@aws-sdk/client-verifiedpermissions 3.533.0 → 3.536.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/dist-types/VerifiedPermissions.d.ts +2 -1
  2. package/dist-types/VerifiedPermissionsClient.d.ts +1 -1
  3. package/dist-types/commands/BatchIsAuthorizedCommand.d.ts +2 -1
  4. package/dist-types/commands/CreateIdentitySourceCommand.d.ts +2 -1
  5. package/dist-types/commands/CreatePolicyCommand.d.ts +2 -1
  6. package/dist-types/commands/CreatePolicyStoreCommand.d.ts +2 -1
  7. package/dist-types/commands/CreatePolicyTemplateCommand.d.ts +2 -1
  8. package/dist-types/commands/DeleteIdentitySourceCommand.d.ts +2 -1
  9. package/dist-types/commands/DeletePolicyCommand.d.ts +2 -1
  10. package/dist-types/commands/DeletePolicyStoreCommand.d.ts +2 -1
  11. package/dist-types/commands/DeletePolicyTemplateCommand.d.ts +2 -1
  12. package/dist-types/commands/GetIdentitySourceCommand.d.ts +2 -1
  13. package/dist-types/commands/GetPolicyCommand.d.ts +2 -1
  14. package/dist-types/commands/GetPolicyStoreCommand.d.ts +2 -1
  15. package/dist-types/commands/GetPolicyTemplateCommand.d.ts +2 -1
  16. package/dist-types/commands/GetSchemaCommand.d.ts +2 -1
  17. package/dist-types/commands/IsAuthorizedCommand.d.ts +2 -1
  18. package/dist-types/commands/IsAuthorizedWithTokenCommand.d.ts +2 -1
  19. package/dist-types/commands/ListIdentitySourcesCommand.d.ts +2 -1
  20. package/dist-types/commands/ListPoliciesCommand.d.ts +2 -1
  21. package/dist-types/commands/ListPolicyStoresCommand.d.ts +2 -1
  22. package/dist-types/commands/ListPolicyTemplatesCommand.d.ts +2 -1
  23. package/dist-types/commands/PutSchemaCommand.d.ts +2 -1
  24. package/dist-types/commands/UpdateIdentitySourceCommand.d.ts +2 -1
  25. package/dist-types/commands/UpdatePolicyCommand.d.ts +2 -1
  26. package/dist-types/commands/UpdatePolicyStoreCommand.d.ts +2 -1
  27. package/dist-types/commands/UpdatePolicyTemplateCommand.d.ts +2 -1
  28. package/dist-types/models/models_0.d.ts +334 -334
  29. package/dist-types/ts3.4/VerifiedPermissions.d.ts +1 -0
  30. package/dist-types/ts3.4/commands/BatchIsAuthorizedCommand.d.ts +9 -0
  31. package/dist-types/ts3.4/commands/CreateIdentitySourceCommand.d.ts +9 -0
  32. package/dist-types/ts3.4/commands/CreatePolicyCommand.d.ts +9 -0
  33. package/dist-types/ts3.4/commands/CreatePolicyStoreCommand.d.ts +9 -0
  34. package/dist-types/ts3.4/commands/CreatePolicyTemplateCommand.d.ts +9 -0
  35. package/dist-types/ts3.4/commands/DeleteIdentitySourceCommand.d.ts +9 -0
  36. package/dist-types/ts3.4/commands/DeletePolicyCommand.d.ts +9 -0
  37. package/dist-types/ts3.4/commands/DeletePolicyStoreCommand.d.ts +9 -0
  38. package/dist-types/ts3.4/commands/DeletePolicyTemplateCommand.d.ts +9 -0
  39. package/dist-types/ts3.4/commands/GetIdentitySourceCommand.d.ts +9 -0
  40. package/dist-types/ts3.4/commands/GetPolicyCommand.d.ts +9 -0
  41. package/dist-types/ts3.4/commands/GetPolicyStoreCommand.d.ts +9 -0
  42. package/dist-types/ts3.4/commands/GetPolicyTemplateCommand.d.ts +9 -0
  43. package/dist-types/ts3.4/commands/GetSchemaCommand.d.ts +9 -0
  44. package/dist-types/ts3.4/commands/IsAuthorizedCommand.d.ts +9 -0
  45. package/dist-types/ts3.4/commands/IsAuthorizedWithTokenCommand.d.ts +9 -0
  46. package/dist-types/ts3.4/commands/ListIdentitySourcesCommand.d.ts +9 -0
  47. package/dist-types/ts3.4/commands/ListPoliciesCommand.d.ts +9 -0
  48. package/dist-types/ts3.4/commands/ListPolicyStoresCommand.d.ts +9 -0
  49. package/dist-types/ts3.4/commands/ListPolicyTemplatesCommand.d.ts +9 -0
  50. package/dist-types/ts3.4/commands/PutSchemaCommand.d.ts +9 -0
  51. package/dist-types/ts3.4/commands/UpdateIdentitySourceCommand.d.ts +9 -0
  52. package/dist-types/ts3.4/commands/UpdatePolicyCommand.d.ts +9 -0
  53. package/dist-types/ts3.4/commands/UpdatePolicyStoreCommand.d.ts +9 -0
  54. package/dist-types/ts3.4/commands/UpdatePolicyTemplateCommand.d.ts +9 -0
  55. package/package.json +40 -40
package/dist-types/models/models_0.d.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
2
2
  import { VerifiedPermissionsServiceException as __BaseException } from "./VerifiedPermissionsServiceException";
3
3
  /**
4
- * @public
5
4
  * <p>You don't have sufficient access to perform this action.</p>
5
+ * @public
6
6
  */
7
7
  export declare class AccessDeniedException extends __BaseException {
8
8
  readonly name: "AccessDeniedException";
@@ -13,7 +13,6 @@ export declare class AccessDeniedException extends __BaseException {
13
13
  constructor(opts: __ExceptionOptionType<AccessDeniedException, __BaseException>);
14
14
  }
15
15
  /**
16
- * @public
17
16
  * <p>Contains information about an action for a request for which an authorization decision
18
17
  * is made.</p>
19
18
  * <p>This data type is used as a request parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
@@ -21,21 +20,21 @@ export declare class AccessDeniedException extends __BaseException {
21
20
  * <p>Example: <code>\{ "actionId": "&lt;action name&gt;", "actionType": "Action"
22
21
  * \}</code>
23
22
  * </p>
23
+ * @public
24
24
  */
25
25
  export interface ActionIdentifier {
26
26
  /**
27
- * @public
28
27
  * <p>The type of an action.</p>
28
+ * @public
29
29
  */
30
30
  actionType: string | undefined;
31
31
  /**
32
- * @public
33
32
  * <p>The ID of an action.</p>
33
+ * @public
34
34
  */
35
35
  actionId: string | undefined;
36
36
  }
37
37
  /**
38
- * @public
39
38
  * <p>Contains the identifier of an entity, including its ID and type.</p>
40
39
  * <p>This data type is used as a request parameter for <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a> operation, and as a
41
40
  * response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html">GetPolicy</a>, and
@@ -43,21 +42,22 @@ export interface ActionIdentifier {
43
42
  * <p>Example:
44
43
  * <code>\{"entityId":"<i>string</i>","entityType":"<i>string</i>"\}</code>
45
44
  * </p>
45
+ * @public
46
46
  */
47
47
  export interface EntityIdentifier {
48
48
  /**
49
- * @public
50
49
  * <p>The type of an entity.</p>
51
50
  * <p>Example: <code>"entityType":"<i>typeName</i>"</code>
52
51
  * </p>
52
+ * @public
53
53
  */
54
54
  entityType: string | undefined;
55
55
  /**
56
- * @public
57
56
  * <p>The identifier of an entity.</p>
58
57
  * <p>
59
58
  * <code>"entityId":"<i>identifier</i>"</code>
60
59
  * </p>
60
+ * @public
61
61
  */
62
62
  entityId: string | undefined;
63
63
  }
@@ -74,38 +74,38 @@ export declare const Decision: {
74
74
  */
75
75
  export type Decision = (typeof Decision)[keyof typeof Decision];
76
76
  /**
77
- * @public
78
77
  * <p>Contains information about one of the policies that determined an authorization
79
78
  * decision.</p>
80
79
  * <p>This data type is used as an element in a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
81
80
  * operations.</p>
82
81
  * <p>Example: <code>"determiningPolicies":[\{"policyId":"SPEXAMPLEabcdefg111111"\}]</code>
83
82
  * </p>
83
+ * @public
84
84
  */
85
85
  export interface DeterminingPolicyItem {
86
86
  /**
87
- * @public
88
87
  * <p>The Id of a policy that determined to an authorization decision.</p>
89
88
  * <p>Example: <code>"policyId":"SPEXAMPLEabcdefg111111"</code>
90
89
  * </p>
90
+ * @public
91
91
  */
92
92
  policyId: string | undefined;
93
93
  }
94
94
  /**
95
- * @public
96
95
  * <p>Contains a description of an evaluation error.</p>
97
96
  * <p>This data type is a response parameter of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a> operations.</p>
97
+ * @public
98
98
  */
99
99
  export interface EvaluationErrorItem {
100
100
  /**
101
- * @public
102
101
  * <p>The error description.</p>
102
+ * @public
103
103
  */
104
104
  errorDescription: string | undefined;
105
105
  }
106
106
  /**
107
- * @public
108
107
  * <p>The request failed because of an internal error. Try your request again later</p>
108
+ * @public
109
109
  */
110
110
  export declare class InternalServerException extends __BaseException {
111
111
  readonly name: "InternalServerException";
@@ -132,20 +132,20 @@ export declare const ResourceType: {
132
132
  */
133
133
  export type ResourceType = (typeof ResourceType)[keyof typeof ResourceType];
134
134
  /**
135
- * @public
136
135
  * <p>The request failed because it references a resource that doesn't exist.</p>
136
+ * @public
137
137
  */
138
138
  export declare class ResourceNotFoundException extends __BaseException {
139
139
  readonly name: "ResourceNotFoundException";
140
140
  readonly $fault: "client";
141
141
  /**
142
- * @public
143
142
  * <p>The unique ID of the resource referenced in the failed request.</p>
143
+ * @public
144
144
  */
145
145
  resourceId: string | undefined;
146
146
  /**
147
- * @public
148
147
  * <p>The resource type of the resource referenced in the failed request.</p>
148
+ * @public
149
149
  */
150
150
  resourceType: ResourceType | undefined;
151
151
  /**
@@ -154,8 +154,8 @@ export declare class ResourceNotFoundException extends __BaseException {
154
154
  constructor(opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>);
155
155
  }
156
156
  /**
157
- * @public
158
157
  * <p>The request failed because it exceeded a throttling quota.</p>
158
+ * @public
159
159
  */
160
160
  export declare class ThrottlingException extends __BaseException {
161
161
  readonly name: "ThrottlingException";
@@ -164,13 +164,13 @@ export declare class ThrottlingException extends __BaseException {
164
164
  throttling: boolean;
165
165
  };
166
166
  /**
167
- * @public
168
167
  * <p>The code for the Amazon Web Service that owns the quota.</p>
168
+ * @public
169
169
  */
170
170
  serviceCode?: string;
171
171
  /**
172
- * @public
173
172
  * <p>The quota code recognized by the Amazon Web Services Service Quotas service.</p>
173
+ * @public
174
174
  */
175
175
  quotaCode?: string;
176
176
  /**
@@ -179,23 +179,22 @@ export declare class ThrottlingException extends __BaseException {
179
179
  constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
180
180
  }
181
181
  /**
182
- * @public
183
182
  * <p>Details about a field that failed policy validation.</p>
183
+ * @public
184
184
  */
185
185
  export interface ValidationExceptionField {
186
186
  /**
187
- * @public
188
187
  * <p>The path to the specific element that Verified Permissions found to be not valid.</p>
188
+ * @public
189
189
  */
190
190
  path: string | undefined;
191
191
  /**
192
- * @public
193
192
  * <p>Describes the policy validation error.</p>
193
+ * @public
194
194
  */
195
195
  message: string | undefined;
196
196
  }
197
197
  /**
198
- * @public
199
198
  * <p>The request failed because one or more input parameters don't satisfy their constraint
200
199
  * requirements. The output is provided as a list of fields and a reason for each field that
201
200
  * isn't valid.</p>
@@ -278,13 +277,14 @@ export interface ValidationExceptionField {
278
277
  * period character.</p>
279
278
  * </li>
280
279
  * </ul>
280
+ * @public
281
281
  */
282
282
  export declare class ValidationException extends __BaseException {
283
283
  readonly name: "ValidationException";
284
284
  readonly $fault: "client";
285
285
  /**
286
- * @public
287
286
  * <p>The list of fields that aren't valid.</p>
287
+ * @public
288
288
  */
289
289
  fieldList?: ValidationExceptionField[];
290
290
  /**
@@ -293,7 +293,6 @@ export declare class ValidationException extends __BaseException {
293
293
  constructor(opts: __ExceptionOptionType<ValidationException, __BaseException>);
294
294
  }
295
295
  /**
296
- * @public
297
296
  * <p>The configuration for an identity source that represents a connection to an Amazon Cognito user pool used
298
297
  * as an identity provider for Verified Permissions.</p>
299
298
  * <p>This data type is used as a field that is part of an <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_Configuration.html">Configuration</a> structure that is
@@ -301,28 +300,28 @@ export declare class ValidationException extends __BaseException {
301
300
  * <p>Example:<code>"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
302
301
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}</code>
303
302
  * </p>
303
+ * @public
304
304
  */
305
305
  export interface CognitoUserPoolConfiguration {
306
306
  /**
307
- * @public
308
307
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool that contains the identities to be
309
308
  * authorized.</p>
310
309
  * <p>Example: <code>"UserPoolArn":
311
310
  * "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"</code>
312
311
  * </p>
312
+ * @public
313
313
  */
314
314
  userPoolArn: string | undefined;
315
315
  /**
316
- * @public
317
316
  * <p>The unique application client IDs that are associated with the specified Amazon Cognito user
318
317
  * pool.</p>
319
318
  * <p>Example: <code>"ClientIds": ["&amp;ExampleCogClientId;"]</code>
320
319
  * </p>
320
+ * @public
321
321
  */
322
322
  clientIds?: string[];
323
323
  }
324
324
  /**
325
- * @public
326
325
  * <p>The configuration for an identity source that represents a connection to an Amazon Cognito user pool used
327
326
  * as an identity provider for Verified Permissions.</p>
328
327
  * <p>This data type is used as a field that is part of an <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html">ConfigurationDetail</a> structure that is
@@ -330,37 +329,37 @@ export interface CognitoUserPoolConfiguration {
330
329
  * <p>Example:<code>"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
331
330
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}</code>
332
331
  * </p>
332
+ * @public
333
333
  */
334
334
  export interface CognitoUserPoolConfigurationDetail {
335
335
  /**
336
- * @public
337
336
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool that contains the identities to be
338
337
  * authorized.</p>
339
338
  * <p>Example: <code>"userPoolArn":
340
339
  * "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"</code>
341
340
  * </p>
341
+ * @public
342
342
  */
343
343
  userPoolArn: string | undefined;
344
344
  /**
345
- * @public
346
345
  * <p>The unique application client IDs that are associated with the specified Amazon Cognito user
347
346
  * pool.</p>
348
347
  * <p>Example: <code>"clientIds": ["&amp;ExampleCogClientId;"]</code>
349
348
  * </p>
349
+ * @public
350
350
  */
351
351
  clientIds: string[] | undefined;
352
352
  /**
353
- * @public
354
353
  * <p>The OpenID Connect (OIDC) <code>issuer</code> ID of the Amazon Cognito user pool that contains the identities to be
355
354
  * authorized.</p>
356
355
  * <p>Example: <code>"issuer":
357
356
  * "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"</code>
358
357
  * </p>
358
+ * @public
359
359
  */
360
360
  issuer: string | undefined;
361
361
  }
362
362
  /**
363
- * @public
364
363
