 

func (s *GetPolicyStoreOutput) SetArn(v string) *GetPolicyStoreOutput

SetArn sets the Arn field's value.

func (*GetPolicyStoreOutput) SetCreatedDate 

func (s *GetPolicyStoreOutput) SetCreatedDate(v time.Time) *GetPolicyStoreOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetPolicyStoreOutput) SetDescription added in v1.48.11 

func (s *GetPolicyStoreOutput) SetDescription(v string) *GetPolicyStoreOutput

SetDescription sets the Description field's value.

func (*GetPolicyStoreOutput) SetLastUpdatedDate 

func (s *GetPolicyStoreOutput) SetLastUpdatedDate(v time.Time) *GetPolicyStoreOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetPolicyStoreOutput) SetPolicyStoreId 

func (s *GetPolicyStoreOutput) SetPolicyStoreId(v string) *GetPolicyStoreOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyStoreOutput) SetValidationSettings 

func (s *GetPolicyStoreOutput) SetValidationSettings(v *ValidationSettings) *GetPolicyStoreOutput

SetValidationSettings sets the ValidationSettings field's value.

func (GetPolicyStoreOutput) String 

func (s GetPolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyTemplateInput 

type GetPolicyTemplateInput struct {

	// Specifies the ID of the policy store that contains the policy template that
	// you want information about.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy template that you want information about.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyTemplateInput) GoString 

func (s GetPolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyTemplateInput) SetPolicyStoreId 

func (s *GetPolicyTemplateInput) SetPolicyStoreId(v string) *GetPolicyTemplateInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyTemplateInput) SetPolicyTemplateId 

func (s *GetPolicyTemplateInput) SetPolicyTemplateId(v string) *GetPolicyTemplateInput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (GetPolicyTemplateInput) String 

func (s GetPolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyTemplateInput) Validate 

func (s *GetPolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyTemplateOutput 

type GetPolicyTemplateOutput struct {

	// The date and time that the policy template was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The description of the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPolicyTemplateOutput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The date and time that the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The ID of the policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The content of the body of the policy template written in the Cedar policy
	// language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetPolicyTemplateOutput's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyTemplateOutput) GoString 

func (s GetPolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyTemplateOutput) SetCreatedDate 

func (s *GetPolicyTemplateOutput) SetCreatedDate(v time.Time) *GetPolicyTemplateOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetPolicyTemplateOutput) SetDescription 

func (s *GetPolicyTemplateOutput) SetDescription(v string) *GetPolicyTemplateOutput

SetDescription sets the Description field's value.

func (*GetPolicyTemplateOutput) SetLastUpdatedDate 

func (s *GetPolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *GetPolicyTemplateOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetPolicyTemplateOutput) SetPolicyStoreId 

func (s *GetPolicyTemplateOutput) SetPolicyStoreId(v string) *GetPolicyTemplateOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetPolicyTemplateOutput) SetPolicyTemplateId 

func (s *GetPolicyTemplateOutput) SetPolicyTemplateId(v string) *GetPolicyTemplateOutput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*GetPolicyTemplateOutput) SetStatement 

func (s *GetPolicyTemplateOutput) SetStatement(v string) *GetPolicyTemplateOutput

SetStatement sets the Statement field's value.

func (GetPolicyTemplateOutput) String 

func (s GetPolicyTemplateOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetSchemaInput 

type GetSchemaInput struct {

	// Specifies the ID of the policy store that contains the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSchemaInput) GoString 

func (s GetSchemaInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSchemaInput) SetPolicyStoreId 

func (s *GetSchemaInput) SetPolicyStoreId(v string) *GetSchemaInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (GetSchemaInput) String 

func (s GetSchemaInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSchemaInput) Validate 

func (s *GetSchemaInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSchemaOutput 

type GetSchemaOutput struct {

	// The date and time that the schema was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the schema was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The namespaces of the entities referenced by this schema.
	Namespaces []*string `locationName:"namespaces" type:"list"`

	// The ID of the policy store that contains the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The body of the schema, written in Cedar schema JSON.
	//
	// Schema is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by GetSchemaOutput's
	// String and GoString methods.
	//
	// Schema is a required field
	Schema *string `locationName:"schema" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (GetSchemaOutput) GoString 

func (s GetSchemaOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSchemaOutput) SetCreatedDate 

func (s *GetSchemaOutput) SetCreatedDate(v time.Time) *GetSchemaOutput

SetCreatedDate sets the CreatedDate field's value.

func (*GetSchemaOutput) SetLastUpdatedDate 

func (s *GetSchemaOutput) SetLastUpdatedDate(v time.Time) *GetSchemaOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*GetSchemaOutput) SetNamespaces added in v1.48.11 

func (s *GetSchemaOutput) SetNamespaces(v []*string) *GetSchemaOutput

SetNamespaces sets the Namespaces field's value.

func (*GetSchemaOutput) SetPolicyStoreId 

func (s *GetSchemaOutput) SetPolicyStoreId(v string) *GetSchemaOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*GetSchemaOutput) SetSchema 

func (s *GetSchemaOutput) SetSchema(v string) *GetSchemaOutput

SetSchema sets the Schema field's value.

func (GetSchemaOutput) String 

func (s GetSchemaOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentitySourceDetails deprecated 

type IdentitySourceDetails struct {

	// The application client IDs associated with the specified Amazon Cognito user
	// pool that are enabled for this identity source.
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration.clientIds
	ClientIds []*string `locationName:"clientIds" deprecated:"true" type:"list"`

	// The well-known URL that points to this user pool's OIDC discovery endpoint.
	// This is a URL string in the following format. This URL replaces the placeholders
	// for both the Amazon Web Services Region and the user pool identifier with
	// those appropriate for this user pool.
	//
	// https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration.issuer
	DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" deprecated:"true" type:"string"`

	// A string that identifies the type of OIDC service represented by this identity
	// source.
	//
	// At this time, the only valid value is cognito.
	//
	// Deprecated: This attribute has been replaced by configuration
	OpenIdIssuer *string `locationName:"openIdIssuer" deprecated:"true" type:"string" enum:"OpenIdIssuer"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool whose identities are accessible to this Verified
	// Permissions policy store.
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration.userPoolArn
	UserPoolArn *string `locationName:"userPoolArn" min:"1" deprecated:"true" type:"string"`
	// contains filtered or unexported fields
}

A structure that contains configuration of the identity source.

This data type was a response parameter for the GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html) operation. Replaced by ConfigurationDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html).

Deprecated: This shape has been replaced by ConfigurationDetail

func (IdentitySourceDetails) GoString 

func (s IdentitySourceDetails) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceDetails) SetClientIds 

func (s *IdentitySourceDetails) SetClientIds(v []*string) *IdentitySourceDetails

SetClientIds sets the ClientIds field's value.

func (*IdentitySourceDetails) SetDiscoveryUrl 

func (s *IdentitySourceDetails) SetDiscoveryUrl(v string) *IdentitySourceDetails

SetDiscoveryUrl sets the DiscoveryUrl field's value.

func (*IdentitySourceDetails) SetOpenIdIssuer 

func (s *IdentitySourceDetails) SetOpenIdIssuer(v string) *IdentitySourceDetails

SetOpenIdIssuer sets the OpenIdIssuer field's value.

func (*IdentitySourceDetails) SetUserPoolArn 

func (s *IdentitySourceDetails) SetUserPoolArn(v string) *IdentitySourceDetails

SetUserPoolArn sets the UserPoolArn field's value.

func (IdentitySourceDetails) String 

func (s IdentitySourceDetails) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentitySourceFilter 

type IdentitySourceFilter struct {

	// The Cedar entity type of the principals returned by the identity provider
	// (IdP) associated with this identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IdentitySourceFilter's
	// String and GoString methods.
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that defines characteristics of an identity source that you can use to filter.

This data type is a request parameter for the ListIdentityStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html) operation.

func (IdentitySourceFilter) GoString 

func (s IdentitySourceFilter) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceFilter) SetPrincipalEntityType 

func (s *IdentitySourceFilter) SetPrincipalEntityType(v string) *IdentitySourceFilter

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (IdentitySourceFilter) String 

func (s IdentitySourceFilter) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceFilter) Validate 

func (s *IdentitySourceFilter) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type IdentitySourceItem 

type IdentitySourceItem struct {

	// Contains configuration information about an identity source.
	Configuration *ConfigurationItem `locationName:"configuration" type:"structure"`

	// The date and time the identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A structure that contains the details of the associated identity provider
	// (IdP).
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration
	Details *IdentitySourceItemDetails `locationName:"details" deprecated:"true" type:"structure"`

	// The unique identifier of the identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The identifier of the policy store that contains the identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The Cedar entity type of the principals returned from the IdP associated
	// with this identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IdentitySourceItem's
	// String and GoString methods.
	//
	// PrincipalEntityType is a required field
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that defines an identity source.

This data type is a response parameter to the ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html) operation.

func (IdentitySourceItem) GoString 

func (s IdentitySourceItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceItem) SetConfiguration added in v1.50.33 

func (s *IdentitySourceItem) SetConfiguration(v *ConfigurationItem) *IdentitySourceItem

SetConfiguration sets the Configuration field's value.

func (*IdentitySourceItem) SetCreatedDate 

func (s *IdentitySourceItem) SetCreatedDate(v time.Time) *IdentitySourceItem

SetCreatedDate sets the CreatedDate field's value.

func (*IdentitySourceItem) SetDetails 

func (s *IdentitySourceItem) SetDetails(v *IdentitySourceItemDetails) *IdentitySourceItem

SetDetails sets the Details field's value.

func (*IdentitySourceItem) SetIdentitySourceId 

func (s *IdentitySourceItem) SetIdentitySourceId(v string) *IdentitySourceItem

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*IdentitySourceItem) SetLastUpdatedDate 

func (s *IdentitySourceItem) SetLastUpdatedDate(v time.Time) *IdentitySourceItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*IdentitySourceItem) SetPolicyStoreId 

func (s *IdentitySourceItem) SetPolicyStoreId(v string) *IdentitySourceItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*IdentitySourceItem) SetPrincipalEntityType 

func (s *IdentitySourceItem) SetPrincipalEntityType(v string) *IdentitySourceItem

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (IdentitySourceItem) String 

func (s IdentitySourceItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IdentitySourceItemDetails deprecated 

type IdentitySourceItemDetails struct {

	// The application client IDs associated with the specified Amazon Cognito user
	// pool that are enabled for this identity source.
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration.clientIds
	ClientIds []*string `locationName:"clientIds" deprecated:"true" type:"list"`

	// The well-known URL that points to this user pool's OIDC discovery endpoint.
	// This is a URL string in the following format. This URL replaces the placeholders
	// for both the Amazon Web Services Region and the user pool identifier with
	// those appropriate for this user pool.
	//
	// https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration.issuer
	DiscoveryUrl *string `locationName:"discoveryUrl" min:"1" deprecated:"true" type:"string"`

	// A string that identifies the type of OIDC service represented by this identity
	// source.
	//
	// At this time, the only valid value is cognito.
	//
	// Deprecated: This attribute has been replaced by configuration
	OpenIdIssuer *string `locationName:"openIdIssuer" deprecated:"true" type:"string" enum:"OpenIdIssuer"`

	// The Amazon Cognito user pool whose identities are accessible to this Verified
	// Permissions policy store.
	//
	// Deprecated: This attribute has been replaced by configuration.cognitoUserPoolConfiguration.userPoolArn
	UserPoolArn *string `locationName:"userPoolArn" min:"1" deprecated:"true" type:"string"`
	// contains filtered or unexported fields
}

A structure that contains configuration of the identity source.

This data type was a response parameter for the ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html) operation. Replaced by ConfigurationItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationItem.html).

Deprecated: This shape has been replaced by ConfigurationItem

func (IdentitySourceItemDetails) GoString 

func (s IdentitySourceItemDetails) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IdentitySourceItemDetails) SetClientIds 

func (s *IdentitySourceItemDetails) SetClientIds(v []*string) *IdentitySourceItemDetails

SetClientIds sets the ClientIds field's value.

func (*IdentitySourceItemDetails) SetDiscoveryUrl 

func (s *IdentitySourceItemDetails) SetDiscoveryUrl(v string) *IdentitySourceItemDetails

SetDiscoveryUrl sets the DiscoveryUrl field's value.

func (*IdentitySourceItemDetails) SetOpenIdIssuer 

func (s *IdentitySourceItemDetails) SetOpenIdIssuer(v string) *IdentitySourceItemDetails

SetOpenIdIssuer sets the OpenIdIssuer field's value.

func (*IdentitySourceItemDetails) SetUserPoolArn 

func (s *IdentitySourceItemDetails) SetUserPoolArn(v string) *IdentitySourceItemDetails

SetUserPoolArn sets the UserPoolArn field's value.

func (IdentitySourceItemDetails) String 

func (s IdentitySourceItemDetails) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InternalServerException 

type InternalServerException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

The request failed because of an internal error. Try your request again later

func (*InternalServerException) Code 

func (s *InternalServerException) Code() string

Code returns the exception type name.

func (*InternalServerException) Error 

func (s *InternalServerException) Error() string

func (InternalServerException) GoString 

func (s InternalServerException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InternalServerException) Message 

func (s *InternalServerException) Message() string

Message returns the exception's message.

func (*InternalServerException) OrigErr 

func (s *InternalServerException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InternalServerException) RequestID 

func (s *InternalServerException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InternalServerException) StatusCode 

func (s *InternalServerException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InternalServerException) String 

func (s InternalServerException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IsAuthorizedInput 

type IsAuthorizedInput struct {

	// Specifies the requested action to be authorized. For example, is the principal
	// authorized to perform this action on the resource?
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the list of resources and principals and their associated attributes
	// that Verified Permissions can examine when evaluating the policies.
	//
	// You can include only principal and resource entities in this parameter; you
	// can't include actions. You must specify actions in the schema.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make an authorization decision for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the principal for which the authorization decision is to be made.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// Specifies the resource for which the authorization decision is to be made.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (IsAuthorizedInput) GoString 

func (s IsAuthorizedInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedInput) SetAction 

func (s *IsAuthorizedInput) SetAction(v *ActionIdentifier) *IsAuthorizedInput

SetAction sets the Action field's value.

func (*IsAuthorizedInput) SetContext 

func (s *IsAuthorizedInput) SetContext(v *ContextDefinition) *IsAuthorizedInput

SetContext sets the Context field's value.

func (*IsAuthorizedInput) SetEntities 

func (s *IsAuthorizedInput) SetEntities(v *EntitiesDefinition) *IsAuthorizedInput

SetEntities sets the Entities field's value.

func (*IsAuthorizedInput) SetPolicyStoreId 

func (s *IsAuthorizedInput) SetPolicyStoreId(v string) *IsAuthorizedInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*IsAuthorizedInput) SetPrincipal 

func (s *IsAuthorizedInput) SetPrincipal(v *EntityIdentifier) *IsAuthorizedInput

SetPrincipal sets the Principal field's value.

func (*IsAuthorizedInput) SetResource 

func (s *IsAuthorizedInput) SetResource(v *EntityIdentifier) *IsAuthorizedInput

SetResource sets the Resource field's value.

func (IsAuthorizedInput) String 

func (s IsAuthorizedInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedInput) Validate 

func (s *IsAuthorizedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type IsAuthorizedOutput 

type IsAuthorizedOutput struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are two matching policies, where one is a forbid and
	// the other is a permit, then the forbid policy will be the determining policy.
	// In the case of multiple matching permit policies then there would be multiple
	// determining policies. In the case that no policies match, and hence the response
	// is DENY, there would be no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision, for example,
	// a policy references an Entity or entity Attribute that does not exist in
	// the slice.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (IsAuthorizedOutput) GoString 

func (s IsAuthorizedOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedOutput) SetDecision 

func (s *IsAuthorizedOutput) SetDecision(v string) *IsAuthorizedOutput

SetDecision sets the Decision field's value.

func (*IsAuthorizedOutput) SetDeterminingPolicies 

func (s *IsAuthorizedOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedOutput

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*IsAuthorizedOutput) SetErrors 

func (s *IsAuthorizedOutput) SetErrors(v []*EvaluationErrorItem) *IsAuthorizedOutput

SetErrors sets the Errors field's value.

func (IsAuthorizedOutput) String 

func (s IsAuthorizedOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IsAuthorizedWithTokenInput 

type IsAuthorizedWithTokenInput struct {

	// Specifies an access token for the principal to be authorized. This token
	// is provided to you by the identity provider (IdP) associated with the specified
	// identity source. You must specify either an accessToken, an identityToken,
	// or both.
	//
	// Must be an access token. Verified Permissions returns an error if the token_use
	// claim in the submitted token isn't access.
	//
	// AccessToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IsAuthorizedWithTokenInput's
	// String and GoString methods.
	AccessToken *string `locationName:"accessToken" min:"1" type:"string" sensitive:"true"`

	// Specifies the requested action to be authorized. Is the specified principal
	// authorized to perform this action on the specified resource.
	Action *ActionIdentifier `locationName:"action" type:"structure"`

	// Specifies additional context that can be used to make more granular authorization
	// decisions.
	Context *ContextDefinition `locationName:"context" type:"structure"`

	// Specifies the list of resources and their associated attributes that Verified
	// Permissions can examine when evaluating the policies.
	//
	// You can't include principals in this parameter, only resource and action
	// entities. This parameter can't include any entities of a type that matches
	// the user or group entity types that you defined in your identity source.
	//
	//    * The IsAuthorizedWithToken operation takes principal attributes from
	//    only the identityToken or accessToken passed to the operation.
	//
	//    * For action entities, you can include only their Identifier and EntityType.
	Entities *EntitiesDefinition `locationName:"entities" type:"structure"`

	// Specifies an identity token for the principal to be authorized. This token
	// is provided to you by the identity provider (IdP) associated with the specified
	// identity source. You must specify either an accessToken, an identityToken,
	// or both.
	//
	// Must be an ID token. Verified Permissions returns an error if the token_use
	// claim in the submitted token isn't id.
	//
	// IdentityToken is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by IsAuthorizedWithTokenInput's
	// String and GoString methods.
	IdentityToken *string `locationName:"identityToken" min:"1" type:"string" sensitive:"true"`

	// Specifies the ID of the policy store. Policies in this policy store will
	// be used to make an authorization decision for the input.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the resource for which the authorization decision is made. For
	// example, is the principal allowed to perform the action on the resource?
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (IsAuthorizedWithTokenInput) GoString 

func (s IsAuthorizedWithTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedWithTokenInput) SetAccessToken 

func (s *IsAuthorizedWithTokenInput) SetAccessToken(v string) *IsAuthorizedWithTokenInput

SetAccessToken sets the AccessToken field's value.

func (*IsAuthorizedWithTokenInput) SetAction 

func (s *IsAuthorizedWithTokenInput) SetAction(v *ActionIdentifier) *IsAuthorizedWithTokenInput

SetAction sets the Action field's value.

func (*IsAuthorizedWithTokenInput) SetContext 

func (s *IsAuthorizedWithTokenInput) SetContext(v *ContextDefinition) *IsAuthorizedWithTokenInput

SetContext sets the Context field's value.

func (*IsAuthorizedWithTokenInput) SetEntities 

func (s *IsAuthorizedWithTokenInput) SetEntities(v *EntitiesDefinition) *IsAuthorizedWithTokenInput

