Skip to content

Commit

Permalink
feat(client-connect): This release adds Hierarchy based Access Contro…
Browse files Browse the repository at this point in the history 
…l fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.
  • Loading branch information
awstools committed Mar 15, 2024
1 parent b6e079d commit 7fbd215
Show file tree
Hide file tree
Showing 9 changed files with 286 additions and 8 deletions.
4 changes: 4 additions & 0 deletions clients/client-connect/src/commands/CreateSecurityProfileCommand.ts
View file
Expand Up @@ -58,6 +58,10 @@ export interface CreateSecurityProfileCommandOutput extends CreateSecurityProfil
* ],
* },
* ],
* HierarchyRestrictedResources: [ // HierarchyRestrictedResourceList
* "STRING_VALUE",
* ],
* AllowedAccessControlHierarchyGroupId: "STRING_VALUE",
* };
* const command = new CreateSecurityProfileCommand(input);
* const response = await client.send(command);
Expand Down
4 changes: 4 additions & 0 deletions clients/client-connect/src/commands/DescribeSecurityProfileCommand.ts
View file
Expand Up @@ -58,6 +58,10 @@ export interface DescribeSecurityProfileCommandOutput extends DescribeSecurityPr
* // ],
* // LastModifiedTime: new Date("TIMESTAMP"),
* // LastModifiedRegion: "STRING_VALUE",
* // HierarchyRestrictedResources: [ // HierarchyRestrictedResourceList
* // "STRING_VALUE",
* // ],
* // AllowedAccessControlHierarchyGroupId: "STRING_VALUE",
* // },
* // };
*
Expand Down
30 changes: 22 additions & 8 deletions clients/client-connect/src/commands/SearchUsersCommand.ts
View file
Expand Up @@ -60,6 +60,26 @@ export interface SearchUsersCommandOutput extends SearchUsersResponse, __Metadat
* ],
* TagCondition: "<TagCondition>",
* },
* UserAttributeFilter: { // ControlPlaneUserAttributeFilter
* OrConditions: [ // AttributeOrConditionList
* { // AttributeAndCondition
* TagConditions: "<TagAndConditionList>",
* HierarchyGroupCondition: { // HierarchyGroupCondition
* Value: "STRING_VALUE",
* HierarchyGroupMatchType: "EXACT" || "WITH_CHILD_GROUPS",
* },
* },
* ],
* AndCondition: {
* TagConditions: "<TagAndConditionList>",
* HierarchyGroupCondition: {
* Value: "STRING_VALUE",
* HierarchyGroupMatchType: "EXACT" || "WITH_CHILD_GROUPS",
* },
* },
* TagCondition: "<TagCondition>",
* HierarchyGroupCondition: "<HierarchyGroupCondition>",
* },
* },
* SearchCriteria: { // UserSearchCriteria
* OrConditions: [ // UserSearchConditionList
Expand All @@ -75,10 +95,7 @@ export interface SearchUsersCommandOutput extends SearchUsersResponse, __Metadat
* Value: "STRING_VALUE",
* ComparisonType: "STARTS_WITH" || "CONTAINS" || "EXACT",
* },
* HierarchyGroupCondition: { // HierarchyGroupCondition
* Value: "STRING_VALUE",
* HierarchyGroupMatchType: "EXACT" || "WITH_CHILD_GROUPS",
* },
* HierarchyGroupCondition: "<HierarchyGroupCondition>",
* },
* ],
* AndConditions: [
Expand All @@ -89,10 +106,7 @@ export interface SearchUsersCommandOutput extends SearchUsersResponse, __Metadat
* Value: "STRING_VALUE",
* ComparisonType: "STARTS_WITH" || "CONTAINS" || "EXACT",
* },
* HierarchyGroupCondition: {
* Value: "STRING_VALUE",
* HierarchyGroupMatchType: "EXACT" || "WITH_CHILD_GROUPS",
* },
* HierarchyGroupCondition: "<HierarchyGroupCondition>",
* },
* };
* const command = new SearchUsersCommand(input);
Expand Down
4 changes: 4 additions & 0 deletions clients/client-connect/src/commands/UpdateSecurityProfileCommand.ts
View file
Expand Up @@ -55,6 +55,10 @@ export interface UpdateSecurityProfileCommandOutput extends __MetadataBearer {}
* ],
* },
* ],
* HierarchyRestrictedResources: [ // HierarchyRestrictedResourceList
* "STRING_VALUE",
* ],
* AllowedAccessControlHierarchyGroupId: "STRING_VALUE",
* };
* const command = new UpdateSecurityProfileCommand(input);
* const response = await client.send(command);
Expand Down
12 changes: 12 additions & 0 deletions clients/client-connect/src/models/models_0.ts
View file
Expand Up @@ -4388,6 +4388,18 @@ export interface CreateSecurityProfileRequest {
* @public
*/
Applications?: Application[];