  * <p>The configuration for an identity source that represents a connection to an Amazon Cognito user pool used
365
364
  * as an identity provider for Verified Permissions.</p>
366
365
  * <p>This data type is used as a field that is part of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationItem.html">ConfigurationItem</a> structure that is
@@ -368,37 +367,37 @@ export interface CognitoUserPoolConfigurationDetail {
368
367
  * <p>Example:<code>"CognitoUserPoolConfiguration":\{"UserPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","ClientIds":
369
368
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}</code>
370
369
  * </p>
370
+ * @public
371
371
  */
372
372
  export interface CognitoUserPoolConfigurationItem {
373
373
  /**
374
- * @public
375
374
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool that contains the identities to be
376
375
  * authorized.</p>
377
376
  * <p>Example: <code>"userPoolArn":
378
377
  * "arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5"</code>
379
378
  * </p>
379
+ * @public
380
380
  */
381
381
  userPoolArn: string | undefined;
382
382
  /**
383
- * @public
384
383
  * <p>The unique application client IDs that are associated with the specified Amazon Cognito user
385
384
  * pool.</p>
386
385
  * <p>Example: <code>"clientIds": ["&amp;ExampleCogClientId;"]</code>
387
386
  * </p>
387
+ * @public
388
388
  */
389
389
  clientIds: string[] | undefined;
390
390
  /**
391
- * @public
392
391
  * <p>The OpenID Connect (OIDC) <code>issuer</code> ID of the Amazon Cognito user pool that contains the identities to be
393
392
  * authorized.</p>
394
393
  * <p>Example: <code>"issuer":
395
394
  * "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_1a2b3c4d5"</code>
396
395
  * </p>
396
+ * @public
397
397
  */
398
398
  issuer: string | undefined;
399
399
  }
400
400
  /**
401
- * @public
402
401
  * <p>Contains configuration information used when creating a new identity source.</p>
403
402
  * <note>
404
403
  * <p>At this time, the only valid member of this structure is a Amazon Cognito user pool
@@ -408,6 +407,7 @@ export interface CognitoUserPoolConfigurationItem {
408
407
  * </note>
409
408
  * <p>This data type is used as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreateIdentitySource.html">CreateIdentitySource</a>
410
409
  * operation.</p>
410
+ * @public
411
411
  */
412
412
  export type Configuration = Configuration.CognitoUserPoolConfigurationMember | Configuration.$UnknownMember;
413
413
  /**
@@ -415,7 +415,6 @@ export type Configuration = Configuration.CognitoUserPoolConfigurationMember | C
415
415
  */
416
416
  export declare namespace Configuration {
417
417
  /**
418
- * @public
419
418
  * <p>Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of
420
419
  * authenticated identities as entities. It specifies the <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of a Amazon Cognito user pool
421
420
  * and one or more application client IDs.</p>
@@ -423,6 +422,7 @@ export declare namespace Configuration {
423
422
  * <code>"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
424
423
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}</code>
425
424
  * </p>
425
+ * @public
426
426
  */
427
427
  interface CognitoUserPoolConfigurationMember {
428
428
  cognitoUserPoolConfiguration: CognitoUserPoolConfiguration;
@@ -442,10 +442,10 @@ export declare namespace Configuration {
442
442
  const visit: <T>(value: Configuration, visitor: Visitor<T>) => T;
443
443
  }
444
444
  /**
445
- * @public
446
445
  * <p>Contains configuration information about an identity source.</p>
447
446
  * <p>This data type is a response parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html">GetIdentitySource</a>
448
447
  * operation.</p>
448
+ * @public
449
449
  */
450
450
  export type ConfigurationDetail = ConfigurationDetail.CognitoUserPoolConfigurationMember | ConfigurationDetail.$UnknownMember;
451
451
  /**
@@ -453,7 +453,6 @@ export type ConfigurationDetail = ConfigurationDetail.CognitoUserPoolConfigurati
453
453
  */
454
454
  export declare namespace ConfigurationDetail {
455
455
  /**
456
- * @public
457
456
  * <p>Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of
458
457
  * authenticated identities as entities. It specifies the <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of a Amazon Cognito user pool
459
458
  * and one or more application client IDs.</p>
@@ -461,6 +460,7 @@ export declare namespace ConfigurationDetail {
461
460
  * <code>"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
462
461
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}</code>
463
462
  * </p>
463
+ * @public
464
464
  */
465
465
  interface CognitoUserPoolConfigurationMember {
466
466
  cognitoUserPoolConfiguration: CognitoUserPoolConfigurationDetail;
@@ -480,10 +480,10 @@ export declare namespace ConfigurationDetail {
480
480
  const visit: <T>(value: ConfigurationDetail, visitor: Visitor<T>) => T;
481
481
  }
482
482
  /**
483
- * @public
484
483
  * <p>Contains configuration information about an identity source.</p>
485
484
  * <p>This data type is a response parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html">ListIdentitySources</a>
486
485
  * operation.</p>
486
+ * @public
487
487
  */
488
488
  export type ConfigurationItem = ConfigurationItem.CognitoUserPoolConfigurationMember | ConfigurationItem.$UnknownMember;
489
489
  /**
@@ -491,7 +491,6 @@ export type ConfigurationItem = ConfigurationItem.CognitoUserPoolConfigurationMe
491
491
  */
492
492
  export declare namespace ConfigurationItem {
493
493
  /**
494
- * @public
495
494
  * <p>Contains configuration details of a Amazon Cognito user pool that Verified Permissions can use as a source of
496
495
  * authenticated identities as entities. It specifies the <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of a Amazon Cognito user pool
497
496
  * and one or more application client IDs.</p>
@@ -499,6 +498,7 @@ export declare namespace ConfigurationItem {
499
498
  * <code>"configuration":\{"cognitoUserPoolConfiguration":\{"userPoolArn":"arn:aws:cognito-idp:us-east-1:123456789012:userpool/us-east-1_1a2b3c4d5","clientIds":
500
499
  * ["a1b2c3d4e5f6g7h8i9j0kalbmc"]\}\}</code>
501
500
  * </p>
501
+ * @public
502
502
  */
503
503
  interface CognitoUserPoolConfigurationMember {
504
504
  cognitoUserPoolConfiguration: CognitoUserPoolConfigurationItem;
@@ -518,32 +518,32 @@ export declare namespace ConfigurationItem {
518
518
  const visit: <T>(value: ConfigurationItem, visitor: Visitor<T>) => T;
519
519
  }
520
520
  /**
521
- * @public
522
521
  * <p>Contains information about a resource conflict.</p>
522
+ * @public
523
523
  */
524
524
  export interface ResourceConflict {
525
525
  /**
526
- * @public
527
526
  * <p>The unique identifier of the resource involved in a conflict.</p>
527
+ * @public
528
528
  */
529
529
  resourceId: string | undefined;
530
530
  /**
531
- * @public
532
531
  * <p>The type of the resource involved in a conflict.</p>
532
+ * @public
533
533
  */
534
534
  resourceType: ResourceType | undefined;
535
535
  }
536
536
  /**
537
- * @public
538
537
  * <p>The request failed because another request to modify a resource occurred at the
539
538
  * same.</p>
539
+ * @public
540
540
  */
541
541
  export declare class ConflictException extends __BaseException {
542
542
  readonly name: "ConflictException";
543
543
  readonly $fault: "client";
544
544
  /**
545
- * @public
546
545
  * <p>The list of resources referenced with this failed request.</p>
546
+ * @public
547
547
  */
548
548
  resources: ResourceConflict[] | undefined;
549
549
  /**
@@ -556,7 +556,6 @@ export declare class ConflictException extends __BaseException {
556
556
  */
557
557
  export interface CreateIdentitySourceInput {
558
558
  /**
559
- * @public
560
559
  * <p>Specifies a unique, case-sensitive ID that you provide to
561
560
  * ensure the idempotency of the request. This lets you safely retry the request without
562
561
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -571,17 +570,17 @@ export interface CreateIdentitySourceInput {
571
570
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
572
571
  * the next request with the same parameters performs the operation again regardless of
573
572
  * the value of <code>ClientToken</code>.</p>
573
+ * @public
574
574
  */
575
575
  clientToken?: string;
576
576
  /**
577
- * @public
578
577
  * <p>Specifies the ID of the policy store in which you want to store this identity source. Only policies and
579
578
  * requests made using this policy store can reference identities from the identity provider
580
579
  * configured in the new identity source.</p>
580
+ * @public
581
581
  */
582
582
  policyStoreId: string | undefined;
583
583
  /**
584
- * @public
585
584
  * <p>Specifies the details required to communicate with the identity provider (IdP)
586
585
  * associated with this identity source.</p>
587
586
  * <note>
@@ -590,12 +589,13 @@ export interface CreateIdentitySourceInput {
590
589
  * <p>You must specify a <code>UserPoolArn</code>, and optionally, a
591
590
  * <code>ClientId</code>.</p>
592
591
  * </note>
592
+ * @public
593
593
  */
594
594
  configuration: Configuration | undefined;
595
595
  /**
596
- * @public
597
596
  * <p>Specifies the namespace and data type of the principals generated for identities
598
597
  * authenticated by the new identity source.</p>
598
+ * @public
599
599
  */
600
600
  principalEntityType?: string;
601
601
  }
@@ -604,51 +604,51 @@ export interface CreateIdentitySourceInput {
604
604
  */
605
605
  export interface CreateIdentitySourceOutput {
606
606
  /**
607
- * @public
608
607
  * <p>The date and time the identity source was originally created.</p>
608
+ * @public
609
609
  */
610
610
  createdDate: Date | undefined;
611
611
  /**
612
- * @public
613
612
  * <p>The unique ID of the new identity source.</p>
613
+ * @public
614
614
  */
615
615
  identitySourceId: string | undefined;
616
616
  /**
617
- * @public
618
617
  * <p>The date and time the identity source was most recently updated.</p>
618
+ * @public
619
619
  */
620
620
  lastUpdatedDate: Date | undefined;
621
621
  /**
622
- * @public
623
622
  * <p>The ID of the policy store that contains the identity source.</p>
623
+ * @public
624
624
  */
625
625
  policyStoreId: string | undefined;
626
626
  }
627
627
  /**
628
- * @public
629
628
  * <p>The request failed because it would cause a service quota to be exceeded.</p>
629
+ * @public
630
630
  */
631
631
  export declare class ServiceQuotaExceededException extends __BaseException {
632
632
  readonly name: "ServiceQuotaExceededException";
633
633
  readonly $fault: "client";
634
634
  /**
635
- * @public
636
635
  * <p>The unique ID of the resource referenced in the failed request.</p>
636
+ * @public
637
637
  */
638
638
  resourceId?: string;
639
639
  /**
640
- * @public
641
640
  * <p>The resource type of the resource referenced in the failed request.</p>
641
+ * @public
642
642
  */
643
643
  resourceType: ResourceType | undefined;
644
644
  /**
645
- * @public
646
645
  * <p>The code for the Amazon Web Service that owns the quota.</p>
646
+ * @public
647
647
  */
648
648
  serviceCode?: string;
649
649
  /**
650
- * @public
651
650
  * <p>The quota code recognized by the Amazon Web Services Service Quotas service.</p>
651
+ * @public
652
652
  */
653
653
  quotaCode?: string;
654
654
  /**
@@ -657,56 +657,56 @@ export declare class ServiceQuotaExceededException extends __BaseException {
657
657
  constructor(opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>);
658
658
  }
659
659
  /**
660
- * @public
661
660
  * <p>Contains information about a static policy.</p>
662
661
  * <p>This data type is used as a field that is part of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinitionDetail.html">PolicyDefinitionDetail</a>
663
662
  * type.</p>
663
+ * @public
664
664
  */
665
665
  export interface StaticPolicyDefinition {
666
666
  /**
667
- * @public
668
667
  * <p>The description of the static policy.</p>
668
+ * @public
669
669
  */
670
670
  description?: string;
671
671
  /**
672
- * @public
673
672
  * <p>The policy content of the static policy, written in the Cedar policy language.</p>
673
+ * @public
674
674
  */
675
675
  statement: string | undefined;
676
676
  }
677
677
  /**
678
- * @public
679
678
  * <p>Contains information about a policy created by instantiating a policy template.</p>
679
+ * @public
680
680
  */
681
681
  export interface TemplateLinkedPolicyDefinition {
682
682
  /**
683
- * @public
684
683
  * <p>The unique identifier of the policy template used to create this policy.</p>
684
+ * @public
685
685
  */
686
686
  policyTemplateId: string | undefined;
687
687
  /**
688
- * @public
689
688
  * <p>The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the
690
689
  * <code>?principal</code> placeholder in the policy template when it evaluates an authorization
691
690
  * request.</p>
691
+ * @public
692
692
  */
693
693
  principal?: EntityIdentifier;
694
694
  /**
695
- * @public
696
695
  * <p>The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the
697
696
  * <code>?resource</code> placeholder in the policy template when it evaluates an authorization
698
697
  * request.</p>
698
+ * @public
699
699
  */
700
700
  resource?: EntityIdentifier;
701
701
  }
702
702
  /**
703
- * @public
704
703
  * <p>A structure that contains the details for a Cedar policy definition. It includes the
705
704
  * policy type, a description, and a policy body. This is a top level data type used to
706
705
  * create a policy.</p>
707
706
  * <p>This data type is used as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> operation. This
708
707
  * structure must always have either an <code>static</code> or a <code>templateLinked</code>
709
708
  * element.</p>
709
+ * @public
710
710
  */
711
711
  export type PolicyDefinition = PolicyDefinition.StaticMember | PolicyDefinition.TemplateLinkedMember | PolicyDefinition.$UnknownMember;
712
712
  /**
@@ -714,9 +714,9 @@ export type PolicyDefinition = PolicyDefinition.StaticMember | PolicyDefinition.
714
714
  */
715
715
  export declare namespace PolicyDefinition {
716
716
  /**
717
- * @public
718
717
  * <p>A structure that describes a static policy. An static policy doesn't use a template or allow
719
718
  * placeholders for entities.</p>
719
+ * @public
720
720
  */
721
721
  interface StaticMember {
722
722
  static: StaticPolicyDefinition;
@@ -724,11 +724,11 @@ export declare namespace PolicyDefinition {
724
724
  $unknown?: never;
725
725
  }
726
726
  /**
727
- * @public
728
727
  * <p>A structure that describes a policy that was instantiated from a template. The
729
728
  * template can specify placeholders for <code>principal</code> and <code>resource</code>.
