diff --git a/CHANGELOG.md b/CHANGELOG.md index 17325c87..a4c4c348 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,3 +2,4 @@ - Fix documented method return types - Adding sessionTime property to getKeys/getIAMKeys response + diff --git a/dist/alks.umd.js b/dist/alks.umd.js index ff65df7b..9480438f 100644 --- a/dist/alks.umd.js +++ b/dist/alks.umd.js @@ -17529,1354 +17529,1354 @@ var require$$3 = /*@__PURE__*/getAugmentedNamespace(lib); - var tslib_1 = require$$0$1; - var packageJson = tslib_1.__importStar(require$$1$1); - var buffer_1 = require$$2; - tslib_1.__importDefault(require$$3); - var fetch = window.fetch.bind(window) - ; - var ALKS; - (function (ALKS) { - function isStsAuth(a) { - return a.accessKey !== undefined; - } - function isPasswordAuth(a) { - return a.userid !== undefined; - } - function isTokenAuth(a) { - return a.accessToken !== undefined; - } - (function (TrustType) { - TrustType["CrossAccount"] = "Cross Account"; - TrustType["InnerAccount"] = "Inner Account"; - })(ALKS.TrustType || (ALKS.TrustType = {})); - (function (PseudoBoolean) { - PseudoBoolean[PseudoBoolean["True"] = 1] = "True"; - PseudoBoolean[PseudoBoolean["False"] = 0] = "False"; - })(ALKS.PseudoBoolean || (ALKS.PseudoBoolean = {})); - /** - * ALKS JavaScript API - */ - var Alks = /** @class */ (function () { - function Alks(config) { - this.config = config; - } - /** - * Returns a new instance of alks with pre-defined properties (which don't need to be supplied to every method). - * - * Any of the properties required by other methods can be specified here. - * - * Properties present on the current object are carried through to the newly created one. - * - * @param {Object} props - An object containing settings for the new ALKS object - * @returns {alks} - * @example - * var myAlks = alks.create({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * }) - * - * myAlks.getKeys({ - * account: 'anAccount', - * role: 'PowerUser', - * sessionTime: 2 - * }).then((creds) => { - * // creds.accessKey, creds.secretKey, creds.sessionToken - * }) - */ - Alks.prototype.create = function (props) { - var config = tslib_1.__assign(tslib_1.__assign({}, this.config), props); - return new Alks(config); - }; - /** - * Returns a Promise for an array of AWS accounts (and roles) accessible by the user - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @returns {Promise} - * @example - * alks.getAccounts({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * }).then((accounts) => { - * // accounts[0].account, accounts[0].role, accounts[0].iamKeyActive, accounts[0].maxKeyDuration, accounts[0].skypieaAccount - * }) - */ - Alks.prototype.getAccounts = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('getAccounts', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, Object.keys(results.accountListRole).map(function (key) { return ({ - account: key, - role: results.accountListRole[key][0].role, - iamKeyActive: results.accountListRole[key][0].iamKeyActive, - maxKeyDuration: results.accountListRole[key][0].maxKeyDuration, - securityLevel: results.accountListRole[key][0].securityLevel, - skypieaAccount: results.accountListRole[key][0].skypieaAccount, - }); })]; - } - }); - }); - }; - /** - * Returns a Promise for AWS STS credentials from ALKS. - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The AWS account to use when provisioning the credentials - * @param {string} props.role - The ALKS role to use when provisioning the credentials - * @param {string} props.sessionTime - The session length for the credentials, in hours - * @returns {Promise} - * @example - * alks.getKeys({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'PowerUser', - * sessionTime: 2 - * }).then((creds) => { - * // creds.accessKey, creds.secretKey, creds.sessionToken, creds.consoleURL - * }) - */ - Alks.prototype.getKeys = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('getKeys', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, [ - 'accessKey', - 'secretKey', - 'sessionToken', - 'consoleURL', - 'sessionTime', - ])]; - } - }); - }); - }; - /** - * Returns a Promise for AWS STS credentials with IAM permissions from ALKS. - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The AWS account to use when provisioning the credentials - * @param {string} props.role - The ALKS role to use when provisioning the credentials - * @param {number} props.sessionTime - The session length for the credentials, in hours - * @returns {Promise} - * @example - * alks.getIAMKeys({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * sessionTime: 1 - * }).then((creds) => { - * // creds.accessKey, creds.secretKey, creds.sessionToken, creds.consoleURL - * }) - */ - Alks.prototype.getIAMKeys = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('getIAMKeys', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, [ - 'accessKey', - 'secretKey', - 'sessionToken', - 'consoleURL', - 'sessionTime', - ])]; - } - }); - }); - }; - /** - * Returns a Promise for an array of all available