@aws-sdk/client-verifiedpermissions 3.533.0 → 3.535.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/dist-types/VerifiedPermissions.d.ts +2 -1
  2. package/dist-types/VerifiedPermissionsClient.d.ts +1 -1
  3. package/dist-types/commands/BatchIsAuthorizedCommand.d.ts +2 -1
  4. package/dist-types/commands/CreateIdentitySourceCommand.d.ts +2 -1
  5. package/dist-types/commands/CreatePolicyCommand.d.ts +2 -1
  6. package/dist-types/commands/CreatePolicyStoreCommand.d.ts +2 -1
  7. package/dist-types/commands/CreatePolicyTemplateCommand.d.ts +2 -1
  8. package/dist-types/commands/DeleteIdentitySourceCommand.d.ts +2 -1
  9. package/dist-types/commands/DeletePolicyCommand.d.ts +2 -1
  10. package/dist-types/commands/DeletePolicyStoreCommand.d.ts +2 -1
  11. package/dist-types/commands/DeletePolicyTemplateCommand.d.ts +2 -1
  12. package/dist-types/commands/GetIdentitySourceCommand.d.ts +2 -1
  13. package/dist-types/commands/GetPolicyCommand.d.ts +2 -1
  14. package/dist-types/commands/GetPolicyStoreCommand.d.ts +2 -1
  15. package/dist-types/commands/GetPolicyTemplateCommand.d.ts +2 -1
  16. package/dist-types/commands/GetSchemaCommand.d.ts +2 -1
  17. package/dist-types/commands/IsAuthorizedCommand.d.ts +2 -1
  18. package/dist-types/commands/IsAuthorizedWithTokenCommand.d.ts +2 -1
  19. package/dist-types/commands/ListIdentitySourcesCommand.d.ts +2 -1
  20. package/dist-types/commands/ListPoliciesCommand.d.ts +2 -1
  21. package/dist-types/commands/ListPolicyStoresCommand.d.ts +2 -1
  22. package/dist-types/commands/ListPolicyTemplatesCommand.d.ts +2 -1
  23. package/dist-types/commands/PutSchemaCommand.d.ts +2 -1
  24. package/dist-types/commands/UpdateIdentitySourceCommand.d.ts +2 -1
  25. package/dist-types/commands/UpdatePolicyCommand.d.ts +2 -1
  26. package/dist-types/commands/UpdatePolicyStoreCommand.d.ts +2 -1
  27. package/dist-types/commands/UpdatePolicyTemplateCommand.d.ts +2 -1
  28. package/dist-types/models/models_0.d.ts +332 -334
  29. package/dist-types/ts3.4/VerifiedPermissions.d.ts +1 -0
  30. package/dist-types/ts3.4/commands/BatchIsAuthorizedCommand.d.ts +9 -0
  31. package/dist-types/ts3.4/commands/CreateIdentitySourceCommand.d.ts +9 -0
  32. package/dist-types/ts3.4/commands/CreatePolicyCommand.d.ts +9 -0
  33. package/dist-types/ts3.4/commands/CreatePolicyStoreCommand.d.ts +9 -0
  34. package/dist-types/ts3.4/commands/CreatePolicyTemplateCommand.d.ts +9 -0
  35. package/dist-types/ts3.4/commands/DeleteIdentitySourceCommand.d.ts +9 -0
  36. package/dist-types/ts3.4/commands/DeletePolicyCommand.d.ts +9 -0
  37. package/dist-types/ts3.4/commands/DeletePolicyStoreCommand.d.ts +9 -0
  38. package/dist-types/ts3.4/commands/DeletePolicyTemplateCommand.d.ts +9 -0
  39. package/dist-types/ts3.4/commands/GetIdentitySourceCommand.d.ts +9 -0
  40. package/dist-types/ts3.4/commands/GetPolicyCommand.d.ts +9 -0
  41. package/dist-types/ts3.4/commands/GetPolicyStoreCommand.d.ts +9 -0
  42. package/dist-types/ts3.4/commands/GetPolicyTemplateCommand.d.ts +9 -0
  43. package/dist-types/ts3.4/commands/GetSchemaCommand.d.ts +9 -0
  44. package/dist-types/ts3.4/commands/IsAuthorizedCommand.d.ts +9 -0
  45. package/dist-types/ts3.4/commands/IsAuthorizedWithTokenCommand.d.ts +9 -0
  46. package/dist-types/ts3.4/commands/ListIdentitySourcesCommand.d.ts +9 -0
  47. package/dist-types/ts3.4/commands/ListPoliciesCommand.d.ts +9 -0
  48. package/dist-types/ts3.4/commands/ListPolicyStoresCommand.d.ts +9 -0
  49. package/dist-types/ts3.4/commands/ListPolicyTemplatesCommand.d.ts +9 -0
  50. package/dist-types/ts3.4/commands/PutSchemaCommand.d.ts +9 -0
  51. package/dist-types/ts3.4/commands/UpdateIdentitySourceCommand.d.ts +9 -0
  52. package/dist-types/ts3.4/commands/UpdatePolicyCommand.d.ts +9 -0
  53. package/dist-types/ts3.4/commands/UpdatePolicyStoreCommand.d.ts +9 -0
  54. package/dist-types/ts3.4/commands/UpdatePolicyTemplateCommand.d.ts +9 -0
  55. package/package.json +40 -40
package/dist-types/models/models_0.d.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
2
2
  import { VerifiedPermissionsServiceException as __BaseException } from "./VerifiedPermissionsServiceException";
3
3
  /**
4
- * @public
5
4
  * <p>You don't have sufficient access to perform this action.</p>
5
+ * @public
6
6
  */
7
7
  export declare class AccessDeniedException extends __BaseException {
8
8
  readonly name: "AccessDeniedException";
@@ -13,7 +13,6 @@ export declare class AccessDeniedException extends __BaseException {
13
13
  constructor(opts: __ExceptionOptionType<AccessDeniedException, __BaseException>);
14
14
  }
15
15
  /**
16
- * @public
17
16
  * <p>Contains information about an action for a request for which an authorization decision
18
17
  * is made.</p>
19
18
  * <p>This data type is used as a request parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
@@ -21,21 +20,21 @@ export declare class AccessDeniedException extends __BaseException {
21
20
  * <p>Example: <code>\{ "actionId": "&lt;action name&gt;", "actionType": "Action"
22
21
  * \}</code>
23
22
  * </p>
23
+ * @public
24
24
  */
25
25
  export interface ActionIdentifier {
26
26
  /**
27
- * @public
28
27
  * <p>The type of an action.</p>
28
+ * @public
29
29
  */
30
30
  actionType: string | undefined;
31
31
  /**
32
- * @public
33
32
  * <p>The ID of an action.</p>
33
+ * @public
34
34
  */
35
35
  actionId: string | undefined;
36
36
  }
37
37
  /**
38
- * @public
39
38
  * <p>Contains the identifier of an entity, including its ID and type.</p>
40
39
  * <p>This data type is used as a request parameter for <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a> operation, and as a
41
40
  * response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html">GetPolicy</a>, and
@@ -43,21 +42,22 @@ export interface ActionIdentifier {
43
42
  * <p>Example:
44
43
  * <code>\{"entityId":"<i>string</i>","entityType":"<i>string</i>"\}</code>
45
44
  * </p>
45
+ * @public
46
46
  */
47
47
  export interface EntityIdentifier {
48
48
  /**
49
- * @public
50
49
  * <p>The type of an entity.</p>
51
50
  * <p>Example: <code>"entityType":"<i>typeName</i>"</code>
52
51
  * </p>
52
+ * @public
53
53
  */
54
54
  entityType: string | undefined;
55
55
  /**
56
- * @public
57
56
  * <p>The identifier of an entity.</p>
58
57
  * <p>
59
58
  * <code>"entityId":"<i>identifier</i>"</code>
60
59
  * </p>
60
+ * @public
61
61
  */
62
62
  entityId: string | undefined;
63
63
  }
@@ -74,38 +74,38 @@ export declare const Decision: {
74
74
  */
75
75
  export type Decision = (typeof Decision)[keyof typeof Decision];
76
76
  /**
77
- * @public
78
77
  * <p>Contains information about one of the policies that determined an authorization
79
78
  * decision.</p>
80
79
  * <p>This data type is used as an element in a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
81
80
  * operations.</p>
82
81
  * <p>Example: <code>"determiningPolicies":[\{"policyId":"SPEXAMPLEabcdefg111111"\}]</code>
83
82
  * </p>
83
+ * @public
84
84
  */
85
85
  export interface DeterminingPolicyItem {
86
86
  /**
87
- * @public
88
87
  * <p>The Id of a policy that determined to an authorization decision.</p>
89
88
  * <p>Example: <code>"policyId":"SPEXAMPLEabcdefg111111"</code>
90
89
  * </p>
90
+ * @public
91
91
  */
92
92
  policyId: string | undefined;
93
93
  }
94
94
  /**
95
- * @public
96
95
  * <p>Contains a description of an evaluation error.</p>
97
96
  * <p>This data type is a response parameter of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a> operations.</p>
97
+ * @public
98
98
  */
99
99
  export interface EvaluationErrorItem {
100
100
  /**
101
- * @public
102
101
  * <p>The error description.</p>
102
+ * @public
103
103
  */
104
104
  errorDescription: string | undefined;
105
105
  }
106
106
  /**
107
- * @public
108
107
  * <p>The request failed because of an internal error. Try your request again later</p>
108
+ * @public
109
109
  */
110
110
  export declare class InternalServerException extends __BaseException {
111
111
  readonly name: "InternalServerException";
@@ -132,20 +132,20 @@ export declare const ResourceType: {
132
132
  */
133
133
  export type ResourceType = (typeof ResourceType)[keyof typeof ResourceType];
134
134
  /**
135
- * @public
136
135
  * <p>The request failed because it references a resource that doesn't exist.</p>
136
+ * @public
137
137
  */
138
138
  export declare class ResourceNotFoundException extends __BaseException {
139
139
  readonly name: "ResourceNotFoundException";
140
140
  readonly $fault: "client";
141
141
  /**
142
- * @public
143
142
  * <p>The unique ID of the resource referenced in the failed request.</p>
143
+ * @public
144
144
  */
145
145
  resourceId: string | undefined;
146
146
  /**
147
- * @public
148
147
  * <p>The resource type of the resource referenced in the failed request.</p>
148
+ * @public
149
149
  */
150
150
  resourceType: ResourceType | undefined;
151
151
  /**
@@ -154,8 +154,8 @@ export declare class ResourceNotFoundException extends __BaseException {
154
154
  constructor(opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>);
155
155
  }
156
156
  /**
157
- * @public
158
157
  * <p>The request failed because it exceeded a throttling quota.</p>
158
+ * @public
159
159
  */
160
160
  export declare class ThrottlingException extends __BaseException {
161
161
  readonly name: "ThrottlingException";
@@ -164,13 +164,13 @@ export declare class ThrottlingException extends __BaseException {
164
164
  throttling: boolean;
165
165
  };
166
166
  /**
167
- * @public
168
167
  * <p>The code for the Amazon Web Service that owns the quota.</p>
168
+ * @public
169
169
  */
170
170
  serviceCode?: string;
171
171
  /**
172
- * @public
173
172
  * <p>The quota code recognized by the Amazon Web Services Service Quotas service.</p>
173
+ * @public
174
174
  */
175
175
  quotaCode?: string;
176
176
  /**
@@ -179,23 +179,22 @@ export declare class ThrottlingException extends __BaseException {
179
179
  constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
180
180
  }
181
181
  /**
182
- * @public
183
182
  * <p>Details about a field that failed policy validation.</p>
183
+ * @public
184
184
  */
185
185
  export interface ValidationExceptionField {
186
186
  /**
187
- * @public
188
187
  * <p>The path to the specific element that Verified Permissions found to be not valid.</p>
188
+ * @public
189
189
  */
190
190
  path: string | undefined;
191
191
  /**
192
- * @public
193
192
  * <p>Describes the policy validation error.</p>
193
+ * @public
194
194
  */
195
195
  message: string | undefined;
196
196
  }
197
197
  /**
198
- * @public
199
198
  * <p>The request failed because one or more input parameters don't satisfy their constraint
200
199
  * requirements. The output is provided as a list of fields and a reason for each field that
201
200
  * isn't valid.</p>
@@ -278,13 +277,14 @@ export interface ValidationExceptionField {
278
277
  * period character.</p>
279
278
  * </li>
280
279
  * </ul>
280
+ * @public
281
281
  */
282
282
  export declare class ValidationException extends __BaseException {
283
283
  readonly name: "ValidationException";
284
284
  readonly $fault: "client";
285
285
  /**
286
- * @public
287
286
  * <p>The list of fields that aren't valid.</p>
287
+ * @public
288
288
  */
289
289
  fieldList?: ValidationExceptionField[];
290
290
  /**
@@ -293,7 +293,6 @@ export declare class ValidationException extends __BaseException {
293
293
  constructor(opts: __ExceptionOptionType<ValidationException, __BaseException>);
294
294
  }
295
295
  /**
296
- * @public
297
296
  * <p>The configuration for an identity source that represents a connection to an Amazon Cognito user pool used
298
297
  * as an identity provider for Verified Permissions.</p>
299
298
  * <p>This data type is used as a field that is part of an <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html">Configuration</a> structure that is
@@ -301,28 +300,28 @@ export declare class ValidationException extends __BaseException {
301
300
  * <p>Example:<code>"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
302
301
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}</code>
303
302
  * </p>
303
+ * @public
304
304
  */
305
305
  export interface CognitoUserPoolConfiguration {
306
306
  /**
307
- * @public
308
307
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool that contains the identities to be
309
308
  * authorized.</p>
310
309
  * <p>Example: <code>"UserPoolArn":
311
310
  * "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"</code>
312
311
  * </p>
312
+ * @public
313
313
  */
314
314
  userPoolArn: string | undefined;
315
315
  /**
316
- * @public
317
316
  * <p>The unique application client IDs that are associated with the specified Amazon Cognito user
318
317
  * pool.</p>
319
318
  * <p>Example: <code>"ClientIds": ["&amp;ExampleCogClientId;"]</code>
320
319
  * </p>
320
+ * @public
321
321
  */
322
322
  clientIds?: string[];
323
323
  }
324
324
  /**
325
- * @public
326
325
  * <p>The configuration for an identity source that represents a connection to an Amazon Cognito user pool used
327
326
  * as an identity provider for Verified Permissions.</p>
328
327
  * <p>This data type is used as a field that is part of an <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html">ConfigurationDetail</a> structure that is
@@ -330,37 +329,37 @@ export interface CognitoUserPoolConfiguration {
330
329
  * <p>Example:<code>"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
331
330
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}</code>
332
331
  * </p>
332
+ * @public
333
333
  */
334
334
  export interface CognitoUserPoolConfigurationDetail {
335
335
  /**
336
- * @public
337
336
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool that contains the identities to be
338
337
  * authorized.</p>
339
338
  * <p>Example: <code>"userPoolArn":
340
339
  * "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"</code>
341
340
  * </p>
341
+ * @public
342
342
  */
343
343
  userPoolArn: string | undefined;
344
344
  /**
345
- * @public
346
345
  * <p>The unique application client IDs that are associated with the specified Amazon Cognito user
347
346
  * pool.</p>
348
347
  * <p>Example: <code>"clientIds": ["&amp;ExampleCogClientId;"]</code>
349
348
  * </p>
349
+ * @public
350
350
  */
351
351
  clientIds: string[] | undefined;
352
352
  /**
353
- * @public
354
353
  * <p>The OpenID Connect (OIDC) <code>issuer</code> ID of the Amazon Cognito user pool that contains the identities to be
355
354
  * authorized.</p>
356
355
  * <p>Example: <code>"issuer":
357
356
  * "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"</code>
358
357
  * </p>
358
+ * @public
359
359
  */
360
360