SetEntities sets the Entities field's value.

func (*IsAuthorizedWithTokenInput) SetIdentityToken 

func (s *IsAuthorizedWithTokenInput) SetIdentityToken(v string) *IsAuthorizedWithTokenInput

SetIdentityToken sets the IdentityToken field's value.

func (*IsAuthorizedWithTokenInput) SetPolicyStoreId 

func (s *IsAuthorizedWithTokenInput) SetPolicyStoreId(v string) *IsAuthorizedWithTokenInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*IsAuthorizedWithTokenInput) SetResource 

func (s *IsAuthorizedWithTokenInput) SetResource(v *EntityIdentifier) *IsAuthorizedWithTokenInput

SetResource sets the Resource field's value.

func (IsAuthorizedWithTokenInput) String 

func (s IsAuthorizedWithTokenInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedWithTokenInput) Validate 

func (s *IsAuthorizedWithTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type IsAuthorizedWithTokenOutput 

type IsAuthorizedWithTokenOutput struct {

	// An authorization decision that indicates if the authorization request should
	// be allowed or denied.
	//
	// Decision is a required field
	Decision *string `locationName:"decision" type:"string" required:"true" enum:"Decision"`

	// The list of determining policies used to make the authorization decision.
	// For example, if there are multiple matching policies, where at least one
	// is a forbid policy, then because forbid always overrides permit the forbid
	// policies are the determining policies. If all matching policies are permit
	// policies, then those policies are the determining policies. When no policies
	// match and the response is the default DENY, there are no determining policies.
	//
	// DeterminingPolicies is a required field
	DeterminingPolicies []*DeterminingPolicyItem `locationName:"determiningPolicies" type:"list" required:"true"`

	// Errors that occurred while making an authorization decision. For example,
	// a policy references an entity or entity attribute that does not exist in
	// the slice.
	//
	// Errors is a required field
	Errors []*EvaluationErrorItem `locationName:"errors" type:"list" required:"true"`

	// The identifier of the principal in the ID or access token.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`
	// contains filtered or unexported fields
}

func (IsAuthorizedWithTokenOutput) GoString 

func (s IsAuthorizedWithTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*IsAuthorizedWithTokenOutput) SetDecision 

func (s *IsAuthorizedWithTokenOutput) SetDecision(v string) *IsAuthorizedWithTokenOutput

SetDecision sets the Decision field's value.

func (*IsAuthorizedWithTokenOutput) SetDeterminingPolicies 

func (s *IsAuthorizedWithTokenOutput) SetDeterminingPolicies(v []*DeterminingPolicyItem) *IsAuthorizedWithTokenOutput

SetDeterminingPolicies sets the DeterminingPolicies field's value.

func (*IsAuthorizedWithTokenOutput) SetErrors 

func (s *IsAuthorizedWithTokenOutput) SetErrors(v []*EvaluationErrorItem) *IsAuthorizedWithTokenOutput

SetErrors sets the Errors field's value.

func (*IsAuthorizedWithTokenOutput) SetPrincipal added in v1.51.15 

func (s *IsAuthorizedWithTokenOutput) SetPrincipal(v *EntityIdentifier) *IsAuthorizedWithTokenOutput

SetPrincipal sets the Principal field's value.

func (IsAuthorizedWithTokenOutput) String 

func (s IsAuthorizedWithTokenOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListIdentitySourcesInput 

type ListIdentitySourcesInput struct {

	// Specifies characteristics of an identity source that you can use to limit
	// the output to matching identity sources.
	Filters []*IdentitySourceFilter `locationName:"filters" type:"list"`

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 identity
	// sources per response. You can specify a maximum of 50 identity sources per
	// response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Specifies the ID of the policy store that contains the identity sources that
	// you want to list.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListIdentitySourcesInput) GoString 

func (s ListIdentitySourcesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentitySourcesInput) SetFilters 

func (s *ListIdentitySourcesInput) SetFilters(v []*IdentitySourceFilter) *ListIdentitySourcesInput

SetFilters sets the Filters field's value.

func (*ListIdentitySourcesInput) SetMaxResults 

func (s *ListIdentitySourcesInput) SetMaxResults(v int64) *ListIdentitySourcesInput

SetMaxResults sets the MaxResults field's value.

func (*ListIdentitySourcesInput) SetNextToken 

func (s *ListIdentitySourcesInput) SetNextToken(v string) *ListIdentitySourcesInput

SetNextToken sets the NextToken field's value.

func (*ListIdentitySourcesInput) SetPolicyStoreId 

func (s *ListIdentitySourcesInput) SetPolicyStoreId(v string) *ListIdentitySourcesInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (ListIdentitySourcesInput) String 

func (s ListIdentitySourcesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentitySourcesInput) Validate 

func (s *ListIdentitySourcesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListIdentitySourcesOutput 

type ListIdentitySourcesOutput struct {

	// The list of identity sources stored in the specified policy store.
	//
	// IdentitySources is a required field
	IdentitySources []*IdentitySourceItem `locationName:"identitySources" type:"list" required:"true"`

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListIdentitySourcesOutput) GoString 

func (s ListIdentitySourcesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListIdentitySourcesOutput) SetIdentitySources 

func (s *ListIdentitySourcesOutput) SetIdentitySources(v []*IdentitySourceItem) *ListIdentitySourcesOutput

SetIdentitySources sets the IdentitySources field's value.

func (*ListIdentitySourcesOutput) SetNextToken 

func (s *ListIdentitySourcesOutput) SetNextToken(v string) *ListIdentitySourcesOutput

SetNextToken sets the NextToken field's value.

func (ListIdentitySourcesOutput) String 

func (s ListIdentitySourcesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPoliciesInput 

type ListPoliciesInput struct {

	// Specifies a filter that limits the response to only policies that match the
	// specified criteria. For example, you list only the policies that reference
	// a specified principal.
	Filter *PolicyFilter `locationName:"filter" type:"structure"`

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 policies
	// per response. You can specify a maximum of 50 policies per response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Specifies the ID of the policy store you want to list policies from.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesInput) GoString 

func (s ListPoliciesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesInput) SetFilter 

func (s *ListPoliciesInput) SetFilter(v *PolicyFilter) *ListPoliciesInput

SetFilter sets the Filter field's value.

func (*ListPoliciesInput) SetMaxResults 

func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput

SetMaxResults sets the MaxResults field's value.

func (*ListPoliciesInput) SetNextToken 

func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput

SetNextToken sets the NextToken field's value.

func (*ListPoliciesInput) SetPolicyStoreId 

func (s *ListPoliciesInput) SetPolicyStoreId(v string) *ListPoliciesInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (ListPoliciesInput) String 

func (s ListPoliciesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesInput) Validate 

func (s *ListPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesOutput 

type ListPoliciesOutput struct {

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Lists all policies that are available in the specified policy store.
	//
	// Policies is a required field
	Policies []*PolicyItem `locationName:"policies" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesOutput) GoString 

func (s ListPoliciesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesOutput) SetNextToken 

func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput

SetNextToken sets the NextToken field's value.

func (*ListPoliciesOutput) SetPolicies 

func (s *ListPoliciesOutput) SetPolicies(v []*PolicyItem) *ListPoliciesOutput

SetPolicies sets the Policies field's value.

func (ListPoliciesOutput) String 

func (s ListPoliciesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPolicyStoresInput 

type ListPolicyStoresInput struct {

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 policy
	// stores per response. You can specify a maximum of 50 policy stores per response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListPolicyStoresInput) GoString 

func (s ListPolicyStoresInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyStoresInput) SetMaxResults 

func (s *ListPolicyStoresInput) SetMaxResults(v int64) *ListPolicyStoresInput

SetMaxResults sets the MaxResults field's value.

func (*ListPolicyStoresInput) SetNextToken 

func (s *ListPolicyStoresInput) SetNextToken(v string) *ListPolicyStoresInput

SetNextToken sets the NextToken field's value.

func (ListPolicyStoresInput) String 

func (s ListPolicyStoresInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyStoresInput) Validate 

func (s *ListPolicyStoresInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyStoresOutput 

type ListPolicyStoresOutput struct {

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// The list of policy stores in the account.
	//
	// PolicyStores is a required field
	PolicyStores []*PolicyStoreItem `locationName:"policyStores" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyStoresOutput) GoString 

func (s ListPolicyStoresOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyStoresOutput) SetNextToken 

func (s *ListPolicyStoresOutput) SetNextToken(v string) *ListPolicyStoresOutput

SetNextToken sets the NextToken field's value.

func (*ListPolicyStoresOutput) SetPolicyStores 

func (s *ListPolicyStoresOutput) SetPolicyStores(v []*PolicyStoreItem) *ListPolicyStoresOutput

SetPolicyStores sets the PolicyStores field's value.

func (ListPolicyStoresOutput) String 

func (s ListPolicyStoresOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPolicyTemplatesInput 

type ListPolicyTemplatesInput struct {

	// Specifies the total number of results that you want included in each response.
	// If additional items exist beyond the number you specify, the NextToken response
	// element is returned with a value (not null). Include the specified value
	// as the NextToken request parameter in the next call to the operation to get
	// the next set of results. Note that the service might return fewer results
	// than the maximum even when there are more results available. You should check
	// NextToken after every operation to ensure that you receive all of the results.
	//
	// If you do not specify this parameter, the operation defaults to 10 policy
	// templates per response. You can specify a maximum of 50 policy templates
	// per response.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// Specifies that you want to receive the next page of results. Valid only if
	// you received a NextToken response in the previous request. If you did, it
	// indicates that more output is available. Set this parameter to the value
	// provided by the previous call's NextToken response to request the next page
	// of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// Specifies the ID of the policy store that contains the policy templates you
	// want to list.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyTemplatesInput) GoString 

func (s ListPolicyTemplatesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTemplatesInput) SetMaxResults 

func (s *ListPolicyTemplatesInput) SetMaxResults(v int64) *ListPolicyTemplatesInput

SetMaxResults sets the MaxResults field's value.

func (*ListPolicyTemplatesInput) SetNextToken 

func (s *ListPolicyTemplatesInput) SetNextToken(v string) *ListPolicyTemplatesInput

SetNextToken sets the NextToken field's value.

func (*ListPolicyTemplatesInput) SetPolicyStoreId 

func (s *ListPolicyTemplatesInput) SetPolicyStoreId(v string) *ListPolicyTemplatesInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (ListPolicyTemplatesInput) String 

func (s ListPolicyTemplatesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTemplatesInput) Validate 

func (s *ListPolicyTemplatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyTemplatesOutput 

type ListPolicyTemplatesOutput struct {

	// If present, this value indicates that more output is available than is included
	// in the current response. Use this value in the NextToken request parameter
	// in a subsequent call to the operation to get the next part of the output.
	// You should repeat this until the NextToken response element comes back as
	// null. This indicates that this is the last page of results.
	NextToken *string `locationName:"nextToken" min:"1" type:"string"`

	// The list of the policy templates in the specified policy store.
	//
	// PolicyTemplates is a required field
	PolicyTemplates []*PolicyTemplateItem `locationName:"policyTemplates" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyTemplatesOutput) GoString 

func (s ListPolicyTemplatesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTemplatesOutput) SetNextToken 

func (s *ListPolicyTemplatesOutput) SetNextToken(v string) *ListPolicyTemplatesOutput

SetNextToken sets the NextToken field's value.

func (*ListPolicyTemplatesOutput) SetPolicyTemplates 

func (s *ListPolicyTemplatesOutput) SetPolicyTemplates(v []*PolicyTemplateItem) *ListPolicyTemplatesOutput

SetPolicyTemplates sets the PolicyTemplates field's value.

func (ListPolicyTemplatesOutput) String 

func (s ListPolicyTemplatesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectAccessTokenConfiguration added in v1.53.19 

type OpenIdConnectAccessTokenConfiguration struct {

	// The access token aud claim values that you want to accept in your policy
	// store. For example, https://myapp.example.com, https://myapp2.example.com.
	Audiences []*string `locationName:"audiences" min:"1" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectAccessTokenConfiguration's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling access token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelection (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectTokenSelection.html) structure, which is a parameter of CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

func (OpenIdConnectAccessTokenConfiguration) GoString added in v1.53.19 

func (s OpenIdConnectAccessTokenConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectAccessTokenConfiguration) SetAudiences added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfiguration) SetAudiences(v []*string) *OpenIdConnectAccessTokenConfiguration

SetAudiences sets the Audiences field's value.

func (*OpenIdConnectAccessTokenConfiguration) SetPrincipalIdClaim added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfiguration) SetPrincipalIdClaim(v string) *OpenIdConnectAccessTokenConfiguration

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (OpenIdConnectAccessTokenConfiguration) String added in v1.53.19 

func (s OpenIdConnectAccessTokenConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectAccessTokenConfiguration) Validate added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type OpenIdConnectAccessTokenConfigurationDetail added in v1.53.19 

type OpenIdConnectAccessTokenConfigurationDetail struct {

	// The access token aud claim values that you want to accept in your policy
	// store. For example, https://myapp.example.com, https://myapp2.example.com.
	Audiences []*string `locationName:"audiences" min:"1" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectAccessTokenConfigurationDetail's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling access token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelectionDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectTokenSelectionDetail.html) structure, which is a parameter of GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

func (OpenIdConnectAccessTokenConfigurationDetail) GoString added in v1.53.19 

func (s OpenIdConnectAccessTokenConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectAccessTokenConfigurationDetail) SetAudiences added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfigurationDetail) SetAudiences(v []*string) *OpenIdConnectAccessTokenConfigurationDetail

SetAudiences sets the Audiences field's value.

func (*OpenIdConnectAccessTokenConfigurationDetail) SetPrincipalIdClaim added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfigurationDetail) SetPrincipalIdClaim(v string) *OpenIdConnectAccessTokenConfigurationDetail

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (OpenIdConnectAccessTokenConfigurationDetail) String added in v1.53.19 

func (s OpenIdConnectAccessTokenConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectAccessTokenConfigurationItem added in v1.53.19 

type OpenIdConnectAccessTokenConfigurationItem struct {

	// The access token aud claim values that you want to accept in your policy
	// store. For example, https://myapp.example.com, https://myapp2.example.com.
	Audiences []*string `locationName:"audiences" min:"1" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectAccessTokenConfigurationItem's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling access token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelectionItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectTokenSelectionItem.html) structure, which is a parameter of ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

func (OpenIdConnectAccessTokenConfigurationItem) GoString added in v1.53.19 

func (s OpenIdConnectAccessTokenConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectAccessTokenConfigurationItem) SetAudiences added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfigurationItem) SetAudiences(v []*string) *OpenIdConnectAccessTokenConfigurationItem

SetAudiences sets the Audiences field's value.

func (*OpenIdConnectAccessTokenConfigurationItem) SetPrincipalIdClaim added in v1.53.19 

func (s *OpenIdConnectAccessTokenConfigurationItem) SetPrincipalIdClaim(v string) *OpenIdConnectAccessTokenConfigurationItem

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (OpenIdConnectAccessTokenConfigurationItem) String added in v1.53.19 

func (s OpenIdConnectAccessTokenConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectConfiguration added in v1.53.19 

type OpenIdConnectConfiguration struct {

	// A descriptive string that you want to prefix to user entities from your OIDC
	// identity provider. For example, if you set an entityIdPrefix of MyOIDCProvider,
	// you can reference principals in your policies in the format MyCorp::User::MyOIDCProvider|Carlos.
	//
	// EntityIdPrefix is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectConfiguration's
	// String and GoString methods.
	EntityIdPrefix *string `locationName:"entityIdPrefix" min:"1" type:"string" sensitive:"true"`

	// The claim in OIDC identity provider tokens that indicates a user's group
	// membership, and the entity type that you want to map it to. For example,
	// this object can map the contents of a groups claim to MyCorp::UserGroup.
	GroupConfiguration *OpenIdConnectGroupConfiguration `locationName:"groupConfiguration" type:"structure"`

	// The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery
	// endpoint at the path .well-known/openid-configuration.
	//
	// Issuer is a required field
	Issuer *string `locationName:"issuer" min:"1" type:"string" required:"true"`

	// The token type that you want to process from your OIDC identity provider.
	// Your policy store can process either identity (ID) or access tokens from
	// a given OIDC identity source.
	//
	// TokenSelection is a required field
	TokenSelection *OpenIdConnectTokenSelection `locationName:"tokenSelection" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.

This data type is part of a Configuration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html) structure, which is a parameter to CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

func (OpenIdConnectConfiguration) GoString added in v1.53.19 

func (s OpenIdConnectConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectConfiguration) SetEntityIdPrefix added in v1.53.19 

func (s *OpenIdConnectConfiguration) SetEntityIdPrefix(v string) *OpenIdConnectConfiguration

SetEntityIdPrefix sets the EntityIdPrefix field's value.

func (*OpenIdConnectConfiguration) SetGroupConfiguration added in v1.53.19 

func (s *OpenIdConnectConfiguration) SetGroupConfiguration(v *OpenIdConnectGroupConfiguration) *OpenIdConnectConfiguration

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*OpenIdConnectConfiguration) SetIssuer added in v1.53.19 

func (s *OpenIdConnectConfiguration) SetIssuer(v string) *OpenIdConnectConfiguration

SetIssuer sets the Issuer field's value.

func (*OpenIdConnectConfiguration) SetTokenSelection added in v1.53.19 

func (s *OpenIdConnectConfiguration) SetTokenSelection(v *OpenIdConnectTokenSelection) *OpenIdConnectConfiguration

SetTokenSelection sets the TokenSelection field's value.

func (OpenIdConnectConfiguration) String added in v1.53.19 

func (s OpenIdConnectConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectConfiguration) Validate added in v1.53.19 

func (s *OpenIdConnectConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type OpenIdConnectConfigurationDetail added in v1.53.19 

type OpenIdConnectConfigurationDetail struct {

	// A descriptive string that you want to prefix to user entities from your OIDC
	// identity provider. For example, if you set an entityIdPrefix of MyOIDCProvider,
	// you can reference principals in your policies in the format MyCorp::User::MyOIDCProvider|Carlos.
	//
	// EntityIdPrefix is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectConfigurationDetail's
	// String and GoString methods.
	EntityIdPrefix *string `locationName:"entityIdPrefix" min:"1" type:"string" sensitive:"true"`

	// The claim in OIDC identity provider tokens that indicates a user's group
	// membership, and the entity type that you want to map it to. For example,
	// this object can map the contents of a groups claim to MyCorp::UserGroup.
	GroupConfiguration *OpenIdConnectGroupConfigurationDetail `locationName:"groupConfiguration" type:"structure"`

	// The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery
	// endpoint at the path .well-known/openid-configuration.
	//
	// Issuer is a required field
	Issuer *string `locationName:"issuer" min:"1" type:"string" required:"true"`

	// The token type that you want to process from your OIDC identity provider.
	// Your policy store can process either identity (ID) or access tokens from
	// a given OIDC identity source.
	//
	// TokenSelection is a required field
	TokenSelection *OpenIdConnectTokenSelectionDetail `locationName:"tokenSelection" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.

