Amazon Verified Permissions Update: Adds deletion protection support to policy stores. Deletion protection is disabled by default, can be enabled via the CreatePolicyStore or UpdatePolicyStore APIs, and is visible in GetPolicyStore.

Author: AWS

.changes/next-release/feature-AmazonVerifiedPermissions-cebdf80.json

@@ -0,0 +1,6 @@
+{
+    "type": "feature",
+    "category": "Amazon Verified Permissions",
+    "contributor": "",
+    "description": "Adds deletion protection support to policy stores. Deletion protection is disabled by default, can be enabled via the CreatePolicyStore or UpdatePolicyStore APIs, and is visible in GetPolicyStore."
+}

services/verifiedpermissions/src/main/resources/codegen-resources/service-2.json

@@ -192,6 +192,7 @@
       "output":{"shape":"DeletePolicyStoreOutput"},
       "errors":[
         {"shape":"ValidationException"},
+        {"shape":"InvalidStateException"},
         {"shape":"AccessDeniedException"},
         {"shape":"ThrottlingException"},
         {"shape":"InternalServerException"}
@@ -1274,6 +1275,10 @@
         "description":{
           "shape":"PolicyStoreDescription",
           "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>"
+        },
+        "deletionProtection":{
+          "shape":"DeletionProtection",
+          "documentation":"<p>Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.</p> <p>The default state is <code>DISABLED</code>.</p>"
         }
       }
     },
@@ -1452,6 +1457,13 @@
       "members":{
       }
     },
+    "DeletionProtection":{
+      "type":"string",
+      "enum":[
+        "ENABLED",
+        "DISABLED"
+      ]
+    },
     "DeterminingPolicyItem":{
       "type":"structure",
       "required":["policyId"],
@@ -1757,6 +1769,10 @@
         "description":{
           "shape":"PolicyStoreDescription",
           "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>"
+        },
+        "deletionProtection":{
+          "shape":"DeletionProtection",
+          "documentation":"<p>Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.</p> <p>The default state is <code>DISABLED</code>.</p>"
         }
       }
     },
@@ -2011,6 +2027,15 @@
       "fault":true,
       "retryable":{"throttling":false}
     },
+    "InvalidStateException":{
+      "type":"structure",
+      "required":["message"],
+      "members":{
+        "message":{"shape":"String"}
+      },
+      "documentation":"<p>The policy store can't be deleted because deletion protection is enabled. To delete this policy store, disable deletion protection.</p>",
+      "exception":true
+    },
     "IpAddr":{
       "type":"string",
       "max":44,
@@ -3395,6 +3420,10 @@
           "shape":"ValidationSettings",
           "documentation":"<p>A structure that defines the validation settings that want to enable for the policy store.</p>"
         },
+        "deletionProtection":{
+          "shape":"DeletionProtection",
+          "documentation":"<p>Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted.</p> <p>When you call <code>UpdatePolicyStore</code>, this parameter is unchanged unless explicitly included in the call.</p>"
+        },
         "description":{
           "shape":"PolicyStoreDescription",
           "documentation":"<p>Descriptive text that you can provide to help with identification of the current policy store.</p>"