Expand description
Data structures used by operation inputs/outputs.
Modules§
Structs§
- Access
Contains information about actions and resources that define permissions to check against a policy.
- Access
Preview Contains information about an access preview.
- Access
Preview Finding An access preview finding generated by the access preview.
- Access
Preview Status Reason Provides more details about the current status of the access preview. For example, if the creation of the access preview fails, a
Failed
status is returned. This failure can be due to an internal issue with the analysis or due to an invalid proposed resource configuration.- Access
Preview Summary Contains a summary of information about an access preview.
- Analysis
Rule Contains information about analysis rules for the analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.
- Analysis
Rule Criteria The criteria for an analysis rule for an analyzer. The criteria determine which entities will generate findings.
- Analyzed
Resource Contains details about the analyzed resource.
- Analyzed
Resource Summary Contains the ARN of the analyzed resource.
- Analyzer
Summary Contains information about the analyzer.
- Archive
Rule Summary Contains information about an archive rule. Archive rules automatically archive new findings that meet the criteria you define when you create the rule.
- Cloud
Trail Details Contains information about CloudTrail access.
- Cloud
Trail Properties Contains information about CloudTrail access.
- Criterion
The criteria to use in the filter that defines the archive rule. For more information on available filter keys, see IAM Access Analyzer filter keys.
- Dynamodb
Stream Configuration The proposed access control configuration for a DynamoDB stream. You can propose a configuration for a new DynamoDB stream or an existing DynamoDB stream that you own by specifying the policy for the DynamoDB stream. For more information, see PutResourcePolicy.
-
If the configuration is for an existing DynamoDB stream and you do not specify the DynamoDB policy, then the access preview uses the existing DynamoDB policy for the stream.
-
If the access preview is for a new resource and you do not specify the policy, then the access preview assumes a DynamoDB stream without a policy.
-
To propose deletion of an existing DynamoDB stream policy, you can specify an empty string for the DynamoDB policy.
-
- Dynamodb
Table Configuration The proposed access control configuration for a DynamoDB table or index. You can propose a configuration for a new DynamoDB table or index or an existing DynamoDB table or index that you own by specifying the policy for the DynamoDB table or index. For more information, see PutResourcePolicy.
-
If the configuration is for an existing DynamoDB table or index and you do not specify the DynamoDB policy, then the access preview uses the existing DynamoDB policy for the table or index.
-
If the access preview is for a new resource and you do not specify the policy, then the access preview assumes a DynamoDB table without a policy.
-
To propose deletion of an existing DynamoDB table or index policy, you can specify an empty string for the DynamoDB policy.
-
- EbsSnapshot
Configuration The proposed access control configuration for an Amazon EBS volume snapshot. You can propose a configuration for a new Amazon EBS volume snapshot or an Amazon EBS volume snapshot that you own by specifying the user IDs, groups, and optional KMS encryption key. For more information, see ModifySnapshotAttribute.
- EcrRepository
Configuration The proposed access control configuration for an Amazon ECR repository. You can propose a configuration for a new Amazon ECR repository or an existing Amazon ECR repository that you own by specifying the Amazon ECR policy. For more information, see Repository.
-
If the configuration is for an existing Amazon ECR repository and you do not specify the Amazon ECR policy, then the access preview uses the existing Amazon ECR policy for the repository.
-
If the access preview is for a new resource and you do not specify the policy, then the access preview assumes an Amazon ECR repository without a policy.
-
To propose deletion of an existing Amazon ECR repository policy, you can specify an empty string for the Amazon ECR policy.
-
- EfsFile
System Configuration The proposed access control configuration for an Amazon EFS file system. You can propose a configuration for a new Amazon EFS file system or an existing Amazon EFS file system that you own by specifying the Amazon EFS policy. For more information, see Using file systems in Amazon EFS.
-
If the configuration is for an existing Amazon EFS file system and you do not specify the Amazon EFS policy, then the access preview uses the existing Amazon EFS policy for the file system.
