@cloud-copilot/iam-lens/dist/esm/principals.d.ts

Visibility in IAM in and across AWS accounts

import { IamCollectClient, InlinePolicy, ManagedPolicy, SimulationOrgPolicies } from './collect/client.js';
export interface PrincipalPolicies {
    managedPolicies: ManagedPolicy[];
    inlinePolicies: InlinePolicy[];
    permissionBoundary: ManagedPolicy | undefined;
    scps: SimulationOrgPolicies[];
    rcps: SimulationOrgPolicies[];
    groupPolicies?: {
        group: string;
        managedPolicies: ManagedPolicy[];
        inlinePolicies: InlinePolicy[];
    }[];
}
/**
 * Get all the IAM policies for a user, including managed and inline policies, permission boundaries, and group policies.
 *
 * @param collectClient the IAM collect client to use for retrieving policies
 * @param principalArn the ARN of the user to get policies for
 * @returns an object containing the managed policies, inline policies, permission boundary, and group policies
 */
export declare function getAllPoliciesForUser(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>;
/**
 * Get all the IAM policies for a role, including managed and inline policies and permission boundaries.
 *
 * @param collectClient the IAM collect client to use for retrieving policies
 * @param principalArn the ARN of the role to get policies for
 * @returns an object containing the managed policies, inline policies, and permission boundary
 */
export declare function getAllPoliciesForRole(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>;
export declare function getAllPoliciesForPrincipal(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>;
export declare function isArnPrincipal(principal: string): boolean;
export declare function isServicePrincipal(principal: string): boolean;
export declare function isServiceLinkedRole(principal: string): boolean;
//# sourceMappingURL=principals.d.ts.map