/**
* <p>The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: <code>User</code>.</p>
* @public
*/
HierarchyRestrictedResources?: string[];

/**
* <p>The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.</p>
* @public
*/
AllowedAccessControlHierarchyGroupId?: string;
}

/**
Expand Down
13 changes: 13 additions & 0 deletions clients/client-connect/src/models/models_1.ts
View file
Expand Up @@ -888,6 +888,19 @@ export interface SecurityProfile {
* @public
*/
LastModifiedRegion?: string;

/**
* <p>The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: <code>User</code>.</p>
* @public
*/
HierarchyRestrictedResources?: string[];

/**
* <p>The identifier of the hierarchy group that a security profile uses to restrict access to
* resources in Amazon Connect.</p>
* @public
*/
AllowedAccessControlHierarchyGroupId?: string;
}

/**
Expand Down
103 changes: 103 additions & 0 deletions clients/client-connect/src/models/models_2.ts
View file
Expand Up @@ -911,6 +911,74 @@ export interface HierarchyGroupCondition {
HierarchyGroupMatchType?: HierarchyGroupMatchType;
}

/**
* <p>A list of conditions which would be applied together with an <code>AND</code>
* condition.</p>
* @public
*/
export interface AttributeAndCondition {
/**
* <p>A leaf node condition which can be used to specify a tag condition.</p>
* @public
*/
TagConditions?: TagCondition[];

/**
* <p>A leaf node condition which can be used to specify a hierarchy group condition.</p>
* @public
*/
HierarchyGroupCondition?: HierarchyGroupCondition;
}

/**
* <p>An object that can be used to specify Tag conditions or Hierarchy Group conditions inside
* the <code>SearchFilter</code>.</p>
* <p>This accepts an <code>OR</code> of <code>AND</code> (List of List) input where:</p>
* <ul>
* <li>
* <p>The top level list specifies conditions that need to be applied with <code>OR</code>
* operator</p>
* </li>
* <li>
* <p>The inner list specifies conditions that need to be applied with <code>AND</code>
* operator.</p>
* </li>
* </ul>
* <note>
* <p>Only one field can be populated. Maximum number of allowed Tag conditions is 25. Maximum
* number of allowed Hierarchy Group conditions is 20. </p>
* </note>
* @public
*/
export interface ControlPlaneUserAttributeFilter {
/**
* <p>A list of conditions which would be applied together with an <code>OR</code>
* condition.</p>
* @public
*/
OrConditions?: AttributeAndCondition[];

/**
* <p>A list of conditions which would be applied together with an <code>AND</code>
* condition.</p>
* @public
*/
AndCondition?: AttributeAndCondition;

/**
* <p>A leaf node condition which can be used to specify a tag condition, for example, <code>HAVE
* BPO = 123</code>. </p>
* @public
*/
TagCondition?: TagCondition;

/**
* <p>A leaf node condition which can be used to specify a hierarchy group condition.</p>
* @public
*/
HierarchyGroupCondition?: HierarchyGroupCondition;
}

/**
* <p>Filters to be applied to search results.</p>
* @public
Expand All @@ -932,6 +1000,29 @@ export interface UserSearchFilter {
* @public
*/
TagFilter?: ControlPlaneTagFilter;

/**
* <p>An object that can be used to specify Tag conditions or Hierarchy Group conditions inside
* the SearchFilter.</p>
* <p>This accepts an <code>OR</code> of <code>AND</code> (List of List) input where:</p>
* <ul>
* <li>
* <p>The top level list specifies conditions that need to be applied with <code>OR</code>
* operator.</p>
* </li>
* <li>
* <p>The inner list specifies conditions that need to be applied with <code>AND</code>
* operator.</p>
* </li>
* </ul>
* <note>
* <p>Only one field can be populated. This object can’t be used along with TagFilter. Request
* can either contain TagFilter or UserAttributeFilter if SearchFilter is specified, combination of
* both is not supported and such request will throw AccessDeniedException.</p>
* </note>
* @public
*/
UserAttributeFilter?: ControlPlaneUserAttributeFilter;
}

