import { AccessKeyLastUsed, AccessKeyMetadata, GroupDetail, IAMClient, LoginProfile, ManagedPolicyDetail, MFADevice, RoleDetail, Tag, User, UserDetail } from '@aws-sdk/client-iam'; import { Sync } from '../sync.js'; interface AccessKeyWithLastUsed extends AccessKeyMetadata { lastUsed?: AccessKeyLastUsed; } export declare const AuthorizationDetailsSync: Sync; /** * Get the access keys for an IAM user. * * @param region The region to use for the API call * @param credentials The credentials to use for the API call * @param userName The name of the user to lookup the access keys for * @returns Returns a list of access keys for the user. Will return an empty array if there are no access keys */ export declare function getAccessKeysForUser(client: IAMClient, userName: string): Promise; /** * Get the login profile for an IAM user if it exists. * * @param region The region to use for the API call * @param credentials The credentials to use for the API call * @param userName The name of the user to lookup the login profile for * @returns Returns the login profile for the user if it exists. Otherwise returns undefined */ export declare function getLoginProfileForUser(client: IAMClient, userName: string): Promise; /** * Get the MFA devices for an IAM user. * * @param region The region to use for the API call * @param credentials The credentials to use for the API call * @param userName The name of the user to lookup the MFA devices for * @returns Returns a list of MFA devices for the user. Will return an empty array if there are no MFA devices. */ export declare function getMfaDevicesForUser(client: IAMClient, userName: string): Promise; /** * Parses a username out of an ARN. Does not validate the ARN is a valid IAM user ARN. * * @param arn The arn to parse the username out of * @returns Returns the username from the ARN */ export declare function parseUsernameFromArn(arn: string): string; /** * Get all IAM users in an account. * * @param region The region to use for the API call * @param credentials The credentials to use for the API call * @returns Returns a list of all IAM users in the account */ export declare function getAllUsers(client: IAMClient): Promise; export interface UserWithMetadata extends User { metadata: { hasConsoleAccess: boolean; createdAt: Date; passwordChanged?: Date; passwordLastUsed?: Date; mfaEnabled: boolean; numberAccessKeys: number; oldestAccessKey?: Date; accessKeyLastUsed?: Date; accessKeys?: AccessKeyWithLastUsed[]; managedPolicies: string[]; inlinePolicies: any[]; groups: string[]; }; } /** * Get all IAM users in an account with metadata about each user. * * @param region The region to use for the API call * @param credentials The credentials to use for the API call * @returns Returns all users for the account with metadata about each user */ export declare function getAllUsersWithMetadata(client: IAMClient): Promise; interface ManagedPolicyDetailWithExtraData extends ManagedPolicyDetail { Tags?: Tag[]; } /** * Return the results of the Authorization Details call for this account. * Excludes users and AWS managed policies. * * @param credentials The credentials to use for the API call * @returns Returns the results of the Authorization Details call for this account */ export declare function getAuthorizationDetails(client: IAMClient): Promise<{ groups: GroupDetail[]; roles: RoleDetail[]; policies: ManagedPolicyDetailWithExtraData[]; awsManagedPolicies: ManagedPolicyDetail[]; users: UserDetail[]; }>; interface AttachedPolicy { name: string; document: any; } /** * Gets the policies that are attached directly to a role. Does not include managed policies. * * @param credentials The credentials to use for the API call * @param roleName The name of the role to get the policies for * @returns Returns the policies that are attached directly to the role */ export declare function getPoliciesAttachedDirectlyToRole(client: IAMClient, roleName: string): Promise; export declare function getManagedPoliciesAttachedToRole(client: IAMClient, roleName: string): Promise; export {}; //# sourceMappingURL=authorizationDetails.d.ts.map