  issuer: string | undefined;
361
361
  }
362
362
  /**
363
- * @public
364
363
  * <p>The configuration for an identity source that represents a connection to an Amazon Cognito user pool used
365
364
  * as an identity provider for Verified Permissions.</p>
366
365
  * <p>This data type is used as a field that is part of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationItem.html">ConfigurationItem</a> structure that is
@@ -368,37 +367,37 @@ export interface CognitoUserPoolConfigurationDetail {
368
367
  * <p>Example:<code>"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
369
368
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}</code>
370
369
  * </p>
370
+ * @public
371
371
  */
372
372
  export interface CognitoUserPoolConfigurationItem {
373
373
  /**
374
- * @public
375
374
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool that contains the identities to be
376
375
  * authorized.</p>
377
376
  * <p>Example: <code>"userPoolArn":
378
377
  * "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"</code>
379
378
  * </p>
379
+ * @public
380
380
  */
381
381
  userPoolArn: string | undefined;
382
382
  /**
383
- * @public
384
383
  * <p>The unique application client IDs that are associated with the specified Amazon Cognito user
385
384
  * pool.</p>
386
385
  * <p>Example: <code>"clientIds": ["&amp;ExampleCogClientId;"]</code>
387
386
  * </p>
387
+ * @public
388
388
  */
389
389
  clientIds: string[] | undefined;
390
390
  /**
391
- * @public
392
391
  * <p>The OpenID Connect (OIDC) <code>issuer</code> ID of the Amazon Cognito user pool that contains the identities to be
393
392
  * authorized.</p>
394
393
  * <p>Example: <code>"issuer":
395
394
  * "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"</code>
396
395
  * </p>
396
+ * @public
397
397
  */
398
398
  issuer: string | undefined;
399
399
  }
400
400
  /**
401
- * @public
402
401
  * <p>Contains configuration information used when creating a new identity source.</p>
403
402
  * <note>
404
403
  * <p>At this time, the only valid member of this structure is a Amazon Cognito user pool
@@ -408,6 +407,7 @@ export interface CognitoUserPoolConfigurationItem {
408
407
  * </note>
409
408
  * <p>This data type is used as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html">CreateIdentitySource</a>
410
409
  * operation.</p>
410
+ * @public
411
411
  */
412
412
  export type Configuration = Configuration.CognitoUserPoolConfigurationMember | Configuration.$UnknownMember;
413
413
  /**
@@ -415,7 +415,6 @@ export type Configuration = Configuration.CognitoUserPoolConfigurationMember | C
415
415
  */
416
416
  export declare namespace Configuration {
417
417
  /**
418
- * @public
419
418
  * <p>Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of
420
419
  * authenticated identities as entities. It specifies the <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of a Amazon Cognito user pool
421
420
  * and one or more application client IDs.</p>
@@ -423,6 +422,7 @@ export declare namespace Configuration {
423
422
  * <code>"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
424
423
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}</code>
425
424
  * </p>
425
+ * @public
426
426
  */
427
427
  interface CognitoUserPoolConfigurationMember {
428
428
  cognitoUserPoolConfiguration: CognitoUserPoolConfiguration;
@@ -442,10 +442,10 @@ export declare namespace Configuration {
442
442
  const visit: <T>(value: Configuration, visitor: Visitor<T>) => T;
443
443
  }
444
444
  /**
445
- * @public
446
445
  * <p>Contains configuration information about an identity source.</p>
447
446
  * <p>This data type is a response parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html">GetIdentitySource</a>
448
447
  * operation.</p>
448
+ * @public
449
449
  */
450
450
  export type ConfigurationDetail = ConfigurationDetail.CognitoUserPoolConfigurationMember | ConfigurationDetail.$UnknownMember;
451
451
  /**
@@ -453,7 +453,6 @@ export type ConfigurationDetail = ConfigurationDetail.CognitoUserPoolConfigurati
453
453
  */
454
454
  export declare namespace ConfigurationDetail {
455
455
  /**
456
- * @public
457
456
  * <p>Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of
458
457
  * authenticated identities as entities. It specifies the <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of a Amazon Cognito user pool
459
458
  * and one or more application client IDs.</p>
@@ -461,6 +460,7 @@ export declare namespace ConfigurationDetail {
461
460
  * <code>"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
462
461
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}</code>
463
462
  * </p>
463
+ * @public
464
464
  */
465
465
  interface CognitoUserPoolConfigurationMember {
466
466
  cognitoUserPoolConfiguration: CognitoUserPoolConfigurationDetail;
@@ -480,10 +480,10 @@ export declare namespace ConfigurationDetail {
480
480
  const visit: <T>(value: ConfigurationDetail, visitor: Visitor<T>) => T;
481
481
  }
482
482
  /**
483
- * @public
484
483
  * <p>Contains configuration information about an identity source.</p>
485
484
  * <p>This data type is a response parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html">ListIdentitySources</a>
486
485
  * operation.</p>
486
+ * @public
487
487
  */
488
488
  export type ConfigurationItem = ConfigurationItem.CognitoUserPoolConfigurationMember | ConfigurationItem.$UnknownMember;
489
489
  /**
@@ -491,7 +491,6 @@ export type ConfigurationItem = ConfigurationItem.CognitoUserPoolConfigurationMe
491
491
  */
492
492
  export declare namespace ConfigurationItem {
493
493
  /**
494
- * @public
495
494
  * <p>Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of
496
495
  * authenticated identities as entities. It specifies the <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of a Amazon Cognito user pool
497
496
  * and one or more application client IDs.</p>
@@ -499,6 +498,7 @@ export declare namespace ConfigurationItem {
499
498
  * <code>"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
500
499
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}</code>
501
500
  * </p>
501
+ * @public
502
502
  */
503
503
  interface CognitoUserPoolConfigurationMember {
504
504
  cognitoUserPoolConfiguration: CognitoUserPoolConfigurationItem;
@@ -518,32 +518,32 @@ export declare namespace ConfigurationItem {
518
518
  const visit: <T>(value: ConfigurationItem, visitor: Visitor<T>) => T;
519
519
  }
520
520
  /**
521
- * @public
522
521
  * <p>Contains information about a resource conflict.</p>
522
+ * @public
523
523
  */
524
524
  export interface ResourceConflict {
525
525
  /**
526
- * @public
527
526
  * <p>The unique identifier of the resource involved in a conflict.</p>
527
+ * @public
528
528
  */
529
529
  resourceId: string | undefined;
530
530
  /**
531
- * @public
532
531
  * <p>The type of the resource involved in a conflict.</p>
532
+ * @public
533
533
  */
534
534
  resourceType: ResourceType | undefined;
535
535
  }
536
536
  /**
537
- * @public
538
537
  * <p>The request failed because another request to modify a resource occurred at the
539
538
  * same.</p>
539
+ * @public
540
540
  */
541
541
  export declare class ConflictException extends __BaseException {
542
542
  readonly name: "ConflictException";
543
543
  readonly $fault: "client";
544
544
  /**
545
- * @public
546
545
  * <p>The list of resources referenced with this failed request.</p>
546
+ * @public
547
547
  */
548
548
  resources: ResourceConflict[] | undefined;
549
549
  /**
@@ -556,7 +556,6 @@ export declare class ConflictException extends __BaseException {
556
556
  */
557
557
  export interface CreateIdentitySourceInput {
558
558
  /**
559
- * @public
560
559
  * <p>Specifies a unique, case-sensitive ID that you provide to
561
560
  * ensure the idempotency of the request. This lets you safely retry the request without
562
561
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -571,17 +570,17 @@ export interface CreateIdentitySourceInput {
571
570
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
572
571
  * the next request with the same parameters performs the operation again regardless of
573
572
  * the value of <code>ClientToken</code>.</p>
573
+ * @public
574
574
  */
575
575
  clientToken?: string;
576
576
  /**
577
- * @public
578
577
  * <p>Specifies the ID of the policy store in which you want to store this identity source. Only policies and
579
578
  * requests made using this policy store can reference identities from the identity provider
580
579
  * configured in the new identity source.</p>
580
+ * @public
581
581
  */
582
582
  policyStoreId: string | undefined;
583
583
  /**
584
- * @public
585
584
  * <p>Specifies the details required to communicate with the identity provider (IdP)
586
585
  * associated with this identity source.</p>
587
586
  * <note>
@@ -590,12 +589,13 @@ export interface CreateIdentitySourceInput {
590
589
  * <p>You must specify a <code>UserPoolArn</code>, and optionally, a
591
590
  * <code>ClientId</code>.</p>
592
591
  * </note>
592
+ * @public
593
593
  */
594
594
  configuration: Configuration | undefined;
595
595
  /**
596
- * @public
597
596
  * <p>Specifies the namespace and data type of the principals generated for identities
598
597
  * authenticated by the new identity source.</p>
598
+ * @public
599
599
  */
600
600
  principalEntityType?: string;
601
601
  }
@@ -604,51 +604,51 @@ export interface CreateIdentitySourceInput {
604
604
  */
605
605
  export interface CreateIdentitySourceOutput {
606
606
  /**
607
- * @public
608
607
  * <p>The date and time the identity source was originally created.</p>
608
+ * @public
609
609
  */
610
610
  createdDate: Date | undefined;
611
611
  /**
612
- * @public
613
612
  * <p>The unique ID of the new identity source.</p>
613
+ * @public
614
614
  */
615
615
  identitySourceId: string | undefined;
616
616
  /**
617
- * @public
618
617
  * <p>The date and time the identity source was most recently updated.</p>
618
+ * @public
619
619
  */
620
620
  lastUpdatedDate: Date | undefined;
621
621
  /**
622
- * @public
623
622
  * <p>The ID of the policy store that contains the identity source.</p>
623
+ * @public
624
624
  */
625
625
  policyStoreId: string | undefined;
626
626
  }
627
627
  /**
628
- * @public
629
628
  * <p>The request failed because it would cause a service quota to be exceeded.</p>
629
+ * @public
630
630
  */
631
631
  export declare class ServiceQuotaExceededException extends __BaseException {
632
632
  readonly name: "ServiceQuotaExceededException";
633
633
  readonly $fault: "client";
634
634
  /**
635
- * @public
636
635
  * <p>The unique ID of the resource referenced in the failed request.</p>
636
+ * @public
637
637
  */
638
638
  resourceId?: string;
639
639
  /**
640
- * @public
641
640
  * <p>The resource type of the resource referenced in the failed request.</p>
641
+ * @public
642
642
  */
643
643
  resourceType: ResourceType | undefined;
644
644
  /**
645
- * @public
646
645
  * <p>The code for the Amazon Web Service that owns the quota.</p>
646
+ * @public
647
647
  */
648
648
  serviceCode?: string;
649
649
  /**
650
- * @public
651
650
  * <p>The quota code recognized by the Amazon Web Services Service Quotas service.</p>
651
+ * @public
652
652
  */
653
653
  quotaCode?: string;
654
654
  /**
@@ -657,56 +657,56 @@ export declare class ServiceQuotaExceededException extends __BaseException {
657
657
  constructor(opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>);
658
658
  }
659
659
  /**
660
- * @public
661
660
  * <p>Contains information about a static policy.</p>
662
661
  * <p>This data type is used as a field that is part of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinitionDetail.html">PolicyDefinitionDetail</a>
663
662
  * type.</p>
663
+ * @public
664
664
  */
665
665
  export interface StaticPolicyDefinition {
666
666
  /**
667
- * @public
668
667
  * <p>The description of the static policy.</p>
668
+ * @public
669
669
  */
670
670
  description?: string;
671
671
  /**
672
- * @public
673
672
  * <p>The policy content of the static policy, written in the Cedar policy language.</p>
673
+ * @public
674
674
  */
675
675
  statement: string | undefined;
676
676
  }
677
677
  /**
678
- * @public
679
678
  * <p>Contains information about a policy created by instantiating a policy template.</p>
679
+ * @public
680
680
  */
681
681
  export interface TemplateLinkedPolicyDefinition {
682
682
  /**
683
- * @public
684
683
  * <p>The unique identifier of the policy template used to create this policy.</p>
684
+ * @public
685
685
  */
686
686
  policyTemplateId: string | undefined;
687
687
  /**
688
- * @public
689
688
  * <p>The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the
690
689
  * <code>?principal</code> placeholder in the policy template when it evaluates an authorization
691
690
  * request.</p>
691
+ * @public
692
692
  */
693
693
  principal?: EntityIdentifier;
694
694
  /**
695
- * @public
696
695
  * <p>The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the
697
696
  * <code>?resource</code> placeholder in the policy template when it evaluates an authorization
698
697
  * request.</p>
698
+ * @public
699
699
  */
700
700
  resource?: EntityIdentifier;
701
701
  }
702
702
  /**
703
- * @public
704
703
  * <p>A structure that contains the details for a Cedar policy definition. It includes the
705
704
  * policy type, a description, and a policy body. This is a top level data type used to
706
705
  * create a policy.</p>
707
706
  * <p>This data type is used as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> operation. This
708
707
  * structure must always have either an <code>static</code> or a <code>templateLinked</code>
709
708
  * element.</p>
709
+ * @public
710
710
  */
711
711
  export type PolicyDefinition = PolicyDefinition.StaticMember | PolicyDefinition.TemplateLinkedMember | PolicyDefinition.$UnknownMember;
712
712
  /**
@@ -714,9 +714,9 @@ export type PolicyDefinition = PolicyDefinition.StaticMember | PolicyDefinition.
714
714
  */
715
715
  export declare namespace PolicyDefinition {
716
716
  /**
717
- * @public
718
717
  * <p>A structure that describes a static policy. An static policy doesn't use a template or allow
719
718
  * placeholders for entities.</p>
719
+ * @public
720
720
  */
721
721
  interface StaticMember {
722
722
  static: StaticPolicyDefinition;
@@ -724,11 +724,11 @@ export declare namespace PolicyDefinition {
724
724
  $unknown?: never;
725
725
  }
726
726
  /**
727
- * @public
728
727
  * <p>A structure that describes a policy that was instantiated from a template. The
729
728
  * template can specify placeholders for <code>principal</code> and <code>resource</code>.