/**
Expand Down Expand Up @@ -3968,6 +4059,18 @@ export interface UpdateSecurityProfileRequest {
* @public
*/
Applications?: Application[];

/**
* <p>The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: <code>User</code>.</p>
* @public
*/
HierarchyRestrictedResources?: string[];

/**
* <p>The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.</p>
* @public
*/
AllowedAccessControlHierarchyGroupId?: string;
}

/**
Expand Down
18 changes: 18 additions & 0 deletions clients/client-connect/src/protocols/Aws_restJson1.ts
View file
Expand Up @@ -897,6 +897,7 @@ import {
} from "../models/models_1";
import {
AnswerMachineDetectionConfig,
AttributeAndCondition,
ChatEvent,
ChatMessage,
ChatParticipantRoleConfig,
Expand All @@ -906,6 +907,7 @@ import {
ContactSearchSummaryAgentInfo,
ContactSearchSummaryQueueInfo,
ControlPlaneTagFilter,
ControlPlaneUserAttributeFilter,
DestinationNotAllowedException,
DisconnectReason,
EvaluationAnswerInput,
Expand Down Expand Up @@ -1849,9 +1851,11 @@ export const se_CreateSecurityProfileCommand = async (
let body: any;
body = JSON.stringify(
take(input, {
AllowedAccessControlHierarchyGroupId: [],
AllowedAccessControlTags: (_) => _json(_),
Applications: (_) => _json(_),
Description: [],
HierarchyRestrictedResources: (_) => _json(_),
Permissions: (_) => _json(_),
SecurityProfileName: [],
TagRestrictedResources: (_) => _json(_),
Expand Down Expand Up @@ -6151,9 +6155,11 @@ export const se_UpdateSecurityProfileCommand = async (
let body: any;
body = JSON.stringify(
take(input, {
AllowedAccessControlHierarchyGroupId: [],
AllowedAccessControlTags: (_) => _json(_),
Applications: (_) => _json(_),
Description: [],
HierarchyRestrictedResources: (_) => _json(_),
Permissions: (_) => _json(_),
TagRestrictedResources: (_) => _json(_),
})
Expand Down Expand Up @@ -11944,6 +11950,10 @@ const de_UserNotFoundExceptionRes = async (

// se_AssignContactCategoryActionDefinition omitted.

// se_AttributeAndCondition omitted.

// se_AttributeOrConditionList omitted.

// se_Attributes omitted.

// se_Campaign omitted.
Expand Down Expand Up @@ -11976,6 +11986,8 @@ const de_UserNotFoundExceptionRes = async (

// se_ControlPlaneTagFilter omitted.

// se_ControlPlaneUserAttributeFilter omitted.

/**
* serializeAws_restJson1CreateCaseActionDefinition
*/
Expand Down Expand Up @@ -12177,6 +12189,8 @@ const se_FieldValueUnion = (input: FieldValueUnion, context: __SerdeContext): an

// se_HierarchyLevelUpdate omitted.

// se_HierarchyRestrictedResourceList omitted.

// se_HierarchyStructureUpdate omitted.

/**
Expand Down Expand Up @@ -13495,6 +13509,8 @@ const de_HierarchyPath = (output: any, context: __SerdeContext): HierarchyPath =

// de_HierarchyPathReference omitted.

// de_HierarchyRestrictedResourceList omitted.

/**
* deserializeAws_restJson1HierarchyStructure
*/
Expand Down Expand Up @@ -14381,9 +14397,11 @@ const de_SecurityKeysList = (output: any, context: __SerdeContext): SecurityKey[
*/
const de_SecurityProfile = (output: any, context: __SerdeContext): SecurityProfile => {
return take(output, {
AllowedAccessControlHierarchyGroupId: __expectString,
AllowedAccessControlTags: _json,
Arn: __expectString,
Description: __expectString,
HierarchyRestrictedResources: _json,
Id: __expectString,
LastModifiedRegion: __expectString,
LastModifiedTime: (_: any) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
Expand Down

0 comments on commit 7fbd215

Please sign in to comment.