This data type is part of a ConfigurationDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html) structure, which is a parameter to GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

func (OpenIdConnectConfigurationDetail) GoString added in v1.53.19 

func (s OpenIdConnectConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectConfigurationDetail) SetEntityIdPrefix added in v1.53.19 

func (s *OpenIdConnectConfigurationDetail) SetEntityIdPrefix(v string) *OpenIdConnectConfigurationDetail

SetEntityIdPrefix sets the EntityIdPrefix field's value.

func (*OpenIdConnectConfigurationDetail) SetGroupConfiguration added in v1.53.19 

func (s *OpenIdConnectConfigurationDetail) SetGroupConfiguration(v *OpenIdConnectGroupConfigurationDetail) *OpenIdConnectConfigurationDetail

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*OpenIdConnectConfigurationDetail) SetIssuer added in v1.53.19 

func (s *OpenIdConnectConfigurationDetail) SetIssuer(v string) *OpenIdConnectConfigurationDetail

SetIssuer sets the Issuer field's value.

func (*OpenIdConnectConfigurationDetail) SetTokenSelection added in v1.53.19 

func (s *OpenIdConnectConfigurationDetail) SetTokenSelection(v *OpenIdConnectTokenSelectionDetail) *OpenIdConnectConfigurationDetail

SetTokenSelection sets the TokenSelection field's value.

func (OpenIdConnectConfigurationDetail) String added in v1.53.19 

func (s OpenIdConnectConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectConfigurationItem added in v1.53.19 

type OpenIdConnectConfigurationItem struct {

	// A descriptive string that you want to prefix to user entities from your OIDC
	// identity provider. For example, if you set an entityIdPrefix of MyOIDCProvider,
	// you can reference principals in your policies in the format MyCorp::User::MyOIDCProvider|Carlos.
	//
	// EntityIdPrefix is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectConfigurationItem's
	// String and GoString methods.
	EntityIdPrefix *string `locationName:"entityIdPrefix" min:"1" type:"string" sensitive:"true"`

	// The claim in OIDC identity provider tokens that indicates a user's group
	// membership, and the entity type that you want to map it to. For example,
	// this object can map the contents of a groups claim to MyCorp::UserGroup.
	GroupConfiguration *OpenIdConnectGroupConfigurationItem `locationName:"groupConfiguration" type:"structure"`

	// The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery
	// endpoint at the path .well-known/openid-configuration.
	//
	// Issuer is a required field
	Issuer *string `locationName:"issuer" min:"1" type:"string" required:"true"`

	// The token type that you want to process from your OIDC identity provider.
	// Your policy store can process either identity (ID) or access tokens from
	// a given OIDC identity source.
	//
	// TokenSelection is a required field
	TokenSelection *OpenIdConnectTokenSelectionItem `locationName:"tokenSelection" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.

This data type is part of a ConfigurationItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html) structure, which is a parameter to ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

func (OpenIdConnectConfigurationItem) GoString added in v1.53.19 

func (s OpenIdConnectConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectConfigurationItem) SetEntityIdPrefix added in v1.53.19 

func (s *OpenIdConnectConfigurationItem) SetEntityIdPrefix(v string) *OpenIdConnectConfigurationItem

SetEntityIdPrefix sets the EntityIdPrefix field's value.

func (*OpenIdConnectConfigurationItem) SetGroupConfiguration added in v1.53.19 

func (s *OpenIdConnectConfigurationItem) SetGroupConfiguration(v *OpenIdConnectGroupConfigurationItem) *OpenIdConnectConfigurationItem

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*OpenIdConnectConfigurationItem) SetIssuer added in v1.53.19 

func (s *OpenIdConnectConfigurationItem) SetIssuer(v string) *OpenIdConnectConfigurationItem

SetIssuer sets the Issuer field's value.

func (*OpenIdConnectConfigurationItem) SetTokenSelection added in v1.53.19 

func (s *OpenIdConnectConfigurationItem) SetTokenSelection(v *OpenIdConnectTokenSelectionItem) *OpenIdConnectConfigurationItem

SetTokenSelection sets the TokenSelection field's value.

func (OpenIdConnectConfigurationItem) String added in v1.53.19 

func (s OpenIdConnectConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectGroupConfiguration added in v1.53.19 

type OpenIdConnectGroupConfiguration struct {

	// The token claim that you want Verified Permissions to interpret as group
	// membership. For example, groups.
	//
	// GroupClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectGroupConfiguration's
	// String and GoString methods.
	//
	// GroupClaim is a required field
	GroupClaim *string `locationName:"groupClaim" min:"1" type:"string" required:"true" sensitive:"true"`

	// The policy store entity type that you want to map your users' group claim
	// to. For example, MyCorp::UserGroup. A group entity type is an entity that
	// can have a user entity type as a member.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectGroupConfiguration's
	// String and GoString methods.
	//
	// GroupEntityType is a required field
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a groups claim to MyCorp::UserGroup.

This data type is part of a OpenIdConnectConfiguration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectConfiguration.html) structure, which is a parameter of CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

func (OpenIdConnectGroupConfiguration) GoString added in v1.53.19 

func (s OpenIdConnectGroupConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectGroupConfiguration) SetGroupClaim added in v1.53.19 

func (s *OpenIdConnectGroupConfiguration) SetGroupClaim(v string) *OpenIdConnectGroupConfiguration

SetGroupClaim sets the GroupClaim field's value.

func (*OpenIdConnectGroupConfiguration) SetGroupEntityType added in v1.53.19 

func (s *OpenIdConnectGroupConfiguration) SetGroupEntityType(v string) *OpenIdConnectGroupConfiguration

SetGroupEntityType sets the GroupEntityType field's value.

func (OpenIdConnectGroupConfiguration) String added in v1.53.19 

func (s OpenIdConnectGroupConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectGroupConfiguration) Validate added in v1.53.19 

func (s *OpenIdConnectGroupConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type OpenIdConnectGroupConfigurationDetail added in v1.53.19 

type OpenIdConnectGroupConfigurationDetail struct {

	// The token claim that you want Verified Permissions to interpret as group
	// membership. For example, groups.
	//
	// GroupClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectGroupConfigurationDetail's
	// String and GoString methods.
	//
	// GroupClaim is a required field
	GroupClaim *string `locationName:"groupClaim" min:"1" type:"string" required:"true" sensitive:"true"`

	// The policy store entity type that you want to map your users' group claim
	// to. For example, MyCorp::UserGroup. A group entity type is an entity that
	// can have a user entity type as a member.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectGroupConfigurationDetail's
	// String and GoString methods.
	//
	// GroupEntityType is a required field
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a groups claim to MyCorp::UserGroup.

This data type is part of a OpenIdConnectConfigurationDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectConfigurationDetail.html) structure, which is a parameter of GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

func (OpenIdConnectGroupConfigurationDetail) GoString added in v1.53.19 

func (s OpenIdConnectGroupConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectGroupConfigurationDetail) SetGroupClaim added in v1.53.19 

func (s *OpenIdConnectGroupConfigurationDetail) SetGroupClaim(v string) *OpenIdConnectGroupConfigurationDetail

SetGroupClaim sets the GroupClaim field's value.

func (*OpenIdConnectGroupConfigurationDetail) SetGroupEntityType added in v1.53.19 

func (s *OpenIdConnectGroupConfigurationDetail) SetGroupEntityType(v string) *OpenIdConnectGroupConfigurationDetail

SetGroupEntityType sets the GroupEntityType field's value.

func (OpenIdConnectGroupConfigurationDetail) String added in v1.53.19 

func (s OpenIdConnectGroupConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectGroupConfigurationItem added in v1.53.19 

type OpenIdConnectGroupConfigurationItem struct {

	// The token claim that you want Verified Permissions to interpret as group
	// membership. For example, groups.
	//
	// GroupClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectGroupConfigurationItem's
	// String and GoString methods.
	//
	// GroupClaim is a required field
	GroupClaim *string `locationName:"groupClaim" min:"1" type:"string" required:"true" sensitive:"true"`

	// The policy store entity type that you want to map your users' group claim
	// to. For example, MyCorp::UserGroup. A group entity type is an entity that
	// can have a user entity type as a member.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectGroupConfigurationItem's
	// String and GoString methods.
	//
	// GroupEntityType is a required field
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a groups claim to MyCorp::UserGroup.

This data type is part of a OpenIdConnectConfigurationItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectConfigurationItem.html) structure, which is a parameter of ListIdentitySourcea (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

func (OpenIdConnectGroupConfigurationItem) GoString added in v1.53.19 

func (s OpenIdConnectGroupConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectGroupConfigurationItem) SetGroupClaim added in v1.53.19 

func (s *OpenIdConnectGroupConfigurationItem) SetGroupClaim(v string) *OpenIdConnectGroupConfigurationItem

SetGroupClaim sets the GroupClaim field's value.

func (*OpenIdConnectGroupConfigurationItem) SetGroupEntityType added in v1.53.19 

func (s *OpenIdConnectGroupConfigurationItem) SetGroupEntityType(v string) *OpenIdConnectGroupConfigurationItem

SetGroupEntityType sets the GroupEntityType field's value.

func (OpenIdConnectGroupConfigurationItem) String added in v1.53.19 

func (s OpenIdConnectGroupConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectIdentityTokenConfiguration added in v1.53.19 

type OpenIdConnectIdentityTokenConfiguration struct {

	// The ID token audience, or client ID, claim values that you want to accept
	// in your policy store from an OIDC identity provider. For example, 1example23456789,
	// 2example10111213.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectIdentityTokenConfiguration's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling identity (ID) token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelection (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectTokenSelection.html) structure, which is a parameter of CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

func (OpenIdConnectIdentityTokenConfiguration) GoString added in v1.53.19 

func (s OpenIdConnectIdentityTokenConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectIdentityTokenConfiguration) SetClientIds added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfiguration) SetClientIds(v []*string) *OpenIdConnectIdentityTokenConfiguration

SetClientIds sets the ClientIds field's value.

func (*OpenIdConnectIdentityTokenConfiguration) SetPrincipalIdClaim added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfiguration) SetPrincipalIdClaim(v string) *OpenIdConnectIdentityTokenConfiguration

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (OpenIdConnectIdentityTokenConfiguration) String added in v1.53.19 

func (s OpenIdConnectIdentityTokenConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectIdentityTokenConfiguration) Validate added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type OpenIdConnectIdentityTokenConfigurationDetail added in v1.53.19 

type OpenIdConnectIdentityTokenConfigurationDetail struct {

	// The ID token audience, or client ID, claim values that you want to accept
	// in your policy store from an OIDC identity provider. For example, 1example23456789,
	// 2example10111213.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectIdentityTokenConfigurationDetail's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling identity (ID) token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelectionDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectTokenSelectionDetail.html) structure, which is a parameter of GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

func (OpenIdConnectIdentityTokenConfigurationDetail) GoString added in v1.53.19 

func (s OpenIdConnectIdentityTokenConfigurationDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectIdentityTokenConfigurationDetail) SetClientIds added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfigurationDetail) SetClientIds(v []*string) *OpenIdConnectIdentityTokenConfigurationDetail

SetClientIds sets the ClientIds field's value.

func (*OpenIdConnectIdentityTokenConfigurationDetail) SetPrincipalIdClaim added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfigurationDetail) SetPrincipalIdClaim(v string) *OpenIdConnectIdentityTokenConfigurationDetail

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (OpenIdConnectIdentityTokenConfigurationDetail) String added in v1.53.19 

func (s OpenIdConnectIdentityTokenConfigurationDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectIdentityTokenConfigurationItem added in v1.53.19 

type OpenIdConnectIdentityTokenConfigurationItem struct {

	// The ID token audience, or client ID, claim values that you want to accept
	// in your policy store from an OIDC identity provider. For example, 1example23456789,
	// 2example10111213.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by OpenIdConnectIdentityTokenConfigurationItem's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling identity (ID) token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a OpenIdConnectTokenSelectionItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectTokenSelectionItem.html) structure, which is a parameter of ListIdentitySources (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

func (OpenIdConnectIdentityTokenConfigurationItem) GoString added in v1.53.19 

func (s OpenIdConnectIdentityTokenConfigurationItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectIdentityTokenConfigurationItem) SetClientIds added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfigurationItem) SetClientIds(v []*string) *OpenIdConnectIdentityTokenConfigurationItem

SetClientIds sets the ClientIds field's value.

func (*OpenIdConnectIdentityTokenConfigurationItem) SetPrincipalIdClaim added in v1.53.19 

func (s *OpenIdConnectIdentityTokenConfigurationItem) SetPrincipalIdClaim(v string) *OpenIdConnectIdentityTokenConfigurationItem

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (OpenIdConnectIdentityTokenConfigurationItem) String added in v1.53.19 

func (s OpenIdConnectIdentityTokenConfigurationItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectTokenSelection added in v1.53.19 

type OpenIdConnectTokenSelection struct {

	// The OIDC configuration for processing access tokens. Contains allowed audience
	// claims, for example https://auth.example.com, and the claim that you want
	// to map to the principal, for example sub.
	AccessTokenOnly *OpenIdConnectAccessTokenConfiguration `locationName:"accessTokenOnly" type:"structure"`

	// The OIDC configuration for processing identity (ID) tokens. Contains allowed
	// client ID claims, for example 1example23456789, and the claim that you want
	// to map to the principal, for example sub.
	IdentityTokenOnly *OpenIdConnectIdentityTokenConfiguration `locationName:"identityTokenOnly" type:"structure"`
	// contains filtered or unexported fields
}

The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

This data type is part of a OpenIdConnectConfiguration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectConfiguration.html) structure, which is a parameter of CreateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html).

func (OpenIdConnectTokenSelection) GoString added in v1.53.19 

func (s OpenIdConnectTokenSelection) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectTokenSelection) SetAccessTokenOnly added in v1.53.19 

func (s *OpenIdConnectTokenSelection) SetAccessTokenOnly(v *OpenIdConnectAccessTokenConfiguration) *OpenIdConnectTokenSelection

SetAccessTokenOnly sets the AccessTokenOnly field's value.

func (*OpenIdConnectTokenSelection) SetIdentityTokenOnly added in v1.53.19 

func (s *OpenIdConnectTokenSelection) SetIdentityTokenOnly(v *OpenIdConnectIdentityTokenConfiguration) *OpenIdConnectTokenSelection

SetIdentityTokenOnly sets the IdentityTokenOnly field's value.

func (OpenIdConnectTokenSelection) String added in v1.53.19 

func (s OpenIdConnectTokenSelection) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectTokenSelection) Validate added in v1.53.19 

func (s *OpenIdConnectTokenSelection) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type OpenIdConnectTokenSelectionDetail added in v1.53.19 

type OpenIdConnectTokenSelectionDetail struct {

	// The OIDC configuration for processing access tokens. Contains allowed audience
	// claims, for example https://auth.example.com, and the claim that you want
	// to map to the principal, for example sub.
	AccessTokenOnly *OpenIdConnectAccessTokenConfigurationDetail `locationName:"accessTokenOnly" type:"structure"`

	// The OIDC configuration for processing identity (ID) tokens. Contains allowed
	// client ID claims, for example 1example23456789, and the claim that you want
	// to map to the principal, for example sub.
	IdentityTokenOnly *OpenIdConnectIdentityTokenConfigurationDetail `locationName:"identityTokenOnly" type:"structure"`
	// contains filtered or unexported fields
}

The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

This data type is part of a OpenIdConnectConfigurationDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectConfigurationDetail.html) structure, which is a parameter of GetIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html).

func (OpenIdConnectTokenSelectionDetail) GoString added in v1.53.19 

func (s OpenIdConnectTokenSelectionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectTokenSelectionDetail) SetAccessTokenOnly added in v1.53.19 

func (s *OpenIdConnectTokenSelectionDetail) SetAccessTokenOnly(v *OpenIdConnectAccessTokenConfigurationDetail) *OpenIdConnectTokenSelectionDetail

SetAccessTokenOnly sets the AccessTokenOnly field's value.

func (*OpenIdConnectTokenSelectionDetail) SetIdentityTokenOnly added in v1.53.19 

func (s *OpenIdConnectTokenSelectionDetail) SetIdentityTokenOnly(v *OpenIdConnectIdentityTokenConfigurationDetail) *OpenIdConnectTokenSelectionDetail

SetIdentityTokenOnly sets the IdentityTokenOnly field's value.

func (OpenIdConnectTokenSelectionDetail) String added in v1.53.19 

func (s OpenIdConnectTokenSelectionDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIdConnectTokenSelectionItem added in v1.53.19 

type OpenIdConnectTokenSelectionItem struct {

	// The OIDC configuration for processing access tokens. Contains allowed audience
	// claims, for example https://auth.example.com, and the claim that you want
	// to map to the principal, for example sub.
	AccessTokenOnly *OpenIdConnectAccessTokenConfigurationItem `locationName:"accessTokenOnly" type:"structure"`

	// The OIDC configuration for processing identity (ID) tokens. Contains allowed
	// client ID claims, for example 1example23456789, and the claim that you want
	// to map to the principal, for example sub.
	IdentityTokenOnly *OpenIdConnectIdentityTokenConfigurationItem `locationName:"identityTokenOnly" type:"structure"`
	// contains filtered or unexported fields
}

The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

This data type is part of a OpenIdConnectConfigurationItem (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_OpenIdConnectConfigurationItem.html) structure, which is a parameter of ListIdentitySources (http://amazonaws.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html).

func (OpenIdConnectTokenSelectionItem) GoString added in v1.53.19 

func (s OpenIdConnectTokenSelectionItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIdConnectTokenSelectionItem) SetAccessTokenOnly added in v1.53.19 

func (s *OpenIdConnectTokenSelectionItem) SetAccessTokenOnly(v *OpenIdConnectAccessTokenConfigurationItem) *OpenIdConnectTokenSelectionItem

SetAccessTokenOnly sets the AccessTokenOnly field's value.

func (*OpenIdConnectTokenSelectionItem) SetIdentityTokenOnly added in v1.53.19 

func (s *OpenIdConnectTokenSelectionItem) SetIdentityTokenOnly(v *OpenIdConnectIdentityTokenConfigurationItem) *OpenIdConnectTokenSelectionItem

SetIdentityTokenOnly sets the IdentityTokenOnly field's value.

func (OpenIdConnectTokenSelectionItem) String added in v1.53.19 

func (s OpenIdConnectTokenSelectionItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyDefinition 

type PolicyDefinition struct {

	// A structure that describes a static policy. An static policy doesn't use
	// a template or allow placeholders for entities.
	Static *StaticPolicyDefinition `locationName:"static" type:"structure"`

	// A structure that describes a policy that was instantiated from a template.
	// The template can specify placeholders for principal and resource. When you
	// use CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html)
	// to create a policy from a template, you specify the exact principal and resource
	// to use for the instantiated policy.
	TemplateLinked *TemplateLinkedPolicyDefinition `locationName:"templateLinked" type:"structure"`
	// contains filtered or unexported fields
}

A structure that contains the details for a Cedar policy definition. It includes the policy type, a description, and a policy body. This is a top level data type used to create a policy.

This data type is used as a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation. This structure must always have either an static or a templateLinked element.

func (PolicyDefinition) GoString 

func (s PolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinition) SetStatic 

func (s *PolicyDefinition) SetStatic(v *StaticPolicyDefinition) *PolicyDefinition

SetStatic sets the Static field's value.

func (*PolicyDefinition) SetTemplateLinked 

func (s *PolicyDefinition) SetTemplateLinked(v *TemplateLinkedPolicyDefinition) *PolicyDefinition

SetTemplateLinked sets the TemplateLinked field's value.

func (PolicyDefinition) String 

func (s PolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinition) Validate 

func (s *PolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PolicyDefinitionDetail 

type PolicyDefinitionDetail struct {

	// Information about a static policy that wasn't created with a policy template.
	Static *StaticPolicyDefinitionDetail `locationName:"static" type:"structure"`

	// Information about a template-linked policy that was created by instantiating
	// a policy template.
	TemplateLinked *TemplateLinkedPolicyDefinitionDetail `locationName:"templateLinked" type:"structure"`
	// contains filtered or unexported fields
}

A structure that describes a policy definition. It must always have either an static or a templateLinked element.

