aws-sdk-verifiedpermissions 1.17.0 → 1.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7b52c7f0f2d0fc36365fa7d6a442e98d0b4d8b0871756f162828120591adbb81
-  data.tar.gz: 25bf1e568d51a4c6a0b6fbf9ac69601709e5b7f144361fd65de49aeb3c50a8e9
+  metadata.gz: b2e2e4bc3c9002c9339678fb29f3c6ce9c8ad6c017b6c3e16528f4dd22c5ab32
+  data.tar.gz: 32987a27b39ea1e5ee5dac39c0bb0e339faea04b805c9d0cb7270168685efcdc
 SHA512:
-  metadata.gz: 77b942c30fe485927fb5aa5de494fc1778a841541e4ae65cc20f373cbb41543f3788ee20cbc2a86b9efd666a0a99ad6121abdb93a04ccc8f6167dd2b5f6d2032
-  data.tar.gz: e231e37a9348a4156382538ea5bc284ad6a37cc8892f61cdf89d67c11cdfd74ca6a835d3140b73db4863aeb8733107ae502c9a3b7716158b8c06ce6e5d02601d
+  metadata.gz: 224a6f6b501cec475a0a375b1f4df6a1adc5973a7d6696e59eade5c53493f0b1d3329458a6db844f74be81caed71a8436342312fb0902192fc13e8df587657d4
+  data.tar.gz: 17cb9addf43c47fab588adcbb689dcf88256ebd5927e274c8092395703d38d57bdfbba8cfc9cf6b4f6761c44799636569aff4eca1c88f52e32ae32894d1e7870

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.18.0 (2024-04-04)
+------------------
+
+* Feature - Adds GroupConfiguration field to Identity Source API's
+
 1.17.0 (2024-03-06)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.17.0
+1.18.0

data/lib/aws-sdk-verifiedpermissions/client.rb

@@ -627,6 +627,9 @@ module Aws::VerifiedPermissions
     #       cognito_user_pool_configuration: {
     #         user_pool_arn: "UserPoolArn", # required
     #         client_ids: ["ClientId"],
+    #         group_configuration: {
+    #           group_entity_type: "GroupEntityType", # required
+    #         },
     #       },
     #     },
     #     principal_entity_type: "PrincipalEntityType",
@@ -1117,6 +1120,7 @@ module Aws::VerifiedPermissions
     #   resp.configuration.cognito_user_pool_configuration.client_ids #=> Array
     #   resp.configuration.cognito_user_pool_configuration.client_ids[0] #=> String
     #   resp.configuration.cognito_user_pool_configuration.issuer #=> String
+    #   resp.configuration.cognito_user_pool_configuration.group_configuration.group_entity_type #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/GetIdentitySource AWS API Documentation
     #
@@ -1495,6 +1499,7 @@ module Aws::VerifiedPermissions
     #   * {Types::IsAuthorizedWithTokenOutput#decision #decision} => String
     #   * {Types::IsAuthorizedWithTokenOutput#determining_policies #determining_policies} => Array<Types::DeterminingPolicyItem>
     #   * {Types::IsAuthorizedWithTokenOutput#errors #errors} => Array<Types::EvaluationErrorItem>
+    #   * {Types::IsAuthorizedWithTokenOutput#principal #principal} => Types::EntityIdentifier
     #
     # @example Request syntax with placeholder values
     #
@@ -1543,6 +1548,8 @@ module Aws::VerifiedPermissions
     #   resp.determining_policies[0].policy_id #=> String
     #   resp.errors #=> Array
     #   resp.errors[0].error_description #=> String
+    #   resp.principal.entity_type #=> String
+    #   resp.principal.entity_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithToken AWS API Documentation
     #
@@ -1623,6 +1630,7 @@ module Aws::VerifiedPermissions
     #   resp.identity_sources[0].configuration.cognito_user_pool_configuration.client_ids #=> Array
     #   resp.identity_sources[0].configuration.cognito_user_pool_configuration.client_ids[0] #=> String
     #   resp.identity_sources[0].configuration.cognito_user_pool_configuration.issuer #=> String
+    #   resp.identity_sources[0].configuration.cognito_user_pool_configuration.group_configuration.group_entity_type #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/ListIdentitySources AWS API Documentation
     #
@@ -1952,6 +1960,9 @@ module Aws::VerifiedPermissions
     #       cognito_user_pool_configuration: {
     #         user_pool_arn: "UserPoolArn", # required
     #         client_ids: ["ClientId"],
+    #         group_configuration: {
+    #           group_entity_type: "GroupEntityType", # required
+    #         },
     #       },
     #     },
     #     principal_entity_type: "PrincipalEntityType",
@@ -2245,7 +2256,7 @@ module Aws::VerifiedPermissions
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-verifiedpermissions'
-      context[:gem_version] = '1.17.0'
+      context[:gem_version] = '1.18.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-verifiedpermissions/client_api.rb