730
729
  * When you use <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> to create a policy from a template, you specify the exact
731
730
  * principal and resource to use for the instantiated policy.</p>
731
+ * @public
732
732
  */
733
733
  interface TemplateLinkedMember {
734
734
  static?: never;
@@ -755,7 +755,6 @@ export declare namespace PolicyDefinition {
755
755
  */
756
756
  export interface CreatePolicyInput {
757
757
  /**
758
- * @public
759
758
  * <p>Specifies a unique, case-sensitive ID that you provide to
760
759
  * ensure the idempotency of the request. This lets you safely retry the request without
761
760
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -770,19 +769,20 @@ export interface CreatePolicyInput {
770
769
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
771
770
  * the next request with the same parameters performs the operation again regardless of
772
771
  * the value of <code>ClientToken</code>.</p>
772
+ * @public
773
773
  */
774
774
  clientToken?: string;
775
775
  /**
776
- * @public
777
776
  * <p>Specifies the <code>PolicyStoreId</code> of the policy store you want to store the policy
778
777
  * in.</p>
778
+ * @public
779
779
  */
780
780
  policyStoreId: string | undefined;
781
781
  /**
782
- * @public
783
782
  * <p>A structure that specifies the policy type and content to use for the new policy. You
784
783
  * must include either a static or a templateLinked element. The policy content must be written
785
784
  * in the Cedar policy language.</p>
785
+ * @public
786
786
  */
787
787
  definition: PolicyDefinition | undefined;
788
788
  }
@@ -803,40 +803,40 @@ export type PolicyType = (typeof PolicyType)[keyof typeof PolicyType];
803
803
  */
804
804
  export interface CreatePolicyOutput {
805
805
  /**
806
- * @public
807
806
  * <p>The ID of the policy store that contains the new policy.</p>
807
+ * @public
808
808
  */
809
809
  policyStoreId: string | undefined;
810
810
  /**
811
- * @public
812
811
  * <p>The unique ID of the new policy.</p>
812
+ * @public
813
813
  */
814
814
  policyId: string | undefined;
815
815
  /**
816
- * @public
817
816
  * <p>The policy type of the new policy.</p>
817
+ * @public
818
818
  */
819
819
  policyType: PolicyType | undefined;
820
820
  /**
821
- * @public
822
821
  * <p>The principal specified in the new policy's scope. This response element isn't present
823
822
  * when <code>principal</code> isn't specified in the policy content.</p>
823
+ * @public
824
824
  */
825
825
  principal?: EntityIdentifier;
826
826
  /**
827
- * @public
828
827
  * <p>The resource specified in the new policy's scope. This response element isn't present
829
828
  * when the <code>resource</code> isn't specified in the policy content.</p>
829
+ * @public
830
830
  */
831
831
  resource?: EntityIdentifier;
832
832
  /**
833
- * @public
834
833
  * <p>The date and time the policy was originally created.</p>
834
+ * @public
835
835
  */
836
836
  createdDate: Date | undefined;
837
837
  /**
838
- * @public
839
838
  * <p>The date and time the policy was last updated.</p>
839
+ * @public
840
840
  */
841
841
  lastUpdatedDate: Date | undefined;
842
842
  }
@@ -853,15 +853,14 @@ export declare const ValidationMode: {
853
853
  */
854
854
  export type ValidationMode = (typeof ValidationMode)[keyof typeof ValidationMode];
855
855
  /**
856
- * @public
857
856
  * <p>A structure that contains Cedar policy validation settings for the policy store. The
858
857
  * validation mode determines which validation failures that Cedar considers serious
859
858
  * enough to block acceptance of a new or edited static policy or policy template. </p>
860
859
  * <p>This data type is used as a request parameter in the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html">CreatePolicyStore</a> and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html">UpdatePolicyStore</a> operations.</p>
860
+ * @public
861
861
  */
862
862
  export interface ValidationSettings {
863
863
  /**
864
- * @public
865
864
  * <p>The validation mode currently configured for this policy store. The valid values are:</p>
866
865
  * <ul>
867
866
  * <li>
@@ -883,6 +882,7 @@ export interface ValidationSettings {
883
882
  * all static policies and policy templates because there is no schema to validate against. </p>
884
883
  * <p>To submit a static policy or policy template without a schema, you must turn off validation.</p>
885
884
  * </important>
885
+ * @public
886
886
  */
887
887
  mode: ValidationMode | undefined;
888
888
  }
@@ -891,7 +891,6 @@ export interface ValidationSettings {
891
891
  */
892
892
  export interface CreatePolicyStoreInput {
893
893
  /**
894
- * @public
895
894
  * <p>Specifies a unique, case-sensitive ID that you provide to
896
895
  * ensure the idempotency of the request. This lets you safely retry the request without
897
896
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -906,10 +905,10 @@ export interface CreatePolicyStoreInput {
906
905
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
907
906
  * the next request with the same parameters performs the operation again regardless of
908
907
  * the value of <code>ClientToken</code>.</p>
908
+ * @public
909
909
  */
910
910
  clientToken?: string;
911
911
  /**
912
- * @public
913
912
  * <p>Specifies the validation setting for this policy store.</p>
914
913
  * <p>Currently, the only valid and required value is <code>Mode</code>.</p>
915
914
  * <important>
@@ -918,12 +917,13 @@ export interface CreatePolicyStoreInput {
918
917
  * to fail validation, and Verified Permissions rejects the policy. You can turn off validation by
919
918
  * using the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore">UpdatePolicyStore</a>. Then, when you have a schema defined, use <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore">UpdatePolicyStore</a> again to turn validation back on.</p>
920
919
  * </important>
920
+ * @public
921
921
  */
922
922
  validationSettings: ValidationSettings | undefined;
923
923
  /**
924
- * @public
925
924
  * <p>Descriptive text that you can provide to help with identification
926
925
  * of the current policy store.</p>
926
+ * @public
927
927
  */
928
928
  description?: string;
929
929
  }
@@ -932,23 +932,23 @@ export interface CreatePolicyStoreInput {
932
932
  */
933
933
  export interface CreatePolicyStoreOutput {
934
934
  /**
935
- * @public
936
935
  * <p>The unique ID of the new policy store.</p>
936
+ * @public
937
937
  */
938
938
  policyStoreId: string | undefined;
939
939
  /**
940
- * @public
941
940
  * <p>The Amazon Resource Name (ARN) of the new policy store.</p>
941
+ * @public
942
942
  */
943
943
  arn: string | undefined;
944
944
  /**
945
- * @public
946
945
  * <p>The date and time the policy store was originally created.</p>
946
+ * @public
947
947
  */
948
948
  createdDate: Date | undefined;
949
949
  /**
950
- * @public
951
950
  * <p>The date and time the policy store was last updated.</p>
951
+ * @public
952
952
  */
953
953
  lastUpdatedDate: Date | undefined;
954
954
  }
@@ -957,7 +957,6 @@ export interface CreatePolicyStoreOutput {
957
957
  */
958
958
  export interface CreatePolicyTemplateInput {
959
959
  /**
960
- * @public
961
960
  * <p>Specifies a unique, case-sensitive ID that you provide to
962
961
  * ensure the idempotency of the request. This lets you safely retry the request without
963
962
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -972,22 +971,23 @@ export interface CreatePolicyTemplateInput {
972
971
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
973
972
  * the next request with the same parameters performs the operation again regardless of
974
973
  * the value of <code>ClientToken</code>.</p>
974
+ * @public
975
975
  */
976
976
  clientToken?: string;
977
977
  /**
978
- * @public
979
978
  * <p>The ID of the policy store in which to create the policy template.</p>
979
+ * @public
980
980
  */
981
981
  policyStoreId: string | undefined;
982
982
  /**
983
- * @public
984
983
  * <p>Specifies a description for the policy template.</p>
984
+ * @public
985
985
  */
986
986
  description?: string;
987
987
  /**
988
- * @public
989
988
  * <p>Specifies the content that you want to use for the new policy template, written in the Cedar
990
989
  * policy language.</p>
990
+ * @public
991
991
  */
992
992
  statement: string | undefined;
993
993
  }
@@ -996,23 +996,23 @@ export interface CreatePolicyTemplateInput {
996
996
  */
997
997
  export interface CreatePolicyTemplateOutput {
998
998
  /**
999
- * @public
1000
999
  * <p>The ID of the policy store that contains the policy template.</p>
1000
+ * @public
1001
1001
  */
1002
1002
  policyStoreId: string | undefined;
1003
1003
  /**
1004
- * @public
1005
1004
  * <p>The unique ID of the new policy template.</p>
1005
+ * @public
1006
1006
  */
1007
1007
  policyTemplateId: string | undefined;
1008
1008
  /**
1009
- * @public
1010
1009
  * <p>The date and time the policy template was originally created.</p>
1010
+ * @public
1011
1011
  */
1012
1012
  createdDate: Date | undefined;
1013
1013
  /**
1014
- * @public
1015
1014
  * <p>The date and time the policy template was most recently updated.</p>
1015
+ * @public
1016
1016
  */
1017
1017
  lastUpdatedDate: Date | undefined;
1018
1018
  }
@@ -1021,13 +1021,13 @@ export interface CreatePolicyTemplateOutput {
1021
1021
  */
1022
1022
  export interface DeleteIdentitySourceInput {
1023
1023
  /**
1024
- * @public
1025
1024
  * <p>Specifies the ID of the policy store that contains the identity source that you want to delete.</p>
1025
+ * @public
1026
1026
  */
1027
1027
  policyStoreId: string | undefined;
1028
1028
  /**
1029
- * @public
1030
1029
  * <p>Specifies the ID of the identity source that you want to delete.</p>
1030
+ * @public
1031
1031
  */
1032
1032
  identitySourceId: string | undefined;
1033
1033
  }
@@ -1041,13 +1041,13 @@ export interface DeleteIdentitySourceOutput {
1041
1041
  */
1042
1042
  export interface DeletePolicyInput {
1043
1043
  /**
1044
- * @public
1045
1044
  * <p>Specifies the ID of the policy store that contains the policy that you want to delete.</p>
1045
+ * @public
1046
1046
  */
1047
1047
  policyStoreId: string | undefined;
1048
1048
  /**
1049
- * @public
1050
1049
  * <p>Specifies the ID of the policy that you want to delete.</p>
1050
+ * @public
1051
1051
  */
1052
1052
  policyId: string | undefined;
1053
1053
  }
@@ -1061,8 +1061,8 @@ export interface DeletePolicyOutput {
1061
1061
  */
1062
1062
  export interface DeletePolicyStoreInput {
1063
1063
  /**
1064
- * @public
1065
1064
  * <p>Specifies the ID of the policy store that you want to delete.</p>
1065
+ * @public
1066
1066
  */
1067
1067
  policyStoreId: string | undefined;
1068
1068
  }
@@ -1076,13 +1076,13 @@ export interface DeletePolicyStoreOutput {
1076
1076
  */
1077
1077
  export interface DeletePolicyTemplateInput {
1078
1078
  /**
1079
- * @public
1080
1079
  * <p>Specifies the ID of the policy store that contains the policy template that you want to delete.</p>
1080
+ * @public
1081
1081
  */
1082
1082
  policyStoreId: string | undefined;
1083
1083
  /**
1084
- * @public
1085
1084
  * <p>Specifies the ID of the policy template that you want to delete.</p>
1085
+ * @public
1086
1086
  */
1087
1087
  policyTemplateId: string | undefined;
1088
1088
  }
@@ -1092,11 +1092,11 @@ export interface DeletePolicyTemplateInput {
1092
1092
  export interface DeletePolicyTemplateOutput {
1093
1093
  }
1094
1094
  /**
1095
- * @public
1096
1095
  * <p>Contains information about a principal or resource that can be referenced in a Cedar
1097
1096
  * policy.</p>
1098
1097
  * <p>This data type is used as part of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyFilter.html">PolicyFilter</a> structure that is
1099
1098
  * used as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a> operation..</p>
1099
+ * @public
1100
1100
  */
1101
1101
  export type EntityReference = EntityReference.IdentifierMember | EntityReference.UnspecifiedMember | EntityReference.$UnknownMember;
1102
1102
  /**
@@ -1104,10 +1104,10 @@ export type EntityReference = EntityReference.IdentifierMember | EntityReference
1104
1104
  */
1105
1105
  export declare namespace EntityReference {
1106
1106
  /**
1107
- * @public
1108
1107
  * <p>Used to indicate that a principal or resource is not specified. This can be used to
1109
1108
  * search for policies that are not associated with a specific principal or
1110
1109
  * resource.</p>
1110
+ * @public
1111
1111
  */
1112
1112
  interface UnspecifiedMember {
1113
1113
  unspecified: boolean;
@@ -1115,9 +1115,9 @@ export declare namespace EntityReference {
1115
1115
  $unknown?: never;
1116
1116
  }
1117
1117
  /**
1118
- * @public
1119
1118
  * <p>The identifier of the entity. It can consist of either an EntityType and EntityId, a
1120
1119
  * principal, or a resource.</p>
1120
+ * @public
1121
1121
  */
1122
1122
  interface IdentifierMember {
1123
1123
  unspecified?: never;
@@ -1144,13 +1144,13 @@ export declare namespace EntityReference {
1144
1144
  */
1145
1145
  export interface GetIdentitySourceInput {
1146
1146
  /**
1147
- * @public
1148
1147
  * <p>Specifies the ID of the policy store that contains the identity source you want information about.</p>
1148
+ * @public
1149
1149
  */
1150
1150
  policyStoreId: string | undefined;
1151
1151
  /**
1152
- * @public
1153
1152
  * <p>Specifies the ID of the identity source you want information about.</p>
1153
+ * @public
1154
1154
  */
1155
1155
  identitySourceId: string | undefined;
1156
1156
  }
@@ -1166,32 +1166,30 @@ export declare const OpenIdIssuer: {
1166
1166
  */
1167
1167
  export type OpenIdIssuer = (typeof OpenIdIssuer)[keyof typeof OpenIdIssuer];
1168
1168
  /**
1169
- * @public
1170
- * @deprecated
1171
- *
1172
1169
  * <p>A structure that contains configuration of the identity source.</p>
1173
1170
  * <p>This data type was a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html">GetIdentitySource</a>
1174
1171
  * operation. Replaced by <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html">ConfigurationDetail</a>.</p>
1172
+ * @public
1173
+ * @deprecated This shape has been replaced by ConfigurationDetail
1175
1174
  */
1176
1175
  export interface IdentitySourceDetails {
1177
1176
  /**
1178
- * @public
1179
1177
  * @deprecated
1180
1178
  *
1181
1179
  * <p>The application client IDs associated with the specified Amazon Cognito user pool that are
1182
1180
  * enabled for this identity source.</p>
1181
+ * @public
1183
1182
  */
1184
1183
  clientIds?: string[];
1185
1184
  /**
1186
- * @public
1187
1185
  * @deprecated
1188
1186
  *
1189
1187
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions
1190
1188
  * policy store.</p>
1189
+ * @public
1191
1190
  */
1192
1191
  userPoolArn?: string;
1193
1192
  /**
1194
- * @public
1195
1193
  * @deprecated
1196
1194
  *
1197
1195
