From 87207b4fe6b92c2667f2e4aac19158b1f4d49b00 Mon Sep 17 00:00:00 2001 From: awstools Date: Fri, 1 Dec 2023 20:04:24 +0000 Subject: [PATCH] feat(client-verifiedpermissions): Adds description field to PolicyStore API's and namespaces field to GetSchema. --- .../src/commands/BatchIsAuthorizedCommand.ts | 11 ++- .../src/commands/CreatePolicyStoreCommand.ts | 9 ++- .../src/commands/GetPolicyStoreCommand.ts | 5 +- .../src/commands/GetSchemaCommand.ts | 3 + .../src/commands/ListPolicyStoresCommand.ts | 10 ++- .../src/commands/UpdatePolicyStoreCommand.ts | 9 ++- .../src/models/models_0.ts | 81 +++++++++++++++++++ .../src/protocols/Aws_json1_0.ts | 5 ++ .../aws-models/verifiedpermissions.json | 48 ++++++++++- 9 files changed, 169 insertions(+), 12 deletions(-) diff --git a/clients/client-verifiedpermissions/src/commands/BatchIsAuthorizedCommand.ts b/clients/client-verifiedpermissions/src/commands/BatchIsAuthorizedCommand.ts index ae22e1a7d7ef0..7650dded5a5a2 100644 --- a/clients/client-verifiedpermissions/src/commands/BatchIsAuthorizedCommand.ts +++ b/clients/client-verifiedpermissions/src/commands/BatchIsAuthorizedCommand.ts @@ -59,9 +59,14 @@ export interface BatchIsAuthorizedCommandOutput extends BatchIsAuthorizedOutput, * entities that you declare. The result of the decisions is a series of Allow * or Deny responses, along with the IDs of the policies that produced each * decision.

- *

The entities of a BatchIsAuthorized API request can contain up to 100 principals and up - * to 100 resources. The requests of a BatchIsAuthorized API request can contain up to 30 - * requests.

+ *

The entities of a BatchIsAuthorized API request can contain + * up to 100 principals and up to 100 resources. The requests of a + * BatchIsAuthorized API request can contain up to 30 requests.

+ * + *

The BatchIsAuthorized operation doesn't have its own IAM + * permission. To authorize this operation for Amazon Web Services principals, include the permission + * verifiedpermissions:IsAuthorized in their IAM policies.

+ * * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-verifiedpermissions/src/commands/CreatePolicyStoreCommand.ts b/clients/client-verifiedpermissions/src/commands/CreatePolicyStoreCommand.ts index 6bfe93b0fe322..3c5d2180ebad3 100644 --- a/clients/client-verifiedpermissions/src/commands/CreatePolicyStoreCommand.ts +++ b/clients/client-verifiedpermissions/src/commands/CreatePolicyStoreCommand.ts @@ -14,7 +14,11 @@ import { SMITHY_CONTEXT_KEY, } from "@smithy/types"; -import { CreatePolicyStoreInput, CreatePolicyStoreOutput } from "../models/models_0"; +import { + CreatePolicyStoreInput, + CreatePolicyStoreInputFilterSensitiveLog, + CreatePolicyStoreOutput, +} from "../models/models_0"; import { de_CreatePolicyStoreCommand, se_CreatePolicyStoreCommand } from "../protocols/Aws_json1_0"; import { ServiceInputTypes, @@ -63,6 +67,7 @@ export interface CreatePolicyStoreCommandOutput extends CreatePolicyStoreOutput, * validationSettings: { // ValidationSettings * mode: "OFF" || "STRICT", // required * }, + * description: "STRING_VALUE", * }; * const command = new CreatePolicyStoreCommand(input); * const response = await client.send(command); @@ -228,7 +233,7 @@ export class CreatePolicyStoreCommand extends $Command< logger, clientName, commandName, - inputFilterSensitiveLog: (_: any) => _, + inputFilterSensitiveLog: CreatePolicyStoreInputFilterSensitiveLog, outputFilterSensitiveLog: (_: any) => _, [SMITHY_CONTEXT_KEY]: { service: "VerifiedPermissions", diff --git a/clients/client-verifiedpermissions/src/commands/GetPolicyStoreCommand.ts b/clients/client-verifiedpermissions/src/commands/GetPolicyStoreCommand.ts index b04d69ef7a3a9..7be573e87ac99 100644 --- a/clients/client-verifiedpermissions/src/commands/GetPolicyStoreCommand.ts +++ b/clients/client-verifiedpermissions/src/commands/GetPolicyStoreCommand.ts @@ -14,7 +14,7 @@ import { SMITHY_CONTEXT_KEY, } from "@smithy/types"; -import { GetPolicyStoreInput, GetPolicyStoreOutput } from "../models/models_0"; +import { GetPolicyStoreInput, GetPolicyStoreOutput, GetPolicyStoreOutputFilterSensitiveLog } from "../models/models_0"; import { de_GetPolicyStoreCommand, se_GetPolicyStoreCommand } from "../protocols/Aws_json1_0"; import { ServiceInputTypes, @@ -61,6 +61,7 @@ export interface GetPolicyStoreCommandOutput extends GetPolicyStoreOutput, __Met * // }, * // createdDate: new Date("TIMESTAMP"), // required * // lastUpdatedDate: new Date("TIMESTAMP"), // required + * // description: "STRING_VALUE", * // }; * * ``` @@ -215,7 +216,7 @@ export class GetPolicyStoreCommand extends $Command< clientName, commandName, inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + outputFilterSensitiveLog: GetPolicyStoreOutputFilterSensitiveLog, [SMITHY_CONTEXT_KEY]: { service: "VerifiedPermissions", operation: "GetPolicyStore", diff --git a/clients/client-verifiedpermissions/src/commands/GetSchemaCommand.ts b/clients/client-verifiedpermissions/src/commands/GetSchemaCommand.ts index 4376d5c245c8c..be9c0e21c82a9 100644 --- a/clients/client-verifiedpermissions/src/commands/GetSchemaCommand.ts +++ b/clients/client-verifiedpermissions/src/commands/GetSchemaCommand.ts @@ -58,6 +58,9 @@ export interface GetSchemaCommandOutput extends GetSchemaOutput, __MetadataBeare * // schema: "STRING_VALUE", // required * // createdDate: new Date("TIMESTAMP"), // required * // lastUpdatedDate: new Date("TIMESTAMP"), // required + * // namespaces: [ // NamespaceList + * // "STRING_VALUE", + * // ], * // }; * * ``` diff --git a/clients/client-verifiedpermissions/src/commands/ListPolicyStoresCommand.ts b/clients/client-verifiedpermissions/src/commands/ListPolicyStoresCommand.ts index a2cff205afa69..d9fdc40f2048e 100644 --- a/clients/client-verifiedpermissions/src/commands/ListPolicyStoresCommand.ts +++ b/clients/client-verifiedpermissions/src/commands/ListPolicyStoresCommand.ts @@ -14,7 +14,11 @@ import { SMITHY_CONTEXT_KEY, } from "@smithy/types"; -import { ListPolicyStoresInput, ListPolicyStoresOutput } from "../models/models_0"; +import { + ListPolicyStoresInput, + ListPolicyStoresOutput, + ListPolicyStoresOutputFilterSensitiveLog, +} from "../models/models_0"; import { de_ListPolicyStoresCommand, se_ListPolicyStoresCommand } from "../protocols/Aws_json1_0"; import { ServiceInputTypes, @@ -61,6 +65,8 @@ export interface ListPolicyStoresCommandOutput extends ListPolicyStoresOutput, _ * // policyStoreId: "STRING_VALUE", // required * // arn: "STRING_VALUE", // required * // createdDate: new Date("TIMESTAMP"), // required + * // lastUpdatedDate: new Date("TIMESTAMP"), + * // description: "STRING_VALUE", * // }, * // ], * // }; @@ -214,7 +220,7 @@ export class ListPolicyStoresCommand extends $Command< clientName, commandName, inputFilterSensitiveLog: (_: any) => _, - outputFilterSensitiveLog: (_: any) => _, + outputFilterSensitiveLog: ListPolicyStoresOutputFilterSensitiveLog, [SMITHY_CONTEXT_KEY]: { service: "VerifiedPermissions", operation: "ListPolicyStores", diff --git a/clients/client-verifiedpermissions/src/commands/UpdatePolicyStoreCommand.ts b/clients/client-verifiedpermissions/src/commands/UpdatePolicyStoreCommand.ts index a6f67f001c27e..1f54c4592b048 100644 --- a/clients/client-verifiedpermissions/src/commands/UpdatePolicyStoreCommand.ts +++ b/clients/client-verifiedpermissions/src/commands/UpdatePolicyStoreCommand.ts @@ -14,7 +14,11 @@ import { SMITHY_CONTEXT_KEY, } from "@smithy/types"; -import { UpdatePolicyStoreInput, UpdatePolicyStoreOutput } from "../models/models_0"; +import { + UpdatePolicyStoreInput, + UpdatePolicyStoreInputFilterSensitiveLog, + UpdatePolicyStoreOutput, +} from "../models/models_0"; import { de_UpdatePolicyStoreCommand, se_UpdatePolicyStoreCommand } from "../protocols/Aws_json1_0"; import { ServiceInputTypes, @@ -59,6 +63,7 @@ export interface UpdatePolicyStoreCommandOutput extends UpdatePolicyStoreOutput, * validationSettings: { // ValidationSettings * mode: "OFF" || "STRICT", // required * }, + * description: "STRING_VALUE", * }; * const command = new UpdatePolicyStoreCommand(input); * const response = await client.send(command); @@ -224,7 +229,7 @@ export class UpdatePolicyStoreCommand extends $Command< logger, clientName, commandName, - inputFilterSensitiveLog: (_: any) => _, + inputFilterSensitiveLog: UpdatePolicyStoreInputFilterSensitiveLog, outputFilterSensitiveLog: (_: any) => _, [SMITHY_CONTEXT_KEY]: { service: "VerifiedPermissions", diff --git a/clients/client-verifiedpermissions/src/models/models_0.ts b/clients/client-verifiedpermissions/src/models/models_0.ts index 08911db9b5ca4..edce20577f1b7 100644 --- a/clients/client-verifiedpermissions/src/models/models_0.ts +++ b/clients/client-verifiedpermissions/src/models/models_0.ts @@ -905,6 +905,13 @@ export interface CreatePolicyStoreInput { * */ validationSettings: ValidationSettings | undefined; + + /** + * @public + *