@@ -28,6 +28,9 @@ module Aws::VerifiedPermissions
     BooleanAttribute = Shapes::BooleanShape.new(name: 'BooleanAttribute')
     ClientId = Shapes::StringShape.new(name: 'ClientId')
     ClientIds = Shapes::ListShape.new(name: 'ClientIds')
+    CognitoGroupConfiguration = Shapes::StructureShape.new(name: 'CognitoGroupConfiguration')
+    CognitoGroupConfigurationDetail = Shapes::StructureShape.new(name: 'CognitoGroupConfigurationDetail')
+    CognitoGroupConfigurationItem = Shapes::StructureShape.new(name: 'CognitoGroupConfigurationItem')
     CognitoUserPoolConfiguration = Shapes::StructureShape.new(name: 'CognitoUserPoolConfiguration')
     CognitoUserPoolConfigurationDetail = Shapes::StructureShape.new(name: 'CognitoUserPoolConfigurationDetail')
     CognitoUserPoolConfigurationItem = Shapes::StructureShape.new(name: 'CognitoUserPoolConfigurationItem')
@@ -77,6 +80,7 @@ module Aws::VerifiedPermissions
     GetPolicyTemplateOutput = Shapes::StructureShape.new(name: 'GetPolicyTemplateOutput')
     GetSchemaInput = Shapes::StructureShape.new(name: 'GetSchemaInput')
     GetSchemaOutput = Shapes::StructureShape.new(name: 'GetSchemaOutput')
+    GroupEntityType = Shapes::StringShape.new(name: 'GroupEntityType')
     IdempotencyToken = Shapes::StringShape.new(name: 'IdempotencyToken')
     IdentitySourceDetails = Shapes::StructureShape.new(name: 'IdentitySourceDetails')
     IdentitySourceFilter = Shapes::StructureShape.new(name: 'IdentitySourceFilter')
@@ -149,6 +153,7 @@ module Aws::VerifiedPermissions
     ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
     TimestampFormat = Shapes::TimestampShape.new(name: 'TimestampFormat', timestampFormat: "iso8601")
     Token = Shapes::StringShape.new(name: 'Token')
+    UpdateCognitoGroupConfiguration = Shapes::StructureShape.new(name: 'UpdateCognitoGroupConfiguration')
     UpdateCognitoUserPoolConfiguration = Shapes::StructureShape.new(name: 'UpdateCognitoUserPoolConfiguration')
     UpdateConfiguration = Shapes::UnionShape.new(name: 'UpdateConfiguration')
     UpdateIdentitySourceInput = Shapes::StructureShape.new(name: 'UpdateIdentitySourceInput')
@@ -217,18 +222,30 @@ module Aws::VerifiedPermissions
 
     ClientIds.member = Shapes::ShapeRef.new(shape: ClientId)
 