role types (AWS IAM role types, custom role types) and their details - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {boolean} [props.getDynamicValues] - Whether to include the names of any template variables in the response (defaults to false) - * @returns {Promise>} - * @example - * alks.getAllAWSRoleTypes({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * }).then((roleTypes) { - * // roleTypes[i].roleTypeName, roleTypes[i].defaultArns, roleTypes[i].trustRelationship - * }) - * - * @example - * alks.getAllAWSRoleTypes({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * getDynamicValues: true, - * }).then((roleTypes) { - * // roleTypes[i].roleTypeName, roleTypes[i].defaultArns, roleTypes[i].trustRelationship, roleTypes[i].templateVariables[i] - * }) - */ - Alks.prototype.getAllAWSRoleTypes = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var url, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - url = props.getDynamicValues - ? 'allAwsRoleTypes?getDynamicValues=true' - : 'allAwsRoleTypes'; - return [4 /*yield*/, this.internalFetch(url, props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.roleTypes]; - } - }); - }); - }; - /** - * Returns a Promise for an array of available AWS IAM role types - * - * @deprecated Replaced by getAllAWSRoleTypes which includes all AWS role types and their details - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @returns {Promise>} - * @example - * alks.getAWSRoleTypes({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * }).then((roleTypes) { - * // ['AWS Lambda', 'Amazon EC2', ... ] - * }) - */ - Alks.prototype.getAWSRoleTypes = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('getAWSRoleTypes', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, JSON.parse(results.roleTypes)]; - } - }); - }); - }; - /** - * Returns a Promise for an array of available custom role types - * - * @deprecated Replaced by getAllAWSRoleTypes which includes all AWS role types and their details - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @returns {Promise>} - * @example - * alks.getNonServiceAWSRoleTypes({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * }).then((roleTypes) => { - * // ['AWS Lambda', 'Amazon EC2', ...] - * }) - */ - Alks.prototype.getNonServiceAWSRoleTypes = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('getNonServiceAWSRoleTypes', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, JSON.parse(results.roleTypes)]; - } - }); - }); - }; - /** - * Returns a Promise for the results of creating a new custom AWS IAM account role - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.roleName - The name of the custom AWS IAM role to create - * @param {string} props.roleType - The type of AWS role to use when creating the new role - * @param {Object} props.trustPolicy - * @param {number} props.includeDefaultPolicy - Whether to include the default policy in the new role (1 = yes, 0 = no) - * @param {boolean} props.enableAlksAccess - Whether the role has a machine identity - * @param {Object} props.templateFields - An object whose keys are template variable names and values are the value to substitute for those template variables - * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} - * @returns {Promise} - * @example - * alks.createRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName', - * roleType: 'Amazon EC2', - * includeDefaultPolicy: 1, - * enableAlksAccess: true - * }).then((role) => { - * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags - * }) - * @example - * alks.createRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName', - * trustPolicy: { - * "Version": "2012-10-17", - * "Statement": [ - * { - * "Action": "sts:AssumeRole", - * "Effect": "Allow", - * "Principal": { - * "Service": "ec2.amazonaws.com" - * } - * } - * ] - * }, - * includeDefaultPolicy: 1, - * enableAlksAccess: true - * }).then((role) => { - * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags - * }) - * @example - * alks.createRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName', - * roleType: 'Amazon EKS IRSA', - * includeDefaultPolicy: 1, - * enableAlksAccess: false, - * templateFields: { - * OIDC_PROVIDER: 'oidc.eks.us-east-1.amazonaws.com/id/88G998884RBAD6687HBE3GETY67FQE04', - * K8S_NAMESPACE: 'myNamespace', - * K8S_SERVICE_ACCOUNT: 'myServiceAccount' - * } - * tags: [ - * { - * key: "tagkey1", - * value: "tagValue1" - * }, - * { - * key: "tagkey1", - * value: "tagvalue2" - * } - * ], - * }).then((role) => { - * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags - * }) - */ - Alks.prototype.createRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var roleTypeExists, trustPolicyExists, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - roleTypeExists = props.roleType != null; - trustPolicyExists = props.trustPolicy != null; - if (!(roleTypeExists !