Descriptive text that you can provide to help with identification + * of the current policy store.

+ */ + description?: string; } /** @@ -1487,6 +1494,13 @@ export interface GetPolicyStoreOutput { *

The date and time that the policy store was last updated.

*/ lastUpdatedDate: Date | undefined; + + /** + * @public + *

Descriptive text that you can provide to help with identification + * of the current policy store.

+ */ + description?: string; } /** @@ -1586,6 +1600,12 @@ export interface GetSchemaOutput { *

The date and time that the schema was most recently updated.

*/ lastUpdatedDate: Date | undefined; + + /** + * @public + *

The namespaces of the entities referenced by this schema.

+ */ + namespaces?: string[]; } /** @@ -2269,6 +2289,19 @@ export interface PolicyStoreItem { *

The date and time the policy was created.

*/ createdDate: Date | undefined; + + /** + * @public + *

The date and time the policy store was most recently updated.

+ */ + lastUpdatedDate?: Date; + + /** + * @public + *

Descriptive text that you can provide to help with identification + * of the current policy store.

+ */ + description?: string; } /** @@ -2760,6 +2793,13 @@ export interface UpdatePolicyStoreInput { * policy store.

*/ validationSettings: ValidationSettings | undefined; + + /** + * @public + *

Descriptive text that you can provide to help with identification + * of the current policy store.