+    CognitoGroupConfiguration.add_member(:group_entity_type, Shapes::ShapeRef.new(shape: GroupEntityType, required: true, location_name: "groupEntityType"))
+    CognitoGroupConfiguration.struct_class = Types::CognitoGroupConfiguration
+
+    CognitoGroupConfigurationDetail.add_member(:group_entity_type, Shapes::ShapeRef.new(shape: GroupEntityType, location_name: "groupEntityType"))
+    CognitoGroupConfigurationDetail.struct_class = Types::CognitoGroupConfigurationDetail
+
+    CognitoGroupConfigurationItem.add_member(:group_entity_type, Shapes::ShapeRef.new(shape: GroupEntityType, location_name: "groupEntityType"))
+    CognitoGroupConfigurationItem.struct_class = Types::CognitoGroupConfigurationItem
+
     CognitoUserPoolConfiguration.add_member(:user_pool_arn, Shapes::ShapeRef.new(shape: UserPoolArn, required: true, location_name: "userPoolArn"))
     CognitoUserPoolConfiguration.add_member(:client_ids, Shapes::ShapeRef.new(shape: ClientIds, location_name: "clientIds"))
+    CognitoUserPoolConfiguration.add_member(:group_configuration, Shapes::ShapeRef.new(shape: CognitoGroupConfiguration, location_name: "groupConfiguration"))
     CognitoUserPoolConfiguration.struct_class = Types::CognitoUserPoolConfiguration
 
     CognitoUserPoolConfigurationDetail.add_member(:user_pool_arn, Shapes::ShapeRef.new(shape: UserPoolArn, required: true, location_name: "userPoolArn"))
     CognitoUserPoolConfigurationDetail.add_member(:client_ids, Shapes::ShapeRef.new(shape: ClientIds, required: true, location_name: "clientIds"))
     CognitoUserPoolConfigurationDetail.add_member(:issuer, Shapes::ShapeRef.new(shape: Issuer, required: true, location_name: "issuer"))
+    CognitoUserPoolConfigurationDetail.add_member(:group_configuration, Shapes::ShapeRef.new(shape: CognitoGroupConfigurationDetail, location_name: "groupConfiguration"))
     CognitoUserPoolConfigurationDetail.struct_class = Types::CognitoUserPoolConfigurationDetail
 
     CognitoUserPoolConfigurationItem.add_member(:user_pool_arn, Shapes::ShapeRef.new(shape: UserPoolArn, required: true, location_name: "userPoolArn"))
     CognitoUserPoolConfigurationItem.add_member(:client_ids, Shapes::ShapeRef.new(shape: ClientIds, required: true, location_name: "clientIds"))
     CognitoUserPoolConfigurationItem.add_member(:issuer, Shapes::ShapeRef.new(shape: Issuer, required: true, location_name: "issuer"))
+    CognitoUserPoolConfigurationItem.add_member(:group_configuration, Shapes::ShapeRef.new(shape: CognitoGroupConfigurationItem, location_name: "groupConfiguration"))
     CognitoUserPoolConfigurationItem.struct_class = Types::CognitoUserPoolConfigurationItem
 
     Configuration.add_member(:cognito_user_pool_configuration, Shapes::ShapeRef.new(shape: CognitoUserPoolConfiguration, location_name: "cognitoUserPoolConfiguration"))
@@ -488,6 +505,7 @@ module Aws::VerifiedPermissions
     IsAuthorizedWithTokenOutput.add_member(:decision, Shapes::ShapeRef.new(shape: Decision, required: true, location_name: "decision"))
     IsAuthorizedWithTokenOutput.add_member(:determining_policies, Shapes::ShapeRef.new(shape: DeterminingPolicyList, required: true, location_name: "determiningPolicies"))
     IsAuthorizedWithTokenOutput.add_member(:errors, Shapes::ShapeRef.new(shape: EvaluationErrorList, required: true, location_name: "errors"))
+    IsAuthorizedWithTokenOutput.add_member(:principal, Shapes::ShapeRef.new(shape: EntityIdentifier, location_name: "principal"))
     IsAuthorizedWithTokenOutput.struct_class = Types::IsAuthorizedWithTokenOutput
 
     ListIdentitySourcesInput.add_member(:policy_store_id, Shapes::ShapeRef.new(shape: PolicyStoreId, required: true, location_name: "policyStoreId"))
@@ -661,8 +679,12 @@ module Aws::VerifiedPermissions
     ThrottlingException.add_member(:quota_code, Shapes::ShapeRef.new(shape: String, location_name: "quotaCode"))
     ThrottlingException.struct_class = Types::ThrottlingException
 