This data type is used as a response parameter for the GetPolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html) operation.

func (PolicyDefinitionDetail) GoString 

func (s PolicyDefinitionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinitionDetail) SetStatic 

func (s *PolicyDefinitionDetail) SetStatic(v *StaticPolicyDefinitionDetail) *PolicyDefinitionDetail

SetStatic sets the Static field's value.

func (*PolicyDefinitionDetail) SetTemplateLinked 

func (s *PolicyDefinitionDetail) SetTemplateLinked(v *TemplateLinkedPolicyDefinitionDetail) *PolicyDefinitionDetail

SetTemplateLinked sets the TemplateLinked field's value.

func (PolicyDefinitionDetail) String 

func (s PolicyDefinitionDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyDefinitionItem 

type PolicyDefinitionItem struct {

	// Information about a static policy that wasn't created with a policy template.
	Static *StaticPolicyDefinitionItem `locationName:"static" type:"structure"`

	// Information about a template-linked policy that was created by instantiating
	// a policy template.
	TemplateLinked *TemplateLinkedPolicyDefinitionItem `locationName:"templateLinked" type:"structure"`
	// contains filtered or unexported fields
}

A structure that describes a PolicyDefinintion (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinintion.html). It will always have either an StaticPolicy or a TemplateLinkedPolicy element.

This data type is used as a response parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) and ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operations.

func (PolicyDefinitionItem) GoString 

func (s PolicyDefinitionItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDefinitionItem) SetStatic 

func (s *PolicyDefinitionItem) SetStatic(v *StaticPolicyDefinitionItem) *PolicyDefinitionItem

SetStatic sets the Static field's value.

func (*PolicyDefinitionItem) SetTemplateLinked 

func (s *PolicyDefinitionItem) SetTemplateLinked(v *TemplateLinkedPolicyDefinitionItem) *PolicyDefinitionItem

SetTemplateLinked sets the TemplateLinked field's value.

func (PolicyDefinitionItem) String 

func (s PolicyDefinitionItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyFilter 

type PolicyFilter struct {

	// Filters the output to only template-linked policies that were instantiated
	// from the specified policy template.
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string"`

	// Filters the output to only policies of the specified type.
	PolicyType *string `locationName:"policyType" type:"string" enum:"PolicyType"`

	// Filters the output to only policies that reference the specified principal.
	Principal *EntityReference `locationName:"principal" type:"structure"`

	// Filters the output to only policies that reference the specified resource.
	Resource *EntityReference `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a filter to refine policies returned in a query.

This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operation.

func (PolicyFilter) GoString 

func (s PolicyFilter) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyFilter) SetPolicyTemplateId 

func (s *PolicyFilter) SetPolicyTemplateId(v string) *PolicyFilter

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*PolicyFilter) SetPolicyType 

func (s *PolicyFilter) SetPolicyType(v string) *PolicyFilter

SetPolicyType sets the PolicyType field's value.

func (*PolicyFilter) SetPrincipal 

func (s *PolicyFilter) SetPrincipal(v *EntityReference) *PolicyFilter

SetPrincipal sets the Principal field's value.

func (*PolicyFilter) SetResource 

func (s *PolicyFilter) SetResource(v *EntityReference) *PolicyFilter

SetResource sets the Resource field's value.

func (PolicyFilter) String 

func (s PolicyFilter) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyFilter) Validate 

func (s *PolicyFilter) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PolicyItem 

type PolicyItem struct {

	// The action that a policy permits or forbids. For example, {"actions": [{"actionId":
	// "ViewPhoto", "actionType": "PhotoFlash::Action"}, {"entityID": "SharePhoto",
	// "entityType": "PhotoFlash::Action"}]}.
	Actions []*ActionIdentifier `locationName:"actions" type:"list"`

	// The date and time the policy was created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The policy definition of an item in the list of policies returned.
	//
	// Definition is a required field
	Definition *PolicyDefinitionItem `locationName:"definition" type:"structure" required:"true"`

	// The effect of the decision that a policy returns to an authorization request.
	// For example, "effect": "Permit".
	Effect *string `locationName:"effect" type:"string" enum:"PolicyEffect"`

	// The date and time the policy was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The identifier of the policy you want information about.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The identifier of the PolicyStore where the policy you want information about
	// is stored.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The type of the policy. This is one of the following values:
	//
	//    * static
	//
	//    * templateLinked
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal associated with the policy.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with the policy.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy.

This data type is used as a response parameter for the ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html) operation.

func (PolicyItem) GoString 

func (s PolicyItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyItem) SetActions added in v1.52.6 

func (s *PolicyItem) SetActions(v []*ActionIdentifier) *PolicyItem

SetActions sets the Actions field's value.

func (*PolicyItem) SetCreatedDate 

func (s *PolicyItem) SetCreatedDate(v time.Time) *PolicyItem

SetCreatedDate sets the CreatedDate field's value.

func (*PolicyItem) SetDefinition 

func (s *PolicyItem) SetDefinition(v *PolicyDefinitionItem) *PolicyItem

SetDefinition sets the Definition field's value.

func (*PolicyItem) SetEffect added in v1.52.6 

func (s *PolicyItem) SetEffect(v string) *PolicyItem

SetEffect sets the Effect field's value.

func (*PolicyItem) SetLastUpdatedDate 

func (s *PolicyItem) SetLastUpdatedDate(v time.Time) *PolicyItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PolicyItem) SetPolicyId 

func (s *PolicyItem) SetPolicyId(v string) *PolicyItem

SetPolicyId sets the PolicyId field's value.

func (*PolicyItem) SetPolicyStoreId 

func (s *PolicyItem) SetPolicyStoreId(v string) *PolicyItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*PolicyItem) SetPolicyType 

func (s *PolicyItem) SetPolicyType(v string) *PolicyItem

SetPolicyType sets the PolicyType field's value.

func (*PolicyItem) SetPrincipal 

func (s *PolicyItem) SetPrincipal(v *EntityIdentifier) *PolicyItem

SetPrincipal sets the Principal field's value.

func (*PolicyItem) SetResource 

func (s *PolicyItem) SetResource(v *EntityIdentifier) *PolicyItem

SetResource sets the Resource field's value.

func (PolicyItem) String 

func (s PolicyItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyStoreItem 

type PolicyStoreItem struct {

	// The Amazon Resource Name (ARN) of the policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time the policy was created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// Descriptive text that you can provide to help with identification of the
	// current policy store.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by PolicyStoreItem's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The date and time the policy store was most recently updated.
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601"`

	// The unique identifier of the policy store.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about a policy store.

This data type is used as a response parameter for the ListPolicyStores (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html) operation.

func (PolicyStoreItem) GoString 

func (s PolicyStoreItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyStoreItem) SetArn 

func (s *PolicyStoreItem) SetArn(v string) *PolicyStoreItem

SetArn sets the Arn field's value.

func (*PolicyStoreItem) SetCreatedDate 

func (s *PolicyStoreItem) SetCreatedDate(v time.Time) *PolicyStoreItem

SetCreatedDate sets the CreatedDate field's value.

func (*PolicyStoreItem) SetDescription added in v1.48.11 

func (s *PolicyStoreItem) SetDescription(v string) *PolicyStoreItem

SetDescription sets the Description field's value.

func (*PolicyStoreItem) SetLastUpdatedDate added in v1.48.11 

func (s *PolicyStoreItem) SetLastUpdatedDate(v time.Time) *PolicyStoreItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PolicyStoreItem) SetPolicyStoreId 

func (s *PolicyStoreItem) SetPolicyStoreId(v string) *PolicyStoreItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (PolicyStoreItem) String 

func (s PolicyStoreItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyTemplateItem 

type PolicyTemplateItem struct {

	// The date and time that the policy template was created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The description attached to the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by PolicyTemplateItem's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The date and time that the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The unique identifier of the policy store that contains the template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The unique identifier of the policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains details about a policy template

This data type is used as a response parameter for the ListPolicyTemplates (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html) operation.

func (PolicyTemplateItem) GoString 

func (s PolicyTemplateItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyTemplateItem) SetCreatedDate 

func (s *PolicyTemplateItem) SetCreatedDate(v time.Time) *PolicyTemplateItem

SetCreatedDate sets the CreatedDate field's value.

func (*PolicyTemplateItem) SetDescription 

func (s *PolicyTemplateItem) SetDescription(v string) *PolicyTemplateItem

SetDescription sets the Description field's value.

func (*PolicyTemplateItem) SetLastUpdatedDate 

func (s *PolicyTemplateItem) SetLastUpdatedDate(v time.Time) *PolicyTemplateItem

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PolicyTemplateItem) SetPolicyStoreId 

func (s *PolicyTemplateItem) SetPolicyStoreId(v string) *PolicyTemplateItem

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*PolicyTemplateItem) SetPolicyTemplateId 

func (s *PolicyTemplateItem) SetPolicyTemplateId(v string) *PolicyTemplateItem

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (PolicyTemplateItem) String 

func (s PolicyTemplateItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutSchemaInput 

type PutSchemaInput struct {

	// Specifies the definition of the schema to be stored. The schema definition
	// must be written in Cedar schema JSON.
	//
	// Definition is a required field
	Definition *SchemaDefinition `locationName:"definition" type:"structure" required:"true"`

	// Specifies the ID of the policy store in which to place the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutSchemaInput) GoString 

func (s PutSchemaInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutSchemaInput) SetDefinition 

func (s *PutSchemaInput) SetDefinition(v *SchemaDefinition) *PutSchemaInput

SetDefinition sets the Definition field's value.

func (*PutSchemaInput) SetPolicyStoreId 

func (s *PutSchemaInput) SetPolicyStoreId(v string) *PutSchemaInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (PutSchemaInput) String 

func (s PutSchemaInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutSchemaInput) Validate 

func (s *PutSchemaInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutSchemaOutput 

type PutSchemaOutput struct {

	// The date and time that the schema was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the schema was last updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// Identifies the namespaces of the entities referenced by this schema.
	//
	// Namespaces is a required field
	Namespaces []*string `locationName:"namespaces" type:"list" required:"true"`

	// The unique ID of the policy store that contains the schema.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutSchemaOutput) GoString 

func (s PutSchemaOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutSchemaOutput) SetCreatedDate 

func (s *PutSchemaOutput) SetCreatedDate(v time.Time) *PutSchemaOutput

SetCreatedDate sets the CreatedDate field's value.

func (*PutSchemaOutput) SetLastUpdatedDate 

func (s *PutSchemaOutput) SetLastUpdatedDate(v time.Time) *PutSchemaOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*PutSchemaOutput) SetNamespaces 

func (s *PutSchemaOutput) SetNamespaces(v []*string) *PutSchemaOutput

SetNamespaces sets the Namespaces field's value.

func (*PutSchemaOutput) SetPolicyStoreId 

func (s *PutSchemaOutput) SetPolicyStoreId(v string) *PutSchemaOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (PutSchemaOutput) String 

func (s PutSchemaOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceConflict 

type ResourceConflict struct {

	// The unique identifier of the resource involved in a conflict.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The type of the resource involved in a conflict.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
	// contains filtered or unexported fields
}

Contains information about a resource conflict.

func (ResourceConflict) GoString 

func (s ResourceConflict) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceConflict) SetResourceId 

func (s *ResourceConflict) SetResourceId(v string) *ResourceConflict

SetResourceId sets the ResourceId field's value.

func (*ResourceConflict) SetResourceType 

func (s *ResourceConflict) SetResourceType(v string) *ResourceConflict

SetResourceType sets the ResourceType field's value.

func (ResourceConflict) String 

func (s ResourceConflict) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceNotFoundException 

type ResourceNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The unique ID of the resource referenced in the failed request.
	//
	// ResourceId is a required field
	ResourceId *string `locationName:"resourceId" type:"string" required:"true"`

	// The resource type of the resource referenced in the failed request.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`
	// contains filtered or unexported fields
}

The request failed because it references a resource that doesn't exist.

func (*ResourceNotFoundException) Code 

func (s *ResourceNotFoundException) Code() string

Code returns the exception type name.

func (*ResourceNotFoundException) Error 

func (s *ResourceNotFoundException) Error() string

func (ResourceNotFoundException) GoString 

func (s ResourceNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceNotFoundException) Message 

func (s *ResourceNotFoundException) Message() string

Message returns the exception's message.

func (*ResourceNotFoundException) OrigErr 

func (s *ResourceNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ResourceNotFoundException) RequestID 

func (s *ResourceNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ResourceNotFoundException) StatusCode 

func (s *ResourceNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ResourceNotFoundException) String 

func (s ResourceNotFoundException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SchemaDefinition 

type SchemaDefinition struct {

	// A JSON string representation of the schema supported by applications that
	// use this policy store. For more information, see Policy store schema (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html)
	// in the Amazon Verified Permissions User Guide.
	//
	// CedarJson is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by SchemaDefinition's
	// String and GoString methods.
	CedarJson *string `locationName:"cedarJson" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains a list of principal types, resource types, and actions that can be specified in policies stored in the same policy store. If the validation mode for the policy store is set to STRICT, then policies that can't be validated by this schema are rejected by Verified Permissions and can't be stored in the policy store.

func (SchemaDefinition) GoString 

func (s SchemaDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SchemaDefinition) SetCedarJson 

func (s *SchemaDefinition) SetCedarJson(v string) *SchemaDefinition

SetCedarJson sets the CedarJson field's value.

func (SchemaDefinition) String 

func (s SchemaDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SchemaDefinition) Validate 

func (s *SchemaDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ServiceQuotaExceededException 

type ServiceQuotaExceededException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The quota code recognized by the Amazon Web Services Service Quotas service.
	QuotaCode *string `locationName:"quotaCode" type:"string"`

	// The unique ID of the resource referenced in the failed request.
	ResourceId *string `locationName:"resourceId" type:"string"`

	// The resource type of the resource referenced in the failed request.
	//
	// ResourceType is a required field
	ResourceType *string `locationName:"resourceType" type:"string" required:"true" enum:"ResourceType"`

	// The code for the Amazon Web Service that owns the quota.
	ServiceCode *string `locationName:"serviceCode" type:"string"`
	// contains filtered or unexported fields
}

The request failed because it would cause a service quota to be exceeded.

func (*ServiceQuotaExceededException) Code 

func (s *ServiceQuotaExceededException) Code() string

Code returns the exception type name.

func (*ServiceQuotaExceededException) Error 

func (s *ServiceQuotaExceededException) Error() string

func (ServiceQuotaExceededException) GoString 

func (s ServiceQuotaExceededException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceQuotaExceededException) Message 

func (s *ServiceQuotaExceededException) Message() string

Message returns the exception's message.

func (*ServiceQuotaExceededException) OrigErr 

func (s *ServiceQuotaExceededException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ServiceQuotaExceededException) RequestID 

func (s *ServiceQuotaExceededException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ServiceQuotaExceededException) StatusCode 

func (s *ServiceQuotaExceededException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ServiceQuotaExceededException) String 

func (s ServiceQuotaExceededException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StaticPolicyDefinition 

type StaticPolicyDefinition struct {

	// The description of the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinition's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The policy content of the static policy, written in the Cedar policy language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinition's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains information about a static policy.

This data type is used as a field that is part of the PolicyDefinitionDetail (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinitionDetail.html) type.

func (StaticPolicyDefinition) GoString 

func (s StaticPolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinition) SetDescription 

func (s *StaticPolicyDefinition) SetDescription(v string) *StaticPolicyDefinition

SetDescription sets the Description field's value.

func (*StaticPolicyDefinition) SetStatement 

func (s *StaticPolicyDefinition) SetStatement(v string) *StaticPolicyDefinition

SetStatement sets the Statement field's value.

func (StaticPolicyDefinition) String 

func (s StaticPolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinition) Validate 

func (s *StaticPolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StaticPolicyDefinitionDetail 

type StaticPolicyDefinitionDetail struct {

	// A description of the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinitionDetail's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// The content of the static policy written in the Cedar policy language.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinitionDetail's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that contains details about a static policy. It includes the description and policy body.

This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation.

func (StaticPolicyDefinitionDetail) GoString 

func (s StaticPolicyDefinitionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinitionDetail) SetDescription 

func (s *StaticPolicyDefinitionDetail) SetDescription(v string) *StaticPolicyDefinitionDetail

SetDescription sets the Description field's value.

func (*StaticPolicyDefinitionDetail) SetStatement 

func (s *StaticPolicyDefinitionDetail) SetStatement(v string) *StaticPolicyDefinitionDetail

SetStatement sets the Statement field's value.

func (StaticPolicyDefinitionDetail) String 

func (s StaticPolicyDefinitionDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StaticPolicyDefinitionItem 

type StaticPolicyDefinitionItem struct {

	// A description of the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by StaticPolicyDefinitionItem's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

A structure that contains details about a static policy. It includes the description and policy statement.

This data type is used within a PolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html) structure as part of a request parameter for the CreatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) operation.

func (StaticPolicyDefinitionItem) GoString 

func (s StaticPolicyDefinitionItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StaticPolicyDefinitionItem) SetDescription 

func (s *StaticPolicyDefinitionItem) SetDescription(v string) *StaticPolicyDefinitionItem

SetDescription sets the Description field's value.

func (StaticPolicyDefinitionItem) String 

func (s StaticPolicyDefinitionItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TemplateLinkedPolicyDefinition 

type TemplateLinkedPolicyDefinition struct {

	// The unique identifier of the policy template used to create this policy.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The principal associated with this template-linked policy. Verified Permissions
	// substitutes this principal for the ?principal placeholder in the policy template
	// when it evaluates an authorization request.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with this template-linked policy. Verified Permissions
	// substitutes this resource for the ?resource placeholder in the policy template
	// when it evaluates an authorization request.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy created by instantiating a policy template.

func (TemplateLinkedPolicyDefinition) GoString 

func (s TemplateLinkedPolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinition) SetPolicyTemplateId 

func (s *TemplateLinkedPolicyDefinition) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinition

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*TemplateLinkedPolicyDefinition) SetPrincipal 

func (s *TemplateLinkedPolicyDefinition) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinition

SetPrincipal sets the Principal field's value.

func (*TemplateLinkedPolicyDefinition) SetResource 

func (s *TemplateLinkedPolicyDefinition) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinition

SetResource sets the Resource field's value.

func (TemplateLinkedPolicyDefinition) String 

func (s TemplateLinkedPolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinition) Validate 

func (s *TemplateLinkedPolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TemplateLinkedPolicyDefinitionDetail 

type TemplateLinkedPolicyDefinitionDetail struct {

	// The unique identifier of the policy template used to create this policy.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The principal associated with this template-linked policy. Verified Permissions
	// substitutes this principal for the ?principal placeholder in the policy template
	// when it evaluates an authorization request.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with this template-linked policy. Verified Permissions
	// substitutes this resource for the ?resource placeholder in the policy template
	// when it evaluates an authorization request.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy that was created by instantiating a policy template.

func (TemplateLinkedPolicyDefinitionDetail) GoString 

func (s TemplateLinkedPolicyDefinitionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinitionDetail) SetPolicyTemplateId 

func (s *TemplateLinkedPolicyDefinitionDetail) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinitionDetail

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*TemplateLinkedPolicyDefinitionDetail) SetPrincipal 

func (s *TemplateLinkedPolicyDefinitionDetail) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionDetail

SetPrincipal sets the Principal field's value.

func (*TemplateLinkedPolicyDefinitionDetail) SetResource 

func (s *TemplateLinkedPolicyDefinitionDetail) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionDetail

SetResource sets the Resource field's value.

func (TemplateLinkedPolicyDefinitionDetail) String 

func (s TemplateLinkedPolicyDefinitionDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TemplateLinkedPolicyDefinitionItem 

type TemplateLinkedPolicyDefinitionItem struct {

	// The unique identifier of the policy template used to create this policy.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// The principal associated with this template-linked policy. Verified Permissions
	// substitutes this principal for the ?principal placeholder in the policy template
	// when it evaluates an authorization request.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource associated with this template-linked policy. Verified Permissions
	// substitutes this resource for the ?resource placeholder in the policy template
	// when it evaluates an authorization request.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a policy created by instantiating a policy template.