+ */ + description?: string; } /** @@ -3408,6 +3448,14 @@ export const CreatePolicyOutputFilterSensitiveLog = (obj: CreatePolicyOutput): a ...(obj.resource && { resource: EntityIdentifierFilterSensitiveLog(obj.resource) }), }); +/** + * @internal + */ +export const CreatePolicyStoreInputFilterSensitiveLog = (obj: CreatePolicyStoreInput): any => ({ + ...obj, + ...(obj.description && { description: SENSITIVE_STRING }), +}); + /** * @internal */ @@ -3483,6 +3531,14 @@ export const GetPolicyOutputFilterSensitiveLog = (obj: GetPolicyOutput): any => ...(obj.definition && { definition: PolicyDefinitionDetailFilterSensitiveLog(obj.definition) }), }); +/** + * @internal + */ +export const GetPolicyStoreOutputFilterSensitiveLog = (obj: GetPolicyStoreOutput): any => ({ + ...obj, + ...(obj.description && { description: SENSITIVE_STRING }), +}); + /** * @internal */ @@ -3498,6 +3554,7 @@ export const GetPolicyTemplateOutputFilterSensitiveLog = (obj: GetPolicyTemplate export const GetSchemaOutputFilterSensitiveLog = (obj: GetSchemaOutput): any => ({ ...obj, ...(obj.schema && { schema: SENSITIVE_STRING }), + ...(obj.namespaces && { namespaces: SENSITIVE_STRING }), }); /** @@ -3653,6 +3710,22 @@ export const ListPoliciesOutputFilterSensitiveLog = (obj: ListPoliciesOutput): a ...(obj.policies && { policies: obj.policies.map((item) => PolicyItemFilterSensitiveLog(item)) }), }); +/** + * @internal + */ +export const PolicyStoreItemFilterSensitiveLog = (obj: PolicyStoreItem): any => ({ + ...obj, + ...(obj.description && { description: SENSITIVE_STRING }), +}); + +/** + * @internal + */ +export const ListPolicyStoresOutputFilterSensitiveLog = (obj: ListPolicyStoresOutput): any => ({ + ...obj, + ...(obj.policyStores && { policyStores: obj.policyStores.map((item) => PolicyStoreItemFilterSensitiveLog(item)) }), +}); + /** * @internal */ @@ -3738,6 +3811,14 @@ export const PutSchemaOutputFilterSensitiveLog = (obj: PutSchemaOutput): any => ...(obj.namespaces && { namespaces: SENSITIVE_STRING }), }); +/** + * @internal + */ +export const UpdatePolicyStoreInputFilterSensitiveLog = (obj: UpdatePolicyStoreInput): any => ({ + ...obj, + ...(obj.description && { description: SENSITIVE_STRING }), +}); + /** * @internal */ diff --git a/clients/client-verifiedpermissions/src/protocols/Aws_json1_0.ts b/clients/client-verifiedpermissions/src/protocols/Aws_json1_0.ts index 2baa22ff89eed..ee8de5e681c86 100644 --- a/clients/client-verifiedpermissions/src/protocols/Aws_json1_0.ts +++ b/clients/client-verifiedpermissions/src/protocols/Aws_json1_0.ts @@ -2186,6 +2186,7 @@ const se_CreatePolicyInput = (input: CreatePolicyInput, context: __SerdeContext) const se_CreatePolicyStoreInput = (input: CreatePolicyStoreInput, context: __SerdeContext): any => { return take(input, { clientToken: [true, (_) => _ ?? generateIdempotencyToken()], + description: [], validationSettings: _json, }); }; @@ -2581,6 +2582,7 @@ const de_GetPolicyStoreOutput = (output: any, context: __SerdeContext): GetPolic return take(output, { arn: __expectString, createdDate: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), + description: __expectString, lastUpdatedDate: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), policyStoreId: __expectString, validationSettings: _json, @@ -2608,6 +2610,7 @@ const de_GetSchemaOutput = (output: any, context: __SerdeContext): GetSchemaOutp return take(output, { createdDate: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), lastUpdatedDate: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), + namespaces: _json, policyStoreId: __expectString, schema: __expectString, }) as any; @@ -2730,6 +2733,8 @@ const de_PolicyStoreItem = (output: any, context: __SerdeContext): PolicyStoreIt return take(output, { arn: __expectString, createdDate: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), + description: __expectString, + lastUpdatedDate: (_: any) => __expectNonNull(__parseRfc3339DateTimeWithOffset(_)), policyStoreId: __expectString, }) as any; }; diff --git a/codegen/sdk-codegen/aws-models/verifiedpermissions.json b/codegen/sdk-codegen/aws-models/verifiedpermissions.json index 717db380ee9ee..e84f2bbaf523b 100644 --- a/codegen/sdk-codegen/aws-models/verifiedpermissions.json +++ b/codegen/sdk-codegen/aws-models/verifiedpermissions.json @@ -121,7 +121,7 @@ "traits": { "aws.iam#actionName": "IsAuthorized", "aws.iam#actionPermissionDescription": "Grants permission to make a batch authorization decision about a service request described in the parameters", - "smithy.api#documentation": "

Makes a series of decisions about multiple authorization requests for one principal or\n resource. Each request contains the equivalent content of an IsAuthorized\n request: principal, action, resource, and context. Either the principal or\n the resource parameter must be identical across all requests. For example,\n Verified Permissions won't evaluate a pair of requests where bob views\n photo1 and alice views photo2. Authorization\n of bob to view photo1 and photo2, or\n bob and alice to view photo1, are valid\n batches.