730
729
  * When you use <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> to create a policy from a template, you specify the exact
731
730
  * principal and resource to use for the instantiated policy.</p>
731
+ * @public
732
732
  */
733
733
  interface TemplateLinkedMember {
734
734
  static?: never;
@@ -755,7 +755,6 @@ export declare namespace PolicyDefinition {
755
755
  */
756
756
  export interface CreatePolicyInput {
757
757
  /**
758
- * @public
759
758
  * <p>Specifies a unique, case-sensitive ID that you provide to
760
759
  * ensure the idempotency of the request. This lets you safely retry the request without
761
760
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -770,19 +769,20 @@ export interface CreatePolicyInput {
770
769
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
771
770
  * the next request with the same parameters performs the operation again regardless of
772
771
  * the value of <code>ClientToken</code>.</p>
772
+ * @public
773
773
  */
774
774
  clientToken?: string;
775
775
  /**
776
- * @public
777
776
  * <p>Specifies the <code>PolicyStoreId</code> of the policy store you want to store the policy
778
777
  * in.</p>
778
+ * @public
779
779
  */
780
780
  policyStoreId: string | undefined;
781
781
  /**
782
- * @public
783
782
  * <p>A structure that specifies the policy type and content to use for the new policy. You
784
783
  * must include either a static or a templateLinked element. The policy content must be written
785
784
  * in the Cedar policy language.</p>
785
+ * @public
786
786
  */
787
787
  definition: PolicyDefinition | undefined;
788
788
  }
@@ -803,40 +803,40 @@ export type PolicyType = (typeof PolicyType)[keyof typeof PolicyType];
803
803
  */
804
804
  export interface CreatePolicyOutput {
805
805
  /**
806
- * @public
807
806
  * <p>The ID of the policy store that contains the new policy.</p>
807
+ * @public
808
808
  */
809
809
  policyStoreId: string | undefined;
810
810
  /**
811
- * @public
812
811
  * <p>The unique ID of the new policy.</p>
812
+ * @public
813
813
  */
814
814
  policyId: string | undefined;
815
815
  /**
816
- * @public
817
816
  * <p>The policy type of the new policy.</p>
817
+ * @public
818
818
  */
819
819
  policyType: PolicyType | undefined;
820
820
  /**
821
- * @public
822
821
  * <p>The principal specified in the new policy's scope. This response element isn't present
823
822
  * when <code>principal</code> isn't specified in the policy content.</p>
823
+ * @public
824
824
  */
825
825
  principal?: EntityIdentifier;
826
826
  /**
827
- * @public
828
827
  * <p>The resource specified in the new policy's scope. This response element isn't present
829
828
  * when the <code>resource</code> isn't specified in the policy content.</p>
829
+ * @public
830
830
  */
831
831
  resource?: EntityIdentifier;
832
832
  /**
833
- * @public
834
833
  * <p>The date and time the policy was originally created.</p>
834
+ * @public
835
835
  */
836
836
  createdDate: Date | undefined;
837
837
  /**
838
- * @public
839
838
  * <p>The date and time the policy was last updated.</p>
839
+ * @public
840
840
  */
841
841
  lastUpdatedDate: Date | undefined;
842
842
  }
@@ -853,15 +853,14 @@ export declare const ValidationMode: {
853
853
  */
854
854
  export type ValidationMode = (typeof ValidationMode)[keyof typeof ValidationMode];
855
855
  /**
856
- * @public
857
856
  * <p>A structure that contains Cedar policy validation settings for the policy store. The
858
857
  * validation mode determines which validation failures that Cedar considers serious
859
858
  * enough to block acceptance of a new or edited static policy or policy template. </p>
860
859
  * <p>This data type is used as a request parameter in the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicyStore.html">CreatePolicyStore</a> and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore.html">UpdatePolicyStore</a> operations.</p>
860
+ * @public
861
861
  */
862
862
  export interface ValidationSettings {
863
863
  /**
864
- * @public
865
864
  * <p>The validation mode currently configured for this policy store. The valid values are:</p>
866
865
  * <ul>
867
866
  * <li>
@@ -883,6 +882,7 @@ export interface ValidationSettings {
883
882
  * all static policies and policy templates because there is no schema to validate against. </p>
884
883
  * <p>To submit a static policy or policy template without a schema, you must turn off validation.</p>
885
884
  * </important>
885
+ * @public
886
886
  */
887
887
  mode: ValidationMode | undefined;
888
888
  }
@@ -891,7 +891,6 @@ export interface ValidationSettings {
891
891
  */
892
892
  export interface CreatePolicyStoreInput {
893
893
  /**
894
- * @public
895
894
  * <p>Specifies a unique, case-sensitive ID that you provide to
896
895
  * ensure the idempotency of the request. This lets you safely retry the request without
897
896
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -906,10 +905,10 @@ export interface CreatePolicyStoreInput {
906
905
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
907
906
  * the next request with the same parameters performs the operation again regardless of
908
907
  * the value of <code>ClientToken</code>.</p>
908
+ * @public
909
909
  */
910
910
  clientToken?: string;
911
911
  /**
912
- * @public
913
912
  * <p>Specifies the validation setting for this policy store.</p>
914
913
  * <p>Currently, the only valid and required value is <code>Mode</code>.</p>
915
914
  * <important>
@@ -918,12 +917,13 @@ export interface CreatePolicyStoreInput {
918
917
  * to fail validation, and Verified Permissions rejects the policy. You can turn off validation by
919
918
  * using the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore">UpdatePolicyStore</a>. Then, when you have a schema defined, use <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore">UpdatePolicyStore</a> again to turn validation back on.</p>
920
919
  * </important>
920
+ * @public
921
921
  */
922
922
  validationSettings: ValidationSettings | undefined;
923
923
  /**
924
- * @public
925
924
  * <p>Descriptive text that you can provide to help with identification
926
925
  * of the current policy store.</p>
926
+ * @public
927
927
  */
928
928
  description?: string;
929
929
  }
@@ -932,23 +932,23 @@ export interface CreatePolicyStoreInput {
932
932
  */
933
933
  export interface CreatePolicyStoreOutput {
934
934
  /**
935
- * @public
936
935
  * <p>The unique ID of the new policy store.</p>
936
+ * @public
937
937
  */
938
938
  policyStoreId: string | undefined;
939
939
  /**
940
- * @public
941
940
  * <p>The Amazon Resource Name (ARN) of the new policy store.</p>
941
+ * @public
942
942
  */
943
943
  arn: string | undefined;
944
944
  /**
945
- * @public
946
945
  * <p>The date and time the policy store was originally created.</p>
946
+ * @public
947
947
  */
948
948
  createdDate: Date | undefined;
949
949
  /**
950
- * @public
951
950
  * <p>The date and time the policy store was last updated.</p>
951
+ * @public
952
952
  */
953
953
  lastUpdatedDate: Date | undefined;
954
954
  }
@@ -957,7 +957,6 @@ export interface CreatePolicyStoreOutput {
957
957
  */
958
958
  export interface CreatePolicyTemplateInput {
959
959
  /**
960
- * @public
961
960
  * <p>Specifies a unique, case-sensitive ID that you provide to
962
961
  * ensure the idempotency of the request. This lets you safely retry the request without
963
962
  * accidentally performing the same operation a second time. Passing the same value to a
@@ -972,22 +971,23 @@ export interface CreatePolicyTemplateInput {
972
971
  * <p>Verified Permissions recognizes a <code>ClientToken</code> for eight hours. After eight hours,
973
972
  * the next request with the same parameters performs the operation again regardless of
974
973
  * the value of <code>ClientToken</code>.</p>
974
+ * @public
975
975
  */
976
976
  clientToken?: string;
977
977
  /**
978
- * @public
979
978
  * <p>The ID of the policy store in which to create the policy template.</p>
979
+ * @public
980
980
  */
981
981
  policyStoreId: string | undefined;
982
982
  /**
983
- * @public
984
983
  * <p>Specifies a description for the policy template.</p>
984
+ * @public
985
985
  */
986
986
  description?: string;
987
987
  /**
988
- * @public
989
988
  * <p>Specifies the content that you want to use for the new policy template, written in the Cedar
990
989
  * policy language.</p>
990
+ * @public
991
991
  */
992
992
  statement: string | undefined;
993
993
  }
@@ -996,23 +996,23 @@ export interface CreatePolicyTemplateInput {
996
996
  */
997
997
  export interface CreatePolicyTemplateOutput {
998
998
  /**
999
- * @public
1000
999
  * <p>The ID of the policy store that contains the policy template.</p>
1000
+ * @public
1001
1001
  */
1002
1002
  policyStoreId: string | undefined;
1003
1003
  /**
1004
- * @public
1005
1004
  * <p>The unique ID of the new policy template.</p>
1005
+ * @public
1006
1006
  */
1007
1007
  policyTemplateId: string | undefined;
1008
1008
  /**
1009
- * @public
1010
1009
  * <p>The date and time the policy template was originally created.</p>
1010
+ * @public
1011
1011
  */
1012
1012
  createdDate: Date | undefined;
1013
1013
  /**
1014
- * @public
1015
1014
  * <p>The date and time the policy template was most recently updated.</p>
1015
+ * @public
1016
1016
  */
1017
1017
  lastUpdatedDate: Date | undefined;
1018
1018
  }
@@ -1021,13 +1021,13 @@ export interface CreatePolicyTemplateOutput {
1021
1021
  */
1022
1022
  export interface DeleteIdentitySourceInput {
1023
1023
  /**
1024
- * @public
1025
1024
  * <p>Specifies the ID of the policy store that contains the identity source that you want to delete.</p>
1025
+ * @public
1026
1026
  */
1027
1027
  policyStoreId: string | undefined;
1028
1028
  /**
1029
- * @public
1030
1029
  * <p>Specifies the ID of the identity source that you want to delete.</p>
1030
+ * @public
1031
1031
  */
1032
1032
  identitySourceId: string | undefined;
1033
1033
  }
@@ -1041,13 +1041,13 @@ export interface DeleteIdentitySourceOutput {
1041
1041
  */
1042
1042
  export interface DeletePolicyInput {
1043
1043
  /**
1044
- * @public
1045
1044
  * <p>Specifies the ID of the policy store that contains the policy that you want to delete.</p>
1045
+ * @public
1046
1046
  */
1047
1047
  policyStoreId: string | undefined;
1048
1048
  /**
1049
- * @public
1050
1049
  * <p>Specifies the ID of the policy that you want to delete.</p>
1050
+ * @public
1051
1051
  */
1052
1052
  policyId: string | undefined;
1053
1053
  }
@@ -1061,8 +1061,8 @@ export interface DeletePolicyOutput {
1061
1061
  */
1062
1062
  export interface DeletePolicyStoreInput {
1063
1063
  /**
1064
- * @public
1065
1064
  * <p>Specifies the ID of the policy store that you want to delete.</p>
1065
+ * @public
1066
1066
  */
1067
1067
  policyStoreId: string | undefined;
1068
1068
  }
@@ -1076,13 +1076,13 @@ export interface DeletePolicyStoreOutput {
1076
1076
  */
1077
1077
  export interface DeletePolicyTemplateInput {
1078
1078
  /**
1079
- * @public
1080
1079
  * <p>Specifies the ID of the policy store that contains the policy template that you want to delete.</p>
1080
+ * @public
1081
1081
  */
1082
1082
  policyStoreId: string | undefined;
1083
1083
  /**
1084
- * @public
1085
1084
  * <p>Specifies the ID of the policy template that you want to delete.</p>
1085
+ * @public
1086
1086
  */
1087
1087
  policyTemplateId: string | undefined;
1088
1088
  }
@@ -1092,11 +1092,11 @@ export interface DeletePolicyTemplateInput {
1092
1092
  export interface DeletePolicyTemplateOutput {
1093
1093
  }
1094
1094
  /**
1095
- * @public
1096
1095
  * <p>Contains information about a principal or resource that can be referenced in a Cedar
1097
1096
  * policy.</p>
1098
1097
  * <p>This data type is used as part of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyFilter.html">PolicyFilter</a> structure that is
1099
1098
  * used as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a> operation..</p>
1099
+ * @public
1100
1100
  */
1101
1101
  export type EntityReference = EntityReference.IdentifierMember | EntityReference.UnspecifiedMember | EntityReference.$UnknownMember;
1102
1102
  /**
@@ -1104,10 +1104,10 @@ export type EntityReference = EntityReference.IdentifierMember | EntityReference
1104
1104
  */
1105
1105
  export declare namespace EntityReference {
1106
1106
  /**
1107
- * @public
1108
1107
  * <p>Used to indicate that a principal or resource is not specified. This can be used to
1109
1108
  * search for policies that are not associated with a specific principal or
1110
1109
  * resource.</p>
1110
+ * @public
1111
1111
  */
1112
1112
  interface UnspecifiedMember {
1113
1113
  unspecified: boolean;
@@ -1115,9 +1115,9 @@ export declare namespace EntityReference {
1115
1115
  $unknown?: never;
1116
1116
  }
1117
1117
  /**
1118
- * @public
1119
1118
  * <p>The identifier of the entity. It can consist of either an EntityType and EntityId, a
1120
1119
  * principal, or a resource.</p>
1120
+ * @public
1121
1121
  */
1122
1122
  interface IdentifierMember {
1123
1123
  unspecified?: never;
@@ -1144,13 +1144,13 @@ export declare namespace EntityReference {
1144
1144
  */
1145
1145
  export interface GetIdentitySourceInput {
1146
1146
  /**
1147
- * @public
1148
1147
  * <p>Specifies the ID of the policy store that contains the identity source you want information about.</p>
1148
+ * @public
1149
1149
  */
1150
1150
  policyStoreId: string | undefined;
1151
1151
  /**
1152
- * @public
1153
1152
  * <p>Specifies the ID of the identity source you want information about.</p>
1153
+ * @public
1154
1154
  */
1155
1155
  identitySourceId: string | undefined;
1156
1156
  }
@@ -1166,32 +1166,31 @@ export declare const OpenIdIssuer: {
1166
1166
  */
1167
1167
  export type OpenIdIssuer = (typeof OpenIdIssuer)[keyof typeof OpenIdIssuer];
1168
1168
  /**
1169
- * @public
1170
- * @deprecated
1171
- *
1172
1169
  * <p>A structure that contains configuration of the identity source.</p>
1173
1170
  * <p>This data type was a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetIdentitySource.html">GetIdentitySource</a>
1174
1171
  * operation. Replaced by <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationDetail.html">ConfigurationDetail</a>.</p>
1172
+ *
1173
+ * @deprecated This shape has been replaced by ConfigurationDetail
1174
+ * @public
1175
1175
  */
1176
1176
  export interface IdentitySourceDetails {
1177
1177
  /**
1178
- * @public
1179
1178
  * @deprecated
1180
1179
  *
1181
1180
  * <p>The application client IDs associated with the specified Amazon Cognito user pool that are
1182
1181
  * enabled for this identity source.</p>
1182
+ * @public
1183
1183
  */
1184
1184
  clientIds?: string[];
1185
1185
  /**
1186
- * @public
1187
1186
  * @deprecated
1188
1187
  *
1189
1188
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions
1190
1189
  * policy store.</p>
1190
+ * @public
1191
1191
  */
1192
1192
  userPoolArn?: string;
1193
1193
  /**
1194
- * @public
