|
28 | 28 | {"shape":"ThrottlingException"},
|
29 | 29 | {"shape":"InternalServerException"}
|
30 | 30 | ],
|
31 |
| - "documentation":"<p>Makes a series of decisions about multiple authorization requests for one principal or resource. Each request contains the equivalent content of an <code>IsAuthorized</code> request: principal, action, resource, and context. Either the <code>principal</code> or the <code>resource</code> parameter must be identical across all requests. For example, Verified Permissions won't evaluate a pair of requests where <code>bob</code> views <code>photo1</code> and <code>alice</code> views <code>photo2</code>. Authorization of <code>bob</code> to view <code>photo1</code> and <code>photo2</code>, or <code>bob</code> and <code>alice</code> to view <code>photo1</code>, are valid batches. </p> <p>The request is evaluated against all policies in the specified policy store that match the entities that you declare. The result of the decisions is a series of <code>Allow</code> or <code>Deny</code> responses, along with the IDs of the policies that produced each decision.</p> <p>The <code>entities</code> of a <code>BatchIsAuthorized</code> API request can contain up to 100 principals and up to 100 resources. The <code>requests</code> of a <code>BatchIsAuthorized</code> API request can contain up to 30 requests.</p>" |
| 31 | + "documentation":"<p>Makes a series of decisions about multiple authorization requests for one principal or resource. Each request contains the equivalent content of an <code>IsAuthorized</code> request: principal, action, resource, and context. Either the <code>principal</code> or the <code>resource</code> parameter must be identical across all requests. For example, Verified Permissions won't evaluate a pair of requests where <code>bob</code> views <code>photo1</code> and <code>alice</code> views <code>photo2</code>. Authorization of <code>bob</code> to view <code>photo1</code> and <code>photo2</code>, or <code>bob</code> and <code>alice</code> to view <code>photo1</code>, are valid batches. </p> <p>The request is evaluated against all policies in the specified policy store that match the entities that you declare. The result of the decisions is a series of <code>Allow</code> or <code>Deny</code> responses, along with the IDs of the policies that produced each decision.</p> <p>The <code>entities</code> of a <code>BatchIsAuthorized</code> API request can contain up to 100 principals and up to 100 resources. The <code>requests</code> of a <code>BatchIsAuthorized</code> API request can contain up to 30 requests.</p> <note> <p>The <code>BatchIsAuthorized</code> operation doesn't have its own IAM permission. To authorize this operation for Amazon Web Services principals, include the permission <code>verifiedpermissions:IsAuthorized</code> in their IAM policies.</p> </note>" |
32 | 32 | },
|
33 | 33 | "CreateIdentitySource":{
|
34 | 34 | "name":"CreateIdentitySource",
|
|
837 | 837 | "validationSettings":{
|
838 | 838 | "shape":"ValidationSettings",
|
839 | 839 | "documentation":"<p>Specifies the validation setting for this policy store.</p> <p>Currently, the only valid and required value is <code>Mode</code>.</p> <important> <p>We recommend that you turn on <code>STRICT</code> mode only after you define a schema. If a schema doesn't exist, then <code>STRICT</code> mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the <a href=\"https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore\">UpdatePolicyStore</a>. Then, when you have a schema defined, use <a href=\"https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore\">UpdatePolicyStore</a> again to turn validation back on.</p> </important>"
|
| 840 | + }, |
| 841 | + "description":{ |
| 842 | + "shape":"PolicyStoreDescription", |
| 843 | + "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>" |
840 | 844 | }
|
841 | 845 | }
|
842 | 846 | },
|
|
1286 | 1290 | "lastUpdatedDate":{
|
1287 | 1291 | "shape":"TimestampFormat",
|
1288 | 1292 | "documentation":"<p>The date and time that the policy store was last updated.</p>"
|
| 1293 | + }, |
| 1294 | + "description":{ |
| 1295 | + "shape":"PolicyStoreDescription", |
| 1296 | + "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>" |
1289 | 1297 | }
|
1290 | 1298 | }
|
1291 | 1299 | },
|
|
1376 | 1384 | "lastUpdatedDate":{
|
1377 | 1385 | "shape":"TimestampFormat",
|
1378 | 1386 | "documentation":"<p>The date and time that the schema was most recently updated.</p>"
|
| 1387 | + }, |
| 1388 | + "namespaces":{ |
| 1389 | + "shape":"NamespaceList", |
| 1390 | + "documentation":"<p>The namespaces of the entities referenced by this schema.</p>" |
1379 | 1391 | }
|
1380 | 1392 | }
|
1381 | 1393 | },
|
|
1916 | 1928 | "min":1,
|
1917 | 1929 | "sensitive":true
|
1918 | 1930 | },
|
| 1931 | + "PolicyStoreDescription":{ |
| 1932 | + "type":"string", |
| 1933 | + "max":150, |
| 1934 | + "min":0, |
| 1935 | + "sensitive":true |
| 1936 | + }, |
1919 | 1937 | "PolicyStoreId":{
|
1920 | 1938 | "type":"string",
|
1921 | 1939 | "max":200,
|
|
1941 | 1959 | "createdDate":{
|
1942 | 1960 | "shape":"TimestampFormat",
|
1943 | 1961 | "documentation":"<p>The date and time the policy was created.</p>"
|
| 1962 | + }, |
| 1963 | + "lastUpdatedDate":{ |
| 1964 | + "shape":"TimestampFormat", |
| 1965 | + "documentation":"<p>The date and time the policy store was most recently updated.</p>" |
| 1966 | + }, |
| 1967 | + "description":{ |
| 1968 | + "shape":"PolicyStoreDescription", |
| 1969 | + "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>" |
1944 | 1970 | }
|
1945 | 1971 | },
|
1946 | 1972 | "documentation":"<p>Contains information about a policy store.</p> <p>This data type is used as a response parameter for the <a href=\"https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_ListPolicyStores.html\">ListPolicyStores</a> operation.</p>"
|
|
2471 | 2497 | "validationSettings":{
|
2472 | 2498 | "shape":"ValidationSettings",
|
2473 | 2499 | "documentation":"<p>A structure that defines the validation settings that want to enable for the policy store.</p>"
|
| 2500 | + }, |
| 2501 | + "description":{ |
| 2502 | + "shape":"PolicyStoreDescription", |
| 2503 | + "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>" |
2474 | 2504 | }
|
2475 | 2505 | }
|
2476 | 2506 | },
|
|
0 commit comments