  * <p>The well-known URL that points to this user pool's OIDC discovery endpoint. This is a
@@ -1201,14 +1199,15 @@ export interface IdentitySourceDetails {
1201
1199
  * <p>
1202
1200
  * <code>https://cognito-idp.<i>&lt;region&gt;</i>.amazonaws.com/<i>&lt;user-pool-id&gt;</i>/.well-known/openid-configuration</code>
1203
1201
  * </p>
1202
+ * @public
1204
1203
  */
1205
1204
  discoveryUrl?: string;
1206
1205
  /**
1207
- * @public
1208
1206
  * @deprecated
1209
1207
  *
1210
1208
  * <p>A string that identifies the type of OIDC service represented by this identity source. </p>
1211
1209
  * <p>At this time, the only valid value is <code>cognito</code>.</p>
1210
+ * @public
1212
1211
  */
1213
1212
  openIdIssuer?: OpenIdIssuer;
1214
1213
  }
@@ -1217,41 +1216,41 @@ export interface IdentitySourceDetails {
1217
1216
  */
1218
1217
  export interface GetIdentitySourceOutput {
1219
1218
  /**
1220
- * @public
1221
1219
  * <p>The date and time that the identity source was originally created.</p>
1220
+ * @public
1222
1221
  */
1223
1222
  createdDate: Date | undefined;
1224
1223
  /**
1225
- * @public
1226
1224
  * @deprecated
1227
1225
  *
1228
1226
  * <p>A structure that describes the configuration of the identity source.</p>
1227
+ * @public
1229
1228
  */
1230
1229
  details?: IdentitySourceDetails;
1231
1230
  /**
1232
- * @public
1233
1231
  * <p>The ID of the identity source.</p>
1232
+ * @public
1234
1233
  */
1235
1234
  identitySourceId: string | undefined;
1236
1235
  /**
1237
- * @public
1238
1236
  * <p>The date and time that the identity source was most recently updated.</p>
1237
+ * @public
1239
1238
  */
1240
1239
  lastUpdatedDate: Date | undefined;
1241
1240
  /**
1242
- * @public
1243
1241
  * <p>The ID of the policy store that contains the identity source.</p>
1242
+ * @public
1244
1243
  */
1245
1244
  policyStoreId: string | undefined;
1246
1245
  /**
1247
- * @public
1248
1246
  * <p>The data type of principals generated for identities authenticated by this
1249
1247
  * identity source.</p>
1248
+ * @public
1250
1249
  */
1251
1250
  principalEntityType: string | undefined;
1252
1251
  /**
1253
- * @public
1254
1252
  * <p>Contains configuration information about an identity source.</p>
1253
+ * @public
1255
1254
  */
1256
1255
  configuration?: ConfigurationDetail;
1257
1256
  }
@@ -1260,66 +1259,66 @@ export interface GetIdentitySourceOutput {
1260
1259
  */
1261
1260
  export interface GetPolicyInput {
1262
1261
  /**
1263
- * @public
1264
1262
  * <p>Specifies the ID of the policy store that contains the policy that you want information
1265
1263
  * about.</p>
1264
+ * @public
1266
1265
  */
1267
1266
  policyStoreId: string | undefined;
1268
1267
  /**
1269
- * @public
1270
1268
  * <p>Specifies the ID of the policy you want information about.</p>
1269
+ * @public
1271
1270
  */
1272
1271
  policyId: string | undefined;
1273
1272
  }
1274
1273
  /**
1275
- * @public
1276
1274
  * <p>A structure that contains details about a static policy. It includes the description and
1277
1275
  * policy body.</p>
1278
1276
  * <p>This data type is used within a <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html">PolicyDefinition</a> structure as
1279
1277
  * part of a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> operation.</p>
1278
+ * @public
1280
1279
  */
1281
1280
  export interface StaticPolicyDefinitionDetail {
1282
1281
  /**
1283
- * @public
1284
1282
  * <p>A description of the static policy.</p>
1283
+ * @public
1285
1284
  */
1286
1285
  description?: string;
1287
1286
  /**
1288
- * @public
1289
1287
  * <p>The content of the static policy written in the Cedar policy language.</p>
1288
+ * @public
1290
1289
  */
1291
1290
  statement: string | undefined;
1292
1291
  }
1293
1292
  /**
1294
- * @public
1295
1293
  * <p>Contains information about a policy that was created by instantiating a policy template. </p>
1294
+ * @public
1296
1295
  */
1297
1296
  export interface TemplateLinkedPolicyDefinitionDetail {
1298
1297
  /**
1299
- * @public
1300
1298
  * <p>The unique identifier of the policy template used to create this policy.</p>
1299
+ * @public
1301
1300
  */
1302
1301
  policyTemplateId: string | undefined;
1303
1302
  /**
1304
- * @public
1305
1303
  * <p>The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the
1306
1304
  * <code>?principal</code> placeholder in the policy template when it evaluates an authorization
1307
1305
  * request.</p>
1306
+ * @public
1308
1307
  */
1309
1308
  principal?: EntityIdentifier;
1310
1309
  /**
1311
- * @public
1312
1310
  * <p>The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the
1313
1311
  * <code>?resource</code> placeholder in the policy template when it evaluates an authorization
1314
1312
  * request.</p>
1313
+ * @public
1315
1314
  */
1316
1315
  resource?: EntityIdentifier;
1317
1316
  }
1318
1317
  /**
1319
- * @public
1320
1318
  * <p>A structure that describes a policy definition. It must always have either an
1321
1319
  * <code>static</code> or a <code>templateLinked</code> element.</p>
1322
1320
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html">GetPolicy</a> operation.</p>
1321
+ * @public
1323
1322
  */
1324
1323
  export type PolicyDefinitionDetail = PolicyDefinitionDetail.StaticMember | PolicyDefinitionDetail.TemplateLinkedMember | PolicyDefinitionDetail.$UnknownMember;
1325
1324
  /**
@@ -1327,8 +1326,8 @@ export type PolicyDefinitionDetail = PolicyDefinitionDetail.StaticMember | Polic
1327
1326
  */
1328
1327
  export declare namespace PolicyDefinitionDetail {
1329
1328
  /**
1330
- * @public
1331
1329
  * <p>Information about a static policy that wasn't created with a policy template.</p>
1330
+ * @public
1332
1331
  */
1333
1332
  interface StaticMember {
1334
1333
  static: StaticPolicyDefinitionDetail;
@@ -1336,8 +1335,8 @@ export declare namespace PolicyDefinitionDetail {
1336
1335
  $unknown?: never;
1337
1336
  }
1338
1337
  /**
1339
- * @public
1340
1338
  * <p>Information about a template-linked policy that was created by instantiating a policy template.</p>
1339
+ * @public
1341
1340
  */
1342
1341
  interface TemplateLinkedMember {
1343
1342
  static?: never;
@@ -1364,45 +1363,45 @@ export declare namespace PolicyDefinitionDetail {
1364
1363
  */
1365
1364
  export interface GetPolicyOutput {
1366
1365
  /**
1367
- * @public
1368
1366
  * <p>The ID of the policy store that contains the policy that you want information about.</p>
1367
+ * @public
1369
1368
  */
1370
1369
  policyStoreId: string | undefined;
1371
1370
  /**
1372
- * @public
1373
1371
  * <p>The unique ID of the policy that you want information about.</p>
1372
+ * @public
1374
1373
  */
1375
1374
  policyId: string | undefined;
1376
1375
  /**
1377
- * @public
1378
1376
  * <p>The type of the policy.</p>
1377
+ * @public
1379
1378
  */
1380
1379
  policyType: PolicyType | undefined;
1381
1380
  /**
1382
- * @public
1383
1381
  * <p>The principal specified in the policy's scope. This element isn't included in the
1384
1382
  * response when <code>Principal</code> isn't present in the policy content.</p>
1383
+ * @public
1385
1384
  */
1386
1385
  principal?: EntityIdentifier;
1387
1386
  /**
1388
- * @public
1389
1387
  * <p>The resource specified in the policy's scope. This element isn't included in the
1390
1388
  * response when <code>Resource</code> isn't present in the policy content.</p>
1389
+ * @public
1391
1390
  */
1392
1391
  resource?: EntityIdentifier;
1393
1392
  /**
1394
- * @public
1395
1393
  * <p>The definition of the requested policy.</p>
1394
+ * @public
1396
1395
  */
1397
1396
  definition: PolicyDefinitionDetail | undefined;
1398
1397
  /**
1399
- * @public
1400
1398
  * <p>The date and time that the policy was originally created.</p>
1399
+ * @public
1401
1400
  */
1402
1401
  createdDate: Date | undefined;
1403
1402
  /**
1404
- * @public
1405
1403
  * <p>The date and time that the policy was last updated.</p>
1404
+ * @public
1406
1405
  */
1407
1406
  lastUpdatedDate: Date | undefined;
1408
1407
  }
@@ -1411,8 +1410,8 @@ export interface GetPolicyOutput {
1411
1410
  */
1412
1411
  export interface GetPolicyStoreInput {
1413
1412
  /**
1414
- * @public
1415
1413
  * <p>Specifies the ID of the policy store that you want information about.</p>
1414
+ * @public
1416
1415
  */
1417
1416
  policyStoreId: string | undefined;
1418
1417
  }
@@ -1421,34 +1420,34 @@ export interface GetPolicyStoreInput {
1421
1420
  */
1422
1421
  export interface GetPolicyStoreOutput {
1423
1422
  /**
1424
- * @public
1425
1423
  * <p>The ID of the policy store;</p>
1424
+ * @public
1426
1425
  */
1427
1426
  policyStoreId: string | undefined;
1428
1427
  /**
1429
- * @public
1430
1428
  * <p>The Amazon Resource Name (ARN) of the policy store.</p>
1429
+ * @public
1431
1430
  */
1432
1431
  arn: string | undefined;
1433
1432
  /**
1434
- * @public
1435
1433
  * <p>The current validation settings for the policy store.</p>
1434
+ * @public
1436
1435
  */
1437
1436
  validationSettings: ValidationSettings | undefined;
1438
1437
  /**
1439
- * @public
1440
1438
  * <p>The date and time that the policy store was originally created.</p>
1439
+ * @public
1441
1440
  */
1442
1441
  createdDate: Date | undefined;
1443
1442
  /**
1444
- * @public
1445
1443
  * <p>The date and time that the policy store was last updated.</p>
1444
+ * @public
1446
1445
  */
1447
1446
  lastUpdatedDate: Date | undefined;
1448
1447
  /**
1449
- * @public
1450
1448
  * <p>Descriptive text that you can provide to help with identification
1451
1449
  * of the current policy store.</p>
1450
+ * @public
1452
1451
  */
1453
1452
  description?: string;
1454
1453
  }
@@ -1457,14 +1456,14 @@ export interface GetPolicyStoreOutput {
1457
1456
  */
1458
1457
  export interface GetPolicyTemplateInput {
1459
1458
  /**
1460
- * @public
1461
1459
  * <p>Specifies the ID of the policy store that contains the policy template that you want information
1462
1460
  * about.</p>
1461
+ * @public
1463
1462
  */
1464
1463
  policyStoreId: string | undefined;
1465
1464
  /**
1466
- * @public
1467
1465
  * <p>Specifies the ID of the policy template that you want information about.</p>
1466
+ * @public
1468
1467
  */
1469
1468
  policyTemplateId: string | undefined;
1470
1469
  }
@@ -1473,33 +1472,33 @@ export interface GetPolicyTemplateInput {
1473
1472
  */
1474
1473
  export interface GetPolicyTemplateOutput {
1475
1474
  /**
1476
- * @public
1477
1475
  * <p>The ID of the policy store that contains the policy template.</p>
1476
+ * @public
1478
1477
  */
1479
1478
  policyStoreId: string | undefined;
1480
1479
  /**
1481
- * @public
1482
1480
  * <p>The ID of the policy template.</p>
1481
+ * @public
1483
1482
  */
1484
1483
  policyTemplateId: string | undefined;
1485
1484
  /**
1486
- * @public
1487
1485
  * <p>The description of the policy template.</p>
1486
+ * @public
1488
1487
  */
1489
1488
  description?: string;
1490
1489
  /**
1491
- * @public
1492
1490
  * <p>The content of the body of the policy template written in the Cedar policy language.</p>
1491
+ * @public
1493
1492
  */
1494
1493
  statement: string | undefined;
1495
1494
  /**
1496
- * @public
1497
1495
  * <p>The date and time that the policy template was originally created.</p>
1496
+ * @public
1498
1497
  */
1499
1498
  createdDate: Date | undefined;
1500
1499
  /**
1501
- * @public
1502
1500
  * <p>The date and time that the policy template was most recently updated.</p>
1501
+ * @public
1503
1502
  */
1504
1503
  lastUpdatedDate: Date | undefined;
1505
1504
  }
@@ -1508,8 +1507,8 @@ export interface GetPolicyTemplateOutput {
1508
1507
  */
1509
1508
  export interface GetSchemaInput {
1510
1509
  /**
1511
- * @public
1512
1510
  * <p>Specifies the ID of the policy store that contains the schema.</p>
1511
+ * @public
1513
1512
  */
1514
1513
  policyStoreId: string | undefined;
1515
1514
  }
@@ -1518,43 +1517,43 @@ export interface GetSchemaInput {
1518
1517
  */
1519
1518
  export interface GetSchemaOutput {
1520
1519
  /**
1521
- * @public
1522
1520
  * <p>The ID of the policy store that contains the schema.</p>
1521
+ * @public
1523
1522
  */
1524
1523
  policyStoreId: string | undefined;
1525
1524
  /**
1526
- * @public
1527
1525
  * <p>The body of the schema, written in Cedar schema JSON.</p>
1526
+ * @public
1528
1527
  */
1529
1528
  schema: string | undefined;
1530
1529
  /**
1531
- * @public
1532
1530
  * <p>The date and time that the schema was originally created.</p>
1531
+ * @public
1533
1532
  */
1534
1533
  createdDate: Date | undefined;
1535
1534
  /**
1536
- * @public
1537
1535
  * <p>The date and time that the schema was most recently updated.</p>
1536
+ * @public
1538
1537
  */
1539
1538
  lastUpdatedDate: Date | undefined;
1540
1539
  /**
1541
- * @public
1542
1540
  * <p>The namespaces of the entities referenced by this schema.</p>
1541
+ * @public
1543
1542
  */
1544
1543
  namespaces?: string[];
1545
1544
  }
1546
1545
  /**
1547
- * @public
1548
1546
  * <p>A structure that defines characteristics of an identity source that you can use to
1549
1547
  * filter.</p>
1550
1548
  * <p>This data type is a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html">ListIdentityStores</a>
1551
1549
  * operation.</p>
1550
+ * @public
1552
1551
  */
1553
1552
  export interface IdentitySourceFilter {
1554
1553
  /**
1555
- * @public
1556
1554
  * <p>The Cedar entity type of the principals returned by the identity provider (IdP)
1557
1555
  * associated with this identity source.</p>
1556
+ * @public
1558
1557
  */
1559
1558
  principalEntityType?: string;
1560
1559
  }
@@ -1563,21 +1562,20 @@ export interface IdentitySourceFilter {
1563
1562
  */
1564
1563
  export interface ListIdentitySourcesInput {
1565
1564
  /**
1566
- * @public
1567
1565
  * <p>Specifies the ID of the policy store that contains the identity sources that you want to list.</p>
1566
+ * @public
1568
1567
  */
1569
1568
  policyStoreId: string | undefined;
1570
1569
  /**
1571
- * @public
1572
1570
  * <p>Specifies that you want to receive the next page of results. Valid
1573
1571
  * only if you received a <code>NextToken</code> response in the previous request. If you
1574
1572
  * did, it indicates that more output is available. Set this parameter to the value
1575
1573
  * provided by the previous call's <code>NextToken</code> response to request the
1576
1574
  * next page of results.</p>
1575
+ * @public
1577
1576
  */
1578
1577
  nextToken?: string;
1579
1578
  /**
1580
- * @public
1581
1579
  * <p>Specifies the total number of results that you want included in each
1582
1580
  * response. If additional items exist beyond the number you specify, the
1583
1581
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -1588,41 +1586,40 @@ export interface ListIdentitySourcesInput {
1588
1586
  * results.</p>
1589
1587
  * <p>If you do not specify this parameter, the operation defaults to 10 identity sources per response.