1195
1194
  * @deprecated
1196
1195
  *
1197
1196
  * <p>The well-known URL that points to this user pool's OIDC discovery endpoint. This is a
@@ -1201,14 +1200,15 @@ export interface IdentitySourceDetails {
1201
1200
  * <p>
1202
1201
  * <code>https://cognito-idp.<i>&lt;region&gt;</i>.amazonaws.com/<i>&lt;user-pool-id&gt;</i>/.well-known/openid-configuration</code>
1203
1202
  * </p>
1203
+ * @public
1204
1204
  */
1205
1205
  discoveryUrl?: string;
1206
1206
  /**
1207
- * @public
1208
1207
  * @deprecated
1209
1208
  *
1210
1209
  * <p>A string that identifies the type of OIDC service represented by this identity source. </p>
1211
1210
  * <p>At this time, the only valid value is <code>cognito</code>.</p>
1211
+ * @public
1212
1212
  */
1213
1213
  openIdIssuer?: OpenIdIssuer;
1214
1214
  }
@@ -1217,41 +1217,41 @@ export interface IdentitySourceDetails {
1217
1217
  */
1218
1218
  export interface GetIdentitySourceOutput {
1219
1219
  /**
1220
- * @public
1221
1220
  * <p>The date and time that the identity source was originally created.</p>
1221
+ * @public
1222
1222
  */
1223
1223
  createdDate: Date | undefined;
1224
1224
  /**
1225
- * @public
1226
1225
  * @deprecated
1227
1226
  *
1228
1227
  * <p>A structure that describes the configuration of the identity source.</p>
1228
+ * @public
1229
1229
  */
1230
1230
  details?: IdentitySourceDetails;
1231
1231
  /**
1232
- * @public
1233
1232
  * <p>The ID of the identity source.</p>
1233
+ * @public
1234
1234
  */
1235
1235
  identitySourceId: string | undefined;
1236
1236
  /**
1237
- * @public
1238
1237
  * <p>The date and time that the identity source was most recently updated.</p>
1238
+ * @public
1239
1239
  */
1240
1240
  lastUpdatedDate: Date | undefined;
1241
1241
  /**
1242
- * @public
1243
1242
  * <p>The ID of the policy store that contains the identity source.</p>
1243
+ * @public
1244
1244
  */
1245
1245
  policyStoreId: string | undefined;
1246
1246
  /**
1247
- * @public
1248
1247
  * <p>The data type of principals generated for identities authenticated by this
1249
1248
  * identity source.</p>
1249
+ * @public
1250
1250
  */
1251
1251
  principalEntityType: string | undefined;
1252
1252
  /**
1253
- * @public
1254
1253
  * <p>Contains configuration information about an identity source.</p>
1254
+ * @public
1255
1255
  */
1256
1256
  configuration?: ConfigurationDetail;
1257
1257
  }
@@ -1260,66 +1260,66 @@ export interface GetIdentitySourceOutput {
1260
1260
  */
1261
1261
  export interface GetPolicyInput {
1262
1262
  /**
1263
- * @public
1264
1263
  * <p>Specifies the ID of the policy store that contains the policy that you want information
1265
1264
  * about.</p>
1265
+ * @public
1266
1266
  */
1267
1267
  policyStoreId: string | undefined;
1268
1268
  /**
1269
- * @public
1270
1269
  * <p>Specifies the ID of the policy you want information about.</p>
1270
+ * @public
1271
1271
  */
1272
1272
  policyId: string | undefined;
1273
1273
  }
1274
1274
  /**
1275
- * @public
1276
1275
  * <p>A structure that contains details about a static policy. It includes the description and
1277
1276
  * policy body.</p>
1278
1277
  * <p>This data type is used within a <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html">PolicyDefinition</a> structure as
1279
1278
  * part of a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> operation.</p>
1279
+ * @public
1280
1280
  */
1281
1281
  export interface StaticPolicyDefinitionDetail {
1282
1282
  /**
1283
- * @public
1284
1283
  * <p>A description of the static policy.</p>
1284
+ * @public
1285
1285
  */
1286
1286
  description?: string;
1287
1287
  /**
1288
- * @public
1289
1288
  * <p>The content of the static policy written in the Cedar policy language.</p>
1289
+ * @public
1290
1290
  */
1291
1291
  statement: string | undefined;
1292
1292
  }
1293
1293
  /**
1294
- * @public
1295
1294
  * <p>Contains information about a policy that was created by instantiating a policy template. </p>
1295
+ * @public
1296
1296
  */
1297
1297
  export interface TemplateLinkedPolicyDefinitionDetail {
1298
1298
  /**
1299
- * @public
1300
1299
  * <p>The unique identifier of the policy template used to create this policy.</p>
1300
+ * @public
1301
1301
  */
1302
1302
  policyTemplateId: string | undefined;
1303
1303
  /**
1304
- * @public
1305
1304
  * <p>The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the
1306
1305
  * <code>?principal</code> placeholder in the policy template when it evaluates an authorization
1307
1306
  * request.</p>
1307
+ * @public
1308
1308
  */
1309
1309
  principal?: EntityIdentifier;
1310
1310
  /**
1311
- * @public
1312
1311
  * <p>The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the
1313
1312
  * <code>?resource</code> placeholder in the policy template when it evaluates an authorization
1314
1313
  * request.</p>
1314
+ * @public
1315
1315
  */
1316
1316
  resource?: EntityIdentifier;
1317
1317
  }
1318
1318
  /**
1319
- * @public
1320
1319
  * <p>A structure that describes a policy definition. It must always have either an
1321
1320
  * <code>static</code> or a <code>templateLinked</code> element.</p>
1322
1321
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_GetPolicy.html">GetPolicy</a> operation.</p>
1322
+ * @public
1323
1323
  */
1324
1324
  export type PolicyDefinitionDetail = PolicyDefinitionDetail.StaticMember | PolicyDefinitionDetail.TemplateLinkedMember | PolicyDefinitionDetail.$UnknownMember;
1325
1325
  /**
@@ -1327,8 +1327,8 @@ export type PolicyDefinitionDetail = PolicyDefinitionDetail.StaticMember | Polic
1327
1327
  */
1328
1328
  export declare namespace PolicyDefinitionDetail {
1329
1329
  /**
1330
- * @public
1331
1330
  * <p>Information about a static policy that wasn't created with a policy template.</p>
1331
+ * @public
1332
1332
  */
1333
1333
  interface StaticMember {
1334
1334
  static: StaticPolicyDefinitionDetail;
@@ -1336,8 +1336,8 @@ export declare namespace PolicyDefinitionDetail {
1336
1336
  $unknown?: never;
1337
1337
  }
1338
1338
  /**
1339
- * @public
1340
1339
  * <p>Information about a template-linked policy that was created by instantiating a policy template.</p>
1340
+ * @public
1341
1341
  */
1342
1342
  interface TemplateLinkedMember {
1343
1343
  static?: never;
@@ -1364,45 +1364,45 @@ export declare namespace PolicyDefinitionDetail {
1364
1364
  */
1365
1365
  export interface GetPolicyOutput {
1366
1366
  /**
1367
- * @public
1368
1367
  * <p>The ID of the policy store that contains the policy that you want information about.</p>
1368
+ * @public
1369
1369
  */
1370
1370
  policyStoreId: string | undefined;
1371
1371
  /**
1372
- * @public
1373
1372
  * <p>The unique ID of the policy that you want information about.</p>
1373
+ * @public
1374
1374
  */
1375
1375
  policyId: string | undefined;
1376
1376
  /**
1377
- * @public
1378
1377
  * <p>The type of the policy.</p>
1378
+ * @public
1379
1379
  */
1380
1380
  policyType: PolicyType | undefined;
1381
1381
  /**
1382
- * @public
1383
1382
  * <p>The principal specified in the policy's scope. This element isn't included in the
1384
1383
  * response when <code>Principal</code> isn't present in the policy content.</p>
1384
+ * @public
1385
1385
  */
1386
1386
  principal?: EntityIdentifier;
1387
1387
  /**
1388
- * @public
1389
1388
  * <p>The resource specified in the policy's scope. This element isn't included in the
1390
1389
  * response when <code>Resource</code> isn't present in the policy content.</p>
1390
+ * @public
1391
1391
  */
1392
1392
  resource?: EntityIdentifier;
1393
1393
  /**
1394
- * @public
1395
1394
  * <p>The definition of the requested policy.</p>
1395
+ * @public
1396
1396
  */
1397
1397
  definition: PolicyDefinitionDetail | undefined;
1398
1398
  /**
1399
- * @public
1400
1399
  * <p>The date and time that the policy was originally created.</p>
1400
+ * @public
1401
1401
  */
1402
1402
  createdDate: Date | undefined;
1403
1403
  /**
1404
- * @public
1405
1404
  * <p>The date and time that the policy was last updated.</p>
1405
+ * @public
1406
1406
  */
1407
1407
  lastUpdatedDate: Date | undefined;
1408
1408
  }
@@ -1411,8 +1411,8 @@ export interface GetPolicyOutput {
1411
1411
  */
1412
1412
  export interface GetPolicyStoreInput {
1413
1413
  /**
1414
- * @public
1415
1414
  * <p>Specifies the ID of the policy store that you want information about.</p>
1415
+ * @public
1416
1416
  */
1417
1417
  policyStoreId: string | undefined;
1418
1418
  }
@@ -1421,34 +1421,34 @@ export interface GetPolicyStoreInput {
1421
1421
  */
1422
1422
  export interface GetPolicyStoreOutput {
1423
1423
  /**
1424
- * @public
1425
1424
  * <p>The ID of the policy store;</p>
1425
+ * @public
1426
1426
  */
1427
1427
  policyStoreId: string | undefined;
1428
1428
  /**
1429
- * @public
1430
1429
  * <p>The Amazon Resource Name (ARN) of the policy store.</p>
1430
+ * @public
1431
1431
  */
1432
1432
  arn: string | undefined;
1433
1433
  /**
1434
- * @public
1435
1434
  * <p>The current validation settings for the policy store.</p>
1435
+ * @public
1436
1436
  */
1437
1437
  validationSettings: ValidationSettings | undefined;
1438
1438
  /**
1439
- * @public
1440
1439
  * <p>The date and time that the policy store was originally created.</p>
1440
+ * @public
1441
1441
  */
1442
1442
  createdDate: Date | undefined;
1443
1443
  /**
1444
- * @public
1445
1444
  * <p>The date and time that the policy store was last updated.</p>
1445
+ * @public
1446
1446
  */
1447
1447
  lastUpdatedDate: Date | undefined;
1448
1448
  /**
1449
- * @public
1450
1449
  * <p>Descriptive text that you can provide to help with identification
1451
1450
  * of the current policy store.</p>
1451
+ * @public
1452
1452
  */
1453
1453
  description?: string;
1454
1454
  }
@@ -1457,14 +1457,14 @@ export interface GetPolicyStoreOutput {
1457
1457
  */
1458
1458
  export interface GetPolicyTemplateInput {
1459
1459
  /**
1460
- * @public
1461
1460
  * <p>Specifies the ID of the policy store that contains the policy template that you want information
1462
1461
  * about.</p>
1462
+ * @public
1463
1463
  */
1464
1464
  policyStoreId: string | undefined;
1465
1465
  /**
1466
- * @public
1467
1466
  * <p>Specifies the ID of the policy template that you want information about.</p>
1467
+ * @public
1468
1468
  */
1469
1469
  policyTemplateId: string | undefined;
1470
1470
  }
@@ -1473,33 +1473,33 @@ export interface GetPolicyTemplateInput {
1473
1473
  */
1474
1474
  export interface GetPolicyTemplateOutput {
1475
1475
  /**
1476
- * @public
1477
1476
  * <p>The ID of the policy store that contains the policy template.</p>
1477
+ * @public
1478
1478
  */
1479
1479
  policyStoreId: string | undefined;
1480
1480
  /**
1481
- * @public
1482
1481
  * <p>The ID of the policy template.</p>
1482
+ * @public
1483
1483
  */
1484
1484
  policyTemplateId: string | undefined;
1485
1485
  /**
1486
- * @public
1487
1486
  * <p>The description of the policy template.</p>
1487
+ * @public
1488
1488
  */
1489
1489
  description?: string;
1490
1490
  /**
1491
- * @public
1492
1491
  * <p>The content of the body of the policy template written in the Cedar policy language.</p>
1492
+ * @public
1493
1493
  */
1494
1494
  statement: string | undefined;
1495
1495
  /**
1496
- * @public
1497
1496
  * <p>The date and time that the policy template was originally created.</p>
1497
+ * @public
1498
1498
  */
1499
1499
  createdDate: Date | undefined;
1500
1500
  /**
1501
- * @public
1502
1501
  * <p>The date and time that the policy template was most recently updated.</p>
1502
+ * @public
1503
1503
  */
1504
1504
  lastUpdatedDate: Date | undefined;
1505
1505
  }
@@ -1508,8 +1508,8 @@ export interface GetPolicyTemplateOutput {
1508
1508
  */
1509
1509
  export interface GetSchemaInput {
1510
1510
  /**
1511
- * @public
1512
1511
  * <p>Specifies the ID of the policy store that contains the schema.</p>
1512
+ * @public
1513
1513
  */
1514
1514
  policyStoreId: string | undefined;
1515
1515
  }
@@ -1518,43 +1518,43 @@ export interface GetSchemaInput {
1518
1518
  */
1519
1519
  export interface GetSchemaOutput {
1520
1520
  /**
1521
- * @public
1522
1521
  * <p>The ID of the policy store that contains the schema.</p>
1522
+ * @public
1523
1523
  */
1524
1524
  policyStoreId: string | undefined;
1525
1525
  /**
1526
- * @public
1527
1526
  * <p>The body of the schema, written in Cedar schema JSON.</p>
1527
+ * @public
1528
1528
  */
1529
1529
  schema: string | undefined;
1530
1530
  /**
1531
- * @public
1532
1531
  * <p>The date and time that the schema was originally created.</p>
1532
+ * @public
1533
1533
  */
1534
1534
  createdDate: Date | undefined;
1535
1535
  /**
1536
- * @public
1537
1536
  * <p>The date and time that the schema was most recently updated.</p>
1537
+ * @public
1538
1538
  */
1539
1539
  lastUpdatedDate: Date | undefined;
1540
1540
  /**
1541
- * @public
1542
1541
  * <p>The namespaces of the entities referenced by this schema.</p>
1542
+ * @public
1543
1543
  */
1544
1544
  namespaces?: string[];
1545
1545
  }
1546
1546
  /**
1547
- * @public
1548
1547
  * <p>A structure that defines characteristics of an identity source that you can use to
1549
1548
  * filter.</p>
1550
1549
  * <p>This data type is a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentityStores.html">ListIdentityStores</a>
1551
1550
  * operation.</p>
1551
+ * @public
1552
1552
  */
1553
1553
  export interface IdentitySourceFilter {
1554
1554
  /**
1555
- * @public
1556
1555
  * <p>The Cedar entity type of the principals returned by the identity provider (IdP)
1557
1556
  * associated with this identity source.</p>
1557
+ * @public
1558
1558
  */
1559
1559
  principalEntityType?: string;
1560
1560
  }
@@ -1563,21 +1563,20 @@ export interface IdentitySourceFilter {
1563
1563
  */
1564
1564
  export interface ListIdentitySourcesInput {
1565
1565
  /**
1566
- * @public
1567
1566
  * <p>Specifies the ID of the policy store that contains the identity sources that you want to list.</p>
1567
+ * @public
1568
1568
  */
1569
1569
  policyStoreId: string | undefined;
1570
1570
  /**
1571
- * @public
1572
1571
  * <p>Specifies that you want to receive the next page of results. Valid
1573
1572
  * only if you received a <code>NextToken</code> response in the previous request. If you
1574
1573
  * did, it indicates that more output is available. Set this parameter to the value
1575
1574
  * provided by the previous call's <code>NextToken</code> response to request the
1576
1575
  * next page of results.</p>
1576
+ * @public
1577
1577
  */
1578
1578
  nextToken?: string;
1579
1579
  /**
1580
- * @public
1581
1580
  * <p>Specifies the total number of results that you want included in each
1582
1581
  * response. If additional items exist beyond the number you specify, the
1583
1582
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -1588,41 +1587,41 @@ export interface ListIdentitySourcesInput {
1588
1587
  * results.</p>
1589
1588
  * <p>If you do not specify this parameter, the operation defaults to 10 identity sources per response.
