@cloud-copilot/iam-simulate

Version:

Simulate evaluation of AWS IAM policies

47 lines • 1.96 kB

TypeScript

import { ValidationError } from '@cloud-copilot/iam-policy'; import { RequestAnalysis } from '../evaluate.js'; import { Simulation } from './simulation.js'; import { SimulationOptions } from './simulationOptions.js'; export interface SimulationErrors { identityPolicyErrors?: Record<string, ValidationError[]>; serviceControlPolicyErrors?: Record<string, ValidationError[]>; resourceControlPolicyErrors?: Record<string, ValidationError[]>; permissionBoundaryErrors?: Record<string, ValidationError[]>; resourcePolicyErrors?: ValidationError[]; vpcEndpointErrors?: Record<string, ValidationError[]>; message: string; } export interface SimulationResult { errors?: SimulationErrors; analysis?: RequestAnalysis; /** * The resource type that was used for the simulation, if applicable. * * Will only be present if the request passes validation to reach the policy * evaluation stage and the action is not a wildcard-only action. */ resourceType?: string; /** * Any context keys provided in the request that were filtered out before * policy evaluation because they do not apply to the action/resource type. * * This will only be present if the request passes validation to reach the * policy evaluation stage. * * If no context keys were ignored, this will be present and an empty array. */ ignoredContextKeys?: string[]; } /** * Run a simulation with validation * * @param simulation The simulation to run * @param simulationOptions Options for the simulation * @returns */ export declare function runSimulation(simulation: Simulation, simulationOptions: Partial<SimulationOptions>): Promise<SimulationResult>; export declare function normalizeSimulationParameters(simulation: Simulation): Promise<{ validContextValues: Record<string, string | string[]>; ignoredContextKeys: string[]; }>; //# sourceMappingURL=simulationEngine.d.ts.map