\n

The request is evaluated against all policies in the specified policy store that match the\n entities that you declare. The result of the decisions is a series of Allow\n or Deny responses, along with the IDs of the policies that produced each\n decision.

\n

The entities of a BatchIsAuthorized API request can contain up to 100 principals and up\n to 100 resources. The requests of a BatchIsAuthorized API request can contain up to 30\n requests.

", + "smithy.api#documentation": "

Makes a series of decisions about multiple authorization requests for one principal or\n resource. Each request contains the equivalent content of an IsAuthorized\n request: principal, action, resource, and context. Either the principal or\n the resource parameter must be identical across all requests. For example,\n Verified Permissions won't evaluate a pair of requests where bob views\n photo1 and alice views photo2. Authorization\n of bob to view photo1 and photo2, or\n bob and alice to view photo1, are valid\n batches.

\n

The request is evaluated against all policies in the specified policy store that match the\n entities that you declare. The result of the decisions is a series of Allow\n or Deny responses, along with the IDs of the policies that produced each\n decision.

\n

The entities of a BatchIsAuthorized API request can contain\n up to 100 principals and up to 100 resources. The requests of a\n BatchIsAuthorized API request can contain up to 30 requests.

\n \n

The BatchIsAuthorized operation doesn't have its own IAM\n permission. To authorize this operation for Amazon Web Services principals, include the permission\n verifiedpermissions:IsAuthorized in their IAM policies.

\n ", "smithy.api#readonly": {} } }, @@ -606,6 +606,12 @@ "smithy.api#documentation": "

Specifies the validation setting for this policy store.

\n

Currently, the only valid and required value is Mode.

\n \n

We recommend that you turn on STRICT mode only after you define a\n schema. If a schema doesn't exist, then STRICT mode causes any policy\n to fail validation, and Verified Permissions rejects the policy. You can turn off validation by\n using the UpdatePolicyStore. Then, when you have a schema defined, use UpdatePolicyStore again to turn validation back on.

\n ", "smithy.api#required": {} } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreDescription", + "traits": { + "smithy.api#documentation": "

Descriptive text that you can provide to help with identification \n of the current policy store.

" + } } }, "traits": { @@ -1401,6 +1407,12 @@ "smithy.api#documentation": "

The date and time that the policy store was last updated.

", "smithy.api#required": {} } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreDescription", + "traits": { + "smithy.api#documentation": "

Descriptive text that you can provide to help with identification \n of the current policy store.

" + } } }, "traits": { @@ -1563,6 +1575,12 @@ "smithy.api#documentation": "

The date and time that the schema was most recently updated.

", "smithy.api#required": {} } + }, + "namespaces": { + "target": "com.amazonaws.verifiedpermissions#NamespaceList", + "traits": { + "smithy.api#documentation": "

The namespaces of the entities referenced by this schema.

" + } } }, "traits": { @@ -2613,6 +2631,16 @@ "smithy.api#documentation": "Represents a policy store that you can place schema, policies, and policy templates in to validate authorization requests" } }, + "com.amazonaws.verifiedpermissions#PolicyStoreDescription": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 0, + "max": 150 + }, + "smithy.api#sensitive": {} + } + }, "com.amazonaws.verifiedpermissions#PolicyStoreId": { "type": "string", "traits": { @@ -2646,6 +2674,18 @@ "smithy.api#documentation": "

The date and time the policy was created.

", "smithy.api#required": {} } + }, + "lastUpdatedDate": { + "target": "com.amazonaws.verifiedpermissions#TimestampFormat", + "traits": { + "smithy.api#documentation": "

The date and time the policy store was most recently updated.

" + } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreDescription", + "traits": { + "smithy.api#documentation": "

Descriptive text that you can provide to help with identification \n of the current policy store.

" + } } }, "traits": { @@ -3542,6 +3582,12 @@ "smithy.api#documentation": "

A structure that defines the validation settings that want to enable for the\n policy store.

", "smithy.api#required": {} } + }, + "description": { + "target": "com.amazonaws.verifiedpermissions#PolicyStoreDescription", + "traits": { + "smithy.api#documentation": "

Descriptive text that you can provide to help with identification \n of the current policy store.

" + } } }, "traits": {