+    UpdateCognitoGroupConfiguration.add_member(:group_entity_type, Shapes::ShapeRef.new(shape: GroupEntityType, required: true, location_name: "groupEntityType"))
+    UpdateCognitoGroupConfiguration.struct_class = Types::UpdateCognitoGroupConfiguration
+
     UpdateCognitoUserPoolConfiguration.add_member(:user_pool_arn, Shapes::ShapeRef.new(shape: UserPoolArn, required: true, location_name: "userPoolArn"))
     UpdateCognitoUserPoolConfiguration.add_member(:client_ids, Shapes::ShapeRef.new(shape: ClientIds, location_name: "clientIds"))
+    UpdateCognitoUserPoolConfiguration.add_member(:group_configuration, Shapes::ShapeRef.new(shape: UpdateCognitoGroupConfiguration, location_name: "groupConfiguration"))
     UpdateCognitoUserPoolConfiguration.struct_class = Types::UpdateCognitoUserPoolConfiguration
 
     UpdateConfiguration.add_member(:cognito_user_pool_configuration, Shapes::ShapeRef.new(shape: UpdateCognitoUserPoolConfiguration, location_name: "cognitoUserPoolConfiguration"))

data/lib/aws-sdk-verifiedpermissions/types.rb

@@ -201,13 +201,13 @@ module Aws::VerifiedPermissions
     #   @return [Types::EntityIdentifier]
     #
     # @!attribute [rw] action
-    #   Specifies the requested action to be authorized. For example, is the
-    #   principal authorized to perform this action on the resource?
+    #   Specifies the requested action to be authorized. For example,
+    #   `PhotoFlash::ReadPhoto`.
     #   @return [Types::ActionIdentifier]
     #
     # @!attribute [rw] resource
-    #   Specifies the resource for which the authorization decision is to be
-    #   made.
+    #   Specifies the resource that you want an authorization decision for.
+    #   For example, `PhotoFlash::Photo`.
     #   @return [Types::EntityIdentifier]
     #
     # @!attribute [rw] context
@@ -262,9 +262,9 @@ module Aws::VerifiedPermissions
     #   @return [Array<Types::DeterminingPolicyItem>]
     #
     # @!attribute [rw] errors
-    #   Errors that occurred while making an authorization decision, for
-    #   example, a policy references an Entity or entity Attribute that does
-    #   not exist in the slice.
+    #   Errors that occurred while making an authorization decision. For
+    #   example, a policy might reference an entity or attribute that
+    #   doesn't exist in the request.
     #   @return [Array<Types::EvaluationErrorItem>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/BatchIsAuthorizedOutputItem AWS API Documentation
@@ -278,6 +278,78 @@ module Aws::VerifiedPermissions
       include Aws::Structure
     end
 