1590
1589
  * You can specify a maximum of 200 identity sources per response.</p>
1590
+ * @public
1591
1591
  */
1592
1592
  maxResults?: number;
1593
1593
  /**
1594
- * @public
1595
1594
  * <p>Specifies characteristics of an identity source that you can use to limit the output to matching
1596
1595
  * identity sources.</p>
1596
+ * @public
1597
1597
  */
1598
1598
  filters?: IdentitySourceFilter[];
1599
1599
  }
1600
1600
  /**
1601
- * @public
1602
- * @deprecated
1603
- *
1604
1601
  * <p>A structure that contains configuration of the identity source.</p>
1605
1602
  * <p>This data type was a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html">ListIdentitySources</a>
1606
1603
  * operation. Replaced by <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ConfigurationItem.html">ConfigurationItem</a>.</p>
1604
+ *
1605
+ * @deprecated This shape has been replaced by ConfigurationItem
1606
+ * @public
1607
1607
  */
1608
1608
  export interface IdentitySourceItemDetails {
1609
1609
  /**
1610
- * @public
1611
1610
  * @deprecated
1612
1611
  *
1613
1612
  * <p>The application client IDs associated with the specified Amazon Cognito user pool that are
1614
1613
  * enabled for this identity source.</p>
1614
+ * @public
1615
1615
  */
1616
1616
  clientIds?: string[];
1617
1617
  /**
1618
- * @public
1619
1618
  * @deprecated
1620
1619
  *
1621
1620
  * <p>The Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.</p>
1621
+ * @public
1622
1622
  */
1623
1623
  userPoolArn?: string;
1624
1624
  /**
1625
- * @public
1626
1625
  * @deprecated
1627
1626
  *
1628
1627
  * <p>The well-known URL that points to this user pool's OIDC discovery endpoint. This is a
@@ -1632,61 +1631,62 @@ export interface IdentitySourceItemDetails {
1632
1631
  * <p>
1633
1632
  * <code>https://cognito-idp.<i>&lt;region&gt;</i>.amazonaws.com/<i>&lt;user-pool-id&gt;</i>/.well-known/openid-configuration</code>
1634
1633
  * </p>
1634
+ * @public
1635
1635
  */
1636
1636
  discoveryUrl?: string;
1637
1637
  /**
1638
- * @public
1639
1638
  * @deprecated
1640
1639
  *
1641
1640
  * <p>A string that identifies the type of OIDC service represented by this identity source. </p>
1642
1641
  * <p>At this time, the only valid value is <code>cognito</code>.</p>
1642
+ * @public
1643
1643
  */
1644
1644
  openIdIssuer?: OpenIdIssuer;
1645
1645
  }
1646
1646
  /**
1647
- * @public
1648
1647
  * <p>A structure that defines an identity source.</p>
1649
1648
  * <p>This data type is a response parameter to the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListIdentitySources.html">ListIdentitySources</a>
1650
1649
  * operation.</p>
1650
+ * @public
1651
1651
  */
1652
1652
  export interface IdentitySourceItem {
1653
1653
  /**
1654
- * @public
1655
1654
  * <p>The date and time the identity source was originally created.</p>
1655
+ * @public
1656
1656
  */
1657
1657
  createdDate: Date | undefined;
1658
1658
  /**
1659
- * @public
1660
1659
  * @deprecated
1661
1660
  *
1662
1661
  * <p>A structure that contains the details of the associated identity provider
1663
1662
  * (IdP).</p>
1663
+ * @public
1664
1664
  */
1665
1665
  details?: IdentitySourceItemDetails;
1666
1666
  /**
1667
- * @public
1668
1667
  * <p>The unique identifier of the identity source.</p>
1668
+ * @public
1669
1669
  */
1670
1670
  identitySourceId: string | undefined;
1671
1671
  /**
1672
- * @public
1673
1672
  * <p>The date and time the identity source was most recently updated.</p>
1673
+ * @public
1674
1674
  */
1675
1675
  lastUpdatedDate: Date | undefined;
1676
1676
  /**
1677
- * @public
1678
1677
  * <p>The identifier of the policy store that contains the identity source.</p>
1678
+ * @public
1679
1679
  */
1680
1680
  policyStoreId: string | undefined;
1681
1681
  /**
1682
- * @public
1683
1682
  * <p>The Cedar entity type of the principals returned from the IdP associated with this
1684
1683
  * identity source.</p>
1684
+ * @public
1685
1685
  */
1686
1686
  principalEntityType: string | undefined;
1687
1687
  /**
1688
- * @public
1689
1688
  * <p>Contains configuration information about an identity source.</p>
1689
+ * @public
1690
1690
  */
1691
1691
  configuration?: ConfigurationItem;
1692
1692
  }
@@ -1695,39 +1695,38 @@ export interface IdentitySourceItem {
1695
1695
  */
1696
1696
  export interface ListIdentitySourcesOutput {
1697
1697
  /**
1698
- * @public
1699
1698
  * <p>If present, this value indicates that more output is available than
1700
1699
  * is included in the current response. Use this value in the <code>NextToken</code>
1701
1700
  * request parameter in a subsequent call to the operation to get the next part of the
1702
1701
  * output. You should repeat this until the <code>NextToken</code> response element comes
1703
1702
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
1703
+ * @public
1704
1704
  */
1705
1705
  nextToken?: string;
1706
1706
  /**
1707
- * @public
1708
1707
  * <p>The list of identity sources stored in the specified policy store.</p>
1708
+ * @public
1709
1709
  */
1710
1710
  identitySources: IdentitySourceItem[] | undefined;
1711
1711
  }
1712
1712
  /**
1713
- * @public
1714
1713
  * <p>Contains configuration details of a Amazon Cognito user pool for use with an identity source.</p>
1714
+ * @public
1715
1715
  */
1716
1716
  export interface UpdateCognitoUserPoolConfiguration {
1717
1717
  /**
1718
- * @public
1719
1718
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the Amazon Cognito user pool associated with this identity source.</p>
1719
+ * @public
1720
1720
  */
1721
1721
  userPoolArn: string | undefined;
1722
1722
  /**
1723
- * @public
1724
1723
  * <p>The client ID of an app client that is configured for the specified Amazon Cognito user
1725
1724
  * pool.</p>
1725
+ * @public
1726
1726
  */
1727
1727
  clientIds?: string[];
1728
1728
  }
1729
1729
  /**
1730
- * @public
1731
1730
  * <p>Contains an updated configuration to replace the configuration in an existing
1732
1731
  * identity source.</p>
1733
1732
  * <note>
@@ -1736,6 +1735,7 @@ export interface UpdateCognitoUserPoolConfiguration {
1736
1735
  * <p>You must specify a <code>userPoolArn</code>, and optionally, a
1737
1736
  * <code>ClientId</code>.</p>
1738
1737
  * </note>
1738
+ * @public
1739
1739
  */
1740
1740
  export type UpdateConfiguration = UpdateConfiguration.CognitoUserPoolConfigurationMember | UpdateConfiguration.$UnknownMember;
1741
1741
  /**
@@ -1743,8 +1743,8 @@ export type UpdateConfiguration = UpdateConfiguration.CognitoUserPoolConfigurati
1743
1743
  */
1744
1744
  export declare namespace UpdateConfiguration {
1745
1745
  /**
1746
- * @public
1747
1746
  * <p>Contains configuration details of a Amazon Cognito user pool.</p>
1747
+ * @public
1748
1748
  */
1749
1749
  interface CognitoUserPoolConfigurationMember {
1750
1750
  cognitoUserPoolConfiguration: UpdateCognitoUserPoolConfiguration;
@@ -1768,17 +1768,16 @@ export declare namespace UpdateConfiguration {
1768
1768
  */
1769
1769
  export interface UpdateIdentitySourceInput {
1770
1770
  /**
1771
- * @public
1772
1771
  * <p>Specifies the ID of the policy store that contains the identity source that you want to update.</p>
1772
+ * @public
1773
1773
  */
1774
1774
  policyStoreId: string | undefined;
1775
1775
  /**
1776
- * @public
1777
1776
  * <p>Specifies the ID of the identity source that you want to update.</p>
1777
+ * @public
1778
1778
  */
1779
1779
  identitySourceId: string | undefined;
1780
1780
  /**
1781
- * @public
1782
1781
  * <p>Specifies the details required to communicate with the identity provider (IdP)
1783
1782
  * associated with this identity source.</p>
1784
1783
  * <note>
@@ -1787,12 +1786,13 @@ export interface UpdateIdentitySourceInput {
1787
1786
  * <p>You must specify a <code>userPoolArn</code>, and optionally, a
1788
1787
  * <code>ClientId</code>.</p>
1789
1788
  * </note>
1789
+ * @public
1790
1790
  */
1791
1791
  updateConfiguration: UpdateConfiguration | undefined;
1792
1792
  /**
1793
- * @public
1794
1793
  * <p>Specifies the data type of principals generated for identities authenticated by the
1795
1794
  * identity source.</p>
1795
+ * @public
1796
1796
  */
1797
1797
  principalEntityType?: string;
1798
1798
  }
@@ -1801,23 +1801,23 @@ export interface UpdateIdentitySourceInput {
1801
1801
  */
1802
1802
  export interface UpdateIdentitySourceOutput {
1803
1803
  /**
1804
- * @public
1805
1804
  * <p>The date and time that the updated identity source was originally created.</p>
1805
+ * @public
1806
1806
  */
1807
1807
  createdDate: Date | undefined;
1808
1808
  /**
1809
- * @public
1810
1809
  * <p>The ID of the updated identity source.</p>
1810
+ * @public
1811
1811
  */
1812
1812
  identitySourceId: string | undefined;
1813
1813
  /**
1814
- * @public
1815
1814
  * <p>The date and time that the identity source was most recently updated.</p>
1815
+ * @public
1816
1816
  */
1817
1817
  lastUpdatedDate: Date | undefined;
1818
1818
  /**
1819
- * @public
1820
1819
  * <p>The ID of the policy store that contains the updated identity source.</p>
1820
+ * @public
1821
1821
  */
1822
1822
  policyStoreId: string | undefined;
1823
1823
  }
@@ -1826,25 +1826,25 @@ export interface UpdateIdentitySourceOutput {
1826
1826
  */
1827
1827
  export interface IsAuthorizedOutput {
1828
1828
  /**
1829
- * @public
1830
1829
  * <p>An authorization decision that indicates if the authorization request should be
1831
1830
  * allowed or denied.</p>
1831
+ * @public
1832
1832
  */
1833
1833
  decision: Decision | undefined;
1834
1834
  /**
1835
- * @public
1836
1835
  * <p>The list of determining policies used to make the authorization decision. For example,
1837
1836
  * if there are two matching policies, where one is a forbid and the other is a permit,
1838
1837
  * then the forbid policy will be the determining policy. In the case of multiple matching
1839
1838
  * permit policies then there would be multiple determining policies. In the case that no
1840
1839
  * policies match, and hence the response is DENY, there would be no determining
1841
1840
  * policies.</p>
1841
+ * @public
1842
1842
  */
1843
1843
  determiningPolicies: DeterminingPolicyItem[] | undefined;
1844
1844
  /**
1845
- * @public
1846
1845
  * <p>Errors that occurred while making an authorization decision, for example, a policy
1847
1846
  * references an Entity or entity Attribute that does not exist in the slice.</p>
1847
+ * @public
1848
1848
  */
1849
1849
  errors: EvaluationErrorItem[] | undefined;
1850
1850
  }
@@ -1853,53 +1853,53 @@ export interface IsAuthorizedOutput {
1853
1853
  */
1854
1854
  export interface IsAuthorizedWithTokenOutput {
1855
1855
  /**
1856
- * @public
1857
1856
  * <p>An authorization decision that indicates if the authorization request should be
1858
1857
  * allowed or denied.</p>
1858
+ * @public
1859
1859
  */
1860
1860
  decision: Decision | undefined;
1861
1861
  /**
1862
- * @public
1863
1862
  * <p>The list of determining policies used to make the authorization decision. For example,
1864
1863
  * if there are multiple matching policies, where at least one is a forbid policy, then
1865
1864
  * because forbid always overrides permit the forbid policies are the determining policies.