-
If the access preview is for a new resource and you do not specify the policy, then the access preview assumes an Amazon EFS file system without a policy.
-
To propose deletion of an existing Amazon EFS file system policy, you can specify an empty string for the Amazon EFS policy.
-
- External
Access Details Contains information about an external access finding.
- External
Access Findings Statistics Provides aggregate statistics about the findings for the specified external access analyzer.
- Finding
Contains information about a finding.
- Finding
Aggregation Account Details Contains information about the findings for an Amazon Web Services account in an organization unused access analyzer.
- Finding
Source The source of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
- Finding
Source Detail Includes details about how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.
- Finding
Summary Contains information about a finding.
- Finding
Summary V2 Contains information about a finding.
- Generated
Policy Contains the text for the generated policy.
- Generated
Policy Properties Contains the generated policy details.
- Generated
Policy Result Contains the text for the generated policy and its details.
- IamRole
Configuration The proposed access control configuration for an IAM role. You can propose a configuration for a new IAM role or an existing IAM role that you own by specifying the trust policy. If the configuration is for a new IAM role, you must specify the trust policy. If the configuration is for an existing IAM role that you own and you do not propose the trust policy, the access preview uses the existing trust policy for the role. The proposed trust policy cannot be an empty string. For more information about role trust policy limits, see IAM and STS quotas.
- Inline
Archive Rule An criterion statement in an archive rule. Each archive rule may have multiple criteria.
- Internal
Access Analysis Rule Contains information about analysis rules for the internal access analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule.
- Internal
Access Analysis Rule Criteria The criteria for an analysis rule for an internal access analyzer.
- Internal
Access Configuration Specifies the configuration of an internal access analyzer for an Amazon Web Services organization or account. This configuration determines how the analyzer evaluates internal access within your Amazon Web Services environment.
- Internal
Access Details Contains information about an internal access finding. This includes details about the access that was identified within your Amazon Web Services organization or account.
- Internal
Access Findings Statistics Provides aggregate statistics about the findings for the specified internal access analyzer. This includes counts of active, archived, and resolved findings.
- Internal
Access Resource Type Details Contains information about the total number of active, archived, and resolved findings for a resource type of an internal access analyzer.
- Internet
Configuration This configuration sets the network origin for the Amazon S3 access point or multi-region access point to
Internet
.- JobDetails
Contains details about the policy generation request.
- JobError
Contains the details about the policy generation error.
- KmsGrant
Configuration A proposed grant configuration for a KMS key. For more information, see CreateGrant.
- KmsGrant
Constraints Use this structure to propose allowing cryptographic operations in the grant only when the operation request includes the specified encryption context. You can specify only one type of encryption context. An empty map is treated as not specified. For more information, see GrantConstraints.
- KmsKey
Configuration Proposed access control configuration for a KMS key. You can propose a configuration for a new KMS key or an existing KMS key that you own by specifying the key policy and KMS grant configuration. If the configuration is for an existing key and you do not specify the key policy, the access preview uses the existing policy for the key. If the access preview is for a new resource and you do not specify the key policy, then the access preview uses the default key policy. The proposed key policy cannot be an empty string. For more information, see Default key policy. For more information about key policy limits, see Resource quotas.
- Location
A location in a policy that is represented as a path through the JSON representation and a corresponding span.
- Policy
Generation Contains details about the policy generation status and properties.
- Policy
Generation Details Contains the ARN details about the IAM entity for which the policy is generated.
- Position
A position in a policy.
- RdsDb
Cluster Snapshot Configuration The proposed access control configuration for an Amazon RDS DB cluster snapshot. You can propose a configuration for a new Amazon RDS DB cluster snapshot or an Amazon RDS DB cluster snapshot that you own by specifying the
RdsDbClusterSnapshotAttributeValue
and optional KMS encryption key. For more information, see ModifyDBClusterSnapshotAttribute.- RdsDb
Snapshot Configuration The proposed access control configuration for an Amazon RDS DB snapshot. You can propose a configuration for a new Amazon RDS DB snapshot or an Amazon RDS DB snapshot that you own by specifying the
RdsDbSnapshotAttributeValue
and optional KMS encryption key. For more information, see ModifyDBSnapshotAttribute.- Reason
Summary Contains information about the reasoning why a check for access passed or failed.