+    # The type of entity that a policy store maps to groups from an Amazon
+    # Cognito user pool identity source.
+    #
+    # This data type is part of a [CognitoUserPoolConfiguration][1]
+    # structure and is a request parameter in [CreateIdentitySource][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfiguration.html
+    # [2]: https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html
+    #
+    # @!attribute [rw] group_entity_type
+    #   The name of the schema entity type that's mapped to the user pool
+    #   group. Defaults to `AWS::CognitoGroup`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CognitoGroupConfiguration AWS API Documentation
+    #
+    class CognitoGroupConfiguration < Struct.new(
+      :group_entity_type)
+      SENSITIVE = [:group_entity_type]
+      include Aws::Structure
+    end
+
+    # The type of entity that a policy store maps to groups from an Amazon
+    # Cognito user pool identity source.
+    #
+    # This data type is part of an [CognitoUserPoolConfigurationDetail][1]
+    # structure and is a response parameter to [GetIdentitySource][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfigurationItem.html
+    # [2]: https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html
+    #
+    # @!attribute [rw] group_entity_type
+    #   The name of the schema entity type that's mapped to the user pool
+    #   group. Defaults to `AWS::CognitoGroup`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CognitoGroupConfigurationDetail AWS API Documentation
+    #
+    class CognitoGroupConfigurationDetail < Struct.new(
+      :group_entity_type)
+      SENSITIVE = [:group_entity_type]
+      include Aws::Structure
+    end
+
+    # The type of entity that a policy store maps to groups from an Amazon
+    # Cognito user pool identity source.
+    #
+    # This data type is part of an [CognitoUserPoolConfigurationItem][1]
+    # structure and is a response parameter to [ListIdentitySources][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CognitoUserPoolConfigurationDetail.html
+    # [2]: http://forums.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html
+    #
+    # @!attribute [rw] group_entity_type
+    #   The name of the schema entity type that's mapped to the user pool
+    #   group. Defaults to `AWS::CognitoGroup`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CognitoGroupConfigurationItem AWS API Documentation
+    #
+    class CognitoGroupConfigurationItem < Struct.new(
+      :group_entity_type)
+      SENSITIVE = [:group_entity_type]
+      include Aws::Structure
+    end
+
     # The configuration for an identity source that represents a connection
     # to an Amazon Cognito user pool used as an identity provider for
     # Verified Permissions.
@@ -287,7 +359,8 @@ module Aws::VerifiedPermissions
     # [CreateIdentitySource][2].
     #
     # Example:`"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
-    # ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}`
+    # ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration":
+    # \{"groupEntityType": "MyCorp::Group"\}\}`
     #
     #
     #
@@ -313,11 +386,17 @@ module Aws::VerifiedPermissions
     #   Example: `"ClientIds": ["&ExampleCogClientId;"]`
     #   @return [Array<String>]
     #
+    # @!attribute [rw] group_configuration
+    #   The type of entity that a policy store maps to groups from an Amazon
+    #   Cognito user pool identity source.
+    #   @return [Types::CognitoGroupConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CognitoUserPoolConfiguration AWS API Documentation
     #
     class CognitoUserPoolConfiguration < Struct.new(
       :user_pool_arn,
-      :client_ids)
+      :client_ids,
+      :group_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -331,7 +410,8 @@ module Aws::VerifiedPermissions
     # [GetIdentitySource][2].
     #
     # Example:`"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
-    # ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}`
+    # ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration":
+    # \{"groupEntityType": "MyCorp::Group"\}\}`
     #
     #
     #
@@ -365,12 +445,18 @@ module Aws::VerifiedPermissions
     #   "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"`
     #   @return [String]
     #
+    # @!attribute [rw] group_configuration
+    #   The type of entity that a policy store maps to groups from an Amazon
+    #   Cognito user pool identity source.
+    #   @return [Types::CognitoGroupConfigurationDetail]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CognitoUserPoolConfigurationDetail AWS API Documentation
     #
     class CognitoUserPoolConfigurationDetail < Struct.new(
       :user_pool_arn,
       :client_ids,
-      :issuer)
+      :issuer,
+      :group_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -384,7 +470,8 @@ module Aws::VerifiedPermissions
     # [ListIdentitySources][2].
     #
     # Example:`"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
-    # ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}`
+    # ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration":
+    # \{"groupEntityType": "MyCorp::Group"\}\}`
     #
     #
     #
@@ -418,12 +505,18 @@ module Aws::VerifiedPermissions
     #   "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"`
     #   @return [String]
     #
+    # @!attribute [rw] group_configuration
+    #   The type of entity that a policy store maps to groups from an Amazon
+    #   Cognito user pool identity source.
+    #   @return [Types::CognitoGroupConfigurationItem]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/CognitoUserPoolConfigurationItem AWS API Documentation
     #
     class CognitoUserPoolConfigurationItem < Struct.new(
       :user_pool_arn,
       :client_ids,
-      :issuer)
+      :issuer,
+      :group_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -434,7 +527,7 @@ module Aws::VerifiedPermissions
     # <note markdown="1"> At this time, the only valid member of this structure is a Amazon
     # Cognito user pool configuration.
     #
-    #  You must specify a `userPoolArn`, and optionally, a `ClientId`.
+    #  Specifies a `userPoolArn`, a `groupConfiguration`, and a `ClientId`.
     #
     #  </note>
     #
@@ -455,7 +548,8 @@ module Aws::VerifiedPermissions
     #
     #   Example:
     #   `"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
-    #   ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}`
+    #   ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration":
+    #   \{"groupEntityType": "MyCorp::Group"\}\}\}`
     #
     #
     #
@@ -490,11 +584,13 @@ module Aws::VerifiedPermissions
     #   Contains configuration details of a Amazon Cognito user pool that
     #   Verified Permissions can use as a source of authenticated identities
     #   as entities. It specifies the [Amazon Resource Name (ARN)][1] of a
-    #   Amazon Cognito user pool and one or more application client IDs.
+    #   Amazon Cognito user pool, the policy store entity that you want to
+    #   assign to user groups, and one or more application client IDs.
     #
     #   Example:
     #   `"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
-    #   ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}`
+    #   ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration":
+    #   \{"groupEntityType": "MyCorp::Group"\}\}\}`
     #
     #
     #
@@ -529,11 +625,13 @@ module Aws::VerifiedPermissions
     #   Contains configuration details of a Amazon Cognito user pool that
     #   Verified Permissions can use as a source of authenticated identities
     #   as entities. It specifies the [Amazon Resource Name (ARN)][1] of a
-    #   Amazon Cognito user pool and one or more application client IDs.
+    #   Amazon Cognito user pool, the policy store entity that you want to
+    #   assign to user groups, and one or more application client IDs.
     #
     #   Example:
     #   `"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
-    #   ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}`
+    #   ["a1b2c3d4e5f6g7h8i9j0kalbmc"],"groupConfiguration":
+    #   \{"groupEntityType": "MyCorp::Group"\}\}\}`
     #
     #
     #
@@ -1900,12 +1998,17 @@ module Aws::VerifiedPermissions
     #   not exist in the slice.
     #   @return [Array<Types::EvaluationErrorItem>]
     #
+    # @!attribute [rw] principal
+    #   The identifier of the principal in the ID or access token.
+    #   @return [Types::EntityIdentifier]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/IsAuthorizedWithTokenOutput AWS API Documentation
     #
     class IsAuthorizedWithTokenOutput < Struct.new(
       :decision,
       :determining_policies,
-      :errors)
+      :errors,
+      :principal)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2823,6 +2926,22 @@ module Aws::VerifiedPermissions
       include Aws::Structure
     end
 