This

func (TemplateLinkedPolicyDefinitionItem) GoString 

func (s TemplateLinkedPolicyDefinitionItem) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TemplateLinkedPolicyDefinitionItem) SetPolicyTemplateId 

func (s *TemplateLinkedPolicyDefinitionItem) SetPolicyTemplateId(v string) *TemplateLinkedPolicyDefinitionItem

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*TemplateLinkedPolicyDefinitionItem) SetPrincipal 

func (s *TemplateLinkedPolicyDefinitionItem) SetPrincipal(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionItem

SetPrincipal sets the Principal field's value.

func (*TemplateLinkedPolicyDefinitionItem) SetResource 

func (s *TemplateLinkedPolicyDefinitionItem) SetResource(v *EntityIdentifier) *TemplateLinkedPolicyDefinitionItem

SetResource sets the Resource field's value.

func (TemplateLinkedPolicyDefinitionItem) String 

func (s TemplateLinkedPolicyDefinitionItem) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ThrottlingException 

type ThrottlingException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The quota code recognized by the Amazon Web Services Service Quotas service.
	QuotaCode *string `locationName:"quotaCode" type:"string"`

	// The code for the Amazon Web Service that owns the quota.
	ServiceCode *string `locationName:"serviceCode" type:"string"`
	// contains filtered or unexported fields
}

The request failed because it exceeded a throttling quota.

func (*ThrottlingException) Code 

func (s *ThrottlingException) Code() string

Code returns the exception type name.

func (*ThrottlingException) Error 

func (s *ThrottlingException) Error() string

func (ThrottlingException) GoString 

func (s ThrottlingException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ThrottlingException) Message 

func (s *ThrottlingException) Message() string

Message returns the exception's message.

func (*ThrottlingException) OrigErr 

func (s *ThrottlingException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ThrottlingException) RequestID 

func (s *ThrottlingException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ThrottlingException) StatusCode 

func (s *ThrottlingException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ThrottlingException) String 

func (s ThrottlingException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateCognitoGroupConfiguration added in v1.51.15 

type UpdateCognitoGroupConfiguration struct {

	// The name of the schema entity type that's mapped to the user pool group.
	// Defaults to AWS::CognitoGroup.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateCognitoGroupConfiguration's
	// String and GoString methods.
	//
	// GroupEntityType is a required field
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The user group entities from an Amazon Cognito user pool identity source.

func (UpdateCognitoGroupConfiguration) GoString added in v1.51.15 

func (s UpdateCognitoGroupConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateCognitoGroupConfiguration) SetGroupEntityType added in v1.51.15 

func (s *UpdateCognitoGroupConfiguration) SetGroupEntityType(v string) *UpdateCognitoGroupConfiguration

SetGroupEntityType sets the GroupEntityType field's value.

func (UpdateCognitoGroupConfiguration) String added in v1.51.15 

func (s UpdateCognitoGroupConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateCognitoGroupConfiguration) Validate added in v1.51.15 

func (s *UpdateCognitoGroupConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateCognitoUserPoolConfiguration 

type UpdateCognitoUserPoolConfiguration struct {

	// The client ID of an app client that is configured for the specified Amazon
	// Cognito user pool.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The configuration of the user groups from an Amazon Cognito user pool identity
	// source.
	GroupConfiguration *UpdateCognitoGroupConfiguration `locationName:"groupConfiguration" type:"structure"`

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the Amazon Cognito user pool associated with this identity source.
	//
	// UserPoolArn is a required field
	UserPoolArn *string `locationName:"userPoolArn" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains configuration details of a Amazon Cognito user pool for use with an identity source.

func (UpdateCognitoUserPoolConfiguration) GoString 

func (s UpdateCognitoUserPoolConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateCognitoUserPoolConfiguration) SetClientIds 

func (s *UpdateCognitoUserPoolConfiguration) SetClientIds(v []*string) *UpdateCognitoUserPoolConfiguration

SetClientIds sets the ClientIds field's value.

func (*UpdateCognitoUserPoolConfiguration) SetGroupConfiguration added in v1.51.15 

func (s *UpdateCognitoUserPoolConfiguration) SetGroupConfiguration(v *UpdateCognitoGroupConfiguration) *UpdateCognitoUserPoolConfiguration

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*UpdateCognitoUserPoolConfiguration) SetUserPoolArn 

func (s *UpdateCognitoUserPoolConfiguration) SetUserPoolArn(v string) *UpdateCognitoUserPoolConfiguration

SetUserPoolArn sets the UserPoolArn field's value.

func (UpdateCognitoUserPoolConfiguration) String 

func (s UpdateCognitoUserPoolConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateCognitoUserPoolConfiguration) Validate 

func (s *UpdateCognitoUserPoolConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateConfiguration 

type UpdateConfiguration struct {

	// Contains configuration details of a Amazon Cognito user pool.
	CognitoUserPoolConfiguration *UpdateCognitoUserPoolConfiguration `locationName:"cognitoUserPoolConfiguration" type:"structure"`

	// Contains configuration details of an OpenID Connect (OIDC) identity provider,
	// or identity source, that Verified Permissions can use to generate entities
	// from authenticated identities. It specifies the issuer URL, token type that
	// you want to use, and policy store entity details.
	OpenIdConnectConfiguration *UpdateOpenIdConnectConfiguration `locationName:"openIdConnectConfiguration" type:"structure"`
	// contains filtered or unexported fields
}

Contains an update to replace the configuration in an existing identity source.

func (UpdateConfiguration) GoString 

func (s UpdateConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateConfiguration) SetCognitoUserPoolConfiguration 

func (s *UpdateConfiguration) SetCognitoUserPoolConfiguration(v *UpdateCognitoUserPoolConfiguration) *UpdateConfiguration

SetCognitoUserPoolConfiguration sets the CognitoUserPoolConfiguration field's value.

func (*UpdateConfiguration) SetOpenIdConnectConfiguration added in v1.53.19 

func (s *UpdateConfiguration) SetOpenIdConnectConfiguration(v *UpdateOpenIdConnectConfiguration) *UpdateConfiguration

SetOpenIdConnectConfiguration sets the OpenIdConnectConfiguration field's value.

func (UpdateConfiguration) String 

func (s UpdateConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateConfiguration) Validate 

func (s *UpdateConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateIdentitySourceInput 

type UpdateIdentitySourceInput struct {

	// Specifies the ID of the identity source that you want to update.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the identity source that
	// you want to update.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the data type of principals generated for identities authenticated
	// by the identity source.
	//
	// PrincipalEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateIdentitySourceInput's
	// String and GoString methods.
	PrincipalEntityType *string `locationName:"principalEntityType" min:"1" type:"string" sensitive:"true"`

	// Specifies the details required to communicate with the identity provider
	// (IdP) associated with this identity source.
	//
	// At this time, the only valid member of this structure is a Amazon Cognito
	// user pool configuration.
	//
	// You must specify a userPoolArn, and optionally, a ClientId.
	//
	// UpdateConfiguration is a required field
	UpdateConfiguration *UpdateConfiguration `locationName:"updateConfiguration" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateIdentitySourceInput) GoString 

func (s UpdateIdentitySourceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentitySourceInput) SetIdentitySourceId 

func (s *UpdateIdentitySourceInput) SetIdentitySourceId(v string) *UpdateIdentitySourceInput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*UpdateIdentitySourceInput) SetPolicyStoreId 

func (s *UpdateIdentitySourceInput) SetPolicyStoreId(v string) *UpdateIdentitySourceInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdateIdentitySourceInput) SetPrincipalEntityType 

func (s *UpdateIdentitySourceInput) SetPrincipalEntityType(v string) *UpdateIdentitySourceInput

SetPrincipalEntityType sets the PrincipalEntityType field's value.

func (*UpdateIdentitySourceInput) SetUpdateConfiguration 

func (s *UpdateIdentitySourceInput) SetUpdateConfiguration(v *UpdateConfiguration) *UpdateIdentitySourceInput

SetUpdateConfiguration sets the UpdateConfiguration field's value.

func (UpdateIdentitySourceInput) String 

func (s UpdateIdentitySourceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentitySourceInput) Validate 

func (s *UpdateIdentitySourceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateIdentitySourceOutput 

type UpdateIdentitySourceOutput struct {

	// The date and time that the updated identity source was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the updated identity source.
	//
	// IdentitySourceId is a required field
	IdentitySourceId *string `locationName:"identitySourceId" min:"1" type:"string" required:"true"`

	// The date and time that the identity source was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the updated identity source.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateIdentitySourceOutput) GoString 

func (s UpdateIdentitySourceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateIdentitySourceOutput) SetCreatedDate 

func (s *UpdateIdentitySourceOutput) SetCreatedDate(v time.Time) *UpdateIdentitySourceOutput

SetCreatedDate sets the CreatedDate field's value.

func (*UpdateIdentitySourceOutput) SetIdentitySourceId 

func (s *UpdateIdentitySourceOutput) SetIdentitySourceId(v string) *UpdateIdentitySourceOutput

SetIdentitySourceId sets the IdentitySourceId field's value.

func (*UpdateIdentitySourceOutput) SetLastUpdatedDate 

func (s *UpdateIdentitySourceOutput) SetLastUpdatedDate(v time.Time) *UpdateIdentitySourceOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdateIdentitySourceOutput) SetPolicyStoreId 

func (s *UpdateIdentitySourceOutput) SetPolicyStoreId(v string) *UpdateIdentitySourceOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (UpdateIdentitySourceOutput) String 

func (s UpdateIdentitySourceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateOpenIdConnectAccessTokenConfiguration added in v1.53.19 

type UpdateOpenIdConnectAccessTokenConfiguration struct {

	// The access token aud claim values that you want to accept in your policy
	// store. For example, https://myapp.example.com, https://myapp2.example.com.
	Audiences []*string `locationName:"audiences" min:"1" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateOpenIdConnectAccessTokenConfiguration's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling access token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a UpdateOpenIdConnectTokenSelection (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateOpenIdConnectTokenSelection.html) structure, which is a parameter to UpdateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html).

func (UpdateOpenIdConnectAccessTokenConfiguration) GoString added in v1.53.19 

func (s UpdateOpenIdConnectAccessTokenConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectAccessTokenConfiguration) SetAudiences added in v1.53.19 

func (s *UpdateOpenIdConnectAccessTokenConfiguration) SetAudiences(v []*string) *UpdateOpenIdConnectAccessTokenConfiguration

SetAudiences sets the Audiences field's value.

func (*UpdateOpenIdConnectAccessTokenConfiguration) SetPrincipalIdClaim added in v1.53.19 

func (s *UpdateOpenIdConnectAccessTokenConfiguration) SetPrincipalIdClaim(v string) *UpdateOpenIdConnectAccessTokenConfiguration

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (UpdateOpenIdConnectAccessTokenConfiguration) String added in v1.53.19 

func (s UpdateOpenIdConnectAccessTokenConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectAccessTokenConfiguration) Validate added in v1.53.19 

func (s *UpdateOpenIdConnectAccessTokenConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIdConnectConfiguration added in v1.53.19 

type UpdateOpenIdConnectConfiguration struct {

	// A descriptive string that you want to prefix to user entities from your OIDC
	// identity provider. For example, if you set an entityIdPrefix of MyOIDCProvider,
	// you can reference principals in your policies in the format MyCorp::User::MyOIDCProvider|Carlos.
	//
	// EntityIdPrefix is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateOpenIdConnectConfiguration's
	// String and GoString methods.
	EntityIdPrefix *string `locationName:"entityIdPrefix" min:"1" type:"string" sensitive:"true"`

	// The claim in OIDC identity provider tokens that indicates a user's group
	// membership, and the entity type that you want to map it to. For example,
	// this object can map the contents of a groups claim to MyCorp::UserGroup.
	GroupConfiguration *UpdateOpenIdConnectGroupConfiguration `locationName:"groupConfiguration" type:"structure"`

	// The issuer URL of an OIDC identity provider. This URL must have an OIDC discovery
	// endpoint at the path .well-known/openid-configuration.
	//
	// Issuer is a required field
	Issuer *string `locationName:"issuer" min:"1" type:"string" required:"true"`

	// The token type that you want to process from your OIDC identity provider.
	// Your policy store can process either identity (ID) or access tokens from
	// a given OIDC identity source.
	//
	// TokenSelection is a required field
	TokenSelection *UpdateOpenIdConnectTokenSelection `locationName:"tokenSelection" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains configuration details of an OpenID Connect (OIDC) identity provider, or identity source, that Verified Permissions can use to generate entities from authenticated identities. It specifies the issuer URL, token type that you want to use, and policy store entity details.

This data type is part of a UpdateConfiguration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateConfiguration.html) structure, which is a parameter to UpdateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html).

func (UpdateOpenIdConnectConfiguration) GoString added in v1.53.19 

func (s UpdateOpenIdConnectConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectConfiguration) SetEntityIdPrefix added in v1.53.19 

func (s *UpdateOpenIdConnectConfiguration) SetEntityIdPrefix(v string) *UpdateOpenIdConnectConfiguration

SetEntityIdPrefix sets the EntityIdPrefix field's value.

func (*UpdateOpenIdConnectConfiguration) SetGroupConfiguration added in v1.53.19 

func (s *UpdateOpenIdConnectConfiguration) SetGroupConfiguration(v *UpdateOpenIdConnectGroupConfiguration) *UpdateOpenIdConnectConfiguration

SetGroupConfiguration sets the GroupConfiguration field's value.

func (*UpdateOpenIdConnectConfiguration) SetIssuer added in v1.53.19 

func (s *UpdateOpenIdConnectConfiguration) SetIssuer(v string) *UpdateOpenIdConnectConfiguration

SetIssuer sets the Issuer field's value.

func (*UpdateOpenIdConnectConfiguration) SetTokenSelection added in v1.53.19 

func (s *UpdateOpenIdConnectConfiguration) SetTokenSelection(v *UpdateOpenIdConnectTokenSelection) *UpdateOpenIdConnectConfiguration

SetTokenSelection sets the TokenSelection field's value.

func (UpdateOpenIdConnectConfiguration) String added in v1.53.19 

func (s UpdateOpenIdConnectConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectConfiguration) Validate added in v1.53.19 

func (s *UpdateOpenIdConnectConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIdConnectGroupConfiguration added in v1.53.19 

type UpdateOpenIdConnectGroupConfiguration struct {

	// The token claim that you want Verified Permissions to interpret as group
	// membership. For example, groups.
	//
	// GroupClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateOpenIdConnectGroupConfiguration's
	// String and GoString methods.
	//
	// GroupClaim is a required field
	GroupClaim *string `locationName:"groupClaim" min:"1" type:"string" required:"true" sensitive:"true"`

	// The policy store entity type that you want to map your users' group claim
	// to. For example, MyCorp::UserGroup. A group entity type is an entity that
	// can have a user entity type as a member.
	//
	// GroupEntityType is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateOpenIdConnectGroupConfiguration's
	// String and GoString methods.
	//
	// GroupEntityType is a required field
	GroupEntityType *string `locationName:"groupEntityType" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

The claim in OIDC identity provider tokens that indicates a user's group membership, and the entity type that you want to map it to. For example, this object can map the contents of a groups claim to MyCorp::UserGroup.

This data type is part of a UpdateOpenIdConnectConfiguration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateOpenIdConnectConfiguration.html) structure, which is a parameter to UpdateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html).

func (UpdateOpenIdConnectGroupConfiguration) GoString added in v1.53.19 

func (s UpdateOpenIdConnectGroupConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectGroupConfiguration) SetGroupClaim added in v1.53.19 

func (s *UpdateOpenIdConnectGroupConfiguration) SetGroupClaim(v string) *UpdateOpenIdConnectGroupConfiguration

SetGroupClaim sets the GroupClaim field's value.

func (*UpdateOpenIdConnectGroupConfiguration) SetGroupEntityType added in v1.53.19 

func (s *UpdateOpenIdConnectGroupConfiguration) SetGroupEntityType(v string) *UpdateOpenIdConnectGroupConfiguration

SetGroupEntityType sets the GroupEntityType field's value.

func (UpdateOpenIdConnectGroupConfiguration) String added in v1.53.19 

func (s UpdateOpenIdConnectGroupConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectGroupConfiguration) Validate added in v1.53.19 

func (s *UpdateOpenIdConnectGroupConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIdConnectIdentityTokenConfiguration added in v1.53.19 

type UpdateOpenIdConnectIdentityTokenConfiguration struct {

	// The ID token audience, or client ID, claim values that you want to accept
	// in your policy store from an OIDC identity provider. For example, 1example23456789,
	// 2example10111213.
	ClientIds []*string `locationName:"clientIds" type:"list"`

	// The claim that determines the principal in OIDC access tokens. For example,
	// sub.
	//
	// PrincipalIdClaim is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateOpenIdConnectIdentityTokenConfiguration's
	// String and GoString methods.
	PrincipalIdClaim *string `locationName:"principalIdClaim" min:"1" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect (OIDC) identity source for handling identity (ID) token claims. Contains the claim that you want to identify as the principal in an authorization request, and the values of the aud claim, or audiences, that you want to accept.