1590
1588
  * You can specify a maximum of 200 identity sources per response.</p>
1589
+ * @public
1591
1590
  */
1592
1591
  maxResults?: number;
1593
1592
  /**
1594
- * @public
1595
1593
  * <p>Specifies characteristics of an identity source that you can use to limit the output to matching
1596
1594
  * identity sources.</p>
1595
+ * @public
1597
1596
  */
1598
1597
  filters?: IdentitySourceFilter[];
1599
1598
  }
1600
1599
  /**
1601
- * @public
1602
- * @deprecated
1603
- *
1604
1600
  * <p>A structure that contains configuration of the identity source.</p>
1605
1601
  * <p>This data type was a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html">ListIdentitySources</a>
1606
1602
  * operation. Replaced by <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationItem.html">ConfigurationItem</a>.</p>
1603
+ * @public
1604
+ * @deprecated This shape has been replaced by ConfigurationItem
1607
1605
  */
1608
1606
  export interface IdentitySourceItemDetails {
1609
1607
  /**
1610
- * @public
1611
1608
  * @deprecated
1612
1609
  *
1613
1610
  * <p>The application client IDs associated with the specified Amazon Cognito user pool that are
1614
1611
  * enabled for this identity source.</p>
1612
+ * @public
1615
1613
  */
1616
1614
  clientIds?: string[];
1617
1615
  /**
1618
- * @public
1619
1616
  * @deprecated
1620
1617
  *
1621
1618
  * <p>The Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.</p>
1619
+ * @public
1622
1620
  */
1623
1621
  userPoolArn?: string;
1624
1622
  /**
1625
- * @public
1626
1623
  * @deprecated
1627
1624
  *
1628
1625
  * <p>The well-known URL that points to this user pool's OIDC discovery endpoint. This is a
@@ -1632,61 +1629,62 @@ export interface IdentitySourceItemDetails {
1632
1629
  * <p>
1633
1630
  * <code>https://cognito-idp.<i>&lt;region&gt;</i>.amazonaws.com/<i>&lt;user-pool-id&gt;</i>/.well-known/openid-configuration</code>
1634
1631
  * </p>
1632
+ * @public
1635
1633
  */
1636
1634
  discoveryUrl?: string;
1637
1635
  /**
1638
- * @public
1639
1636
  * @deprecated
1640
1637
  *
1641
1638
  * <p>A string that identifies the type of OIDC service represented by this identity source. </p>
1642
1639
  * <p>At this time, the only valid value is <code>cognito</code>.</p>
1640
+ * @public
1643
1641
  */
1644
1642
  openIdIssuer?: OpenIdIssuer;
1645
1643
  }
1646
1644
  /**
1647
- * @public
1648
1645
  * <p>A structure that defines an identity source.</p>
1649
1646
  * <p>This data type is a response parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html">ListIdentitySources</a>
1650
1647
  * operation.</p>
1648
+ * @public
1651
1649
  */
1652
1650
  export interface IdentitySourceItem {
1653
1651
  /**
1654
- * @public
1655
1652
  * <p>The date and time the identity source was originally created.</p>
1653
+ * @public
1656
1654
  */
1657
1655
  createdDate: Date | undefined;
1658
1656
  /**
1659
- * @public
1660
1657
  * @deprecated
1661
1658
  *
1662
1659
  * <p>A structure that contains the details of the associated identity provider
1663
1660
  * (IdP).</p>
1661
+ * @public
1664
1662
  */
1665
1663
  details?: IdentitySourceItemDetails;
1666
1664
  /**
1667
- * @public
1668
1665
  * <p>The unique identifier of the identity source.</p>
1666
+ * @public
1669
1667
  */
1670
1668
  identitySourceId: string | undefined;
1671
1669
  /**
1672
- * @public
1673
1670
  * <p>The date and time the identity source was most recently updated.</p>
1671
+ * @public
1674
1672
  */
1675
1673
  lastUpdatedDate: Date | undefined;
1676
1674
  /**
1677
- * @public
1678
1675
  * <p>The identifier of the policy store that contains the identity source.</p>
1676
+ * @public
1679
1677
  */
1680
1678
  policyStoreId: string | undefined;
1681
1679
  /**
1682
- * @public
1683
1680
  * <p>The Cedar entity type of the principals returned from the IdP associated with this
1684
1681
  * identity source.</p>
1682
+ * @public
1685
1683
  */
1686
1684
  principalEntityType: string | undefined;
1687
1685
  /**
1688
- * @public
1689
1686
  * <p>Contains configuration information about an identity source.</p>
1687
+ * @public
1690
1688
  */
1691
1689
  configuration?: ConfigurationItem;
1692
1690
  }
@@ -1695,39 +1693,38 @@ export interface IdentitySourceItem {
1695
1693
  */
1696
1694
  export interface ListIdentitySourcesOutput {
1697
1695
  /**
1698
- * @public
1699
1696
  * <p>If present, this value indicates that more output is available than
1700
1697
  * is included in the current response. Use this value in the <code>NextToken</code>
1701
1698
  * request parameter in a subsequent call to the operation to get the next part of the
1702
1699
  * output. You should repeat this until the <code>NextToken</code> response element comes
1703
1700
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
1701
+ * @public
1704
1702
  */
1705
1703
  nextToken?: string;
1706
1704
  /**
1707
- * @public
1708
1705
  * <p>The list of identity sources stored in the specified policy store.</p>
1706
+ * @public
1709
1707
  */
1710
1708
  identitySources: IdentitySourceItem[] | undefined;
1711
1709
  }
1712
1710
  /**
1713
- * @public
1714
1711
  * <p>Contains configuration details of a Amazon Cognito user pool for use with an identity source.</p>
1712
+ * @public
1715
1713
  */
1716
1714
  export interface UpdateCognitoUserPoolConfiguration {
1717
1715
  /**
1718
- * @public
1719
1716
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool associated with this identity source.</p>
1717
+ * @public
1720
1718
  */
1721
1719
  userPoolArn: string | undefined;
1722
1720
  /**
1723
- * @public
1724
1721
  * <p>The client ID of an app client that is configured for the specified Amazon Cognito user
1725
1722
  * pool.</p>
1723
+ * @public
1726
1724
  */
1727
1725
  clientIds?: string[];
1728
1726
  }
1729
1727
  /**
1730
- * @public
1731
1728
  * <p>Contains an updated configuration to replace the configuration in an existing
1732
1729
  * identity source.</p>
1733
1730
  * <note>
@@ -1736,6 +1733,7 @@ export interface UpdateCognitoUserPoolConfiguration {
1736
1733
  * <p>You must specify a <code>userPoolArn</code>, and optionally, a
1737
1734
  * <code>ClientId</code>.</p>
1738
1735
  * </note>
1736
+ * @public
1739
1737
  */
1740
1738
  export type UpdateConfiguration = UpdateConfiguration.CognitoUserPoolConfigurationMember | UpdateConfiguration.$UnknownMember;
1741
1739
  /**
@@ -1743,8 +1741,8 @@ export type UpdateConfiguration = UpdateConfiguration.CognitoUserPoolConfigurati
1743
1741
  */
1744
1742
  export declare namespace UpdateConfiguration {
1745
1743
  /**
1746
- * @public
1747
1744
  * <p>Contains configuration details of a Amazon Cognito user pool.</p>
1745
+ * @public
1748
1746
  */
1749
1747
  interface CognitoUserPoolConfigurationMember {
1750
1748
  cognitoUserPoolConfiguration: UpdateCognitoUserPoolConfiguration;
@@ -1768,17 +1766,16 @@ export declare namespace UpdateConfiguration {
1768
1766
  */
1769
1767
  export interface UpdateIdentitySourceInput {
1770
1768
  /**
1771
- * @public
1772
1769
  * <p>Specifies the ID of the policy store that contains the identity source that you want to update.</p>
1770
+ * @public
1773
1771
  */
1774
1772
  policyStoreId: string | undefined;
1775
1773
  /**
1776
- * @public
1777
1774
  * <p>Specifies the ID of the identity source that you want to update.</p>
1775
+ * @public
1778
1776
  */
1779
1777
  identitySourceId: string | undefined;
1780
1778
  /**
1781
- * @public
1782
1779
  * <p>Specifies the details required to communicate with the identity provider (IdP)
1783
1780
  * associated with this identity source.</p>
1784
1781
  * <note>
@@ -1787,12 +1784,13 @@ export interface UpdateIdentitySourceInput {
1787
1784
  * <p>You must specify a <code>userPoolArn</code>, and optionally, a
1788
1785
  * <code>ClientId</code>.</p>
1789
1786
  * </note>
1787
+ * @public
1790
1788
  */
1791
1789
  updateConfiguration: UpdateConfiguration | undefined;
1792
1790
  /**
1793
- * @public
1794
1791
  * <p>Specifies the data type of principals generated for identities authenticated by the
1795
1792
  * identity source.</p>
1793
+ * @public
1796
1794
  */
1797
1795
  principalEntityType?: string;
1798
1796
  }
@@ -1801,23 +1799,23 @@ export interface UpdateIdentitySourceInput {
1801
1799
  */
1802
1800
  export interface UpdateIdentitySourceOutput {
1803
1801
  /**
1804
- * @public
1805
1802
  * <p>The date and time that the updated identity source was originally created.</p>
1803
+ * @public
1806
1804
  */
1807
1805
  createdDate: Date | undefined;
1808
1806
  /**
1809
- * @public
1810
1807
  * <p>The ID of the updated identity source.</p>
1808
+ * @public
1811
1809
  */
1812
1810
  identitySourceId: string | undefined;
1813
1811
  /**
1814
- * @public
1815
1812
  * <p>The date and time that the identity source was most recently updated.</p>
1813
+ * @public
1816
1814
  */
1817
1815
  lastUpdatedDate: Date | undefined;
1818
1816
  /**
1819
- * @public
1820
1817
  * <p>The ID of the policy store that contains the updated identity source.</p>
1818
+ * @public
1821
1819
  */
1822
1820
  policyStoreId: string | undefined;
1823
1821
  }
@@ -1826,25 +1824,25 @@ export interface UpdateIdentitySourceOutput {
1826
1824
  */
1827
1825
  export interface IsAuthorizedOutput {
1828
1826
  /**
1829
- * @public
1830
1827
  * <p>An authorization decision that indicates if the authorization request should be
1831
1828
  * allowed or denied.</p>
1829
+ * @public
1832
1830
  */
1833
1831
  decision: Decision | undefined;
1834
1832
  /**
1835
- * @public
1836
1833
  * <p>The list of determining policies used to make the authorization decision. For example,
1837
1834
  * if there are two matching policies, where one is a forbid and the other is a permit,
1838
1835
  * then the forbid policy will be the determining policy. In the case of multiple matching
1839
1836
  * permit policies then there would be multiple determining policies. In the case that no
1840
1837
  * policies match, and hence the response is DENY, there would be no determining
1841
1838
  * policies.</p>
1839
+ * @public
1842
1840
  */
1843
1841
  determiningPolicies: DeterminingPolicyItem[] | undefined;
1844
1842
  /**
1845
- * @public
1846
1843
  * <p>Errors that occurred while making an authorization decision, for example, a policy
1847
1844
  * references an Entity or entity Attribute that does not exist in the slice.</p>
1845
+ * @public
1848
1846
  */
1849
1847
  errors: EvaluationErrorItem[] | undefined;
1850
1848
  }
@@ -1853,53 +1851,53 @@ export interface IsAuthorizedOutput {
1853
1851
  */
1854
1852
  export interface IsAuthorizedWithTokenOutput {
1855
1853
  /**
1856
- * @public
1857
1854
  * <p>An authorization decision that indicates if the authorization request should be
1858
1855
  * allowed or denied.</p>
1856
+ * @public
1859
1857
  */
1860
1858
  decision: Decision | undefined;
1861
1859
  /**
1862
- * @public
1863
1860
  * <p>The list of determining policies used to make the authorization decision. For example,
1864
1861
  * if there are multiple matching policies, where at least one is a forbid policy, then
1865
1862
  * because forbid always overrides permit the forbid policies are the determining policies.