+    # The user group entities from an Amazon Cognito user pool identity
+    # source.
+    #
+    # @!attribute [rw] group_entity_type
+    #   The name of the schema entity type that's mapped to the user pool
+    #   group. Defaults to `AWS::CognitoGroup`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateCognitoGroupConfiguration AWS API Documentation
+    #
+    class UpdateCognitoGroupConfiguration < Struct.new(
+      :group_entity_type)
+      SENSITIVE = [:group_entity_type]
+      include Aws::Structure
+    end
+
     # Contains configuration details of a Amazon Cognito user pool for use
     # with an identity source.
     #
@@ -2840,11 +2959,17 @@ module Aws::VerifiedPermissions
     #   Amazon Cognito user pool.
     #   @return [Array<String>]
     #
+    # @!attribute [rw] group_configuration
+    #   The configuration of the user groups from an Amazon Cognito user
+    #   pool identity source.
+    #   @return [Types::UpdateCognitoGroupConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/verifiedpermissions-2021-12-01/UpdateCognitoUserPoolConfiguration AWS API Documentation
     #
     class UpdateCognitoUserPoolConfiguration < Struct.new(
       :user_pool_arn,
-      :client_ids)
+      :client_ids,
+      :group_configuration)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-verifiedpermissions.rb

@@ -53,6 +53,6 @@ require_relative 'aws-sdk-verifiedpermissions/customizations'
 # @!group service
 module Aws::VerifiedPermissions
 