== trustPolicyExists)) return [3 /*break*/, 2]; - return [4 /*yield*/, this.internalFetch('createRole', props)]; - case 1: - results = _a.sent(); - results.denyArns = results.denyArns.split(','); - return [2 /*return*/, pick(results, [ - 'roleArn', - 'denyArns', - 'instanceProfileArn', - 'addedRoleToInstanceProfile', - 'tags', - ])]; - case 2: throw new Error("Must include roleType or trustPolicy, but not both."); - } - }); - }); - }; - /** - * Returns a Promise for the results of creating a new custom AWS IAM trust role - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.roleName - The name of the custom AWS IAM role to create - * @param {string} props.roleType - The type of AWS role to use when creating the new role - * @param {number} props.includeDefaultPolicy - Whether to include the default policy in the new role (1 = yes, 0 = no) - * @param {string} props.trustArn - The Arn of the existing role to trust - * @param {string} props.trustType - Whether the trust is 'Cross Account' or 'Inner Account' - * @param {boolean} props.enableAlksAccess - Whether the role has a machine identity - * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} - * @returns {Promise} - * @example - * alks.createNonServiceRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName', - * roleType: 'Amazon EC2', - * includeDefaultPolicy: 1, - * trustArn: 'anExistingRoleArn', - * trustType: 'Cross Account', - * enableAlksAccess: true - * }).then((role) => { - * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags - * }) - * @@example - * * alks.createNonServiceRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName', - * roleType: 'Amazon EC2', - * includeDefaultPolicy: 1, - * trustArn: 'anExistingRoleArn', - * trustType: 'Cross Account', - * enableAlksAccess: true, - * tags: [ - * { - * key: "tagkey1", - * value: "tagValue1" - * }, - * { - * key: "tagkey1", - * value: "tagvalue2" - * } - * ], - * }).then((role) => { - * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags - * }) - */ - Alks.prototype.createNonServiceRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('createNonServiceRole', props)]; - case 1: - results = _a.sent(); - results.denyArns = results.denyArns.split(','); - return [2 /*return*/, pick(results, [ - 'roleArn', - 'denyArns', - 'instanceProfileArn', - 'addedRoleToInstanceProfile', - 'tags', - ])]; - } - }); - }); - }; - /** - * Returns a Promise for an array of AWS account roles - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The account number to get AWS roles for - * @returns {Promise} - * @example - * alks.awsAccountRoles({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: '1234567890', - * }).then((roles) => { - * // roles[i].roleArn, roles[i].isMachineIdentity, roles[i].assumeRolePolicyDocument - * }) - */ - Alks.prototype.awsAccountRoles = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch("awsAccountRoles?account=" + props.account, props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.awsRoleList]; - } - }); - }); - }; - /** - * Returns a Promise for an array of AWS custom AWS IAM account roles - * - * @deprecated Replaced by awsAccountRoles which includes AWS account roles and their details - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @returns {Promise} - * @example - * alks.listAWSAccountRoles({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * }).then((roleNames) => { - * // ['customRole1', 'customRole2', ...] - * }) - */ - Alks.prototype.listAWSAccountRoles = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('listAWSAccountRoles', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, JSON.parse(results.jsonAWSRoleList).map(function (r) { return r.split('/').slice(-1)[0]; })]; - } - }); - }); - }; - /** - * Returns a Promise for the Amazon Resource Name (ARN) of a custom AWS IAM account role - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.roleName - The name of the custom AWS IAM role - * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} - * @returns {Promise} - * @example - * alks.getAccountRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName' - * }).then((role) => { - * // role.roleArn, role.isMachineIdentity, role.instanceProfileArn, role.tags, role.maxSessionDurationInSeconds - * }) - */ - Alks.prototype.getAccountRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('getAccountRole', props)]; - case 1: - results = _a.sent(); - if (!results.roleExists) { - throw new Error("Role " + props.roleName + " does not exist in this account"); - } - return [2 /*return*/, tslib_1.__assign(tslib_1.__assign({}, pick(results, [ - 'roleArn', - 'isMachineIdentity', - 'tags', - 'maxSessionDurationInSeconds', - ])), { instanceProfileArn: results.instanceProfileARN })]; - } - }); - }); - }; - /** - * Returns a Promise for the Amazon Resource Name (ARN) of a custom AWS IAM account role - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.roleName - The name of the custom AWS IAM role - * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} - * @returns {Promise} - * @example - * alks.updateRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName' - * }).then((role) => { - * // role.roleArn, role.isMachineIdentity, role.instanceProfileArn, role.tags - * }) - */ - Alks.prototype.updateRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('role', props, 'PATCH')]; - case 1: - results = _a.sent(); - if (!results.roleExists) { - throw new Error("Role " + props.roleName + " does not exist in this account"); - } - return [2 /*return*/, tslib_1.