This data type is part of a UpdateOpenIdConnectTokenSelection (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateOpenIdConnectTokenSelection.html) structure, which is a parameter to UpdateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html).

func (UpdateOpenIdConnectIdentityTokenConfiguration) GoString added in v1.53.19 

func (s UpdateOpenIdConnectIdentityTokenConfiguration) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectIdentityTokenConfiguration) SetClientIds added in v1.53.19 

func (s *UpdateOpenIdConnectIdentityTokenConfiguration) SetClientIds(v []*string) *UpdateOpenIdConnectIdentityTokenConfiguration

SetClientIds sets the ClientIds field's value.

func (*UpdateOpenIdConnectIdentityTokenConfiguration) SetPrincipalIdClaim added in v1.53.19 

func (s *UpdateOpenIdConnectIdentityTokenConfiguration) SetPrincipalIdClaim(v string) *UpdateOpenIdConnectIdentityTokenConfiguration

SetPrincipalIdClaim sets the PrincipalIdClaim field's value.

func (UpdateOpenIdConnectIdentityTokenConfiguration) String added in v1.53.19 

func (s UpdateOpenIdConnectIdentityTokenConfiguration) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectIdentityTokenConfiguration) Validate added in v1.53.19 

func (s *UpdateOpenIdConnectIdentityTokenConfiguration) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIdConnectTokenSelection added in v1.53.19 

type UpdateOpenIdConnectTokenSelection struct {

	// The OIDC configuration for processing access tokens. Contains allowed audience
	// claims, for example https://auth.example.com, and the claim that you want
	// to map to the principal, for example sub.
	AccessTokenOnly *UpdateOpenIdConnectAccessTokenConfiguration `locationName:"accessTokenOnly" type:"structure"`

	// The OIDC configuration for processing identity (ID) tokens. Contains allowed
	// client ID claims, for example 1example23456789, and the claim that you want
	// to map to the principal, for example sub.
	IdentityTokenOnly *UpdateOpenIdConnectIdentityTokenConfiguration `locationName:"identityTokenOnly" type:"structure"`
	// contains filtered or unexported fields
}

The token type that you want to process from your OIDC identity provider. Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

This data type is part of a UpdateOpenIdConnectConfiguration (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateOpenIdConnectConfiguration.html) structure, which is a parameter to UpdateIdentitySource (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdateIdentitySource.html).

func (UpdateOpenIdConnectTokenSelection) GoString added in v1.53.19 

func (s UpdateOpenIdConnectTokenSelection) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectTokenSelection) SetAccessTokenOnly added in v1.53.19 

func (s *UpdateOpenIdConnectTokenSelection) SetAccessTokenOnly(v *UpdateOpenIdConnectAccessTokenConfiguration) *UpdateOpenIdConnectTokenSelection

SetAccessTokenOnly sets the AccessTokenOnly field's value.

func (*UpdateOpenIdConnectTokenSelection) SetIdentityTokenOnly added in v1.53.19 

func (s *UpdateOpenIdConnectTokenSelection) SetIdentityTokenOnly(v *UpdateOpenIdConnectIdentityTokenConfiguration) *UpdateOpenIdConnectTokenSelection

SetIdentityTokenOnly sets the IdentityTokenOnly field's value.

func (UpdateOpenIdConnectTokenSelection) String added in v1.53.19 

func (s UpdateOpenIdConnectTokenSelection) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIdConnectTokenSelection) Validate added in v1.53.19 

func (s *UpdateOpenIdConnectTokenSelection) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyDefinition 

type UpdatePolicyDefinition struct {

	// Contains details about the updates to be applied to a static policy.
	Static *UpdateStaticPolicyDefinition `locationName:"static" type:"structure"`
	// contains filtered or unexported fields
}

Contains information about updates to be applied to a policy.

This data type is used as a request parameter in the UpdatePolicy (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html) operation.

func (UpdatePolicyDefinition) GoString 

func (s UpdatePolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyDefinition) SetStatic 

func (s *UpdatePolicyDefinition) SetStatic(v *UpdateStaticPolicyDefinition) *UpdatePolicyDefinition

SetStatic sets the Static field's value.

func (UpdatePolicyDefinition) String 

func (s UpdatePolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyDefinition) Validate 

func (s *UpdatePolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyInput 

type UpdatePolicyInput struct {

	// Specifies the updated policy content that you want to replace on the specified
	// policy. The content must be valid Cedar policy language text.
	//
	// You can change only the following elements from the policy definition:
	//
	//    * The action referenced by the policy.
	//
	//    * Any conditional clauses, such as when or unless clauses.
	//
	// You can't change the following elements:
	//
	//    * Changing from static to templateLinked.
	//
	//    * Changing the effect of the policy from permit or forbid.
	//
	//    * The principal referenced by the policy.
	//
	//    * The resource referenced by the policy.
	//
	// Definition is a required field
	Definition *UpdatePolicyDefinition `locationName:"definition" type:"structure" required:"true"`

	// Specifies the ID of the policy that you want to update. To find this value,
	// you can use ListPolicies (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html).
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy store that contains the policy that you want
	// to update.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyInput) GoString 

func (s UpdatePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyInput) SetDefinition 

func (s *UpdatePolicyInput) SetDefinition(v *UpdatePolicyDefinition) *UpdatePolicyInput

SetDefinition sets the Definition field's value.

func (*UpdatePolicyInput) SetPolicyId 

func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput

SetPolicyId sets the PolicyId field's value.

func (*UpdatePolicyInput) SetPolicyStoreId 

func (s *UpdatePolicyInput) SetPolicyStoreId(v string) *UpdatePolicyInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (UpdatePolicyInput) String 

func (s UpdatePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyInput) Validate 

func (s *UpdatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyOutput 

type UpdatePolicyOutput struct {

	// The action that a policy permits or forbids. For example, {"actions": [{"actionId":
	// "ViewPhoto", "actionType": "PhotoFlash::Action"}, {"entityID": "SharePhoto",
	// "entityType": "PhotoFlash::Action"}]}.
	Actions []*ActionIdentifier `locationName:"actions" type:"list"`

	// The date and time that the policy was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The effect of the decision that a policy returns to an authorization request.
	// For example, "effect": "Permit".
	Effect *string `locationName:"effect" type:"string" enum:"PolicyEffect"`

	// The date and time that the policy was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy that was updated.
	//
	// PolicyId is a required field
	PolicyId *string `locationName:"policyId" min:"1" type:"string" required:"true"`

	// The ID of the policy store that contains the policy that was updated.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The type of the policy that was updated.
	//
	// PolicyType is a required field
	PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"`

	// The principal specified in the policy's scope. This element isn't included
	// in the response when Principal isn't present in the policy content.
	Principal *EntityIdentifier `locationName:"principal" type:"structure"`

	// The resource specified in the policy's scope. This element isn't included
	// in the response when Resource isn't present in the policy content.
	Resource *EntityIdentifier `locationName:"resource" type:"structure"`
	// contains filtered or unexported fields
}

func (UpdatePolicyOutput) GoString 

func (s UpdatePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyOutput) SetActions added in v1.52.6 

func (s *UpdatePolicyOutput) SetActions(v []*ActionIdentifier) *UpdatePolicyOutput

SetActions sets the Actions field's value.

func (*UpdatePolicyOutput) SetCreatedDate 

func (s *UpdatePolicyOutput) SetCreatedDate(v time.Time) *UpdatePolicyOutput

SetCreatedDate sets the CreatedDate field's value.

func (*UpdatePolicyOutput) SetEffect added in v1.52.6 

func (s *UpdatePolicyOutput) SetEffect(v string) *UpdatePolicyOutput

SetEffect sets the Effect field's value.

func (*UpdatePolicyOutput) SetLastUpdatedDate 

func (s *UpdatePolicyOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdatePolicyOutput) SetPolicyId 

func (s *UpdatePolicyOutput) SetPolicyId(v string) *UpdatePolicyOutput

SetPolicyId sets the PolicyId field's value.

func (*UpdatePolicyOutput) SetPolicyStoreId 

func (s *UpdatePolicyOutput) SetPolicyStoreId(v string) *UpdatePolicyOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyOutput) SetPolicyType 

func (s *UpdatePolicyOutput) SetPolicyType(v string) *UpdatePolicyOutput

SetPolicyType sets the PolicyType field's value.

func (*UpdatePolicyOutput) SetPrincipal 

func (s *UpdatePolicyOutput) SetPrincipal(v *EntityIdentifier) *UpdatePolicyOutput

SetPrincipal sets the Principal field's value.

func (*UpdatePolicyOutput) SetResource 

func (s *UpdatePolicyOutput) SetResource(v *EntityIdentifier) *UpdatePolicyOutput

SetResource sets the Resource field's value.

func (UpdatePolicyOutput) String 

func (s UpdatePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdatePolicyStoreInput 

type UpdatePolicyStoreInput struct {

	// Descriptive text that you can provide to help with identification of the
	// current policy store.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdatePolicyStoreInput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// Specifies the ID of the policy store that you want to update
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// A structure that defines the validation settings that want to enable for
	// the policy store.
	//
	// ValidationSettings is a required field
	ValidationSettings *ValidationSettings `locationName:"validationSettings" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyStoreInput) GoString 

func (s UpdatePolicyStoreInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyStoreInput) SetDescription added in v1.48.11 

func (s *UpdatePolicyStoreInput) SetDescription(v string) *UpdatePolicyStoreInput

SetDescription sets the Description field's value.

func (*UpdatePolicyStoreInput) SetPolicyStoreId 

func (s *UpdatePolicyStoreInput) SetPolicyStoreId(v string) *UpdatePolicyStoreInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyStoreInput) SetValidationSettings 

func (s *UpdatePolicyStoreInput) SetValidationSettings(v *ValidationSettings) *UpdatePolicyStoreInput

SetValidationSettings sets the ValidationSettings field's value.

func (UpdatePolicyStoreInput) String 

func (s UpdatePolicyStoreInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyStoreInput) Validate 

func (s *UpdatePolicyStoreInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyStoreOutput 

type UpdatePolicyStoreOutput struct {

	// The Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// of the updated policy store.
	//
	// Arn is a required field
	Arn *string `locationName:"arn" min:"1" type:"string" required:"true"`

	// The date and time that the policy store was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the policy store was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the updated policy store.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyStoreOutput) GoString 

func (s UpdatePolicyStoreOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyStoreOutput) SetArn 

func (s *UpdatePolicyStoreOutput) SetArn(v string) *UpdatePolicyStoreOutput

SetArn sets the Arn field's value.

func (*UpdatePolicyStoreOutput) SetCreatedDate 

func (s *UpdatePolicyStoreOutput) SetCreatedDate(v time.Time) *UpdatePolicyStoreOutput

SetCreatedDate sets the CreatedDate field's value.

func (*UpdatePolicyStoreOutput) SetLastUpdatedDate 

func (s *UpdatePolicyStoreOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyStoreOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdatePolicyStoreOutput) SetPolicyStoreId 

func (s *UpdatePolicyStoreOutput) SetPolicyStoreId(v string) *UpdatePolicyStoreOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (UpdatePolicyStoreOutput) String 

func (s UpdatePolicyStoreOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdatePolicyTemplateInput 

type UpdatePolicyTemplateInput struct {

	// Specifies a new description to apply to the policy template.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdatePolicyTemplateInput's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// Specifies the ID of the policy store that contains the policy template that
	// you want to update.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// Specifies the ID of the policy template that you want to update.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`

	// Specifies new statement content written in Cedar policy language to replace
	// the current body of the policy template.
	//
	// You can change only the following elements of the policy body:
	//
	//    * The action referenced by the policy template.
	//
	//    * Any conditional clauses, such as when or unless clauses.
	//
	// You can't change the following elements:
	//
	//    * The effect (permit or forbid) of the policy template.
	//
	//    * The principal referenced by the policy template.
	//
	//    * The resource referenced by the policy template.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdatePolicyTemplateInput's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyTemplateInput) GoString 

func (s UpdatePolicyTemplateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyTemplateInput) SetDescription 

func (s *UpdatePolicyTemplateInput) SetDescription(v string) *UpdatePolicyTemplateInput

SetDescription sets the Description field's value.

func (*UpdatePolicyTemplateInput) SetPolicyStoreId 

func (s *UpdatePolicyTemplateInput) SetPolicyStoreId(v string) *UpdatePolicyTemplateInput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyTemplateInput) SetPolicyTemplateId 

func (s *UpdatePolicyTemplateInput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateInput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (*UpdatePolicyTemplateInput) SetStatement 

func (s *UpdatePolicyTemplateInput) SetStatement(v string) *UpdatePolicyTemplateInput

SetStatement sets the Statement field's value.

func (UpdatePolicyTemplateInput) String 

func (s UpdatePolicyTemplateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyTemplateInput) Validate 

func (s *UpdatePolicyTemplateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdatePolicyTemplateOutput 

type UpdatePolicyTemplateOutput struct {

	// The date and time that the policy template was originally created.
	//
	// CreatedDate is a required field
	CreatedDate *time.Time `locationName:"createdDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time that the policy template was most recently updated.
	//
	// LastUpdatedDate is a required field
	LastUpdatedDate *time.Time `locationName:"lastUpdatedDate" type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The ID of the policy store that contains the updated policy template.
	//
	// PolicyStoreId is a required field
	PolicyStoreId *string `locationName:"policyStoreId" min:"1" type:"string" required:"true"`

	// The ID of the updated policy template.
	//
	// PolicyTemplateId is a required field
	PolicyTemplateId *string `locationName:"policyTemplateId" min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdatePolicyTemplateOutput) GoString 

func (s UpdatePolicyTemplateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdatePolicyTemplateOutput) SetCreatedDate 

func (s *UpdatePolicyTemplateOutput) SetCreatedDate(v time.Time) *UpdatePolicyTemplateOutput

SetCreatedDate sets the CreatedDate field's value.

func (*UpdatePolicyTemplateOutput) SetLastUpdatedDate 

func (s *UpdatePolicyTemplateOutput) SetLastUpdatedDate(v time.Time) *UpdatePolicyTemplateOutput

SetLastUpdatedDate sets the LastUpdatedDate field's value.

func (*UpdatePolicyTemplateOutput) SetPolicyStoreId 

func (s *UpdatePolicyTemplateOutput) SetPolicyStoreId(v string) *UpdatePolicyTemplateOutput

SetPolicyStoreId sets the PolicyStoreId field's value.

func (*UpdatePolicyTemplateOutput) SetPolicyTemplateId 

func (s *UpdatePolicyTemplateOutput) SetPolicyTemplateId(v string) *UpdatePolicyTemplateOutput

SetPolicyTemplateId sets the PolicyTemplateId field's value.

func (UpdatePolicyTemplateOutput) String 

func (s UpdatePolicyTemplateOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateStaticPolicyDefinition 

type UpdateStaticPolicyDefinition struct {

	// Specifies the description to be added to or replaced on the static policy.
	//
	// Description is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateStaticPolicyDefinition's
	// String and GoString methods.
	Description *string `locationName:"description" type:"string" sensitive:"true"`

	// Specifies the Cedar policy language text to be added to or replaced on the
	// static policy.
	//
	// You can change only the following elements from the original content:
	//
	//    * The action referenced by the policy.
	//
	//    * Any conditional clauses, such as when or unless clauses.
	//
	// You can't change the following elements:
	//
	//    * Changing from StaticPolicy to TemplateLinkedPolicy.
	//
	//    * The effect (permit or forbid) of the policy.
	//
	//    * The principal referenced by the policy.
	//
	//    * The resource referenced by the policy.
	//
	// Statement is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateStaticPolicyDefinition's
	// String and GoString methods.
	//
	// Statement is a required field
	Statement *string `locationName:"statement" min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

Contains information about an update to a static policy.

func (UpdateStaticPolicyDefinition) GoString 

func (s UpdateStaticPolicyDefinition) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateStaticPolicyDefinition) SetDescription 

func (s *UpdateStaticPolicyDefinition) SetDescription(v string) *UpdateStaticPolicyDefinition

SetDescription sets the Description field's value.

func (*UpdateStaticPolicyDefinition) SetStatement 

func (s *UpdateStaticPolicyDefinition) SetStatement(v string) *UpdateStaticPolicyDefinition

SetStatement sets the Statement field's value.

func (UpdateStaticPolicyDefinition) String 

func (s UpdateStaticPolicyDefinition) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateStaticPolicyDefinition) Validate 

func (s *UpdateStaticPolicyDefinition) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ValidationException 

type ValidationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	// The list of fields that aren't valid.
	FieldList []*ValidationExceptionField `locationName:"fieldList" type:"list"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

func (*ValidationException) Code 

func (s *ValidationException) Code() string

Code returns the exception type name.

func (*ValidationException) Error 

func (s *ValidationException) Error() string

func (ValidationException) GoString 

func (s ValidationException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationException) Message 

func (s *ValidationException) Message() string

Message returns the exception's message.

func (*ValidationException) OrigErr 

func (s *ValidationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ValidationException) RequestID 

func (s *ValidationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ValidationException) StatusCode 

func (s *ValidationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ValidationException) String 

func (s ValidationException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ValidationExceptionField 

type ValidationExceptionField struct {

	// Describes the policy validation error.
	//
	// Message is a required field
	Message *string `locationName:"message" type:"string" required:"true"`

	// The path to the specific element that Verified Permissions found to be not
	// valid.
	//
	// Path is a required field
	Path *string `locationName:"path" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Details about a field that failed policy validation.

func (ValidationExceptionField) GoString 

func (s ValidationExceptionField) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationExceptionField) SetMessage 

func (s *ValidationExceptionField) SetMessage(v string) *ValidationExceptionField

SetMessage sets the Message field's value.

func (*ValidationExceptionField) SetPath 

func (s *ValidationExceptionField) SetPath(v string) *ValidationExceptionField

SetPath sets the Path field's value.

func (ValidationExceptionField) String 

func (s ValidationExceptionField) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ValidationSettings 

type ValidationSettings struct {

	// The validation mode currently configured for this policy store. The valid
	// values are:
	//
	//    * OFF – Neither Verified Permissions nor Cedar perform any validation
	//    on policies. No validation errors are reported by either service.
	//
	//    * STRICT – Requires a schema to be present in the policy store. Cedar
	//    performs validation on all submitted new or updated static policies and
	//    policy templates. Any that fail validation are rejected and Cedar doesn't
	//    store them in the policy store.
	//
	// If Mode=STRICT and the policy store doesn't contain a schema, Verified Permissions
	// rejects all static policies and policy templates because there is no schema
	// to validate against.
	//
	// To submit a static policy or policy template without a schema, you must turn
	// off validation.
	//
	// Mode is a required field
	Mode *string `locationName:"mode" type:"string" required:"true" enum:"ValidationMode"`
	// contains filtered or unexported fields
}

A structure that contains Cedar policy validation settings for the policy store. The validation mode determines which validation failures that Cedar considers serious enough to block acceptance of a new or edited static policy or policy template.

This data type is used as a request parameter in the CreatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html) and UpdatePolicyStore (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html) operations.

func (ValidationSettings) GoString 

func (s ValidationSettings) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationSettings) SetMode 

func (s *ValidationSettings) SetMode(v string) *ValidationSettings

SetMode sets the Mode field's value.

func (ValidationSettings) String 

func (s ValidationSettings) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationSettings) Validate 

func (s *ValidationSettings) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type VerifiedPermissions 

type VerifiedPermissions struct {
	*client.Client
}

VerifiedPermissions provides the API operation methods for making requests to Amazon Verified Permissions. See this package's package overview docs for details on the service.

VerifiedPermissions methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New 

func New(p client.ConfigProvider, cfgs ...*aws.Config) *VerifiedPermissions

New creates a new instance of the VerifiedPermissions client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example: 

mySession := session.Must(session.NewSession())

// Create a VerifiedPermissions client from just a session.
svc := verifiedpermissions.New(mySession)

// Create a VerifiedPermissions client with additional configuration
svc := verifiedpermissions.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*VerifiedPermissions) BatchIsAuthorized added in v1.48.0 

func (c *VerifiedPermissions) BatchIsAuthorized(input *BatchIsAuthorizedInput) (*BatchIsAuthorizedOutput, error)

BatchIsAuthorized API operation for Amazon Verified Permissions.