-  GEM_VERSION = '1.17.0'
+  GEM_VERSION = '1.18.0'
 
 end

data/sig/client.rbs

@@ -133,7 +133,10 @@ module Aws
                                     configuration: {
                                       cognito_user_pool_configuration: {
                                         user_pool_arn: ::String,
-                                        client_ids: Array[::String]?
+                                        client_ids: Array[::String]?,
+                                        group_configuration: {
+                                          group_entity_type: ::String
+                                        }?
                                       }?
                                     },
                                     ?principal_entity_type: ::String
@@ -375,6 +378,7 @@ module Aws
         def decision: () -> ("ALLOW" | "DENY")
         def determining_policies: () -> ::Array[Types::DeterminingPolicyItem]
         def errors: () -> ::Array[Types::EvaluationErrorItem]
+        def principal: () -> Types::EntityIdentifier
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/VerifiedPermissions/Client.html#is_authorized_with_token-instance_method
       def is_authorized_with_token: (
@@ -516,7 +520,10 @@ module Aws
                                     update_configuration: {
                                       cognito_user_pool_configuration: {
                                         user_pool_arn: ::String,
-                                        client_ids: Array[::String]?
+                                        client_ids: Array[::String]?,
+                                        group_configuration: {
+                                          group_entity_type: ::String
+                                        }?
                                       }?
                                     },
                                     ?principal_entity_type: ::String

data/sig/types.rbs

@@ -73,9 +73,25 @@ module Aws::VerifiedPermissions
       SENSITIVE: []
     end
 
+    class CognitoGroupConfiguration
+      attr_accessor group_entity_type: ::String
+      SENSITIVE: [:group_entity_type]
+    end
+
+    class CognitoGroupConfigurationDetail
+      attr_accessor group_entity_type: ::String
+      SENSITIVE: [:group_entity_type]
+    end
+
+    class CognitoGroupConfigurationItem
+      attr_accessor group_entity_type: ::String
+      SENSITIVE: [:group_entity_type]
+    end
+
     class CognitoUserPoolConfiguration
       attr_accessor user_pool_arn: ::String
       attr_accessor client_ids: ::Array[::String]
+      attr_accessor group_configuration: Types::CognitoGroupConfiguration
       SENSITIVE: []
     end
 
@@ -83,6 +99,7 @@ module Aws::VerifiedPermissions
       attr_accessor user_pool_arn: ::String
       attr_accessor client_ids: ::Array[::String]
       attr_accessor issuer: ::String
+      attr_accessor group_configuration: Types::CognitoGroupConfigurationDetail
       SENSITIVE: []
     end
 
@@ -90,6 +107,7 @@ module Aws::VerifiedPermissions
       attr_accessor user_pool_arn: ::String
       attr_accessor client_ids: ::Array[::String]
       attr_accessor issuer: ::String
+      attr_accessor group_configuration: Types::CognitoGroupConfigurationItem
       SENSITIVE: []
     end
 
@@ -440,6 +458,7 @@ module Aws::VerifiedPermissions
       attr_accessor decision: ("ALLOW" | "DENY")
       attr_accessor determining_policies: ::Array[Types::DeterminingPolicyItem]
       attr_accessor errors: ::Array[Types::EvaluationErrorItem]
+      attr_accessor principal: Types::EntityIdentifier
       SENSITIVE: []
     end
 
@@ -668,9 +687,15 @@ module Aws::VerifiedPermissions
       SENSITIVE: []
     end
 
+    class UpdateCognitoGroupConfiguration
+      attr_accessor group_entity_type: ::String
+      SENSITIVE: [:group_entity_type]
+    end
+
     class UpdateCognitoUserPoolConfiguration
       attr_accessor user_pool_arn: ::String
       attr_accessor client_ids: ::Array[::String]
+      attr_accessor group_configuration: Types::UpdateCognitoGroupConfiguration
       SENSITIVE: []
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-verifiedpermissions
 version: !ruby/object:Gem::Version
-  version: 1.17.0
+  version: 1.18.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-06 00:00:00.000000000 Z
+date: 2024-04-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core