@cloud-copilot/iam-policy

import { Action } from '../actions/action.js'; import { Condition } from '../conditions/condition.js'; import { Principal } from '../principals/principal.js'; import { Resource } from '../resources/resource.js'; /** * Represents a statement in an IAM policy */ export interface Statement { /** * The index of the statement in the policy, starts from 1 */ index(): number; /** * The optional Sid (Statement ID) for a statement */ sid(): string | undefined; /** * The effect of the statement, either 'Allow' or 'Deny' */ effect(): string; /** * Is the statement an Allow statement */ isAllow(): boolean; /** * Is the statement a Deny statement */ isDeny(): boolean; /** * The conditions of the statement as a map similar to the AWS IAM policy document. * In this case all condition values are arrays, instead of strings or arrays. */ conditionMap(): Record<string, Record<string, string[]>> | undefined; /** * The conditions for the statement */ conditions(): Condition[]; /** * Does the statement have a Principal */ isPrincipalStatement(): this is PrincipalStatement; /** * Does the statement have a NotPrincipal */ isNotPrincipalStatement(): this is NotPrincipalStatement; /** * Does the statement have an Action */ isActionStatement(): this is ActionStatement; /** * Does the statement have a NotAction */ isNotActionStatement(): this is NotActionStatement; /** * Does the statement have a Resource */ isResourceStatement(): this is ResourceStatement; /** * Does the statement have a NotResource */ isNotResourceStatement(): this is NotResourceStatement; /** * The path to the statement in the policy */ path(): string; } /** * Represents a statement in an IAM policy that has Action */ export interface ActionStatement extends Statement { /** * The actions for the statement */ actions(): Action[]; /** * Is the Action element an array of strings */ actionIsArray(): boolean; } /** * Represents a statement in an IAM policy that has NotAction */ export interface NotActionStatement extends Statement { /** * The not actions for the statement */ notActions(): Action[]; /** * Is the NotAction element an array of strings */ notActionIsArray(): boolean; } /** * Represents a statement in an IAM policy that has Resource */ export interface ResourceStatement extends Statement { /** * The resources for the statement */ resources(): Resource[]; /** * Is the Resource element exactly a single wildcard: `"*"` */ hasSingleResourceWildcard(): boolean; /** * Is the Resource element an array of strings */ resourceIsArray(): boolean; } /** * Represents a statement in an IAM policy that has NotResource */ export interface NotResourceStatement extends Statement { /** * The not resources for the statement */ notResources(): Resource[]; /** * Is the NotResource element exactly a single wildcard: `"*"` */ hasSingleNotResourceWildcard(): boolean; /** * Is the resource element an array of strings */ notResourceIsArray(): boolean; } /** * Represents a statement in an IAM policy that has Principal */ export interface PrincipalStatement extends Statement { /** * The principals for the statement */ principals(): Principal[]; /** * Is the Principal type is an array of strings * * @param principalType the type of the Principal such as "AWS", "Service", etc. * @returns true if the principal type is an array of strings in the raw policy */ principalTypeIsArray(principalType: string): boolean; /** * Is the Principal element a single wildcard: `"*"` */ hasSingleWildcardPrincipal(): boolean; } /** * Represents a statement in an IAM policy that has NotPrincipal */ export interface NotPrincipalStatement extends Statement { /** * The not principals for the statement */ notPrincipals(): Principal[]; /** * Is the NotPrincipal type is an array of strings * * @param notPrincipalType the type of the NotPrincipal such as "AWS", "Service", etc. * @returns true if the NotPrincipal type is an array of strings in the raw policy */ notPrincipalTypeIsArray(notPrincipalType: string): boolean; /** * Is the NotPrincipal element a single wildcard: `"*"` */ hasSingleWildcardNotPrincipal(): boolean; } /** * Implementation of the Statement interface and all its sub-interfaces */ export declare class StatementImpl implements Statement, ActionStatement, NotActionStatement, ResourceStatement, NotResourceStatement, PrincipalStatement { private readonly statementObject; private readonly _index; private readonly otherProps; constructor(statementObject: any, _index: number, otherProps: { path: string; }); index(): number; path(): string; sid(): string | undefined; effect(): string; isAllow(): boolean; isDeny(): boolean; isPrincipalStatement(): this is PrincipalStatement; isNotPrincipalStatement(): this is NotPrincipalStatement; principals(): Principal[]; principalTypeIsArray(principalType: string): boolean; hasSingleWildcardPrincipal(): boolean; notPrincipals(): Principal[]; notPrincipalTypeIsArray(notPrincipalType: string): boolean; hasSingleWildcardNotPrincipal(): boolean; /** * Parse the principal object into PrincipalImpl objects. * * This is non trivial and we don't want to implement this in each function. * * @param principals the Principal or NotPrincipal object ot parse * @returns the backing principals for a Principal or NotPrincipal object */ private parsePrincipalObject; isActionStatement(): this is ActionStatement; isNotActionStatement(): this is NotActionStatement; actions(): Action[]; private createNewActions; actionIsArray(): boolean; notActions(): Action[]; private createNewNotActions; notActionIsArray(): boolean; isResourceStatement(): this is ResourceStatement; isNotResourceStatement(): this is NotResourceStatement; resources(): Resource[]; private createNewResources; hasSingleResourceWildcard(): boolean; resourceIsArray(): boolean; notResources(): Resource[]; private createNewNotResources; notResourceIsArray(): boolean; hasSingleNotResourceWildcard(): boolean; conditionMap(): Record<string, Record<string, string[]>> | undefined; conditions(): Condition[]; private createNewConditions; } //# sourceMappingURL=statement.d.ts.map