1866
1863
  * If all matching policies are permit policies, then those policies are the determining
1867
1864
  * policies. When no policies match and the response is the default DENY, there are no
1868
1865
  * determining policies.</p>
1866
+ * @public
1869
1867
  */
1870
1868
  determiningPolicies: DeterminingPolicyItem[] | undefined;
1871
1869
  /**
1872
- * @public
1873
1870
  * <p>Errors that occurred while making an authorization decision. For example, a policy
1874
1871
  * references an entity or entity attribute that does not exist in the slice.</p>
1872
+ * @public
1875
1873
  */
1876
1874
  errors: EvaluationErrorItem[] | undefined;
1877
1875
  }
1878
1876
  /**
1879
- * @public
1880
1877
  * <p>Contains information about a filter to refine policies returned in a query.</p>
1881
1878
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a> operation.</p>
1879
+ * @public
1882
1880
  */
1883
1881
  export interface PolicyFilter {
1884
1882
  /**
1885
- * @public
1886
1883
  * <p>Filters the output to only policies that reference the specified principal.</p>
1884
+ * @public
1887
1885
  */
1888
1886
  principal?: EntityReference;
1889
1887
  /**
1890
- * @public
1891
1888
  * <p>Filters the output to only policies that reference the specified resource.</p>
1889
+ * @public
1892
1890
  */
1893
1891
  resource?: EntityReference;
1894
1892
  /**
1895
- * @public
1896
1893
  * <p>Filters the output to only policies of the specified type.</p>
1894
+ * @public
1897
1895
  */
1898
1896
  policyType?: PolicyType;
1899
1897
  /**
1900
- * @public
1901
1898
  * <p>Filters the output to only template-linked policies that were instantiated from the specified
1902
1899
  * policy template.</p>
1900
+ * @public
1903
1901
  */
1904
1902
  policyTemplateId?: string;
1905
1903
  }
@@ -1908,21 +1906,20 @@ export interface PolicyFilter {
1908
1906
  */
1909
1907
  export interface ListPoliciesInput {
1910
1908
  /**
1911
- * @public
1912
1909
  * <p>Specifies the ID of the policy store you want to list policies from.</p>
1910
+ * @public
1913
1911
  */
1914
1912
  policyStoreId: string | undefined;
1915
1913
  /**
1916
- * @public
1917
1914
  * <p>Specifies that you want to receive the next page of results. Valid
1918
1915
  * only if you received a <code>NextToken</code> response in the previous request. If you
1919
1916
  * did, it indicates that more output is available. Set this parameter to the value
1920
1917
  * provided by the previous call's <code>NextToken</code> response to request the
1921
1918
  * next page of results.</p>
1919
+ * @public
1922
1920
  */
1923
1921
  nextToken?: string;
1924
1922
  /**
1925
- * @public
1926
1923
  * <p>Specifies the total number of results that you want included in each
1927
1924
  * response. If additional items exist beyond the number you specify, the
1928
1925
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -1933,63 +1930,64 @@ export interface ListPoliciesInput {
1933
1930
  * results.</p>
1934
1931
  * <p>If you do not specify this parameter, the operation defaults to 10 policies per
1935
1932
  * response. You can specify a maximum of 50 policies per response.</p>
1933
+ * @public
1936
1934
  */
1937
1935
  maxResults?: number;
1938
1936
  /**
1939
- * @public
1940
1937
  * <p>Specifies a filter that limits the response to only policies that match the specified
1941
1938
  * criteria. For example, you list only the policies that reference a specified
1942
1939
  * principal.</p>
1940
+ * @public
1943
1941
  */
1944
1942
  filter?: PolicyFilter;
1945
1943
  }
1946
1944
  /**
1947
- * @public
1948
1945
  * <p>A structure that contains details about a static policy. It includes the description and
1949
1946
  * policy statement.</p>
1950
1947
  * <p>This data type is used within a <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html">PolicyDefinition</a> structure as
1951
1948
  * part of a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> operation.</p>
1949
+ * @public
1952
1950
  */
1953
1951
  export interface StaticPolicyDefinitionItem {
1954
1952
  /**
1955
- * @public
1956
1953
  * <p>A description of the static policy.</p>
1954
+ * @public
1957
1955
  */
1958
1956
  description?: string;
1959
1957
  }
1960
1958
  /**
1961
- * @public
1962
1959
  * <p>Contains information about a policy created by instantiating a policy template. </p>
1963
1960
  * <p>This </p>
1961
+ * @public
1964
1962
  */
1965
1963
  export interface TemplateLinkedPolicyDefinitionItem {
1966
1964
  /**
1967
- * @public
1968
1965
  * <p>The unique identifier of the policy template used to create this policy.</p>
1966
+ * @public
1969
1967
  */
1970
1968
  policyTemplateId: string | undefined;
1971
1969
  /**
1972
- * @public
1973
1970
  * <p>The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the
1974
1971
  * <code>?principal</code> placeholder in the policy template when it evaluates an authorization
1975
1972
  * request.</p>
1973
+ * @public
1976
1974
  */
1977
1975
  principal?: EntityIdentifier;
1978
1976
  /**
1979
- * @public
1980
1977
  * <p>The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the
1981
1978
  * <code>?resource</code> placeholder in the policy template when it evaluates an authorization
1982
1979
  * request.</p>
1980
+ * @public
1983
1981
  */
1984
1982
  resource?: EntityIdentifier;
1985
1983
  }
1986
1984
  /**
1987
- * @public
1988
1985
  * <p>A structure that describes a <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinintion.html">PolicyDefinintion</a>. It will
1989
1986
  * always have either an <code>StaticPolicy</code> or a <code>TemplateLinkedPolicy</code>
1990
1987
  * element.</p>
1991
1988
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a>
1992
1989
  * operations. </p>
1990
+ * @public
1993
1991
  */
1994
1992
  export type PolicyDefinitionItem = PolicyDefinitionItem.StaticMember | PolicyDefinitionItem.TemplateLinkedMember | PolicyDefinitionItem.$UnknownMember;
1995
1993
  /**
@@ -1997,8 +1995,8 @@ export type PolicyDefinitionItem = PolicyDefinitionItem.StaticMember | PolicyDef
1997
1995
  */
1998
1996
  export declare namespace PolicyDefinitionItem {
1999
1997
  /**
2000
- * @public
2001
1998
  * <p>Information about a static policy that wasn't created with a policy template.</p>
1999
+ * @public
2002
2000
  */
2003
2001
  interface StaticMember {
2004
2002
  static: StaticPolicyDefinitionItem;
@@ -2006,8 +2004,8 @@ export declare namespace PolicyDefinitionItem {
2006
2004
  $unknown?: never;
2007
2005
  }
2008
2006
  /**
2009
- * @public
2010
2007
  * <p>Information about a template-linked policy that was created by instantiating a policy template.</p>
2008
+ * @public
2011
2009
  */
2012
2010
  interface TemplateLinkedMember {
2013
2011
  static?: never;
@@ -2030,24 +2028,23 @@ export declare namespace PolicyDefinitionItem {
2030
2028
  const visit: <T>(value: PolicyDefinitionItem, visitor: Visitor<T>) => T;
2031
2029
  }
2032
2030
  /**
2033
- * @public
2034
2031
  * <p>Contains information about a policy.</p>
2035
2032
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a> operation.</p>
2033
+ * @public
2036
2034
  */
2037
2035
  export interface PolicyItem {
2038
2036
  /**
2039
- * @public
2040
2037
  * <p>The identifier of the PolicyStore where the policy you want information about is
2041
2038
  * stored.</p>
2039
+ * @public
2042
2040
  */
2043
2041
  policyStoreId: string | undefined;
2044
2042
  /**
2045
- * @public
2046
2043
  * <p>The identifier of the policy you want information about.</p>
2044
+ * @public
2047
2045
  */
2048
2046
  policyId: string | undefined;
2049
2047
  /**
2050
- * @public
2051
2048
  * <p>The type of the policy. This is one of the following values:</p>
2052
2049
  * <ul>
2053
2050
  * <li>
@@ -2061,31 +2058,32 @@ export interface PolicyItem {
2061
2058
  * </p>
2062
2059
  * </li>
2063
2060
  * </ul>
2061
+ * @public
2064
2062
  */
2065
2063
  policyType: PolicyType | undefined;
2066
2064
  /**
2067
- * @public
2068
2065
  * <p>The principal associated with the policy.</p>
2066
+ * @public
2069
2067
  */
2070
2068
  principal?: EntityIdentifier;
2071
2069
  /**
2072
- * @public
2073
2070
  * <p>The resource associated with the policy.</p>
2071
+ * @public
2074
2072
  */
2075
2073
  resource?: EntityIdentifier;
2076
2074
  /**
2077
- * @public
2078
2075
  * <p>The policy definition of an item in the list of policies returned.</p>
2076
+ * @public
2079
2077
  */
2080
2078
  definition: PolicyDefinitionItem | undefined;
2081
2079
  /**
2082
- * @public
2083
2080
  * <p>The date and time the policy was created.</p>
2081
+ * @public
2084
2082
  */
2085
2083
  createdDate: Date | undefined;
2086
2084
  /**
2087
- * @public
2088
2085
  * <p>The date and time the policy was most recently updated.</p>
2086
+ * @public
2089
2087
  */
2090
2088
  lastUpdatedDate: Date | undefined;
2091
2089
  }
@@ -2094,17 +2092,17 @@ export interface PolicyItem {
2094
2092
  */
2095
2093
  export interface ListPoliciesOutput {
2096
2094
  /**
2097
- * @public
2098
2095
  * <p>If present, this value indicates that more output is available than
2099
2096
  * is included in the current response. Use this value in the <code>NextToken</code>
2100
2097
  * request parameter in a subsequent call to the operation to get the next part of the
2101
2098
  * output. You should repeat this until the <code>NextToken</code> response element comes
2102
2099
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
2100
+ * @public
2103
2101
  */
2104
2102
  nextToken?: string;
2105
2103
  /**
2106
- * @public
2107
2104
  * <p>Lists all policies that are available in the specified policy store.</p>
2105
+ * @public
2108
2106
  */
2109
2107
  policies: PolicyItem[] | undefined;
2110
2108
  }
@@ -2113,16 +2111,15 @@ export interface ListPoliciesOutput {
2113
2111
  */
2114
2112
  export interface ListPolicyStoresInput {
2115
2113
  /**
2116
- * @public
2117
2114
  * <p>Specifies that you want to receive the next page of results. Valid
2118
2115
  * only if you received a <code>NextToken</code> response in the previous request. If you
2119
2116
  * did, it indicates that more output is available. Set this parameter to the value
2120
2117
  * provided by the previous call's <code>NextToken</code> response to request the
2121
2118
  * next page of results.</p>
2119
+ * @public
2122
2120
  */
2123
2121
  nextToken?: string;
2124
2122
  /**
2125
- * @public
2126
2123
  * <p>Specifies the total number of results that you want included in each
2127
2124
  * response. If additional items exist beyond the number you specify, the
2128
2125
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -2133,40 +2130,41 @@ export interface ListPolicyStoresInput {
2133
2130
  * results.</p>
2134
2131
  * <p>If you do not specify this parameter, the operation defaults to 10 policy stores per response.
2135
2132
  * You can specify a maximum of 50 policy stores per response.</p>
2133
+ * @public
2136
2134
  */
2137
2135
  maxResults?: number;
2138
2136
  }
2139
2137
  /**
2140
- * @public
2141
2138
  * <p>Contains information about a policy store.</p>
2142
2139
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html">ListPolicyStores</a>
2143
2140
  * operation.</p>
2141
+ * @public
2144
2142
  */
2145
2143
  export interface PolicyStoreItem {
2146
2144
  /**
2147
- * @public
2148
2145
  * <p>The unique identifier of the policy store.</p>
2146
+ * @public
2149
2147
  */
2150
2148
  policyStoreId: string | undefined;
2151
2149
  /**
2152
- * @public
2153
2150
  * <p>The Amazon Resource Name (ARN) of the policy store.</p>
2151
+ * @public
2154
2152
  */
2155
2153
  arn: string | undefined;
2156
2154
  /**
2157
- * @public
2158
2155
  * <p>The date and time the policy was created.</p>
2156
+ * @public
2159
2157
  */
2160
2158
  createdDate: Date | undefined;
2161
2159
  /**
2162
- * @public
2163
2160
  * <p>The date and time the policy store was most recently updated.</p>
2161
+ * @public
2164
2162
  */
2165
2163
  lastUpdatedDate?: Date;
2166
2164
  /**
2167
- * @public
2168
2165
  * <p>Descriptive text that you can provide to help with identification
2169
2166
  * of the current policy store.</p>
2167
+ * @public
2170
2168
  */
2171
2169
  description?: string;
2172
2170
  }
@@ -2175,17 +2173,17 @@ export interface PolicyStoreItem {
2175
2173
  */
2176
2174
  export interface ListPolicyStoresOutput {
2177
2175
  /**
2178
- * @public
2179
2176
  * <p>If present, this value indicates that more output is available than
2180
2177
  * is included in the current response. Use this value in the <code>NextToken</code>
2181
2178
  * request parameter in a subsequent call to the operation to get the next part of the
2182
2179
  * output. You should repeat this until the <code>NextToken</code> response element comes
2183
2180
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
2181
+ * @public
2184
2182
  */
2185
2183
  nextToken?: string;
2186
2184
  /**
2187
- * @public
2188
2185
  * <p>The list of policy stores in the account.</p>
2186
+ * @public
2189
2187
  */
2190
2188
  policyStores: PolicyStoreItem[] | undefined;
2191
2189
  }
@@ -2194,21 +2192,20 @@ export interface ListPolicyStoresOutput {
2194
2192
  */
2195
2193
  export interface ListPolicyTemplatesInput {
2196
2194
  /**
2197
- * @public
2198
2195
  * <p>Specifies the ID of the policy store that contains the policy templates you want to list.</p>
2196
+ * @public
2199
2197
  */
2200
2198
  policyStoreId: string | undefined;
2201
2199
  /**
2202
- * @public
2203
2200
  * <p>Specifies that you want to receive the next page of results. Valid
2204
2201
  * only if you received a <code>NextToken</code> response in the previous request. If you
2205
2202
  * did, it indicates that more output is available. Set this parameter to the value
2206
2203
  * provided by the previous call's <code>NextToken</code> response to request the
2207
2204
  * next page of results.</p>
2205
+ * @public
2208
2206
  */
2209
2207
  nextToken?: string;
2210
2208
  /**
2211
- * @public
2212
2209
  * <p>Specifies the total number of results that you want included in each
2213
2210
  * response. If additional items exist beyond the number you specify, the
2214
2211
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -2219,39 +2216,40 @@ export interface ListPolicyTemplatesInput {
2219
2216
  * results.</p>
2220
2217
  * <p>If you do not specify this parameter, the operation defaults to 10 policy templates per response.