1866
1865
  * If all matching policies are permit policies, then those policies are the determining
1867
1866
  * policies. When no policies match and the response is the default DENY, there are no
1868
1867
  * determining policies.</p>
1868
+ * @public
1869
1869
  */
1870
1870
  determiningPolicies: DeterminingPolicyItem[] | undefined;
1871
1871
  /**
1872
- * @public
1873
1872
  * <p>Errors that occurred while making an authorization decision. For example, a policy
1874
1873
  * references an entity or entity attribute that does not exist in the slice.</p>
1874
+ * @public
1875
1875
  */
1876
1876
  errors: EvaluationErrorItem[] | undefined;
1877
1877
  }
1878
1878
  /**
1879
- * @public
1880
1879
  * <p>Contains information about a filter to refine policies returned in a query.</p>
1881
1880
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a> operation.</p>
1881
+ * @public
1882
1882
  */
1883
1883
  export interface PolicyFilter {
1884
1884
  /**
1885
- * @public
1886
1885
  * <p>Filters the output to only policies that reference the specified principal.</p>
1886
+ * @public
1887
1887
  */
1888
1888
  principal?: EntityReference;
1889
1889
  /**
1890
- * @public
1891
1890
  * <p>Filters the output to only policies that reference the specified resource.</p>
1891
+ * @public
1892
1892
  */
1893
1893
  resource?: EntityReference;
1894
1894
  /**
1895
- * @public
1896
1895
  * <p>Filters the output to only policies of the specified type.</p>
1896
+ * @public
1897
1897
  */
1898
1898
  policyType?: PolicyType;
1899
1899
  /**
1900
- * @public
1901
1900
  * <p>Filters the output to only template-linked policies that were instantiated from the specified
1902
1901
  * policy template.</p>
1902
+ * @public
1903
1903
  */
1904
1904
  policyTemplateId?: string;
1905
1905
  }
@@ -1908,21 +1908,20 @@ export interface PolicyFilter {
1908
1908
  */
1909
1909
  export interface ListPoliciesInput {
1910
1910
  /**
1911
- * @public
1912
1911
  * <p>Specifies the ID of the policy store you want to list policies from.</p>
1912
+ * @public
1913
1913
  */
1914
1914
  policyStoreId: string | undefined;
1915
1915
  /**
1916
- * @public
1917
1916
  * <p>Specifies that you want to receive the next page of results. Valid
1918
1917
  * only if you received a <code>NextToken</code> response in the previous request. If you
1919
1918
  * did, it indicates that more output is available. Set this parameter to the value
1920
1919
  * provided by the previous call's <code>NextToken</code> response to request the
1921
1920
  * next page of results.</p>
1921
+ * @public
1922
1922
  */
1923
1923
  nextToken?: string;
1924
1924
  /**
1925
- * @public
1926
1925
  * <p>Specifies the total number of results that you want included in each
1927
1926
  * response. If additional items exist beyond the number you specify, the
1928
1927
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -1933,63 +1932,64 @@ export interface ListPoliciesInput {
1933
1932
  * results.</p>
1934
1933
  * <p>If you do not specify this parameter, the operation defaults to 10 policies per
1935
1934
  * response. You can specify a maximum of 50 policies per response.</p>
1935
+ * @public
1936
1936
  */
1937
1937
  maxResults?: number;
1938
1938
  /**
1939
- * @public
1940
1939
  * <p>Specifies a filter that limits the response to only policies that match the specified
1941
1940
  * criteria. For example, you list only the policies that reference a specified
1942
1941
  * principal.</p>
1942
+ * @public
1943
1943
  */
1944
1944
  filter?: PolicyFilter;
1945
1945
  }
1946
1946
  /**
1947
- * @public
1948
1947
  * <p>A structure that contains details about a static policy. It includes the description and
1949
1948
  * policy statement.</p>
1950
1949
  * <p>This data type is used within a <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinition.html">PolicyDefinition</a> structure as
1951
1950
  * part of a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> operation.</p>
1951
+ * @public
1952
1952
  */
1953
1953
  export interface StaticPolicyDefinitionItem {
1954
1954
  /**
1955
- * @public
1956
1955
  * <p>A description of the static policy.</p>
1956
+ * @public
1957
1957
  */
1958
1958
  description?: string;
1959
1959
  }
1960
1960
  /**
1961
- * @public
1962
1961
  * <p>Contains information about a policy created by instantiating a policy template. </p>
1963
1962
  * <p>This </p>
1963
+ * @public
1964
1964
  */
1965
1965
  export interface TemplateLinkedPolicyDefinitionItem {
1966
1966
  /**
1967
- * @public
1968
1967
  * <p>The unique identifier of the policy template used to create this policy.</p>
1968
+ * @public
1969
1969
  */
1970
1970
  policyTemplateId: string | undefined;
1971
1971
  /**
1972
- * @public
1973
1972
  * <p>The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the
1974
1973
  * <code>?principal</code> placeholder in the policy template when it evaluates an authorization
1975
1974
  * request.</p>
1975
+ * @public
1976
1976
  */
1977
1977
  principal?: EntityIdentifier;
1978
1978
  /**
1979
- * @public
1980
1979
  * <p>The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the
1981
1980
  * <code>?resource</code> placeholder in the policy template when it evaluates an authorization
1982
1981
  * request.</p>
1982
+ * @public
1983
1983
  */
1984
1984
  resource?: EntityIdentifier;
1985
1985
  }
1986
1986
  /**
1987
- * @public
1988
1987
  * <p>A structure that describes a <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_PolicyDefinintion.html">PolicyDefinintion</a>. It will
1989
1988
  * always have either an <code>StaticPolicy</code> or a <code>TemplateLinkedPolicy</code>
1990
1989
  * element.</p>
1991
1990
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html">CreatePolicy</a> and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a>
1992
1991
  * operations. </p>
1992
+ * @public
1993
1993
  */
1994
1994
  export type PolicyDefinitionItem = PolicyDefinitionItem.StaticMember | PolicyDefinitionItem.TemplateLinkedMember | PolicyDefinitionItem.$UnknownMember;
1995
1995
  /**
@@ -1997,8 +1997,8 @@ export type PolicyDefinitionItem = PolicyDefinitionItem.StaticMember | PolicyDef
1997
1997
  */
1998
1998
  export declare namespace PolicyDefinitionItem {
1999
1999
  /**
2000
- * @public
2001
2000
  * <p>Information about a static policy that wasn't created with a policy template.</p>
2001
+ * @public
2002
2002
  */
2003
2003
  interface StaticMember {
2004
2004
  static: StaticPolicyDefinitionItem;
@@ -2006,8 +2006,8 @@ export declare namespace PolicyDefinitionItem {
2006
2006
  $unknown?: never;
2007
2007
  }
2008
2008
  /**
2009
- * @public
2010
2009
  * <p>Information about a template-linked policy that was created by instantiating a policy template.</p>
2010
+ * @public
2011
2011
  */
2012
2012
  interface TemplateLinkedMember {
2013
2013
  static?: never;
@@ -2030,24 +2030,23 @@ export declare namespace PolicyDefinitionItem {
2030
2030
  const visit: <T>(value: PolicyDefinitionItem, visitor: Visitor<T>) => T;
2031
2031
  }
2032
2032
  /**
2033
- * @public
2034
2033
  * <p>Contains information about a policy.</p>
2035
2034
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a> operation.</p>
2035
+ * @public
2036
2036
  */
2037
2037
  export interface PolicyItem {
2038
2038
  /**
2039
- * @public
2040
2039
  * <p>The identifier of the PolicyStore where the policy you want information about is
2041
2040
  * stored.</p>
2041
+ * @public
2042
2042
  */
2043
2043
  policyStoreId: string | undefined;
2044
2044
  /**
2045
- * @public
2046
2045
  * <p>The identifier of the policy you want information about.</p>
2046
+ * @public
2047
2047
  */
2048
2048
  policyId: string | undefined;
2049
2049
  /**
2050
- * @public
2051
2050
  * <p>The type of the policy. This is one of the following values:</p>
2052
2051
  * <ul>
2053
2052
  * <li>
@@ -2061,31 +2060,32 @@ export interface PolicyItem {
2061
2060
  * </p>
2062
2061
  * </li>
2063
2062
  * </ul>
2063
+ * @public
2064
2064
  */
2065
2065
  policyType: PolicyType | undefined;
2066
2066
  /**
2067
- * @public
2068
2067
  * <p>The principal associated with the policy.</p>
2068
+ * @public
2069
2069
  */
2070
2070
  principal?: EntityIdentifier;
2071
2071
  /**
2072
- * @public
2073
2072
  * <p>The resource associated with the policy.</p>
2073
+ * @public
2074
2074
  */
2075
2075
  resource?: EntityIdentifier;
2076
2076
  /**
2077
- * @public
2078
2077
  * <p>The policy definition of an item in the list of policies returned.</p>
2078
+ * @public
2079
2079
  */
2080
2080
  definition: PolicyDefinitionItem | undefined;
2081
2081
  /**
2082
- * @public
2083
2082
  * <p>The date and time the policy was created.</p>
2083
+ * @public
2084
2084
  */
2085
2085
  createdDate: Date | undefined;
2086
2086
  /**
2087
- * @public
2088
2087
  * <p>The date and time the policy was most recently updated.</p>
2088
+ * @public
2089
2089
  */
2090
2090
  lastUpdatedDate: Date | undefined;
2091
2091
  }
@@ -2094,17 +2094,17 @@ export interface PolicyItem {
2094
2094
  */
2095
2095
  export interface ListPoliciesOutput {
2096
2096
  /**
2097
- * @public
2098
2097
  * <p>If present, this value indicates that more output is available than
2099
2098
  * is included in the current response. Use this value in the <code>NextToken</code>
2100
2099
  * request parameter in a subsequent call to the operation to get the next part of the
2101
2100
  * output. You should repeat this until the <code>NextToken</code> response element comes
2102
2101
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
2102
+ * @public
2103
2103
  */
2104
2104
  nextToken?: string;
2105
2105
  /**
2106
- * @public
2107
2106
  * <p>Lists all policies that are available in the specified policy store.</p>
2107
+ * @public
2108
2108
  */
2109
2109
  policies: PolicyItem[] | undefined;
2110
2110
  }
@@ -2113,16 +2113,15 @@ export interface ListPoliciesOutput {
2113
2113
  */
2114
2114
  export interface ListPolicyStoresInput {
2115
2115
  /**
2116
- * @public
2117
2116
  * <p>Specifies that you want to receive the next page of results. Valid
2118
2117
  * only if you received a <code>NextToken</code> response in the previous request. If you
2119
2118
  * did, it indicates that more output is available. Set this parameter to the value
2120
2119
  * provided by the previous call's <code>NextToken</code> response to request the
2121
2120
  * next page of results.</p>
2121
+ * @public
2122
2122
  */
2123
2123
  nextToken?: string;
2124
2124
  /**
2125
- * @public
2126
2125
  * <p>Specifies the total number of results that you want included in each
2127
2126
  * response. If additional items exist beyond the number you specify, the
2128
2127
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -2133,40 +2132,41 @@ export interface ListPolicyStoresInput {
2133
2132
  * results.</p>
2134
2133
  * <p>If you do not specify this parameter, the operation defaults to 10 policy stores per response.
2135
2134
  * You can specify a maximum of 50 policy stores per response.</p>
2135
+ * @public
2136
2136
  */
2137
2137
  maxResults?: number;
2138
2138
  }
2139
2139
  /**
2140
- * @public
2141
2140
  * <p>Contains information about a policy store.</p>
2142
2141
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html">ListPolicyStores</a>
2143
2142
  * operation.</p>
2143
+ * @public
2144
2144
  */
2145
2145
  export interface PolicyStoreItem {
2146
2146
  /**
2147
- * @public
2148
2147
  * <p>The unique identifier of the policy store.</p>
2148
+ * @public
2149
2149
  */
2150
2150
  policyStoreId: string | undefined;
2151
2151
  /**
2152
- * @public
2153
2152
  * <p>The Amazon Resource Name (ARN) of the policy store.</p>
2153
+ * @public
2154
2154
  */
2155
2155
  arn: string | undefined;
2156
2156
  /**
2157
- * @public
2158
2157
  * <p>The date and time the policy was created.</p>
2158
+ * @public
2159
2159
  */
2160
2160
  createdDate: Date | undefined;
2161
2161
  /**
2162
- * @public
2163
2162
  * <p>The date and time the policy store was most recently updated.</p>
2163
+ * @public
2164
2164
  */
2165
2165
  lastUpdatedDate?: Date;
2166
2166
  /**
2167
- * @public
2168
2167
  * <p>Descriptive text that you can provide to help with identification
2169
2168
  * of the current policy store.</p>
2169
+ * @public
2170
2170
  */
2171
2171
  description?: string;
2172
2172
  }
@@ -2175,17 +2175,17 @@ export interface PolicyStoreItem {
2175
2175
  */
2176
2176
  export interface ListPolicyStoresOutput {
2177
2177
  /**
2178
- * @public
2179
2178
  * <p>If present, this value indicates that more output is available than
2180
2179
  * is included in the current response. Use this value in the <code>NextToken</code>
2181
2180
  * request parameter in a subsequent call to the operation to get the next part of the
2182
2181
  * output. You should repeat this until the <code>NextToken</code> response element comes
2183
2182
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
2183
+ * @public
2184
2184
  */
2185
2185
  nextToken?: string;
2186
2186
  /**
2187
- * @public
2188
2187
  * <p>The list of policy stores in the account.</p>
2188
+ * @public
2189
2189
  */
2190
2190
  policyStores: PolicyStoreItem[] | undefined;
2191
2191
  }
@@ -2194,21 +2194,20 @@ export interface ListPolicyStoresOutput {
2194
2194
  */
2195
2195
  export interface ListPolicyTemplatesInput {
2196
2196
  /**
2197
- * @public
2198
2197
  * <p>Specifies the ID of the policy store that contains the policy templates you want to list.</p>
2198
+ * @public
2199
2199
  */
2200
2200
  policyStoreId: string | undefined;
2201
2201
  /**
2202
- * @public
2203
2202
  * <p>Specifies that you want to receive the next page of results. Valid
2204
2203
  * only if you received a <code>NextToken</code> response in the previous request. If you
2205
2204
  * did, it indicates that more output is available. Set this parameter to the value
2206
2205
  * provided by the previous call's <code>NextToken</code> response to request the
2207
2206
  * next page of results.</p>
2207
+ * @public
2208
2208
  */
2209
2209
  nextToken?: string;
2210
2210
  /**
2211
- * @public
2212
2211
  * <p>Specifies the total number of results that you want included in each
2213
2212
  * response. If additional items exist beyond the number you specify, the
2214
2213
  * <code>NextToken</code> response element is returned with a value (not null). Include the
@@ -2219,39 +2218,40 @@ export interface ListPolicyTemplatesInput {
2219
2218
  * results.</p>
2220
2219
  * <p>If you do not specify this parameter, the operation defaults to 10 policy templates per response.
