@k9securityio/k9-cdk/lib/aws-iam-utils.d.ts

Provision strong AWS security policies easily using the AWS CDK.

import { PolicyDocument } from 'aws-cdk-lib/aws-iam';
/**
 * Gets the unique set of AWS Principal ARNs (or tokenized representation) that appear in the Principal element of
 * a Statement that Allows access from an existing PolicyDocument.  Parallels K9PolicyFactory#getAllowedPrincipalArns.
 *
 * Notes & Limitations:
 *  * only examines 'AWS' principal types, so no e.g. Service principals
 *  * only collects Principals from statements without a Condition element
 *  * does not do anything with NotPrincipal
 *
 * @param policyDocument to analyze
 * @return the set of allowed principal ARNs or tokens
 */
export declare function getAllowedPrincipalArns(policyDocument: PolicyDocument): Set<string>;