UNPKG

@cloud-copilot/iam-lens

Version:

Visibility in IAM in and across AWS accounts

github.com/cloud-copilot/iam-lens

cloud-copilot/iam-lens

44 lines 2.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
import { IamCollectClient, type InlinePolicy, type ManagedPolicy, type SimulationOrgPolicies } from './collect/client.js'; export interface PrincipalPolicies { managedPolicies: ManagedPolicy[]; inlinePolicies: InlinePolicy[]; permissionBoundary: ManagedPolicy | undefined; scps: SimulationOrgPolicies[]; rcps: SimulationOrgPolicies[]; groupPolicies?: { group: string; managedPolicies: ManagedPolicy[]; inlinePolicies: InlinePolicy[]; }[]; } /** * Get all the IAM policies for a user, including managed and inline policies, permission boundaries, and group policies. * * @param collectClient the IAM collect client to use for retrieving policies * @param principalArn the ARN of the user to get policies for * @returns an object containing the managed policies, inline policies, permission boundary, and group policies */ export declare function getAllPoliciesForUser(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>; /** * Get all the IAM policies for a role, including managed and inline policies and permission boundaries. * * @param collectClient the IAM collect client to use for retrieving policies * @param principalArn the ARN of the role to get policies for * @returns an object containing the managed policies, inline policies, and permission boundary */ export declare function getAllPoliciesForRole(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>; export declare function getAllPoliciesForPrincipal(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>; export declare function isArnPrincipal(principal: string): boolean; export declare function isServicePrincipal(principal: string): boolean; export declare function isServiceLinkedRole(principal: string): boolean; export declare function isOidcPrincipal(principal: string): boolean; export declare function isSamlPrincipal(principal: string): boolean; /** * Check to see if a principal exists or is an AWS service principal. * * @param principal the principal to check * @param collectClient the IAM collect client to use for checking existence * @returns true if the principal exists or is a service principal, false otherwise */ export declare function principalExists(principal: string, collectClient: IamCollectClient): Promise<boolean>; //# sourceMappingURL=principals.d.ts.map