2221
2220
  * You can specify a maximum of 50 policy templates per response.</p>
2221
+ * @public
2222
2222
  */
2223
2223
  maxResults?: number;
2224
2224
  }
2225
2225
  /**
2226
- * @public
2227
2226
  * <p>Contains details about a policy template</p>
2228
2227
  * <p>This data type is used as a response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyTemplates.html">ListPolicyTemplates</a>
2229
2228
  * operation.</p>
2229
+ * @public
2230
2230
  */
2231
2231
  export interface PolicyTemplateItem {
2232
2232
  /**
2233
- * @public
2234
2233
  * <p>The unique identifier of the policy store that contains the template.</p>
2234
+ * @public
2235
2235
  */
2236
2236
  policyStoreId: string | undefined;
2237
2237
  /**
2238
- * @public
2239
2238
  * <p>The unique identifier of the policy template.</p>
2239
+ * @public
2240
2240
  */
2241
2241
  policyTemplateId: string | undefined;
2242
2242
  /**
2243
- * @public
2244
2243
  * <p>The description attached to the policy template.</p>
2244
+ * @public
2245
2245
  */
2246
2246
  description?: string;
2247
2247
  /**
2248
- * @public
2249
2248
  * <p>The date and time that the policy template was created.</p>
2249
+ * @public
2250
2250
  */
2251
2251
  createdDate: Date | undefined;
2252
2252
  /**
2253
- * @public
2254
2253
  * <p>The date and time that the policy template was most recently updated.</p>
2254
+ * @public
2255
2255
  */
2256
2256
  lastUpdatedDate: Date | undefined;
2257
2257
  }
@@ -2260,32 +2260,31 @@ export interface PolicyTemplateItem {
2260
2260
  */
2261
2261
  export interface ListPolicyTemplatesOutput {
2262
2262
  /**
2263
- * @public
2264
2263
  * <p>If present, this value indicates that more output is available than
2265
2264
  * is included in the current response. Use this value in the <code>NextToken</code>
2266
2265
  * request parameter in a subsequent call to the operation to get the next part of the
2267
2266
  * output. You should repeat this until the <code>NextToken</code> response element comes
2268
2267
  * back as <code>null</code>. This indicates that this is the last page of results.</p>
2268
+ * @public
2269
2269
  */
2270
2270
  nextToken?: string;
2271
2271
  /**
2272
- * @public
2273
2272
  * <p>The list of the policy templates in the specified policy store.</p>
2273
+ * @public
2274
2274
  */
2275
2275
  policyTemplates: PolicyTemplateItem[] | undefined;
2276
2276
  }
2277
2277
  /**
2278
- * @public
2279
2278
  * <p>Contains information about an update to a static policy.</p>
2279
+ * @public
2280
2280
  */
2281
2281
  export interface UpdateStaticPolicyDefinition {
2282
2282
  /**
2283
- * @public
2284
2283
  * <p>Specifies the description to be added to or replaced on the static policy.</p>
2284
+ * @public
2285
2285
  */
2286
2286
  description?: string;
2287
2287
  /**
2288
- * @public
2289
2288
  * <p>Specifies the Cedar policy language text to be added to or replaced on the static policy.</p>
2290
2289
  * <important>
2291
2290
  * <p>You can change only the following elements from the original content:</p>
@@ -2316,13 +2315,14 @@ export interface UpdateStaticPolicyDefinition {
2316
2315
  * </li>
2317
2316
  * </ul>
2318
2317
  * </important>
2318
+ * @public
2319
2319
  */
2320
2320
  statement: string | undefined;
2321
2321
  }
2322
2322
  /**
2323
- * @public
2324
2323
  * <p>Contains information about updates to be applied to a policy.</p>
2325
2324
  * <p>This data type is used as a request parameter in the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicy.html">UpdatePolicy</a> operation.</p>
2325
+ * @public
2326
2326
  */
2327
2327
  export type UpdatePolicyDefinition = UpdatePolicyDefinition.StaticMember | UpdatePolicyDefinition.$UnknownMember;
2328
2328
  /**
@@ -2330,8 +2330,8 @@ export type UpdatePolicyDefinition = UpdatePolicyDefinition.StaticMember | Updat
2330
2330
  */
2331
2331
  export declare namespace UpdatePolicyDefinition {
2332
2332
  /**
2333
- * @public
2334
2333
  * <p>Contains details about the updates to be applied to a static policy.</p>
2334
+ * @public
2335
2335
  */
2336
2336
  interface StaticMember {
2337
2337
  static: UpdateStaticPolicyDefinition;
@@ -2355,18 +2355,17 @@ export declare namespace UpdatePolicyDefinition {
2355
2355
  */
2356
2356
  export interface UpdatePolicyInput {
2357
2357
  /**
2358
- * @public
2359
2358
  * <p>Specifies the ID of the policy store that contains the policy that you want to update.</p>
2359
+ * @public
2360
2360
  */
2361
2361
  policyStoreId: string | undefined;
2362
2362
  /**
2363
- * @public
2364
2363
  * <p>Specifies the ID of the policy that you want to update. To find this value, you can
2365
2364
  * use <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicies.html">ListPolicies</a>.</p>
2365
+ * @public
2366
2366
  */
2367
2367
  policyId: string | undefined;
2368
2368
  /**
2369
- * @public
2370
2369
  * <p>Specifies the updated policy content that you want to replace on the specified policy.
2371
2370
  * The content must be valid Cedar policy language text.</p>
2372
2371
  * <p>You can change only the following elements from the policy definition:</p>
@@ -2395,6 +2394,7 @@ export interface UpdatePolicyInput {
2395
2394
  * <p>The <code>resource</code> referenced by the policy.</p>
2396
2395
  * </li>
2397
2396
  * </ul>
2397
+ * @public
2398
2398
  */
2399
2399
  definition: UpdatePolicyDefinition | undefined;
2400
2400
  }
@@ -2403,40 +2403,40 @@ export interface UpdatePolicyInput {
2403
2403
  */
2404
2404
  export interface UpdatePolicyOutput {
2405
2405
  /**
2406
- * @public
2407
2406
  * <p>The ID of the policy store that contains the policy that was updated.</p>
2407
+ * @public
2408
2408
  */
2409
2409
  policyStoreId: string | undefined;
2410
2410
  /**
2411
- * @public
2412
2411
  * <p>The ID of the policy that was updated.</p>
2412
+ * @public
2413
2413
  */
2414
2414
  policyId: string | undefined;
2415
2415
  /**
2416
- * @public
2417
2416
  * <p>The type of the policy that was updated.</p>
2417
+ * @public
2418
2418
  */
2419
2419
  policyType: PolicyType | undefined;
2420
2420
  /**
2421
- * @public
2422
2421
  * <p>The principal specified in the policy's scope. This element isn't included in the
2423
2422
  * response when <code>Principal</code> isn't present in the policy content.</p>
2423
+ * @public
2424
2424
  */
2425
2425
  principal?: EntityIdentifier;
2426
2426
  /**
2427
- * @public
2428
2427
  * <p>The resource specified in the policy's scope. This element isn't included in the
2429
2428
  * response when <code>Resource</code> isn't present in the policy content.</p>
2429
+ * @public
2430
2430
  */
2431
2431
  resource?: EntityIdentifier;
2432
2432
  /**
2433
- * @public
2434
2433
  * <p>The date and time that the policy was originally created.</p>
2434
+ * @public
2435
2435
  */
2436
2436
  createdDate: Date | undefined;
2437
2437
  /**
2438
- * @public
2439
2438
  * <p>The date and time that the policy was most recently updated.</p>
2439
+ * @public
2440
2440
  */
2441
2441
  lastUpdatedDate: Date | undefined;
2442
2442
  }
@@ -2445,22 +2445,21 @@ export interface UpdatePolicyOutput {
2445
2445
  */
2446
2446
  export interface UpdatePolicyTemplateInput {
2447
2447
  /**
2448
- * @public
2449
2448
  * <p>Specifies the ID of the policy store that contains the policy template that you want to update.</p>
2449
+ * @public
2450
2450
  */
2451
2451
  policyStoreId: string | undefined;
2452
2452
  /**
2453
- * @public
2454
2453
  * <p>Specifies the ID of the policy template that you want to update.</p>
2454
+ * @public
2455
2455
  */
2456
2456
  policyTemplateId: string | undefined;
2457
2457
  /**
2458
- * @public
2459
2458
  * <p>Specifies a new description to apply to the policy template.</p>
2459
+ * @public
2460
2460
  */
2461
2461
  description?: string;
2462
2462
  /**
2463
- * @public
2464
2463
  * <p>Specifies new statement content written in Cedar policy language to replace the
2465
2464
  * current body of the policy template.</p>
2466
2465
  * <p>You can change only the following elements of the policy body:</p>
@@ -2485,6 +2484,7 @@ export interface UpdatePolicyTemplateInput {
2485
2484
  * <p>The <code>resource</code> referenced by the policy template.</p>
2486
2485
  * </li>
2487
2486
  * </ul>
2487
+ * @public
2488
2488
  */
2489
2489
  statement: string | undefined;
2490
2490
  }
@@ -2493,32 +2493,32 @@ export interface UpdatePolicyTemplateInput {
2493
2493
  */
2494
2494
  export interface UpdatePolicyTemplateOutput {
2495
2495
  /**
2496
- * @public
2497
2496
  * <p>The ID of the policy store that contains the updated policy template.</p>
2497
+ * @public
2498
2498
  */
2499
2499
  policyStoreId: string | undefined;
2500
2500
  /**
2501
- * @public
2502
2501
  * <p>The ID of the updated policy template.</p>
2502
+ * @public
2503
2503
  */
2504
2504
  policyTemplateId: string | undefined;
2505
2505
  /**
2506
- * @public
2507
2506
  * <p>The date and time that the policy template was originally created.</p>
2507
+ * @public
2508
2508
  */
2509
2509
  createdDate: Date | undefined;
2510
2510
  /**
2511
- * @public
2512
2511
  * <p>The date and time that the policy template was most recently updated.</p>
2512
+ * @public
2513
2513
  */
2514
2514
  lastUpdatedDate: Date | undefined;
2515
2515
  }
2516
2516
  /**
2517
- * @public
2518
2517
  * <p>Contains a list of principal types, resource types, and actions that can be specified
2519
2518
  * in policies stored in the same policy store. If the validation mode for the policy store is set to
2520
2519
  * <code>STRICT</code>, then policies that can't be validated by this schema are
2521
2520
  * rejected by Verified Permissions and can't be stored in the policy store.</p>
2521
+ * @public
2522
2522
  */
2523
2523
  export type SchemaDefinition = SchemaDefinition.CedarJsonMember | SchemaDefinition.$UnknownMember;
2524
2524
  /**
@@ -2526,10 +2526,10 @@ export type SchemaDefinition = SchemaDefinition.CedarJsonMember | SchemaDefiniti
2526
2526
  */
2527
2527
  export declare namespace SchemaDefinition {
2528
2528
  /**
2529
- * @public
2530
2529
  * <p>A JSON string representation of the schema supported by applications that use this
2531
2530
  * policy store. For more information, see <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html">Policy store schema</a> in the
2532
2531
  * <i>Amazon Verified Permissions User Guide</i>.</p>
2532
+ * @public
2533
2533
  */
2534
2534
  interface CedarJsonMember {
2535
2535
  cedarJson: string;
@@ -2553,14 +2553,14 @@ export declare namespace SchemaDefinition {
2553
2553
  */
2554
2554
  export interface PutSchemaInput {
2555
2555
  /**
2556
- * @public
2557
2556
  * <p>Specifies the ID of the policy store in which to place the schema.</p>
2557
+ * @public
2558
2558
  */
2559
2559
  policyStoreId: string | undefined;
2560
2560
  /**
2561
- * @public
2562
2561
  * <p>Specifies the definition of the schema to be stored. The schema definition must be
2563
2562
  * written in Cedar schema JSON.</p>
2563
+ * @public
2564
2564
  */
2565
2565
  definition: SchemaDefinition | undefined;
2566
2566
  }
@@ -2569,23 +2569,23 @@ export interface PutSchemaInput {
2569
2569
  */
2570
2570
  export interface PutSchemaOutput {
2571
2571
  /**
2572
- * @public
2573
2572
  * <p>The unique ID of the policy store that contains the schema.</p>
2573
+ * @public
2574
2574
  */
2575
2575
  policyStoreId: string | undefined;
2576
2576
  /**
2577
- * @public
2578
2577
  * <p>Identifies the namespaces of the entities referenced by this schema.</p>
2578
+ * @public
2579
2579
  */
2580
2580
  namespaces: string[] | undefined;
2581
2581
  /**
2582
- * @public
2583
2582
  * <p>The date and time that the schema was originally created.</p>
2583
+ * @public
2584
2584
  */
2585
2585
  createdDate: Date | undefined;
2586
2586
  /**
2587
- * @public
2588
2587
  * <p>The date and time that the schema was last updated.</p>
2588
+ * @public
2589
2589
  */
2590
2590
  lastUpdatedDate: Date | undefined;
2591
2591
  }
@@ -2594,20 +2594,20 @@ export interface PutSchemaOutput {
2594
2594
  */
2595
2595
  export interface UpdatePolicyStoreInput {
2596
2596
  /**
2597
- * @public
2598
2597
  * <p>Specifies the ID of the policy store that you want to update</p>
2598
+ * @public
2599
2599
  */
2600
2600
  policyStoreId: string | undefined;
2601
2601
  /**
2602
- * @public
2603
2602
  * <p>A structure that defines the validation settings that want to enable for the
2604
2603
  * policy store.</p>
2604
+ * @public
2605
2605
  */
2606
2606
  validationSettings: ValidationSettings | undefined;
2607
2607
  /**
2608
- * @public
2609
2608
  * <p>Descriptive text that you can provide to help with identification
2610
2609
  * of the current policy store.</p>
2610
+ * @public
2611
2611
  */
2612
2612
  description?: string;
2613
2613
  }
@@ -2616,34 +2616,34 @@ export interface UpdatePolicyStoreInput {
2616
2616
  */
2617
2617
  export interface UpdatePolicyStoreOutput {
2618
2618
  /**
2619
- * @public
2620
2619
  * <p>The ID of the updated policy store.</p>
2620
+ * @public
2621
2621
  */
2622
2622
  policyStoreId: string | undefined;
2623
2623
  /**
2624
- * @public
2625
2624
  * <p>The <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Name (ARN)</a> of the updated policy store.</p>
2625
+ * @public
2626
2626
  */
2627
2627
  arn: string | undefined;
2628
2628
  /**
2629
- * @public
2630
2629
  * <p>The date and time that the policy store was originally created.</p>
2630
+ * @public
2631
2631
  */
2632
2632
  createdDate: Date | undefined;
2633
2633
  /**
2634
- * @public
2635
2634
  * <p>The date and time that the policy store was most recently updated.</p>
2635
+ * @public
2636
2636
  */
2637
2637
  lastUpdatedDate: Date | undefined;
2638
2638
  }
2639
2639
  /**
2640
- * @public
2641
2640
  * <p>The value of an attribute.</p>
2642
2641
  * <p>Contains information about the runtime context for a request for which an
2643
2642
  * authorization decision is made. </p>
2644
2643
  * <p>This data type is used as a member of the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ContextDefinition.html">ContextDefinition</a> structure
2645
2644
  * which is uses as a request parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>, <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorized.html">BatchIsAuthorized</a>, and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
2646
2645
  * operations.</p>
2646
+ * @public
2647
2647
  */
2648
2648
  export type AttributeValue = AttributeValue.BooleanMember | AttributeValue.EntityIdentifierMember | AttributeValue.LongMember | AttributeValue.RecordMember | AttributeValue.SetMember | AttributeValue.StringMember | AttributeValue.$UnknownMember;
2649
2649
  /**
@@ -2651,11 +2651,11 @@ export type AttributeValue = AttributeValue.BooleanMember | AttributeValue.Entit
2651
2651
  */
2652
2652
  export declare namespace AttributeValue {
2653
2653
  /**
2654
- * @public
2655
2654
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#boolean">Boolean</a>
2656
2655
  * type.</p>
2657
2656
  * <p>Example: <code>\{"boolean": true\}</code>
2658
2657
  * </p>
2658
+ * @public
2659
2659
  */
2660
2660
  interface BooleanMember {
2661
2661
  boolean: boolean;
@@ -2667,11 +2667,11 @@ export declare namespace AttributeValue {
2667
2667
  $unknown?: never;
2668
2668
  }
2669
2669
  /**
2670
- * @public
2671
2670