- Recommendation
Error Contains information about the reason that the retrieval of a recommendation for a finding failed.
- Resource
Type Details Contains information about the total number of active cross-account and public findings for a resource type of an external access analyzer.
- S3Access
Point Configuration The configuration for an Amazon S3 access point or multi-region access point for the bucket. You can propose up to 10 access points or multi-region access points per bucket. If the proposed Amazon S3 access point configuration is for an existing bucket, the access preview uses the proposed access point configuration in place of the existing access points. To propose an access point without a policy, you can provide an empty string as the access point policy. For more information, see Creating access points. For more information about access point policy limits, see Access points restrictions and limitations.
- S3Bucket
AclGrant Configuration A proposed access control list grant configuration for an Amazon S3 bucket. For more information, see How to Specify an ACL.
- S3Bucket
Configuration Proposed access control configuration for an Amazon S3 bucket. You can propose a configuration for a new Amazon S3 bucket or an existing Amazon S3 bucket that you own by specifying the Amazon S3 bucket policy, bucket ACLs, bucket BPA settings, Amazon S3 access points, and multi-region access points attached to the bucket. If the configuration is for an existing Amazon S3 bucket and you do not specify the Amazon S3 bucket policy, the access preview uses the existing policy attached to the bucket. If the access preview is for a new resource and you do not specify the Amazon S3 bucket policy, the access preview assumes a bucket without a policy. To propose deletion of an existing bucket policy, you can specify an empty string. For more information about bucket policy limits, see Bucket Policy Examples.
- S3Express
Directory Access Point Configuration Proposed configuration for an access point attached to an Amazon S3 directory bucket. You can propose up to 10 access points per bucket. If the proposed access point configuration is for an existing Amazon S3 directory bucket, the access preview uses the proposed access point configuration in place of the existing access points. To propose an access point without a policy, you can provide an empty string as the access point policy. For more information about access points for Amazon S3 directory buckets, see Managing access to directory buckets with access points in the Amazon Simple Storage Service User Guide.
- S3Express
Directory Bucket Configuration Proposed access control configuration for an Amazon S3 directory bucket. You can propose a configuration for a new Amazon S3 directory bucket or an existing Amazon S3 directory bucket that you own by specifying the Amazon S3 bucket policy. If the configuration is for an existing Amazon S3 directory bucket and you do not specify the Amazon S3 bucket policy, the access preview uses the existing policy attached to the directory bucket. If the access preview is for a new resource and you do not specify the Amazon S3 bucket policy, the access preview assumes an directory bucket without a policy. To propose deletion of an existing bucket policy, you can specify an empty string. For more information about Amazon S3 directory bucket policies, see Example bucket policies for directory buckets in the Amazon Simple Storage Service User Guide.
- S3Public
Access Block Configuration The
PublicAccessBlock
configuration to apply to this Amazon S3 bucket. If the proposed configuration is for an existing Amazon S3 bucket and the configuration is not specified, the access preview uses the existing setting. If the proposed configuration is for a new bucket and the configuration is not specified, the access preview usesfalse
. If the proposed configuration is for a new access point or multi-region access point and the access point BPA configuration is not specified, the access preview usestrue
. For more information, see PublicAccessBlockConfiguration.- Secrets
Manager Secret Configuration The configuration for a Secrets Manager secret. For more information, see CreateSecret.