__assign(tslib_1.__assign({}, pick(results, ['roleArn', 'isMachineIdentity', 'tags'])), { instanceProfileArn: results.instanceProfileARN })]; - } - }); - }); - }; - /** - * Returns a Promise for a boolean "true" indicating the role was deleted - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.roleName - The name of the custom AWS IAM role - * @returns {Promise} - * @example - * alks.deleteRole({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * roleName: 'awsRoleName' - * }).then(() => { - * // success! - * }) - */ - Alks.prototype.deleteRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('deleteRole', props)]; - case 1: - _a.sent(); - return [2 /*return*/, true]; - } - }); - }); - }; - /** - * Returns a Promise for a string arn indicating the role was enabled for machine identity - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.roleArn - The Amazon Resource Name (ARN) associated with the role - * @returns {Promise} - * @example - * alks.addRoleMachineIdentity({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * roleARN: 'arn:aws:iam::123:role/acct-managed/awsRoleName' - * }).then((roleARN) => { - * // arn:aws:iam::123:role/acct-managed/awsRoleName - * }) - */ - Alks.prototype.addRoleMachineIdentity = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('roleMachineIdentity', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, ['machineIdentityArn'])]; - } - }); - }); - }; - /** - * Returns a Promise for a string arn indicating the role was disabled for machine identity - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.roleArn - The Amazon Resource Name (ARN) associated with the role - * @returns {Promise} - * @example - * alks.deleteRoleMachineIdentity({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * roleARN: 'arn:aws:iam::123:role/acct-managed/awsRoleName' - * }).then((roleARN) => { - * // arn:aws:iam::123:role/acct-managed/awsRoleName - * }) - */ - Alks.prototype.deleteRoleMachineIdentity = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('roleMachineIdentity', props, 'DELETE')]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, ['machineIdentityArn'])]; - } - }); - }); - }; - /** - * Returns a Promise for a list of users who have access to the given account - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.accountId - The accountId used to find which users have access to the account - * @returns {Promise} - * @example - * alks.getUserAccess({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * accountId: '012345678910', - * }).then((users) => { - * // users[i].sAMAccountName, users[i].displayName, users[i].email, users[i].title, users[i].department - * }) - */ - Alks.prototype.getUserAccess = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var accountId, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - accountId = props.accountId; - return [4 /*yield*/, this.internalFetch("userAccess/" + accountId, props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.users]; - } - }); - }); - }; - /** - * Returns a Promise for a map of role names to the list of users with that role for a given account - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.accountId - The accountId used to find which users have access to the account - * @returns {Promise} - * @example - * alks.getUserAccess({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * accountId: '012345678910', - * }).then((users) => { - * // users['Admin'].sAMAccountName, users['Admin'].displayName, users['Admin'].email, users['Admin'].title, users['Admin'].department - * }) - */ - Alks.prototype.getUserAccessByRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var accountId, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - accountId = props.accountId; - return [4 /*yield*/, this.internalFetch("reports/users-by-role?accountId=" + accountId, props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.users]; - } - }); - }); - }; - /** - * Returns a Promise for a list of roles a user has for a given account - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.accountId - The accountId used to find which users have access to the account - * @param {string} props.sAMAccountName - The network id of the user to lookup - * @returns {Promise} - * @example - * alks.getUserRoleAccess({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * accountId: '012345678910', - * sAMAccountName: 'bob1', - * }).then((roles) => { - * // ['Admin', 'LabAdmin', ...] - * }) - */ - Alks.prototype.getUserRoleAccess = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var accountId, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - accountId = props.accountId; - return [4 /*yield*/, this.internalFetch("userAccess/roles/" + accountId, props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.roles]; - } - }); - }); - }; - /** - * Returns a Promise containing a list of the account owners for an account - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.accountId - The accountId used to find which users have access to the account - * @returns {Promise} - * @example - * alks.getAccountOwners({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * accountId: '012345678910', - * }).then((owners) => { - * // owners[0].sAMAccountName, owners[0].displayName, owners[0].email, owners[0].title, owners[0].department - * }) - */ - Alks.prototype.getAccountOwners = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var accountId, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - accountId = props.accountId; - return [4 /*yield*/, this.internalFetch("userAccess/owners/" + accountId, props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.accountOwners]; - } - }); - }); - }; - /** - * Returns a Promise for the results of creating new IAM user and long-term access keys - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.iamUserName - The name of the IAM user to create - * @returns {Promise} - * @example - * alks.createAccessKeys({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * iamUserName: 'iamUserName' - * }).then((user) => { - * // user.iamUserArn, user.accessKey, user.secretKey, user.addedIAMUserToGroup - * }) - * @example - * alks.createAccessKeys({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * iamUserName: 'iamUserName' - * tags: [ - * { - * key: "tagkey1", - * value: "tagValue1" - * }, - * { - * key: "tagkey1", - * value: "tagvalue2" - * } - * ], - * }).then((user) => { - * // user.iamUserArn, user.accessKey, user.secretKey, user.addedIAMUserToGroup - * }) - */ - Alks.prototype.createAccessKeys = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('accessKeys', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, [ - 'iamUserArn', - 'accessKey', - 'secretKey', - 'addedIAMUserToGroup', - 'tags', - ])]; - } - }); - }); - }; - /** - * Returns a Promise for an IamUser - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.iamUserName - The name of the custom AWS IAM user - * @returns {Promise} - * @example - * alks.getIamUser({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * iamUserName: 'iamUserName' - * }).then((role) => { - * user.iamUserArn, user.AccountId, user.userName, user.accessKey, user.tags - * }) - */ - Alks.prototype.getIamUser = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch("iam-users/id/" + props.account + "/" + props.iamUserName, props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results.item, [ - 'arn', - 'accountId', - 'userName', - 'accessKey', - 'tags', - ])]; - } - }); - }); - }; - /** - * Returns a Promise for the results of updating an IAM user - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.iamUserName - The name of the IAM user to update - * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} - * @returns {Promise} - * @example - * alks.updateIamUser({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * iamUserName: 'iamUserName', - * }).then((user) => { - * // user.iamUserArn, user.AccountId, user.userName, user.accessKey, user.tags - * }) - * @example - * alks.updateIamUser({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * iamUserName: 'iamUserName' - * tags: [ - * { - * key: "tagkey1", - * value: "tagValue1" - * }, - * { - * key: "tagkey1", - * value: "tagvalue2" - * } - * ], - * }).then((user) => { - * // user.iamUserArn, user.AccountId, user.userName, user.accessKey, user.tags - * }) - */ - Alks.prototype.updateIamUser = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var internalFetchProps, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - internalFetchProps = tslib_1.__assign(tslib_1.__assign({}, props), { user: { - tags: props.tags, - } }); - delete internalFetchProps.tags; - return [4 /*yield*/, this.internalFetch("iam-users/id/" + props.account + "/" + props.iamUserName, internalFetchProps, 'PATCH')]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results.item, [ - 'arn', - 'accountId', - 'userName', - 'accessKey', - 'tags', - ])]; - } - }); - }); - }; - /** - * Returns a Promise for a boolean "true" indicating the IAM user and long-term access keys were deleted - * - * @param {Object} props - An object containing the following properties - * @param {string} props.baseUrl - The base URL of the ALKS service - * @param {string} props.accessToken - The OAuth2 access token used to authorize the request - * @param {string} props.account - The user's account associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @param {string} props.iamUserName - The name of the IAM user to delete - * @returns {Promise} - * @example - * alks.deleteIAMUser({ - * baseUrl: 'https://your.alks-host.com', - * accessToken: 'abc123', - * account: 'anAccount', - * role: 