security

type AllowUser struct {
	// Specifies whether IAM users are allowed to manage access keys.
	ManageAccessKey *bool `json:"manage_accesskey,omitempty"`
	// Specifies whether IAM users are allowed to change their email addresses.
	ManageEmail *bool `json:"manage_email,omitempty"`
	// Specifies whether IAM users are allowed to change their mobile numbers.
	ManageMobile *bool `json:"manage_mobile,omitempty"`
	// Specifies whether IAM users are allowed to change their passwords.
	ManagePassword *bool `json:"manage_password,omitempty"`
}

type LoginPolicy struct {
	// Validity period (days) to disable users if they have not logged in within the period. Value range: 0-240.
	// Validity period (days) to disable users if they have not logged in within the period.
	// If this parameter is set to 0, no users will be disabled.
	AccountValidityPeriod *int `json:"account_validity_period"`
	// Custom information that will be displayed upon successful login.
	CustomInfoForLogin string `json:"custom_info_for_login"`
	// Duration (minutes) to lock users out.
	LockoutDuration int `json:"lockout_duration"`
	// Number of unsuccessful login attempts to lock users out.
	LoginFailedTimes int `json:"login_failed_times"`
	// Period (minutes) to count the number of unsuccessful login attempts.
	PeriodWithLoginFailures int `json:"period_with_login_failures"`
	// Session timeout (minutes) that will apply if you or users created using your account
	// do not perform any operations within a specific period.
	SessionTimeout int `json:"session_timeout"`
	// Indicates whether to display last login information upon successful login.
	ShowRecentLoginInfo *bool `json:"show_recent_login_info"`
}

type LoginProtectionConfig struct {
	// Indicates whether login protection has been enabled for a user. The value can be true or false.
	Enabled *bool `json:"enabled"`
	// User ID.
	UserId string `json:"user_id"`
	// Login authentication method of the user.
	VerificationMethod string `json:"verification_method"`
}

type LoginProtectionUpdateOpts struct {
	// Indicates whether login protection has been enabled for the user. The value can be true or false.
	Enabled *bool `json:"enabled" required:"true"`
	// Login authentication method of the user. Options: sms, email, and vmfa.
	VerificationMethod string `json:"verification_method" required:"true"`
}

type MfaDeviceResult struct {
	// Virtual MFA device serial number.
	SerialNumber string `json:"serial_number"`
	// User ID.
	UserId string `json:"user_id"`
}

type PasswordPolicy struct {
	// Maximum number of times that a character is allowed to consecutively present in a password.
	MaximumConsecutiveIdenticalChars int `json:"maximum_consecutive_identical_chars"`
	// Maximum number of characters that a password can contain.
	MaximumPasswordLength int `json:"maximum_password_length"`
	// Minimum period (minutes) after which users are allowed to make a password change.
	MinimumPasswordAge int `json:"minimum_password_age"`
	// Minimum number of characters that a password must contain.
	MinimumPasswordLength int `json:"minimum_password_length"`
	// Number of previously used passwords that are not allowed.
	NumberOfRecentPasswordsDisallowed int `json:"number_of_recent_passwords_disallowed"`
	// Indicates whether the password can be the username or the username spelled backwards.
	PasswordNotUsernameOrInvert *bool `json:"password_not_username_or_invert"`
	// Characters that a password must contain.
	PasswordRequirements string `json:"password_requirements"`
	// Password validity period (days).
	PasswordValidityPeriod int `json:"password_validity_period"`
	// Minimum number of character types that a password must contain. Value range: 2-4.
	PasswordCharCombination int `json:"password_char_combination"`
}

type ProtectionPolicy struct {
	// Indicates whether operation protection has been enabled. The value can be true or false.
	OperationProtection *bool `json:"operation_protection"`
	// Specifies whether a person is designated for verification.
	AdminCheck string `json:"admin_check"`
	// The verification method
	Scene string `json:"scene"`
	// The IAM attributes which user can modify
	AllowUser *AllowUser `json:"allow_user"`
	// Specifies mobile number used for verification
	Mobile string `json:"mobile"`
	// Specifies email address used for verification
	Email string `json:"email"`
}

type UpdateLoginPolicyOpts struct {
	// Validity period (days) to disable users if they have not logged in within the period. Value range: 0-240.
	// Validity period (days) to disable users if they have not logged in within the period.
	// If this parameter is set to 0, no users will be disabled.
	AccountValidityPeriod *int `json:"account_validity_period,omitempty"`
	// Custom information that will be displayed upon successful login.
	CustomInfoForLogin string `json:"custom_info_for_login,omitempty"`
	// Duration (minutes) to lock users out.
	LockoutDuration int `json:"lockout_duration,omitempty"`
	// Number of unsuccessful login attempts to lock users out.
	LoginFailedTimes int `json:"login_failed_times,omitempty"`
	// Period (minutes) to count the number of unsuccessful login attempts.
	PeriodWithLoginFailures int `json:"period_with_login_failures,omitempty"`
	// Session timeout (minutes) that will apply if you or users created using your account
	// do not perform any operations within a specific period.
	SessionTimeout int `json:"session_timeout,omitempty"`
	// Indicates whether to display last login information upon successful login.
	ShowRecentLoginInfo *bool `json:"show_recent_login_info,omitempty"`
}

type UpdatePasswordPolicyOpts struct {
	// Maximum number of times that a character is allowed to consecutively present in a password.
	MaximumConsecutiveIdenticalChars *int `json:"maximum_consecutive_identical_chars,omitempty"`
	// Minimum period (minutes) after which users are allowed to make a password change.
	MinimumPasswordAge *int `json:"minimum_password_age,omitempty"`
	// Minimum number of characters that a password must contain.
	MinimumPasswordLength *int `json:"minimum_password_length,omitempty"`
	// Number of previously used passwords that are not allowed.
	NumberOfRecentPasswordsDisallowed *int `json:"number_of_recent_passwords_disallowed,omitempty"`
	// Indicates whether the password can be the username or the username spelled backwards.
	PasswordNotUsernameOrInvert *bool `json:"password_not_username_or_invert,omitempty"`
	// Password validity period (days).
	PasswordValidityPeriod *int `json:"password_validity_period,omitempty"`
	// Minimum number of character types that a password must contain. Value range: 2-4.
	PasswordCharCombination *int `json:"password_char_combination,omitempty"`
}

type UpdateProtectionPolicyOpts struct {
	// Indicates whether operation protection has been enabled. The value can be true or false.
	OperationProtection *bool `json:"operation_protection" required:"true"`
	// Specifies the IAM attributes which user can modify
	AllowUser *AllowUser `json:"allow_user,omitempty"`
	// Specifies whether a person is designated for verification.
	// Valid options are the on and off.
	AdminCheck string `json:"admin_check,omitempty"`
	// Specifies mobile number used for verification
	Mobile string `json:"mobile,omitempty"`
	// Specifies email address used for verification
	Email string `json:"email,omitempty"`
	// Specifies the verification method. This parameter is mandatory when admin_check is set to on.
	// The valid options are mobile and email.
	Scene string `json:"scene,omitempty"`
}