Makes a series of decisions about multiple authorization requests for one principal or resource. Each request contains the equivalent content of an IsAuthorized request: principal, action, resource, and context. Either the principal or the resource parameter must be identical across all requests. For example, Verified Permissions won't evaluate a pair of requests where bob views photo1 and alice views photo2. Authorization of bob to view photo1 and photo2, or bob and alice to view photo1, are valid batches.

The request is evaluated against all policies in the specified policy store that match the entities that you declare. The result of the decisions is a series of Allow or Deny responses, along with the IDs of the policies that produced each decision.

The entities of a BatchIsAuthorized API request can contain up to 100 principals and up to 100 resources. The requests of a BatchIsAuthorized API request can contain up to 30 requests.

The BatchIsAuthorized operation doesn't have its own IAM permission. To authorize this operation for Amazon Web Services principals, include the permission verifiedpermissions:IsAuthorized in their IAM policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation BatchIsAuthorized for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorized

func (*VerifiedPermissions) BatchIsAuthorizedRequest added in v1.48.0 

func (c *VerifiedPermissions) BatchIsAuthorizedRequest(input *BatchIsAuthorizedInput) (req *request.Request, output *BatchIsAuthorizedOutput)

BatchIsAuthorizedRequest generates a "aws/request.Request" representing the client's request for the BatchIsAuthorized operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See BatchIsAuthorized for more information on using the BatchIsAuthorized API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the BatchIsAuthorizedRequest method.
req, resp := client.BatchIsAuthorizedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorized

func (*VerifiedPermissions) BatchIsAuthorizedWithContext added in v1.48.0 

func (c *VerifiedPermissions) BatchIsAuthorizedWithContext(ctx aws.Context, input *BatchIsAuthorizedInput, opts ...request.Option) (*BatchIsAuthorizedOutput, error)

BatchIsAuthorizedWithContext is the same as BatchIsAuthorized with the addition of the ability to pass a context and additional request options.

See BatchIsAuthorized for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) BatchIsAuthorizedWithToken added in v1.51.16 

func (c *VerifiedPermissions) BatchIsAuthorizedWithToken(input *BatchIsAuthorizedWithTokenInput) (*BatchIsAuthorizedWithTokenOutput, error)

BatchIsAuthorizedWithToken API operation for Amazon Verified Permissions.

Makes a series of decisions about multiple authorization requests for one token. The principal in this request comes from an external identity source in the form of an identity or access token, formatted as a JSON web token (JWT) (https://wikipedia.org/wiki/JSON_Web_Token). The information in the parameters can also define additional context that Verified Permissions can include in the evaluations.

The request is evaluated against all policies in the specified policy store that match the entities that you provide in the entities declaration and in the token. The result of the decisions is a series of Allow or Deny responses, along with the IDs of the policies that produced each decision.

The entities of a BatchIsAuthorizedWithToken API request can contain up to 100 resources and up to 99 user groups. The requests of a BatchIsAuthorizedWithToken API request can contain up to 30 requests.

The BatchIsAuthorizedWithToken operation doesn't have its own IAM permission. To authorize this operation for Amazon Web Services principals, include the permission verifiedpermissions:IsAuthorizedWithToken in their IAM policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation BatchIsAuthorizedWithToken for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorizedWithToken

func (*VerifiedPermissions) BatchIsAuthorizedWithTokenRequest added in v1.51.16 

func (c *VerifiedPermissions) BatchIsAuthorizedWithTokenRequest(input *BatchIsAuthorizedWithTokenInput) (req *request.Request, output *BatchIsAuthorizedWithTokenOutput)

BatchIsAuthorizedWithTokenRequest generates a "aws/request.Request" representing the client's request for the BatchIsAuthorizedWithToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See BatchIsAuthorizedWithToken for more information on using the BatchIsAuthorizedWithToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the BatchIsAuthorizedWithTokenRequest method.
req, resp := client.BatchIsAuthorizedWithTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorizedWithToken

func (*VerifiedPermissions) BatchIsAuthorizedWithTokenWithContext added in v1.51.16 

func (c *VerifiedPermissions) BatchIsAuthorizedWithTokenWithContext(ctx aws.Context, input *BatchIsAuthorizedWithTokenInput, opts ...request.Option) (*BatchIsAuthorizedWithTokenOutput, error)

BatchIsAuthorizedWithTokenWithContext is the same as BatchIsAuthorizedWithToken with the addition of the ability to pass a context and additional request options.

See BatchIsAuthorizedWithToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreateIdentitySource 

func (c *VerifiedPermissions) CreateIdentitySource(input *CreateIdentitySourceInput) (*CreateIdentitySourceOutput, error)

CreateIdentitySource API operation for Amazon Verified Permissions.

Adds an identity source to a policy store–an Amazon Cognito user pool or OpenID Connect (OIDC) identity provider (IdP).

After you create an identity source, you can use the identities provided by the IdP as proxies for the principal in authorization queries that use the IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html) or BatchIsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorizedWithToken.html) API operations. These identities take the form of tokens that contain claims about the user, such as IDs, attributes and group memberships. Identity sources provide identity (ID) tokens and access tokens. Verified Permissions derives information about your user and session from token claims. Access tokens provide action context to your policies, and ID tokens provide principal Attributes.

Tokens from an identity source user continue to be usable until they expire. Token revocation and resource deletion have no effect on the validity of a token in your policy store

To reference a user from this identity source in your Cedar policies, refer to the following syntax examples.

  • Amazon Cognito user pool: Namespace::[Entity type]::[User pool ID]|[user principal attribute], for example MyCorp::User::us-east-1_EXAMPLE|a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.

  • OpenID Connect (OIDC) provider: Namespace::[Entity type]::[principalIdClaim]|[user principal attribute], for example MyCorp::User::MyOIDCProvider|a1b2c3d4-5678-90ab-cdef-EXAMPLE22222.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreateIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource

func (*VerifiedPermissions) CreateIdentitySourceRequest 

func (c *VerifiedPermissions) CreateIdentitySourceRequest(input *CreateIdentitySourceInput) (req *request.Request, output *CreateIdentitySourceOutput)

CreateIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the CreateIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateIdentitySource for more information on using the CreateIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the CreateIdentitySourceRequest method.
req, resp := client.CreateIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreateIdentitySource

func (*VerifiedPermissions) CreateIdentitySourceWithContext 

func (c *VerifiedPermissions) CreateIdentitySourceWithContext(ctx aws.Context, input *CreateIdentitySourceInput, opts ...request.Option) (*CreateIdentitySourceOutput, error)

CreateIdentitySourceWithContext is the same as CreateIdentitySource with the addition of the ability to pass a context and additional request options.

See CreateIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreatePolicy 

func (c *VerifiedPermissions) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error)

CreatePolicy API operation for Amazon Verified Permissions.

Creates a Cedar policy and saves it in the specified policy store. You can create either a static policy or a policy linked to a policy template.

  • To create a static policy, provide the Cedar policy text in the StaticPolicy section of the PolicyDefinition.

  • To create a policy that is dynamically linked to a policy template, specify the policy template ID and the principal and resource to associate with this policy in the templateLinked section of the PolicyDefinition. If the policy template is ever updated, any policies linked to the policy template automatically use the updated template.

Creating a policy causes it to be validated against the schema in the policy store. If the policy doesn't pass validation, the operation fails and the policy isn't stored.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreatePolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy

func (*VerifiedPermissions) CreatePolicyRequest 

func (c *VerifiedPermissions) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput)

CreatePolicyRequest generates a "aws/request.Request" representing the client's request for the CreatePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicy for more information on using the CreatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the CreatePolicyRequest method.
req, resp := client.CreatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicy

func (*VerifiedPermissions) CreatePolicyStore 

func (c *VerifiedPermissions) CreatePolicyStore(input *CreatePolicyStoreInput) (*CreatePolicyStoreOutput, error)

CreatePolicyStore API operation for Amazon Verified Permissions.

Creates a policy store. A policy store is a container for policy resources.

Although Cedar supports multiple namespaces (https://docs.cedarpolicy.com/schema/schema.html#namespace), Verified Permissions currently supports only one namespace per policy store.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreatePolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore

func (*VerifiedPermissions) CreatePolicyStoreRequest 

func (c *VerifiedPermissions) CreatePolicyStoreRequest(input *CreatePolicyStoreInput) (req *request.Request, output *CreatePolicyStoreOutput)

CreatePolicyStoreRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyStore for more information on using the CreatePolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the CreatePolicyStoreRequest method.
req, resp := client.CreatePolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyStore

func (*VerifiedPermissions) CreatePolicyStoreWithContext 

func (c *VerifiedPermissions) CreatePolicyStoreWithContext(ctx aws.Context, input *CreatePolicyStoreInput, opts ...request.Option) (*CreatePolicyStoreOutput, error)

CreatePolicyStoreWithContext is the same as CreatePolicyStore with the addition of the ability to pass a context and additional request options.

See CreatePolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreatePolicyTemplate 

func (c *VerifiedPermissions) CreatePolicyTemplate(input *CreatePolicyTemplateInput) (*CreatePolicyTemplateOutput, error)

CreatePolicyTemplate API operation for Amazon Verified Permissions.

Creates a policy template. A template can use placeholders for the principal and resource. A template must be instantiated into a policy by associating it with specific principals and resources to use for the placeholders. That instantiated policy can then be considered in authorization decisions. The instantiated policy works identically to any other policy, except that it is dynamically linked to the template. If the template changes, then any policies that are linked to that template are immediately updated as well.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation CreatePolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate

func (*VerifiedPermissions) CreatePolicyTemplateRequest 

func (c *VerifiedPermissions) CreatePolicyTemplateRequest(input *CreatePolicyTemplateInput) (req *request.Request, output *CreatePolicyTemplateOutput)

CreatePolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyTemplate for more information on using the CreatePolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the CreatePolicyTemplateRequest method.
req, resp := client.CreatePolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CreatePolicyTemplate

func (*VerifiedPermissions) CreatePolicyTemplateWithContext 

func (c *VerifiedPermissions) CreatePolicyTemplateWithContext(ctx aws.Context, input *CreatePolicyTemplateInput, opts ...request.Option) (*CreatePolicyTemplateOutput, error)

CreatePolicyTemplateWithContext is the same as CreatePolicyTemplate with the addition of the ability to pass a context and additional request options.

See CreatePolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) CreatePolicyWithContext 

func (c *VerifiedPermissions) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error)

CreatePolicyWithContext is the same as CreatePolicy with the addition of the ability to pass a context and additional request options.

See CreatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeleteIdentitySource 

func (c *VerifiedPermissions) DeleteIdentitySource(input *DeleteIdentitySourceInput) (*DeleteIdentitySourceOutput, error)

DeleteIdentitySource API operation for Amazon Verified Permissions.

Deletes an identity source that references an identity provider (IdP) such as Amazon Cognito. After you delete the identity source, you can no longer use tokens for identities from that identity source to represent principals in authorization queries made using IsAuthorizedWithToken (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html). operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeleteIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource

func (*VerifiedPermissions) DeleteIdentitySourceRequest 

func (c *VerifiedPermissions) DeleteIdentitySourceRequest(input *DeleteIdentitySourceInput) (req *request.Request, output *DeleteIdentitySourceOutput)

DeleteIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the DeleteIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteIdentitySource for more information on using the DeleteIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the DeleteIdentitySourceRequest method.
req, resp := client.DeleteIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeleteIdentitySource

func (*VerifiedPermissions) DeleteIdentitySourceWithContext 

func (c *VerifiedPermissions) DeleteIdentitySourceWithContext(ctx aws.Context, input *DeleteIdentitySourceInput, opts ...request.Option) (*DeleteIdentitySourceOutput, error)

DeleteIdentitySourceWithContext is the same as DeleteIdentitySource with the addition of the ability to pass a context and additional request options.

See DeleteIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeletePolicy 

func (c *VerifiedPermissions) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error)

DeletePolicy API operation for Amazon Verified Permissions.

Deletes the specified policy from the policy store.

This operation is idempotent; if you specify a policy that doesn't exist, the request response returns a successful HTTP 200 status code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeletePolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy

func (*VerifiedPermissions) DeletePolicyRequest 

func (c *VerifiedPermissions) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput)

DeletePolicyRequest generates a "aws/request.Request" representing the client's request for the DeletePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicy for more information on using the DeletePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the DeletePolicyRequest method.
req, resp := client.DeletePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicy

func (*VerifiedPermissions) DeletePolicyStore 

func (c *VerifiedPermissions) DeletePolicyStore(input *DeletePolicyStoreInput) (*DeletePolicyStoreOutput, error)

DeletePolicyStore API operation for Amazon Verified Permissions.

Deletes the specified policy store.

This operation is idempotent. If you specify a policy store that does not exist, the request response will still return a successful HTTP 200 status code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeletePolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore

func (*VerifiedPermissions) DeletePolicyStoreRequest 

func (c *VerifiedPermissions) DeletePolicyStoreRequest(input *DeletePolicyStoreInput) (req *request.Request, output *DeletePolicyStoreOutput)

DeletePolicyStoreRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyStore for more information on using the DeletePolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the DeletePolicyStoreRequest method.
req, resp := client.DeletePolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyStore

func (*VerifiedPermissions) DeletePolicyStoreWithContext 

func (c *VerifiedPermissions) DeletePolicyStoreWithContext(ctx aws.Context, input *DeletePolicyStoreInput, opts ...request.Option) (*DeletePolicyStoreOutput, error)

DeletePolicyStoreWithContext is the same as DeletePolicyStore with the addition of the ability to pass a context and additional request options.

See DeletePolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeletePolicyTemplate 

func (c *VerifiedPermissions) DeletePolicyTemplate(input *DeletePolicyTemplateInput) (*DeletePolicyTemplateOutput, error)

DeletePolicyTemplate API operation for Amazon Verified Permissions.

Deletes the specified policy template from the policy store.

This operation also deletes any policies that were created from the specified policy template. Those policies are immediately removed from all future API responses, and are asynchronously deleted from the policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation DeletePolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate

func (*VerifiedPermissions) DeletePolicyTemplateRequest 

func (c *VerifiedPermissions) DeletePolicyTemplateRequest(input *DeletePolicyTemplateInput) (req *request.Request, output *DeletePolicyTemplateOutput)

DeletePolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyTemplate for more information on using the DeletePolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the DeletePolicyTemplateRequest method.
req, resp := client.DeletePolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/DeletePolicyTemplate

func (*VerifiedPermissions) DeletePolicyTemplateWithContext 

func (c *VerifiedPermissions) DeletePolicyTemplateWithContext(ctx aws.Context, input *DeletePolicyTemplateInput, opts ...request.Option) (*DeletePolicyTemplateOutput, error)

DeletePolicyTemplateWithContext is the same as DeletePolicyTemplate with the addition of the ability to pass a context and additional request options.

See DeletePolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) DeletePolicyWithContext 

func (c *VerifiedPermissions) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error)

DeletePolicyWithContext is the same as DeletePolicy with the addition of the ability to pass a context and additional request options.

See DeletePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetIdentitySource 

func (c *VerifiedPermissions) GetIdentitySource(input *GetIdentitySourceInput) (*GetIdentitySourceOutput, error)

GetIdentitySource API operation for Amazon Verified Permissions.

Retrieves the details about the specified identity source.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource

func (*VerifiedPermissions) GetIdentitySourceRequest 

func (c *VerifiedPermissions) GetIdentitySourceRequest(input *GetIdentitySourceInput) (req *request.Request, output *GetIdentitySourceOutput)

GetIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the GetIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetIdentitySource for more information on using the GetIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the GetIdentitySourceRequest method.
req, resp := client.GetIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource

func (*VerifiedPermissions) GetIdentitySourceWithContext 

func (c *VerifiedPermissions) GetIdentitySourceWithContext(ctx aws.Context, input *GetIdentitySourceInput, opts ...request.Option) (*GetIdentitySourceOutput, error)

GetIdentitySourceWithContext is the same as GetIdentitySource with the addition of the ability to pass a context and additional request options.

See GetIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetPolicy 

func (c *VerifiedPermissions) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error)

GetPolicy API operation for Amazon Verified Permissions.

Retrieves information about the specified policy.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetPolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy

func (*VerifiedPermissions) GetPolicyRequest 

func (c *VerifiedPermissions) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput)

GetPolicyRequest generates a "aws/request.Request" representing the client's request for the GetPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicy for more information on using the GetPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the GetPolicyRequest method.
req, resp := client.GetPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicy

func (*VerifiedPermissions) GetPolicyStore 

func (c *VerifiedPermissions) GetPolicyStore(input *GetPolicyStoreInput) (*GetPolicyStoreOutput, error)

GetPolicyStore API operation for Amazon Verified Permissions.

Retrieves details about a policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetPolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore

func (*VerifiedPermissions) GetPolicyStoreRequest 

func (c *VerifiedPermissions) GetPolicyStoreRequest(input *GetPolicyStoreInput) (req *request.Request, output *GetPolicyStoreOutput)

GetPolicyStoreRequest generates a "aws/request.Request" representing the client's request for the GetPolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyStore for more information on using the GetPolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the GetPolicyStoreRequest method.
req, resp := client.GetPolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyStore

func (*VerifiedPermissions) GetPolicyStoreWithContext 

func (c *VerifiedPermissions) GetPolicyStoreWithContext(ctx aws.Context, input *GetPolicyStoreInput, opts ...request.Option) (*GetPolicyStoreOutput, error)

GetPolicyStoreWithContext is the same as GetPolicyStore with the addition of the ability to pass a context and additional request options.

See GetPolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetPolicyTemplate 

func (c *VerifiedPermissions) GetPolicyTemplate(input *GetPolicyTemplateInput) (*GetPolicyTemplateOutput, error)

GetPolicyTemplate API operation for Amazon Verified Permissions.

Retrieve the details for the specified policy template in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetPolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate

func (*VerifiedPermissions) GetPolicyTemplateRequest 

func (c *VerifiedPermissions) GetPolicyTemplateRequest(input *GetPolicyTemplateInput) (req *request.Request, output *GetPolicyTemplateOutput)

GetPolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the GetPolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyTemplate for more information on using the GetPolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the GetPolicyTemplateRequest method.
req, resp := client.GetPolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetPolicyTemplate

func (*VerifiedPermissions) GetPolicyTemplateWithContext 

func (c *VerifiedPermissions) GetPolicyTemplateWithContext(ctx aws.Context, input *GetPolicyTemplateInput, opts ...request.Option) (*GetPolicyTemplateOutput, error)

GetPolicyTemplateWithContext is the same as GetPolicyTemplate with the addition of the ability to pass a context and additional request options.

See GetPolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetPolicyWithContext 

func (c *VerifiedPermissions) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error)

GetPolicyWithContext is the same as GetPolicy with the addition of the ability to pass a context and additional request options.

See GetPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) GetSchema 

func (c *VerifiedPermissions) GetSchema(input *GetSchemaInput) (*GetSchemaOutput, error)

GetSchema API operation for Amazon Verified Permissions.

Retrieve the details for the specified schema in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation GetSchema for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema

func (*VerifiedPermissions) GetSchemaRequest 

func (c *VerifiedPermissions) GetSchemaRequest(input *GetSchemaInput) (req *request.Request, output *GetSchemaOutput)

GetSchemaRequest generates a "aws/request.Request" representing the client's request for the GetSchema operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSchema for more information on using the GetSchema API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the GetSchemaRequest method.
req, resp := client.GetSchemaRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetSchema

func (*VerifiedPermissions) GetSchemaWithContext 

func (c *VerifiedPermissions) GetSchemaWithContext(ctx aws.Context, input *GetSchemaInput, opts ...request.Option) (*GetSchemaOutput, error)

GetSchemaWithContext is the same as GetSchema with the addition of the ability to pass a context and additional request options.