2221
2218
  * You can specify a maximum of 50 policy templates per response.</p>
2219
+ * @public
2222
2220
  */
2223
2221
  maxResults?: number;
2224
2222
  }
2225
2223
  /**
2226
- * @public
2227
2224
  * <p>Contains details about a policy template</p>
2228
2225
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html">ListPolicyTemplates</a>
2229
2226
  * operation.</p>
2227
+ * @public
2230
2228
  */
2231
2229
  export interface PolicyTemplateItem {
2232
2230
  /**
2233
- * @public
2234
2231
  * <p>The unique identifier of the policy store that contains the template.</p>
2232
+ * @public
2235
2233
  */
2236
2234
  policyStoreId: string | undefined;
2237
2235
  /**
2238
- * @public
2239
2236
  * <p>The unique identifier of the policy template.</p>
2237
+ * @public
2240
2238
  */
2241
2239
  policyTemplateId: string | undefined;
2242
2240
  /**
2243
- * @public
2244
2241
  * <p>The description attached to the policy template.</p>
2242
+ * @public
2245
2243
  */
2246
2244
  description?: string;
2247
2245
  /**
2248
- * @public
2249
2246
  * <p>The date and time that the policy template was created.</p>
2247
+ * @public
2250
2248
  */
2251
2249
  createdDate: Date | undefined;
2252
2250
  /**
2253
- * @public
2254
2251
  * <p>The date and time that the policy template was most recently updated.</p>
2252
+ * @public
2255
2253
  */
2256
2254
  lastUpdatedDate: Date | undefined;
2257
2255
  }
@@ -2260,32 +2258,31 @@ export interface PolicyTemplateItem {
2260
2258
  */
2261
2259
  export interface ListPolicyTemplatesOutput {
2262
2260
  /**
2263
- * @public
2264
2261
  * <p>If present, this value indicates that more output is available than
2265
2262
  * is included in the current response. Use this value in the <code>NextToken</code>
2266
2263
  * request parameter in a subsequent call to the operation to get the next part of the
2267
2264
  * output. You should repeat this until the <code>NextToken</code> response element comes
2268
2265
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
2266
+ * @public
2269
2267
  */
2270
2268
  nextToken?: string;
2271
2269
  /**
2272
- * @public
2273
2270
  * <p>The list of the policy templates in the specified policy store.</p>
2271
+ * @public
2274
2272
  */
2275
2273
  policyTemplates: PolicyTemplateItem[] | undefined;
2276
2274
  }
2277
2275
  /**
2278
- * @public
2279
2276
  * <p>Contains information about an update to a static policy.</p>
2277
+ * @public
2280
2278
  */
2281
2279
  export interface UpdateStaticPolicyDefinition {
2282
2280
  /**
2283
- * @public
2284
2281
  * <p>Specifies the description to be added to or replaced on the static policy.</p>
2282
+ * @public
2285
2283
  */
2286
2284
  description?: string;
2287
2285
  /**
2288
- * @public
2289
2286
  * <p>Specifies the Cedar policy language text to be added to or replaced on the static policy.</p>
2290
2287
  * <important>
2291
2288
  * <p>You can change only the following elements from the original content:</p>
@@ -2316,13 +2313,14 @@ export interface UpdateStaticPolicyDefinition {
2316
2313
  * </li>
2317
2314
  * </ul>
2318
2315
  * </important>
2316
+ * @public
2319
2317
  */
2320
2318
  statement: string | undefined;
2321
2319
  }
2322
2320
  /**
2323
- * @public
2324
2321
  * <p>Contains information about updates to be applied to a policy.</p>
2325
2322
  * <p>This data type is used as a request parameter in the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html">UpdatePolicy</a> operation.</p>
2323
+ * @public
2326
2324
  */
2327
2325
  export type UpdatePolicyDefinition = UpdatePolicyDefinition.StaticMember | UpdatePolicyDefinition.$UnknownMember;
2328
2326
  /**
@@ -2330,8 +2328,8 @@ export type UpdatePolicyDefinition = UpdatePolicyDefinition.StaticMember | Updat
2330
2328
  */
2331
2329
  export declare namespace UpdatePolicyDefinition {
2332
2330
  /**
2333
- * @public
2334
2331
  * <p>Contains details about the updates to be applied to a static policy.</p>
2332
+ * @public
2335
2333
  */
2336
2334
  interface StaticMember {
2337
2335
  static: UpdateStaticPolicyDefinition;
@@ -2355,18 +2353,17 @@ export declare namespace UpdatePolicyDefinition {
2355
2353
  */
2356
2354
  export interface UpdatePolicyInput {
2357
2355
  /**
2358
- * @public
2359
2356
  * <p>Specifies the ID of the policy store that contains the policy that you want to update.</p>
2357
+ * @public
2360
2358
  */
2361
2359
  policyStoreId: string | undefined;
2362
2360
  /**
2363
- * @public
2364
2361
  * <p>Specifies the ID of the policy that you want to update. To find this value, you can
2365
2362
  * use <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a>.</p>
2363
+ * @public
2366
2364
  */
2367
2365
  policyId: string | undefined;
2368
2366
  /**
2369
- * @public
2370
2367
  * <p>Specifies the updated policy content that you want to replace on the specified policy.
2371
2368
  * The content must be valid Cedar policy language text.</p>
2372
2369
  * <p>You can change only the following elements from the policy definition:</p>
@@ -2395,6 +2392,7 @@ export interface UpdatePolicyInput {
2395
2392
  * <p>The <code>resource</code> referenced by the policy.</p>
2396
2393
  * </li>
2397
2394
  * </ul>
2395
+ * @public
2398
2396
  */
2399
2397
  definition: UpdatePolicyDefinition | undefined;
2400
2398
  }
@@ -2403,40 +2401,40 @@ export interface UpdatePolicyInput {
2403
2401
  */
2404
2402
  export interface UpdatePolicyOutput {
2405
2403
  /**
2406
- * @public
2407
2404
  * <p>The ID of the policy store that contains the policy that was updated.</p>
2405
+ * @public
2408
2406
  */
2409
2407
  policyStoreId: string | undefined;
2410
2408
  /**
2411
- * @public
2412
2409
  * <p>The ID of the policy that was updated.</p>
2410
+ * @public
2413
2411
  */
2414
2412
  policyId: string | undefined;
2415
2413
  /**
2416
- * @public
2417
2414
  * <p>The type of the policy that was updated.</p>
2415
+ * @public
2418
2416
  */
2419
2417
  policyType: PolicyType | undefined;
2420
2418
  /**
2421
- * @public
2422
2419
  * <p>The principal specified in the policy's scope. This element isn't included in the
2423
2420
  * response when <code>Principal</code> isn't present in the policy content.</p>
2421
+ * @public
2424
2422
  */
2425
2423
  principal?: EntityIdentifier;
2426
2424
  /**
2427
- * @public
2428
2425
  * <p>The resource specified in the policy's scope. This element isn't included in the
2429
2426
  * response when <code>Resource</code> isn't present in the policy content.</p>
2427
+ * @public
2430
2428
  */
2431
2429
  resource?: EntityIdentifier;
2432
2430
  /**
2433
- * @public
2434
2431
  * <p>The date and time that the policy was originally created.</p>
2432
+ * @public
2435
2433
  */
2436
2434
  createdDate: Date | undefined;
2437
2435
  /**
2438
- * @public
2439
2436
  * <p>The date and time that the policy was most recently updated.</p>
2437
+ * @public
2440
2438
  */
2441
2439
  lastUpdatedDate: Date | undefined;
2442
2440
  }
@@ -2445,22 +2443,21 @@ export interface UpdatePolicyOutput {
2445
2443
  */
2446
2444
  export interface UpdatePolicyTemplateInput {
2447
2445
  /**
2448
- * @public
2449
2446
  * <p>Specifies the ID of the policy store that contains the policy template that you want to update.</p>
2447
+ * @public
2450
2448
  */
2451
2449
  policyStoreId: string | undefined;
2452
2450
  /**
2453
- * @public
2454
2451
  * <p>Specifies the ID of the policy template that you want to update.</p>
2452
+ * @public
2455
2453
  */
2456
2454
  policyTemplateId: string | undefined;
2457
2455
  /**
2458
- * @public
2459
2456
  * <p>Specifies a new description to apply to the policy template.</p>
2457
+ * @public
2460
2458
  */
2461
2459
  description?: string;
2462
2460
  /**
2463
- * @public
2464
2461
  * <p>Specifies new statement content written in Cedar policy language to replace the
2465
2462
  * current body of the policy template.</p>
2466
2463
  * <p>You can change only the following elements of the policy body:</p>
@@ -2485,6 +2482,7 @@ export interface UpdatePolicyTemplateInput {
2485
2482
  * <p>The <code>resource</code> referenced by the policy template.</p>
2486
2483
  * </li>
2487
2484
  * </ul>
2485
+ * @public
2488
2486
  */
2489
2487
  statement: string | undefined;
2490
2488
  }
@@ -2493,32 +2491,32 @@ export interface UpdatePolicyTemplateInput {
2493
2491
  */
2494
2492
  export interface UpdatePolicyTemplateOutput {
2495
2493
  /**
2496
- * @public
2497
2494
  * <p>The ID of the policy store that contains the updated policy template.</p>
2495
+ * @public
2498
2496
  */
2499
2497
  policyStoreId: string | undefined;
2500
2498
  /**
2501
- * @public
2502
2499
  * <p>The ID of the updated policy template.</p>
2500
+ * @public
2503
2501
  */
2504
2502
  policyTemplateId: string | undefined;
2505
2503
  /**
2506
- * @public
2507
2504
  * <p>The date and time that the policy template was originally created.</p>
2505
+ * @public
2508
2506
  */
2509
2507
  createdDate: Date | undefined;
2510
2508
  /**
2511
- * @public
2512
2509
  * <p>The date and time that the policy template was most recently updated.</p>
2510
+ * @public
2513
2511
  */
2514
2512
  lastUpdatedDate: Date | undefined;
2515
2513
  }
2516
2514
  /**
2517
- * @public
2518
2515
  * <p>Contains a list of principal types, resource types, and actions that can be specified
2519
2516
  * in policies stored in the same policy store. If the validation mode for the policy store is set to
2520
2517
  * <code>STRICT</code>, then policies that can't be validated by this schema are
2521
2518
  * rejected by Verified Permissions and can't be stored in the policy store.</p>
2519
+ * @public
2522
2520
  */
2523
2521
  export type SchemaDefinition = SchemaDefinition.CedarJsonMember | SchemaDefinition.$UnknownMember;
2524
2522
  /**
@@ -2526,10 +2524,10 @@ export type SchemaDefinition = SchemaDefinition.CedarJsonMember | SchemaDefiniti
2526
2524
  */
2527
2525
  export declare namespace SchemaDefinition {
2528
2526
  /**
2529
- * @public
2530
2527
  * <p>A JSON string representation of the schema supported by applications that use this
2531
2528
  * policy store. For more information, see <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html">Policy store schema</a> in the
2532
2529
  * <i>Amazon Verified Permissions User Guide</i>.</p>
2530
+ * @public
2533
2531
  */
2534
2532
  interface CedarJsonMember {
2535
2533
  cedarJson: string;
@@ -2553,14 +2551,14 @@ export declare namespace SchemaDefinition {
2553
2551
  */
2554
2552
  export interface PutSchemaInput {
2555
2553
  /**
2556
- * @public
2557
2554
  * <p>Specifies the ID of the policy store in which to place the schema.</p>
2555
+ * @public
2558
2556
  */
2559
2557
  policyStoreId: string | undefined;
2560
2558
  /**
2561
- * @public
2562
2559
  * <p>Specifies the definition of the schema to be stored. The schema definition must be
2563
2560
  * written in Cedar schema JSON.</p>
2561
+ * @public
2564
2562
  */
2565
2563
  definition: SchemaDefinition | undefined;
2566
2564
  }
@@ -2569,23 +2567,23 @@ export interface PutSchemaInput {
2569
2567
  */
2570
2568
  export interface PutSchemaOutput {
2571
2569
  /**
2572
- * @public
2573
2570
  * <p>The unique ID of the policy store that contains the schema.</p>
2571
+ * @public
2574
2572
  */
2575
2573
  policyStoreId: string | undefined;
2576
2574
  /**
2577
- * @public
2578
2575
  * <p>Identifies the namespaces of the entities referenced by this schema.</p>
2576
+ * @public
2579
2577
  */
2580
2578
  namespaces: string[] | undefined;
2581
2579
  /**
2582
- * @public
2583
2580
  * <p>The date and time that the schema was originally created.</p>
2581
+ * @public
2584
2582
  */
2585
2583
  createdDate: Date | undefined;
2586
2584
  /**
2587
- * @public
2588
2585
  * <p>The date and time that the schema was last updated.</p>
2586
+ * @public
2589
2587
  */
2590
2588
  lastUpdatedDate: Date | undefined;
2591
2589
  }
@@ -2594,20 +2592,20 @@ export interface PutSchemaOutput {
2594
2592
  */
2595
2593
  export interface UpdatePolicyStoreInput {
2596
2594
  /**
2597
- * @public
2598
2595
  * <p>Specifies the ID of the policy store that you want to update</p>
2596
+ * @public
2599
2597
  */
2600
2598
  policyStoreId: string | undefined;
2601
2599
  /**
2602
- * @public
2603
2600
  * <p>A structure that defines the validation settings that want to enable for the
2604
2601
  * policy store.</p>
2602
+ * @public
2605
2603
  */
2606
2604
  validationSettings: ValidationSettings | undefined;
2607
2605
  /**
2608
- * @public
2609
2606
  * <p>Descriptive text that you can provide to help with identification
2610
2607
  * of the current policy store.</p>
2608
+ * @public
2611
2609
  */
2612
2610
  description?: string;
2613
2611
  }
@@ -2616,34 +2614,34 @@ export interface UpdatePolicyStoreInput {
2616
2614
  */
2617
2615
  export interface UpdatePolicyStoreOutput {
2618
2616
  /**
2619
- * @public
2620
2617
  * <p>The ID of the updated policy store.</p>
2618
+ * @public
2621
2619
  */
2622
2620
  policyStoreId: string | undefined;
2623
2621
  /**
2624
- * @public
2625
2622
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the updated policy store.</p>
2623
+ * @public
2626
2624
  */
2627
2625
  arn: string | undefined;
2628
2626
  /**
2629
- * @public
2630
2627
  * <p>The date and time that the policy store was originally created.</p>
2628
+ * @public
2631
2629
  */
2632
2630
  createdDate: Date | undefined;
2633
2631
  /**
2634
- * @public
2635
2632
  * <p>The date and time that the policy store was most recently updated.</p>
2633
+ * @public
2636
2634
  */
2637
2635
  lastUpdatedDate: Date | undefined;
2638
2636
  }
2639
2637
  /**
2640
- * @public
2641
2638
  * <p>The value of an attribute.</p>
2642
2639
  * <p>Contains information about the runtime context for a request for which an
2643
2640
  * authorization decision is made. </p>
2644
2641
  * <p>This data type is used as a member of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ContextDefinition.html">ContextDefinition</a> structure
2645
2642
  * which is uses as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
2646
2643
  * operations.</p>
2644
+ * @public
2647
2645
  */
2648
2646
  export type AttributeValue = AttributeValue.BooleanMember | AttributeValue.EntityIdentifierMember | AttributeValue.LongMember | AttributeValue.RecordMember | AttributeValue.SetMember | AttributeValue.StringMember | AttributeValue.$UnknownMember;
2649
2647
  /**
@@ -2651,11 +2649,11 @@ export type AttributeValue = AttributeValue.BooleanMember | AttributeValue.Entit
2651
2649
  */
2652
2650
  export declare namespace AttributeValue {
2653
2651
  /**
2654
- * @public
2655
2652
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#boolean">Boolean</a>
2656
2653
  * type.</p>
2657
2654
  * <p>Example: <code>\{"boolean": true\}</code>
2658
2655
  * </p>
2656
+ * @public
2659
2657
  */
2660
2658
  interface BooleanMember {
2661
2659
  boolean: boolean;
@@ -2667,11 +2665,11 @@ export declare namespace AttributeValue {
2667
2665
  $unknown?: never;
2668
2666
  }
2669
2667
  /**
2670
- * @public
2671
2668
  * <p>An attribute value of type <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html">EntityIdentifier</a>.</p>