You can propose a configuration for a new secret or an existing secret that you own by specifying the secret policy and optional KMS encryption key. If the configuration is for an existing secret and you do not specify the secret policy, the access preview uses the existing policy for the secret. If the access preview is for a new resource and you do not specify the policy, the access preview assumes a secret without a policy. To propose deletion of an existing policy, you can specify an empty string. If the proposed configuration is for a new secret and you do not specify the KMS key ID, the access preview uses the Amazon Web Services managed key
aws/secretsmanager
. If you specify an empty string for the KMS key ID, the access preview uses the Amazon Web Services managed key of the Amazon Web Services account. For more information about secret policy limits, see Quotas for Secrets Manager..- SnsTopic
Configuration The proposed access control configuration for an Amazon SNS topic. You can propose a configuration for a new Amazon SNS topic or an existing Amazon SNS topic that you own by specifying the policy. If the configuration is for an existing Amazon SNS topic and you do not specify the Amazon SNS policy, then the access preview uses the existing Amazon SNS policy for the topic. If the access preview is for a new resource and you do not specify the policy, then the access preview assumes an Amazon SNS topic without a policy. To propose deletion of an existing Amazon SNS topic policy, you can specify an empty string for the Amazon SNS policy. For more information, see Topic.
- Sort
Criteria The criteria used to sort.
- Span
A span in a policy. The span consists of a start position (inclusive) and end position (exclusive).
- SqsQueue
Configuration The proposed access control configuration for an Amazon SQS queue. You can propose a configuration for a new Amazon SQS queue or an existing Amazon SQS queue that you own by specifying the Amazon SQS policy. If the configuration is for an existing Amazon SQS queue and you do not specify the Amazon SQS policy, the access preview uses the existing Amazon SQS policy for the queue. If the access preview is for a new resource and you do not specify the policy, the access preview assumes an Amazon SQS queue without a policy. To propose deletion of an existing Amazon SQS queue policy, you can specify an empty string for the Amazon SQS policy. For more information about Amazon SQS policy limits, see Quotas related to policies.
- Status
Reason Provides more details about the current status of the analyzer. For example, if the creation for the analyzer fails, a
Failed
status is returned. For an analyzer with organization as the type, this failure can be due to an issue with creating the service-linked roles required in the member accounts of the Amazon Web Services organization.- Substring
A reference to a substring of a literal string in a JSON document.
- Trail
Contains details about the CloudTrail trail being analyzed to generate a policy.
- Trail
Properties Contains details about the CloudTrail trail being analyzed to generate a policy.
- Unused
Access Configuration Contains information about an unused access analyzer.
- Unused
Access Findings Statistics Provides aggregate statistics about the findings for the specified unused access analyzer.
- Unused
Access Type Statistics Contains information about the total number of findings for a type of unused access.
- Unused
Action Contains information about an unused access finding for an action. IAM Access Analyzer charges for unused access analysis based on the number of IAM roles and users analyzed per month. For more details on pricing, see IAM Access Analyzer pricing.
- Unused
IamRole Details Contains information about an unused access finding for an IAM role. IAM Access Analyzer charges for unused access analysis based on the number of IAM roles and users analyzed per month. For more details on pricing, see IAM Access Analyzer pricing.
- Unused
IamUser Access KeyDetails Contains information about an unused access finding for an IAM user access key. IAM Access Analyzer charges for unused access analysis based on the number of IAM roles and users analyzed per month. For more details on pricing, see IAM Access Analyzer pricing.
- Unused
IamUser Password Details Contains information about an unused access finding for an IAM user password. IAM Access Analyzer charges for unused access analysis based on the number of IAM roles and users analyzed per month. For more details on pricing, see IAM Access Analyzer pricing.
- Unused
Permission Details Contains information about an unused access finding for a permission. IAM Access Analyzer charges for unused access analysis based on the number of IAM roles and users analyzed per month. For more details on pricing, see IAM Access Analyzer pricing.
- Unused
Permissions Recommended Step Contains information about the action to take for a policy in an unused permissions finding.
- Validate
Policy Finding A finding in a policy. Each finding is an actionable recommendation that can be used to improve the policy.
- Validation
Exception Field Contains information about a validation exception.