  * <p>An attribute value of type <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntityIdentifier.html">EntityIdentifier</a>.</p>
2672
2671
  * <p>Example: <code>"entityIdentifier": \{ "entityId": "&lt;id&gt;", "entityType":
2673
2672
  * "&lt;entity type&gt;"\}</code>
2674
2673
  * </p>
2674
+ * @public
2675
2675
  */
2676
2676
  interface EntityIdentifierMember {
2677
2677
  boolean?: never;
@@ -2683,10 +2683,10 @@ export declare namespace AttributeValue {
2683
2683
  $unknown?: never;
2684
2684
  }
2685
2685
  /**
2686
- * @public
2687
2686
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#long">Long</a> type.</p>
2688
2687
  * <p>Example: <code>\{"long": 0\}</code>
2689
2688
  * </p>
2689
+ * @public
2690
2690
  */
2691
2691
  interface LongMember {
2692
2692
  boolean?: never;
@@ -2698,11 +2698,11 @@ export declare namespace AttributeValue {
2698
2698
  $unknown?: never;
2699
2699
  }
2700
2700
  /**
2701
- * @public
2702
2701
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#string">String</a>
2703
2702
  * type.</p>
2704
2703
  * <p>Example: <code>\{"string": "abc"\}</code>
2705
2704
  * </p>
2705
+ * @public
2706
2706
  */
2707
2707
  interface StringMember {
2708
2708
  boolean?: never;
@@ -2714,10 +2714,10 @@ export declare namespace AttributeValue {
2714
2714
  $unknown?: never;
2715
2715
  }
2716
2716
  /**
2717
- * @public
2718
2717
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#set">Set</a> type.</p>
2719
2718
  * <p>Example: <code>\{"set": [ \{\} ] \}</code>
2720
2719
  * </p>
2720
+ * @public
2721
2721
  */
2722
2722
  interface SetMember {
2723
2723
  boolean?: never;
@@ -2729,11 +2729,11 @@ export declare namespace AttributeValue {
2729
2729
  $unknown?: never;
2730
2730
  }
2731
2731
  /**
2732
- * @public
2733
2732
  * <p>An attribute value of <a href="https://docs.cedarpolicy.com/policies/syntax-datatypes.html#record">Record</a>
2734
2733
  * type.</p>
2735
2734
  * <p>Example: <code>\{"record": \{ "keyName": \{\} \} \}</code>
2736
2735
  * </p>
2736
+ * @public
2737
2737
  */
2738
2738
  interface RecordMember {
2739
2739
  boolean?: never;
@@ -2768,7 +2768,6 @@ export declare namespace AttributeValue {
2768
2768
  const visit: <T>(value: AttributeValue, visitor: Visitor<T>) => T;
2769
2769
  }
2770
2770
  /**
2771
- * @public
2772
2771
  * <p>Contains additional details about the context of the request. Verified Permissions evaluates this
2773
2772
  * information in an authorization request as part of the <code>when</code> and
2774
2773
  * <code>unless</code> clauses in a policy.</p>
@@ -2777,6 +2776,7 @@ export declare namespace AttributeValue {
2777
2776
  * <p>Example:
2778
2777
  * <code>"context":\{"contextMap":\{"&lt;KeyName1&gt;":\{"boolean":true\},"&lt;KeyName2&gt;":\{"long":1234\}\}\}</code>
2779
2778
  * </p>
2779
+ * @public
2780
2780
  */
2781
2781
  export type ContextDefinition = ContextDefinition.ContextMapMember | ContextDefinition.$UnknownMember;
2782
2782
  /**
@@ -2784,13 +2784,13 @@ export type ContextDefinition = ContextDefinition.ContextMapMember | ContextDefi
2784
2784
  */
2785
2785
  export declare namespace ContextDefinition {
2786
2786
  /**
2787
- * @public
2788
2787
  * <p>An list of attributes that are needed to successfully evaluate an authorization
2789
2788
  * request. Each attribute in this array must include a map of a data type and its
2790
2789
  * value.</p>
2791
2790
  * <p>Example:
2792
2791
  * <code>"contextMap":\{"&lt;KeyName1&gt;":\{"boolean":true\},"&lt;KeyName2&gt;":\{"long":1234\}\}</code>
2793
2792
  * </p>
2793
+ * @public
2794
2794
  */
2795
2795
  interface ContextMapMember {
2796
2796
  contextMap: Record<string, AttributeValue>;
@@ -2810,7 +2810,6 @@ export declare namespace ContextDefinition {
2810
2810
  const visit: <T>(value: ContextDefinition, visitor: Visitor<T>) => T;
2811
2811
  }
2812
2812
  /**
2813
- * @public
2814
2813
  * <p>Contains information about an entity that can be referenced in a Cedar
2815
2814
  * policy.</p>
2816
2815
  * <p>This data type is used as one of the fields in the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_EntitiesDefinition.html">EntitiesDefinition</a>
@@ -2820,94 +2819,95 @@ export declare namespace ContextDefinition {
2820
2819
  * "attributes": \{\}, "parents": [ \{ "entityType": "Album", "entityId": "alice_folder" \}
2821
2820
  * ] \}</code>
2822
2821
  * </p>
2822
+ * @public
2823
2823
  */
2824
2824
  export interface EntityItem {
2825
2825
  /**
2826
- * @public
2827
2826
  * <p>The identifier of the entity.</p>
2827
+ * @public
2828
2828
  */
2829
2829
  identifier: EntityIdentifier | undefined;
2830
2830
  /**
2831
- * @public
2832
2831
  * <p>A list of attributes for the entity.</p>
2832
+ * @public
2833
2833
  */
2834
2834
  attributes?: Record<string, AttributeValue>;
2835
2835
  /**
2836
- * @public
2837
2836
  * <p>The parents in the hierarchy that contains the entity.</p>
2837
+ * @public
2838
2838
  */
2839
2839
  parents?: EntityIdentifier[];
2840
2840
  }
2841
2841
  /**
2842
- * @public
2843
2842
  * <p>An authorization request that you include in a <code>BatchIsAuthorized</code> API
2844
2843
  * request.</p>
2844
+ * @public
2845
2845
  */
2846
2846
  export interface BatchIsAuthorizedInputItem {
2847
2847
  /**
2848
- * @public
2849
2848
  * <p>Specifies the principal for which the authorization decision is to be made.</p>
2849
+ * @public
2850
2850
  */
2851
2851
  principal?: EntityIdentifier;
2852
2852
  /**
2853
- * @public
2854
2853
  * <p>Specifies the requested action to be authorized. For example, is the principal
2855
2854
  * authorized to perform this action on the resource?</p>
2855
+ * @public
2856
2856
  */
2857
2857
  action?: ActionIdentifier;
2858
2858
  /**
2859
- * @public
2860
2859
  * <p>Specifies the resource for which the authorization decision is to be made.</p>
2860
+ * @public
2861
2861
  */
2862
2862
  resource?: EntityIdentifier;
2863
2863
  /**
2864
- * @public
2865
2864
  * <p>Specifies additional context that can be used to make more granular authorization
2866
2865
  * decisions.</p>
2866
+ * @public
2867
2867
  */
2868
2868
  context?: ContextDefinition;
2869
2869
  }
2870
2870
  /**
2871
- * @public
2872
2871
  * <p>The decision, based on policy evaluation, from an individual authorization request in
2873
2872
  * a <code>BatchIsAuthorized</code> API request.</p>
2873
+ * @public
2874
2874
  */
2875
2875
  export interface BatchIsAuthorizedOutputItem {
2876
2876
  /**
2877
- * @public
2878
2877
  * <p>The authorization request that initiated the decision.</p>
2878
+ * @public
2879
2879
  */
2880
2880
  request: BatchIsAuthorizedInputItem | undefined;
2881
2881
  /**
2882
- * @public
2883
2882
  * <p>An authorization decision that indicates if the authorization request should be
2884
2883
  * allowed or denied.</p>
2884
+ * @public
2885
2885
  */
2886
2886
  decision: Decision | undefined;
2887
2887
  /**
2888
- * @public
2889
2888
  * <p>The list of determining policies used to make the authorization decision. For example,
2890
2889
  * if there are two matching policies, where one is a forbid and the other is a permit,
2891
2890
  * then the forbid policy will be the determining policy. In the case of multiple matching
2892
2891
  * permit policies then there would be multiple determining policies. In the case that no
2893
2892
  * policies match, and hence the response is DENY, there would be no determining
2894
2893
  * policies.</p>
2894
+ * @public
2895
2895
  */
2896
2896
  determiningPolicies: DeterminingPolicyItem[] | undefined;
2897
2897
  /**
2898
- * @public
2899
2898
  * <p>Errors that occurred while making an authorization decision, for example, a policy
2900
2899
  * references an Entity or entity Attribute that does not exist in the slice.</p>
2900
+ * @public
2901
2901
  */
2902
2902
  errors: EvaluationErrorItem[] | undefined;
2903
2903
  }
2904
2904
  /**
2905
- * @public
2906
2905
  * <p>Contains the list of entities to be considered during an authorization request. This
2907
2906
  * includes all principals, resources, and actions required to successfully evaluate the
2908
2907
  * request.</p>
2909
2908
  * <p>This data type is used as a field in the response parameter for the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorized.html">IsAuthorized</a>
2910
2909
  * and <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a> operations.</p>
2910
+ * @public
2911
2911
  */
2912
2912
  export type EntitiesDefinition = EntitiesDefinition.EntityListMember | EntitiesDefinition.$UnknownMember;
2913
2913
  /**
@@ -2915,10 +2915,10 @@ export type EntitiesDefinition = EntitiesDefinition.EntityListMember | EntitiesD
2915
2915
  */
2916
2916
  export declare namespace EntitiesDefinition {
2917
2917
  /**
2918
- * @public
2919
2918
  * <p>An array of entities that are needed to successfully evaluate an authorization
2920
2919
  * request. Each entity in this array must include an identifier for the entity, the
2921
2920
  * attributes of the entity, and a list of any parent entities.</p>
2921
+ * @public
2922
2922
  */
2923
2923
  interface EntityListMember {
2924
2924
  entityList: EntityItem[];
@@ -2942,9 +2942,9 @@ export declare namespace EntitiesDefinition {
2942
2942
  */
2943
2943
  export interface BatchIsAuthorizedOutput {
2944
2944
  /**
2945
- * @public
2946
2945
  * <p>A series of <code>Allow</code> or <code>Deny</code> decisions for each request, and
2947
2946
  * the policies that produced them.</p>
2947
+ * @public
2948
2948
  */
2949
2949
  results: BatchIsAuthorizedOutputItem[] | undefined;
2950
2950
  }
@@ -2953,41 +2953,41 @@ export interface BatchIsAuthorizedOutput {
2953
2953
  */
2954
2954
  export interface IsAuthorizedInput {
2955
2955
  /**
2956
- * @public
2957
2956
  * <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an
2958
2957
  * authorization decision for the input.</p>
2958
+ * @public
2959
2959
  */
2960
2960
  policyStoreId: string | undefined;
2961
2961
  /**
2962
- * @public
2963
2962
  * <p>Specifies the principal for which the authorization decision is to be made.</p>
2963
+ * @public
2964
2964
  */
2965
2965
  principal?: EntityIdentifier;
2966
2966
  /**
2967
- * @public
2968
2967
  * <p>Specifies the requested action to be authorized. For example, is the principal
2969
2968
  * authorized to perform this action on the resource?</p>
2969
+ * @public
2970
2970
  */
2971
2971
  action?: ActionIdentifier;
2972
2972
  /**
2973
- * @public
2974
2973
  * <p>Specifies the resource for which the authorization decision is to be made.</p>
2974
+ * @public
2975
2975
  */
2976
2976
  resource?: EntityIdentifier;
2977
2977
  /**
2978
- * @public
2979
2978
  * <p>Specifies additional context that can be used to make more granular authorization
2980
2979
  * decisions.</p>
2980
+ * @public
2981
2981
  */
2982
2982
  context?: ContextDefinition;
2983
2983
  /**
2984
- * @public
2985
2984
  * <p>Specifies the list of resources and principals and their associated attributes that
2986
2985
  * Verified Permissions can examine when evaluating the policies. </p>
2987
2986
  * <note>
2988
2987
  * <p>You can include only principal and resource entities in this parameter; you can't
2989
2988
  * include actions. You must specify actions in the schema.</p>
2990
2989
  * </note>
2990
+ * @public
2991
2991
  */
2992
2992
  entities?: EntitiesDefinition;
2993
2993
  }
@@ -2996,51 +2996,50 @@ export interface IsAuthorizedInput {
2996
2996
  */
2997
2997
  export interface IsAuthorizedWithTokenInput {
2998
2998
  /**
2999
- * @public
3000
2999
  * <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an
3001
3000
  * authorization decision for the input.</p>
3001
+ * @public
3002
3002
  */
3003
3003
  policyStoreId: string | undefined;
3004
3004
  /**
3005
- * @public
3006
3005
  * <p>Specifies an identity token for the principal to be authorized. This token is provided
3007
3006
  * to you by the identity provider (IdP) associated with the specified identity source. You must
3008
3007
  * specify either an <code>accessToken</code>, an <code>identityToken</code>, or
3009
3008
  * both.</p>
3010
3009
  * <p>Must be an ID token. Verified Permissions returns an error if the <code>token_use</code> claim in the
3011
3010
  * submitted token isn't <code>id</code>.</p>
3011
+ * @public
3012
3012
  */
3013
3013
  identityToken?: string;
3014
3014
  /**
3015
- * @public
3016
3015
  * <p>Specifies an access token for the principal to be authorized. This token is provided
3017
3016
  * to you by the identity provider (IdP) associated with the specified identity source. You must
3018
3017
  * specify either an <code>accessToken</code>, an <code>identityToken</code>, or
3019
3018
  * both.</p>
3020
3019
  * <p>Must be an access token. Verified Permissions returns an error if the <code>token_use</code> claim in
3021
3020
  * the submitted token isn't <code>access</code>.</p>
3021
+ * @public
3022
3022
  */
3023
3023
  accessToken?: string;
3024
3024
  /**
3025
- * @public
3026
3025
  * <p>Specifies the requested action to be authorized. Is the specified principal authorized
3027
3026
  * to perform this action on the specified resource.</p>
3027
+ * @public
3028
3028
  */
3029
3029
  action?: ActionIdentifier;
3030
3030
  /**
3031
- * @public
3032
3031
  * <p>Specifies the resource for which the authorization decision is made. For example, is
3033
3032
  * the principal allowed to perform the action on the resource?</p>
3033
+ * @public
3034
3034
  */
3035
3035
  resource?: EntityIdentifier;
3036
3036
  /**
3037
- * @public
3038
3037
  * <p>Specifies additional context that can be used to make more granular authorization
3039
3038
  * decisions.</p>
3039
+ * @public
3040
3040
  */
3041
3041
  context?: ContextDefinition;
3042
3042
  /**
3043
- * @public
3044
3043
  * <p>Specifies the list of resources and their associated attributes that Verified Permissions can examine
3045
3044
  * when evaluating the policies. </p>
3046
3045
  * <note>
@@ -3061,6 +3060,7 @@ export interface IsAuthorizedWithTokenInput {
3061
3060
  * </li>
3062
3061
  * </ul>
3063
3062
  * </note>
3063
+ * @public
3064
3064
  */
3065
3065
  entities?: EntitiesDefinition;
3066
3066
  }
@@ -3069,24 +3069,24 @@ export interface IsAuthorizedWithTokenInput {
3069
3069
  */
3070
3070
  export interface BatchIsAuthorizedInput {
3071
3071
  /**
3072
- * @public
3073
3072
  * <p>Specifies the ID of the policy store. Policies in this policy store will be used to make the
3074
3073
  * authorization decisions for the input.</p>
3074
+ * @public
3075
3075
  */
3076
3076
  policyStoreId: string | undefined;
3077
3077
  /**
3078
- * @public
3079
3078
  * <p>Specifies the list of resources and principals and their associated attributes that
3080
3079
  * Verified Permissions can examine when evaluating the policies. </p>
3081
3080
  * <note>
3082
3081
  * <p>You can include only principal and resource entities in this parameter; you can't
3083
3082
  * include actions. You must specify actions in the schema.</p>
3084
3083
  * </note>
3084
+ * @public
3085
3085
  */
3086
3086
  entities?: EntitiesDefinition;
3087
3087
  /**
3088
- * @public
3089
3088
  * <p>An array of up to 30 requests that you want Verified Permissions to evaluate.</p>
3089
+ * @public
3090
3090
  */
3091
3091
  requests: BatchIsAuthorizedInputItem[] | undefined;
3092
3092
  }