2672
2669
  * <p>Example: <code>"entityIdentifier": \{ "entityId": "&lt;id&gt;", "entityType":
2673
2670
  * "&lt;entity type&gt;"\}</code>
2674
2671
  * </p>
2672
+ * @public
2675
2673
  */
2676
2674
  interface EntityIdentifierMember {
2677
2675
  boolean?: never;
@@ -2683,10 +2681,10 @@ export declare namespace AttributeValue {
2683
2681
  $unknown?: never;
2684
2682
  }
2685
2683
  /**
2686
- * @public
2687
2684
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#long">Long</a> type.</p>
2688
2685
  * <p>Example: <code>\{"long": 0\}</code>
2689
2686
  * </p>
2687
+ * @public
2690
2688
  */
2691
2689
  interface LongMember {
2692
2690
  boolean?: never;
@@ -2698,11 +2696,11 @@ export declare namespace AttributeValue {
2698
2696
  $unknown?: never;
2699
2697
  }
2700
2698
  /**
2701
- * @public
2702
2699
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#string">String</a>
2703
2700
  * type.</p>
2704
2701
  * <p>Example: <code>\{"string": "abc"\}</code>
2705
2702
  * </p>
2703
+ * @public
2706
2704
  */
2707
2705
  interface StringMember {
2708
2706
  boolean?: never;
@@ -2714,10 +2712,10 @@ export declare namespace AttributeValue {
2714
2712
  $unknown?: never;
2715
2713
  }
2716
2714
  /**
2717
- * @public
2718
2715
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#set">Set</a> type.</p>
2719
2716
  * <p>Example: <code>\{"set": [ \{\} ] \}</code>
2720
2717
  * </p>
2718
+ * @public
2721
2719
  */
2722
2720
  interface SetMember {
2723
2721
  boolean?: never;
@@ -2729,11 +2727,11 @@ export declare namespace AttributeValue {
2729
2727
  $unknown?: never;
2730
2728
  }
2731
2729
  /**
2732
- * @public
2733
2730
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#record">Record</a>
2734
2731
  * type.</p>
2735
2732
  * <p>Example: <code>\{"record": \{ "keyName": \{\} \} \}</code>
2736
2733
  * </p>
2734
+ * @public
2737
2735
  */
2738
2736
  interface RecordMember {
2739
2737
  boolean?: never;
@@ -2768,7 +2766,6 @@ export declare namespace AttributeValue {
2768
2766
  const visit: <T>(value: AttributeValue, visitor: Visitor<T>) => T;
2769
2767
  }
2770
2768
  /**
2771
- * @public
2772
2769
  * <p>Contains additional details about the context of the request. Verified Permissions evaluates this
2773
2770
  * information in an authorization request as part of the <code>when</code> and
2774
2771
  * <code>unless</code> clauses in a policy.</p>
@@ -2777,6 +2774,7 @@ export declare namespace AttributeValue {
2777
2774
  * <p>Example:
2778
2775
  * <code>"context":\{"contextMap":\{"&lt;KeyName1&gt;":\{"boolean":true\},"&lt;KeyName2&gt;":\{"long":1234\}\}\}</code>
2779
2776
  * </p>
2777
+ * @public
2780
2778
  */
2781
2779
  export type ContextDefinition = ContextDefinition.ContextMapMember | ContextDefinition.$UnknownMember;
2782
2780
  /**
@@ -2784,13 +2782,13 @@ export type ContextDefinition = ContextDefinition.ContextMapMember | ContextDefi
2784
2782
  */
2785
2783
  export declare namespace ContextDefinition {
2786
2784
  /**
2787
- * @public
2788
2785
  * <p>An list of attributes that are needed to successfully evaluate an authorization
2789
2786
  * request. Each attribute in this array must include a map of a data type and its
2790
2787
  * value.</p>
2791
2788
  * <p>Example:
2792
2789
  * <code>"contextMap":\{"&lt;KeyName1&gt;":\{"boolean":true\},"&lt;KeyName2&gt;":\{"long":1234\}\}</code>
2793
2790
  * </p>
2791
+ * @public
2794
2792
  */
2795
2793
  interface ContextMapMember {
2796
2794
  contextMap: Record<string, AttributeValue>;
@@ -2810,7 +2808,6 @@ export declare namespace ContextDefinition {
2810
2808
  const visit: <T>(value: ContextDefinition, visitor: Visitor<T>) => T;
2811
2809
  }
2812
2810
  /**
2813
- * @public
2814
2811
  * <p>Contains information about an entity that can be referenced in a Cedar
2815
2812
  * policy.</p>
2816
2813
  * <p>This data type is used as one of the fields in the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntitiesDefinition.html">EntitiesDefinition</a>
@@ -2820,94 +2817,95 @@ export declare namespace ContextDefinition {
2820
2817
  * "attributes": \{\}, "parents": [ \{ "entityType": "Album", "entityId": "alice_folder" \}
2821
2818
  * ] \}</code>
2822
2819
  * </p>
2820
+ * @public
2823
2821
  */
2824
2822
  export interface EntityItem {
2825
2823
  /**
2826
- * @public
2827
2824
  * <p>The identifier of the entity.</p>
2825
+ * @public
2828
2826
  */
2829
2827
  identifier: EntityIdentifier | undefined;
2830
2828
  /**
2831
- * @public
2832
2829
  * <p>A list of attributes for the entity.</p>
2830
+ * @public
2833
2831
  */
2834
2832
  attributes?: Record<string, AttributeValue>;
2835
2833
  /**
2836
- * @public
2837
2834
  * <p>The parents in the hierarchy that contains the entity.</p>
2835
+ * @public
2838
2836
  */
2839
2837
  parents?: EntityIdentifier[];
2840
2838
  }
2841
2839
  /**
2842
- * @public
2843
2840
  * <p>An authorization request that you include in a <code>BatchIsAuthorized</code> API
2844
2841
  * request.</p>
2842
+ * @public
2845
2843
  */
2846
2844
  export interface BatchIsAuthorizedInputItem {
2847
2845
  /**
2848
- * @public
2849
2846
  * <p>Specifies the principal for which the authorization decision is to be made.</p>
2847
+ * @public
2850
2848
  */
2851
2849
  principal?: EntityIdentifier;
2852
2850
  /**
2853
- * @public
2854
2851
  * <p>Specifies the requested action to be authorized. For example, is the principal
2855
2852
  * authorized to perform this action on the resource?</p>
2853
+ * @public
2856
2854
  */
2857
2855
  action?: ActionIdentifier;
2858
2856
  /**
2859
- * @public
2860
2857
  * <p>Specifies the resource for which the authorization decision is to be made.</p>
2858
+ * @public
2861
2859
  */
2862
2860
  resource?: EntityIdentifier;
2863
2861
  /**
2864
- * @public
2865
2862
  * <p>Specifies additional context that can be used to make more granular authorization
2866
2863
  * decisions.</p>
2864
+ * @public
2867
2865
  */
2868
2866
  context?: ContextDefinition;
2869
2867
  }
2870
2868
  /**
2871
- * @public
2872
2869
  * <p>The decision, based on policy evaluation, from an individual authorization request in
2873
2870
  * a <code>BatchIsAuthorized</code> API request.</p>
2871
+ * @public
2874
2872
  */
2875
2873
  export interface BatchIsAuthorizedOutputItem {
2876
2874
  /**
2877
- * @public
2878
2875
  * <p>The authorization request that initiated the decision.</p>
2876
+ * @public
2879
2877
  */
2880
2878
  request: BatchIsAuthorizedInputItem | undefined;
2881
2879
  /**
2882
- * @public
2883
2880
  * <p>An authorization decision that indicates if the authorization request should be
2884
2881
  * allowed or denied.</p>
2882
+ * @public
2885
2883
  */
2886
2884
  decision: Decision | undefined;
2887
2885
  /**
2888
- * @public
2889
2886
  * <p>The list of determining policies used to make the authorization decision. For example,
2890
2887
  * if there are two matching policies, where one is a forbid and the other is a permit,
2891
2888
  * then the forbid policy will be the determining policy. In the case of multiple matching
2892
2889
  * permit policies then there would be multiple determining policies. In the case that no
2893
2890
  * policies match, and hence the response is DENY, there would be no determining
2894
2891
  * policies.</p>
2892
+ * @public
2895
2893
  */
2896
2894
  determiningPolicies: DeterminingPolicyItem[] | undefined;
2897
2895
  /**
2898
- * @public
2899
2896
  * <p>Errors that occurred while making an authorization decision, for example, a policy
2900
2897
  * references an Entity or entity Attribute that does not exist in the slice.</p>
2898
+ * @public
2901
2899
  */
2902
2900
  errors: EvaluationErrorItem[] | undefined;
2903
2901
  }
2904
2902
  /**
2905
- * @public
2906
2903
  * <p>Contains the list of entities to be considered during an authorization request. This
2907
2904
  * includes all principals, resources, and actions required to successfully evaluate the
2908
2905
  * request.</p>
2909
2906
  * <p>This data type is used as a field in the response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>
2910
2907
  * and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a> operations.</p>
2908
+ * @public
2911
2909
  */
2912
2910
  export type EntitiesDefinition = EntitiesDefinition.EntityListMember | EntitiesDefinition.$UnknownMember;
2913
2911
  /**
@@ -2915,10 +2913,10 @@ export type EntitiesDefinition = EntitiesDefinition.EntityListMember | EntitiesD
2915
2913
  */
2916
2914
  export declare namespace EntitiesDefinition {
2917
2915
  /**
2918
- * @public
2919
2916
  * <p>An array of entities that are needed to successfully evaluate an authorization
2920
2917
  * request. Each entity in this array must include an identifier for the entity, the
2921
2918
  * attributes of the entity, and a list of any parent entities.</p>
2919
+ * @public
2922
2920
  */
2923
2921
  interface EntityListMember {
2924
2922
  entityList: EntityItem[];
@@ -2942,9 +2940,9 @@ export declare namespace EntitiesDefinition {
2942
2940
  */
2943
2941
  export interface BatchIsAuthorizedOutput {
2944
2942
  /**
2945
- * @public
2946
2943
  * <p>A series of <code>Allow</code> or <code>Deny</code> decisions for each request, and
2947
2944
  * the policies that produced them.</p>
2945
+ * @public
2948
2946
  */
2949
2947
  results: BatchIsAuthorizedOutputItem[] | undefined;
2950
2948
  }
@@ -2953,41 +2951,41 @@ export interface BatchIsAuthorizedOutput {
2953
2951
  */
2954
2952
  export interface IsAuthorizedInput {
2955
2953
  /**
2956
- * @public
2957
2954
  * <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an
2958
2955
  * authorization decision for the input.</p>
2956
+ * @public
2959
2957
  */
2960
2958
  policyStoreId: string | undefined;
2961
2959
  /**
2962
- * @public
2963
2960
  * <p>Specifies the principal for which the authorization decision is to be made.</p>
2961
+ * @public
2964
2962
  */
2965
2963
  principal?: EntityIdentifier;
2966
2964
  /**
2967
- * @public
2968
2965
  * <p>Specifies the requested action to be authorized. For example, is the principal
2969
2966
  * authorized to perform this action on the resource?</p>
2967
+ * @public
2970
2968
  */
2971
2969
  action?: ActionIdentifier;
2972
2970
  /**
2973
- * @public
2974
2971
  * <p>Specifies the resource for which the authorization decision is to be made.</p>
2972
+ * @public
2975
2973
  */
2976
2974
  resource?: EntityIdentifier;
2977
2975
  /**
2978
- * @public
2979
2976
  * <p>Specifies additional context that can be used to make more granular authorization
2980
2977
  * decisions.</p>
2978
+ * @public
2981
2979
  */
2982
2980
  context?: ContextDefinition;
2983
2981
  /**
2984
- * @public
2985
2982
  * <p>Specifies the list of resources and principals and their associated attributes that
2986
2983
  * Verified Permissions can examine when evaluating the policies. </p>
2987
2984
  * <note>
2988
2985
  * <p>You can include only principal and resource entities in this parameter; you can't
2989
2986
  * include actions. You must specify actions in the schema.</p>
2990
2987
  * </note>
2988
+ * @public
2991
2989
  */
2992
2990
  entities?: EntitiesDefinition;
2993
2991
  }
@@ -2996,51 +2994,50 @@ export interface IsAuthorizedInput {
2996
2994
  */
2997
2995
  export interface IsAuthorizedWithTokenInput {
2998
2996
  /**
2999
- * @public
3000
2997
  * <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an
3001
2998
  * authorization decision for the input.</p>
2999
+ * @public
3002
3000
  */
3003
3001
  policyStoreId: string | undefined;
3004
3002
  /**
3005
- * @public
3006
3003
  * <p>Specifies an identity token for the principal to be authorized. This token is provided
3007
3004
  * to you by the identity provider (IdP) associated with the specified identity source. You must
3008
3005
  * specify either an <code>accessToken</code>, an <code>identityToken</code>, or
3009
3006
  * both.</p>
3010
3007
  * <p>Must be an ID token. Verified Permissions returns an error if the <code>token_use</code> claim in the
3011
3008
  * submitted token isn't <code>id</code>.</p>
3009
+ * @public
3012
3010
  */
3013
3011
  identityToken?: string;
3014
3012
  /**
3015
- * @public
3016
3013
  * <p>Specifies an access token for the principal to be authorized. This token is provided
3017
3014
  * to you by the identity provider (IdP) associated with the specified identity source. You must
3018
3015
  * specify either an <code>accessToken</code>, an <code>identityToken</code>, or
3019
3016
  * both.</p>
3020
3017
  * <p>Must be an access token. Verified Permissions returns an error if the <code>token_use</code> claim in
3021
3018
  * the submitted token isn't <code>access</code>.</p>
3019
+ * @public
3022
3020
  */
3023
3021
  accessToken?: string;
3024
3022
  /**
3025
- * @public
3026
3023
  * <p>Specifies the requested action to be authorized. Is the specified principal authorized
3027
3024
  * to perform this action on the specified resource.</p>
3025
+ * @public
3028
3026
  */
3029
3027
  action?: ActionIdentifier;
3030
3028
  /**
3031
- * @public
3032
3029
  * <p>Specifies the resource for which the authorization decision is made. For example, is
3033
3030
  * the principal allowed to perform the action on the resource?</p>
3031
+ * @public
3034
3032
  */
3035
3033
  resource?: EntityIdentifier;
3036
3034
  /**
3037
- * @public
3038
3035
  * <p>Specifies additional context that can be used to make more granular authorization
3039
3036
  * decisions.</p>
3037
+ * @public
3040
3038
  */
3041
3039
  context?: ContextDefinition;
3042
3040
  /**
3043
- * @public
3044
3041
  * <p>Specifies the list of resources and their associated attributes that Verified Permissions can examine
3045
3042
  * when evaluating the policies. </p>
3046
3043
  * <note>
@@ -3061,6 +3058,7 @@ export interface IsAuthorizedWithTokenInput {
3061
3058
  * </li>
3062
3059
  * </ul>
3063
3060
  * </note>
3061
+ * @public
3064
3062
  */
3065
3063
  entities?: EntitiesDefinition;
3066
3064
  }
@@ -3069,24 +3067,24 @@ export interface IsAuthorizedWithTokenInput {
3069
3067
  */
3070
3068
  export interface BatchIsAuthorizedInput {
3071
3069
  /**
3072
- * @public
3073
3070
  * <p>Specifies the ID of the policy store. Policies in this policy store will be used to make the
3074
3071
  * authorization decisions for the input.</p>
3072
+ * @public
3075
3073
  */
3076
3074
  policyStoreId: string | undefined;
3077
3075
  /**
3078
- * @public
3079
3076
  * <p>Specifies the list of resources and principals and their associated attributes that
3080
3077
  * Verified Permissions can examine when evaluating the policies. </p>
3081
3078
  * <note>
3082
3079
  * <p>You can include only principal and resource entities in this parameter; you can't
3083
3080
  * include actions. You must specify actions in the schema.</p>
3084
3081
  * </note>
3082
+ * @public
3085
3083
  */
3086
3084
  entities?: EntitiesDefinition;
3087
3085
  /**
3088
- * @public
3089
3086
  * <p>An array of up to 30 requests that you want Verified Permissions to evaluate.</p>
3087
+ * @public
3090
3088
  */
3091
3089
  requests: BatchIsAuthorizedInputItem[] | undefined;
3092
3090
  }