- VpcConfiguration
The proposed virtual private cloud (VPC) configuration for the Amazon S3 access point. VPC configuration does not apply to multi-region access points. For more information, see VpcConfiguration.
Enums§
- Access
Check Policy Type - When writing a match expression against
AccessCheckPolicyType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Access
Check Resource Type - When writing a match expression against
AccessCheckResourceType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Access
Preview Status - When writing a match expression against
AccessPreviewStatus
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Access
Preview Status Reason Code - When writing a match expression against
AccessPreviewStatusReasonCode
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - AclGrantee
You specify each grantee as a type-value pair using one of these types. You can specify only one type of grantee. For more information, see PutBucketAcl.
- AclPermission
- When writing a match expression against
AclPermission
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Analyzer
Configuration Contains information about the configuration of an analyzer for an Amazon Web Services organization or account.
- Analyzer
Status - When writing a match expression against
AnalyzerStatus
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Check
Access NotGranted Result - When writing a match expression against
CheckAccessNotGrantedResult
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Check
NoNew Access Result - When writing a match expression against
CheckNoNewAccessResult
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Check
NoPublic Access Result - When writing a match expression against
CheckNoPublicAccessResult
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Configuration
Access control configuration structures for your resource. You specify the configuration as a type-value pair. You can specify only one type of access control configuration.
- Finding
Change Type - When writing a match expression against
FindingChangeType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Finding
Details Contains information about an external access or unused access finding. Only one parameter can be used in a
FindingDetails
object.- Finding
Source Type - When writing a match expression against
FindingSourceType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Finding
Status - When writing a match expression against
FindingStatus
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Finding
Status Update - When writing a match expression against
FindingStatusUpdate
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Finding
Type - When writing a match expression against
FindingType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Findings
Statistics Contains information about the aggregate statistics for an external or unused access analyzer. Only one parameter can be used in a
FindingsStatistics
object.- Internal
Access Type - When writing a match expression against
InternalAccessType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - JobError
Code - When writing a match expression against
JobErrorCode
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - JobStatus
- When writing a match expression against
JobStatus
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - KmsGrant
Operation - When writing a match expression against
KmsGrantOperation
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Locale
- When writing a match expression against
Locale
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Network
Origin Configuration The proposed
InternetConfiguration
orVpcConfiguration
to apply to the Amazon S3 access point. You can make the access point accessible from the internet, or you can specify that all requests made through that access point must originate from a specific virtual private cloud (VPC). You can specify only one type of network configuration. For more information, see Creating access points.- OrderBy
- When writing a match expression against
OrderBy
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Path
Element A single element in a path through the JSON representation of a policy.
- Policy
Type - When writing a match expression against
PolicyType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Principal
Type - When writing a match expression against
PrincipalType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - RdsDb
Cluster Snapshot Attribute Value The values for a manual Amazon RDS DB cluster snapshot attribute.
- RdsDb
Snapshot Attribute Value The name and values of a manual Amazon RDS DB snapshot attribute. Manual DB snapshot attributes are used to authorize other Amazon Web Services accounts to restore a manual DB snapshot.
- Reason
Code - When writing a match expression against
ReasonCode
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Recommendation
Type - When writing a match expression against
RecommendationType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Recommended
Remediation Action - When writing a match expression against
RecommendedRemediationAction
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Recommended
Step Contains information about a recommended step for an unused access analyzer finding.
- Resource
Control Policy Restriction - When writing a match expression against
ResourceControlPolicyRestriction
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resource
Type - When writing a match expression against
ResourceType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Service
Control Policy Restriction - When writing a match expression against
ServiceControlPolicyRestriction
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Status
- When writing a match expression against
Status
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Type
- When writing a match expression against
Type
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Validate
Policy Finding Type - When writing a match expression against
ValidatePolicyFindingType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Validate
Policy Resource Type - When writing a match expression against
ValidatePolicyResourceType
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Validation
Exception Reason - When writing a match expression against
ValidationExceptionReason
, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.