See GetSchema for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) IsAuthorized 

func (c *VerifiedPermissions) IsAuthorized(input *IsAuthorizedInput) (*IsAuthorizedOutput, error)

IsAuthorized API operation for Amazon Verified Permissions.

Makes an authorization decision about a service request described in the parameters. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation IsAuthorized for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized

func (*VerifiedPermissions) IsAuthorizedRequest 

func (c *VerifiedPermissions) IsAuthorizedRequest(input *IsAuthorizedInput) (req *request.Request, output *IsAuthorizedOutput)

IsAuthorizedRequest generates a "aws/request.Request" representing the client's request for the IsAuthorized operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See IsAuthorized for more information on using the IsAuthorized API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the IsAuthorizedRequest method.
req, resp := client.IsAuthorizedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorized

func (*VerifiedPermissions) IsAuthorizedWithContext 

func (c *VerifiedPermissions) IsAuthorizedWithContext(ctx aws.Context, input *IsAuthorizedInput, opts ...request.Option) (*IsAuthorizedOutput, error)

IsAuthorizedWithContext is the same as IsAuthorized with the addition of the ability to pass a context and additional request options.

See IsAuthorized for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) IsAuthorizedWithToken 

func (c *VerifiedPermissions) IsAuthorizedWithToken(input *IsAuthorizedWithTokenInput) (*IsAuthorizedWithTokenOutput, error)

IsAuthorizedWithToken API operation for Amazon Verified Permissions.

Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source in the form of an identity token formatted as a JSON web token (JWT) (https://wikipedia.org/wiki/JSON_Web_Token). The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either Allow or Deny, along with a list of the policies that resulted in the decision.

At this time, Verified Permissions accepts tokens from only Amazon Cognito.

Verified Permissions validates each token that is specified in a request by checking its expiration date and its signature.

Tokens from an identity source user continue to be usable until they expire. Token revocation and resource deletion have no effect on the validity of a token in your policy store

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation IsAuthorizedWithToken for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken

func (*VerifiedPermissions) IsAuthorizedWithTokenRequest 

func (c *VerifiedPermissions) IsAuthorizedWithTokenRequest(input *IsAuthorizedWithTokenInput) (req *request.Request, output *IsAuthorizedWithTokenOutput)

IsAuthorizedWithTokenRequest generates a "aws/request.Request" representing the client's request for the IsAuthorizedWithToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See IsAuthorizedWithToken for more information on using the IsAuthorizedWithToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the IsAuthorizedWithTokenRequest method.
req, resp := client.IsAuthorizedWithTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken

func (*VerifiedPermissions) IsAuthorizedWithTokenWithContext 

func (c *VerifiedPermissions) IsAuthorizedWithTokenWithContext(ctx aws.Context, input *IsAuthorizedWithTokenInput, opts ...request.Option) (*IsAuthorizedWithTokenOutput, error)

IsAuthorizedWithTokenWithContext is the same as IsAuthorizedWithToken with the addition of the ability to pass a context and additional request options.

See IsAuthorizedWithToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListIdentitySources 

func (c *VerifiedPermissions) ListIdentitySources(input *ListIdentitySourcesInput) (*ListIdentitySourcesOutput, error)

ListIdentitySources API operation for Amazon Verified Permissions.

Returns a paginated list of all of the identity sources defined in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListIdentitySources for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources

func (*VerifiedPermissions) ListIdentitySourcesPages 

func (c *VerifiedPermissions) ListIdentitySourcesPages(input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool) error

ListIdentitySourcesPages iterates over the pages of a ListIdentitySources operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListIdentitySources method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service. 

// Example iterating over at most 3 pages of a ListIdentitySources operation.
pageNum := 0
err := client.ListIdentitySourcesPages(params,
    func(page *verifiedpermissions.ListIdentitySourcesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListIdentitySourcesPagesWithContext 

func (c *VerifiedPermissions) ListIdentitySourcesPagesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, fn func(*ListIdentitySourcesOutput, bool) bool, opts ...request.Option) error

ListIdentitySourcesPagesWithContext same as ListIdentitySourcesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListIdentitySourcesRequest 

func (c *VerifiedPermissions) ListIdentitySourcesRequest(input *ListIdentitySourcesInput) (req *request.Request, output *ListIdentitySourcesOutput)

ListIdentitySourcesRequest generates a "aws/request.Request" representing the client's request for the ListIdentitySources operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListIdentitySources for more information on using the ListIdentitySources API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the ListIdentitySourcesRequest method.
req, resp := client.ListIdentitySourcesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources

func (*VerifiedPermissions) ListIdentitySourcesWithContext 

func (c *VerifiedPermissions) ListIdentitySourcesWithContext(ctx aws.Context, input *ListIdentitySourcesInput, opts ...request.Option) (*ListIdentitySourcesOutput, error)

ListIdentitySourcesWithContext is the same as ListIdentitySources with the addition of the ability to pass a context and additional request options.

See ListIdentitySources for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicies 

func (c *VerifiedPermissions) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error)

ListPolicies API operation for Amazon Verified Permissions.

Returns a paginated list of all policies stored in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListPolicies for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies

func (*VerifiedPermissions) ListPoliciesPages 

func (c *VerifiedPermissions) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error

ListPoliciesPages iterates over the pages of a ListPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service. 

// Example iterating over at most 3 pages of a ListPolicies operation.
pageNum := 0
err := client.ListPoliciesPages(params,
    func(page *verifiedpermissions.ListPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListPoliciesPagesWithContext 

func (c *VerifiedPermissions) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error

ListPoliciesPagesWithContext same as ListPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPoliciesRequest 

func (c *VerifiedPermissions) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput)

ListPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicies for more information on using the ListPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the ListPoliciesRequest method.
req, resp := client.ListPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicies

func (*VerifiedPermissions) ListPoliciesWithContext 

func (c *VerifiedPermissions) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error)

ListPoliciesWithContext is the same as ListPolicies with the addition of the ability to pass a context and additional request options.

See ListPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyStores 

func (c *VerifiedPermissions) ListPolicyStores(input *ListPolicyStoresInput) (*ListPolicyStoresOutput, error)

ListPolicyStores API operation for Amazon Verified Permissions.

Returns a paginated list of all policy stores in the calling Amazon Web Services account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListPolicyStores for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores

func (*VerifiedPermissions) ListPolicyStoresPages 

func (c *VerifiedPermissions) ListPolicyStoresPages(input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool) error

ListPolicyStoresPages iterates over the pages of a ListPolicyStores operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyStores method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service. 

// Example iterating over at most 3 pages of a ListPolicyStores operation.
pageNum := 0
err := client.ListPolicyStoresPages(params,
    func(page *verifiedpermissions.ListPolicyStoresOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListPolicyStoresPagesWithContext 

func (c *VerifiedPermissions) ListPolicyStoresPagesWithContext(ctx aws.Context, input *ListPolicyStoresInput, fn func(*ListPolicyStoresOutput, bool) bool, opts ...request.Option) error

ListPolicyStoresPagesWithContext same as ListPolicyStoresPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyStoresRequest 

func (c *VerifiedPermissions) ListPolicyStoresRequest(input *ListPolicyStoresInput) (req *request.Request, output *ListPolicyStoresOutput)

ListPolicyStoresRequest generates a "aws/request.Request" representing the client's request for the ListPolicyStores operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyStores for more information on using the ListPolicyStores API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the ListPolicyStoresRequest method.
req, resp := client.ListPolicyStoresRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyStores

func (*VerifiedPermissions) ListPolicyStoresWithContext 

func (c *VerifiedPermissions) ListPolicyStoresWithContext(ctx aws.Context, input *ListPolicyStoresInput, opts ...request.Option) (*ListPolicyStoresOutput, error)

ListPolicyStoresWithContext is the same as ListPolicyStores with the addition of the ability to pass a context and additional request options.

See ListPolicyStores for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyTemplates 

func (c *VerifiedPermissions) ListPolicyTemplates(input *ListPolicyTemplatesInput) (*ListPolicyTemplatesOutput, error)

ListPolicyTemplates API operation for Amazon Verified Permissions.

Returns a paginated list of all policy templates in the specified policy store.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation ListPolicyTemplates for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates

func (*VerifiedPermissions) ListPolicyTemplatesPages 

func (c *VerifiedPermissions) ListPolicyTemplatesPages(input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool) error

ListPolicyTemplatesPages iterates over the pages of a ListPolicyTemplates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyTemplates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service. 

// Example iterating over at most 3 pages of a ListPolicyTemplates operation.
pageNum := 0
err := client.ListPolicyTemplatesPages(params,
    func(page *verifiedpermissions.ListPolicyTemplatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*VerifiedPermissions) ListPolicyTemplatesPagesWithContext 

func (c *VerifiedPermissions) ListPolicyTemplatesPagesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, fn func(*ListPolicyTemplatesOutput, bool) bool, opts ...request.Option) error

ListPolicyTemplatesPagesWithContext same as ListPolicyTemplatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) ListPolicyTemplatesRequest 

func (c *VerifiedPermissions) ListPolicyTemplatesRequest(input *ListPolicyTemplatesInput) (req *request.Request, output *ListPolicyTemplatesOutput)

ListPolicyTemplatesRequest generates a "aws/request.Request" representing the client's request for the ListPolicyTemplates operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyTemplates for more information on using the ListPolicyTemplates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the ListPolicyTemplatesRequest method.
req, resp := client.ListPolicyTemplatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListPolicyTemplates

func (*VerifiedPermissions) ListPolicyTemplatesWithContext 

func (c *VerifiedPermissions) ListPolicyTemplatesWithContext(ctx aws.Context, input *ListPolicyTemplatesInput, opts ...request.Option) (*ListPolicyTemplatesOutput, error)

ListPolicyTemplatesWithContext is the same as ListPolicyTemplates with the addition of the ability to pass a context and additional request options.

See ListPolicyTemplates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) PutSchema 

func (c *VerifiedPermissions) PutSchema(input *PutSchemaInput) (*PutSchemaOutput, error)

PutSchema API operation for Amazon Verified Permissions.

Creates or updates the policy schema in the specified policy store. The schema is used to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation PutSchema for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema

func (*VerifiedPermissions) PutSchemaRequest 

func (c *VerifiedPermissions) PutSchemaRequest(input *PutSchemaInput) (req *request.Request, output *PutSchemaOutput)

PutSchemaRequest generates a "aws/request.Request" representing the client's request for the PutSchema operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutSchema for more information on using the PutSchema API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the PutSchemaRequest method.
req, resp := client.PutSchemaRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/PutSchema

func (*VerifiedPermissions) PutSchemaWithContext 

func (c *VerifiedPermissions) PutSchemaWithContext(ctx aws.Context, input *PutSchemaInput, opts ...request.Option) (*PutSchemaOutput, error)

PutSchemaWithContext is the same as PutSchema with the addition of the ability to pass a context and additional request options.

See PutSchema for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdateIdentitySource 

func (c *VerifiedPermissions) UpdateIdentitySource(input *UpdateIdentitySourceInput) (*UpdateIdentitySourceOutput, error)

UpdateIdentitySource API operation for Amazon Verified Permissions.

Updates the specified identity source to use a new identity provider (IdP), or to change the mapping of identities from the IdP to a different principal entity type.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdateIdentitySource for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource

func (*VerifiedPermissions) UpdateIdentitySourceRequest 

func (c *VerifiedPermissions) UpdateIdentitySourceRequest(input *UpdateIdentitySourceInput) (req *request.Request, output *UpdateIdentitySourceOutput)

UpdateIdentitySourceRequest generates a "aws/request.Request" representing the client's request for the UpdateIdentitySource operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateIdentitySource for more information on using the UpdateIdentitySource API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the UpdateIdentitySourceRequest method.
req, resp := client.UpdateIdentitySourceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateIdentitySource

func (*VerifiedPermissions) UpdateIdentitySourceWithContext 

func (c *VerifiedPermissions) UpdateIdentitySourceWithContext(ctx aws.Context, input *UpdateIdentitySourceInput, opts ...request.Option) (*UpdateIdentitySourceOutput, error)

UpdateIdentitySourceWithContext is the same as UpdateIdentitySource with the addition of the ability to pass a context and additional request options.

See UpdateIdentitySource for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdatePolicy 

func (c *VerifiedPermissions) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error)

UpdatePolicy API operation for Amazon Verified Permissions.

Modifies a Cedar static policy in the specified policy store. You can change only certain elements of the UpdatePolicyDefinition (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyInput.html#amazonverifiedpermissions-UpdatePolicy-request-UpdatePolicyDefinition) parameter. You can directly update only static policies. To change a template-linked policy, you must update the template instead, using UpdatePolicyTemplate (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html).

  • If policy validation is enabled in the policy store, then updating a static policy causes Verified Permissions to validate the policy against the schema in the policy store. If the updated static policy doesn't pass validation, the operation fails and the update isn't stored.

  • When you edit a static policy, you can change only certain elements of a static policy: The action referenced by the policy. A condition clause, such as when and unless. You can't change these elements of a static policy: Changing a policy from a static policy to a template-linked policy. Changing the effect of a static policy from permit or forbid. The principal referenced by a static policy. The resource referenced by a static policy.

  • To update a template-linked policy, you must update the template instead.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdatePolicy for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ServiceQuotaExceededException The request failed because it would cause a service quota to be exceeded.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy

func (*VerifiedPermissions) UpdatePolicyRequest 

func (c *VerifiedPermissions) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput)

UpdatePolicyRequest generates a "aws/request.Request" representing the client's request for the UpdatePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdatePolicy for more information on using the UpdatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the UpdatePolicyRequest method.
req, resp := client.UpdatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicy

func (*VerifiedPermissions) UpdatePolicyStore 

func (c *VerifiedPermissions) UpdatePolicyStore(input *UpdatePolicyStoreInput) (*UpdatePolicyStoreOutput, error)

UpdatePolicyStore API operation for Amazon Verified Permissions.

Modifies the validation setting for a policy store.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdatePolicyStore for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore

func (*VerifiedPermissions) UpdatePolicyStoreRequest 

func (c *VerifiedPermissions) UpdatePolicyStoreRequest(input *UpdatePolicyStoreInput) (req *request.Request, output *UpdatePolicyStoreOutput)

UpdatePolicyStoreRequest generates a "aws/request.Request" representing the client's request for the UpdatePolicyStore operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdatePolicyStore for more information on using the UpdatePolicyStore API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the UpdatePolicyStoreRequest method.
req, resp := client.UpdatePolicyStoreRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyStore

func (*VerifiedPermissions) UpdatePolicyStoreWithContext 

func (c *VerifiedPermissions) UpdatePolicyStoreWithContext(ctx aws.Context, input *UpdatePolicyStoreInput, opts ...request.Option) (*UpdatePolicyStoreOutput, error)

UpdatePolicyStoreWithContext is the same as UpdatePolicyStore with the addition of the ability to pass a context and additional request options.

See UpdatePolicyStore for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdatePolicyTemplate 

func (c *VerifiedPermissions) UpdatePolicyTemplate(input *UpdatePolicyTemplateInput) (*UpdatePolicyTemplateOutput, error)

UpdatePolicyTemplate API operation for Amazon Verified Permissions.

Updates the specified policy template. You can update only the description and the some elements of the policyBody (https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyTemplate.html#amazonverifiedpermissions-UpdatePolicyTemplate-request-policyBody).

Changes you make to the policy template content are immediately (within the constraints of eventual consistency) reflected in authorization decisions that involve all template-linked policies instantiated from this template.

Verified Permissions is eventually consistent (https://wikipedia.org/wiki/Eventual_consistency) . It can take a few seconds for a new or changed element to propagate through the service and be visible in the results of other Verified Permissions operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for Amazon Verified Permissions's API operation UpdatePolicyTemplate for usage and error information.

Returned Error Types:

  • ValidationException The request failed because one or more input parameters don't satisfy their constraint requirements. The output is provided as a list of fields and a reason for each field that isn't valid.

    The possible reasons include the following:

  • UnrecognizedEntityType The policy includes an entity type that isn't found in the schema.

  • UnrecognizedActionId The policy includes an action id that isn't found in the schema.

  • InvalidActionApplication The policy includes an action that, according to the schema, doesn't support the specified principal and resource.

  • UnexpectedType The policy included an operand that isn't a valid type for the specified operation.

  • IncompatibleTypes The types of elements included in a set, or the types of expressions used in an if...then...else clause aren't compatible in this context.

  • MissingAttribute The policy attempts to access a record or entity attribute that isn't specified in the schema. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • UnsafeOptionalAttributeAccess The policy attempts to access a record or entity attribute that is optional and isn't guaranteed to be present. Test for the existence of the attribute first before attempting to access its value. For more information, see the has (presence of attribute test) operator (https://docs.cedarpolicy.com/policies/syntax-operators.html#has-presence-of-attribute-test) in the Cedar Policy Language Guide.

  • ImpossiblePolicy Cedar has determined that a policy condition always evaluates to false. If the policy is always false, it can never apply to any query, and so it can never affect an authorization decision.

  • WrongNumberArguments The policy references an extension type with the wrong number of arguments.

  • FunctionArgumentValidationError Cedar couldn't parse the argument passed to an extension type. For example, a string that is to be parsed as an IPv4 address can contain only digits and the period character.

  • ConflictException The request failed because another request to modify a resource occurred at the same.

  • AccessDeniedException You don't have sufficient access to perform this action.

  • ResourceNotFoundException The request failed because it references a resource that doesn't exist.

  • ThrottlingException The request failed because it exceeded a throttling quota.

  • InternalServerException The request failed because of an internal error. Try your request again later

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate

func (*VerifiedPermissions) UpdatePolicyTemplateRequest 

func (c *VerifiedPermissions) UpdatePolicyTemplateRequest(input *UpdatePolicyTemplateInput) (req *request.Request, output *UpdatePolicyTemplateOutput)

UpdatePolicyTemplateRequest generates a "aws/request.Request" representing the client's request for the UpdatePolicyTemplate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdatePolicyTemplate for more information on using the UpdatePolicyTemplate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic. 

// Example sending a request using the UpdatePolicyTemplateRequest method.
req, resp := client.UpdatePolicyTemplateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdatePolicyTemplate

func (*VerifiedPermissions) UpdatePolicyTemplateWithContext 

func (c *VerifiedPermissions) UpdatePolicyTemplateWithContext(ctx aws.Context, input *UpdatePolicyTemplateInput, opts ...request.Option) (*UpdatePolicyTemplateOutput, error)

UpdatePolicyTemplateWithContext is the same as UpdatePolicyTemplate with the addition of the ability to pass a context and additional request options.

See UpdatePolicyTemplate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*VerifiedPermissions) UpdatePolicyWithContext 

func (c *VerifiedPermissions) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error)

UpdatePolicyWithContext is the same as UpdatePolicy with the addition of the ability to pass a context and additional request options.

See UpdatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

Source Files

View all Source files

Directories

Path Synopsis
Package verifiedpermissionsiface provides an interface to enable mocking the Amazon Verified Permissions service client for testing your code.
 Package verifiedpermissionsiface provides an interface to enable mocking the Amazon Verified Permissions service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.