'IAMAdmin', - * iamUserName: 'iamUserName' - * }).then(() => { - * // success! - * }) - */ - Alks.prototype.deleteIAMUser = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('IAMUser', props, 'DELETE')]; - case 1: - _a.sent(); - return [2 /*return*/, true]; - } - }); - }); - }; - /** - * Returns the version of the ALKS Rest API - * - * @param {Object} props - An object containing the following properties - * @returns {Promise} - * @example - * alks.version({ - * ... - * }).then((data) => { - * // data.version - * }) - */ - Alks.prototype.version = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('version', props, 'GET')]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, ['version'])]; - } - }); - }); - }; - /** - * Returns information about one of the roles used to generate keys - * - * @param {Object} props - An object containing the following properties - * @param {string} props.accountId - The 12-digit account ID associated with the custom role - * @param {string} props.role - The user's role associated with the account - * @returns {Promise} - * @example - * alks.getLoginRole({ - * ... - * }).then((loginRole) => { - * // loginRole.account, loginRole.role, loginRole.iamKeyActive, loginRole.maxKeyDuration - * }) - */ - Alks.prototype.getLoginRole = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var accountId, role, results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - accountId = props.accountId, role = props.role; - return [4 /*yield*/, this.internalFetch("loginRoles/id/" + accountId + "/" + role, props, 'GET')]; - case 1: - results = (_a.sent()); - // TODO we should probably update this function to include skypieaAccount in the result since it's already being fetched - Ben W 5/10/21 - return [2 /*return*/, pick(results.loginRole, [ - 'account', - 'role', - 'iamKeyActive', - 'maxKeyDuration', - 'securityLevel', - ])]; - } - }); - }); - }; - /** - * Exchanges a refresh token for an access token - * - * @param {Object} props - An object containing the following properties - * @param {string} props.refreshToken - the refresh token to exchange - * @returns {Promise} - * @example - * alks.getAccessToken({ - * ... - * }).then((data) => { - * // data.accessToken, data.expiresIn - * }) - */ - Alks.prototype.getAccessToken = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('accessToken', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, pick(results, ['accessToken', 'expiresIn'])]; - } - }); - }); - }; - /** - * Returns a list of a user's refresh tokens (Does not return the full token) - * - * @param {Object} props - An object containing the following properties - * @returns {Array} - * @example - * alks.getRefreshTokens({ - * ... - * }).then((tokens) => { - * // token[i].clientId, token[i].id, token[i].userId, token[i].value - * }) - */ - Alks.prototype.getRefreshTokens = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('refreshTokens', props, 'GET')]; - case 1: - results = (_a.sent()); - return [2 /*return*/, results.refreshTokens.map(function (token) { - return pick(token, ['clientId', 'id', 'userId', 'value']); - })]; - } - }); - }); - }; - /** - * Revokes a refresh or access token - * - * @param {Object} props - An object containing the following properties - * @param {string} [props.token] - the access or refresh token to revoke (Required if tokenId not specified) - * @param {string} [props.tokenId] - the ID of the refresh token to revoke (Required if token not specified) - * @returns {boolean} - * @example - * alks.revoke({ - * token: '...', - * ... - * }).then((success) => { - * // success == true - * }) - * - * // or - * - * alks.revoke({ - * tokenId: '...', - * ... - * }).then((success) => { - * // success == true - * }) - */ - Alks.prototype.revoke = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch('revoke', props)]; - case 1: - results = _a.sent(); - return [2 /*return*/, results.statusMessage == 'Success']; - } - }); - }); - }; - /** - * Returns cost totals for the specified account for the day, week, month, year, and a breakdown of costs by service for the day and month - * - * @param {Object} props - An object containing the following properties - * @param {String} props.accountId - the 12-digit AWS account ID to get cost data for - * @returns {Object} - * @example - * alks.getCostTotals({ - * accountId: '012345678910', - * }).then((costTotals) => { - * // costTotals.awsAccountId, costTotals.daily, costTotals.weekly, etc. - * }) - */ - Alks.prototype.getCostTotals = function (props) { - return tslib_1.__awaiter(this, void 0, void 0, function () { - var results; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: return [4 /*yield*/, this.internalFetch("costTotals/" + props.accountId, props, 'GET')]; - case 1: - results = (_a.sent()); - return [2 /*return*/, pick(results.costTotals, [ - 'awsAccountId', - 'yyyy', - 'mm', - 'dd', - 'daily', - 'weekly', - 'monthly', - 'yearly', - 'dailyCostsByService', - 'monthlyCostsByService', - ])]; - } - }); - }); - }; - Alks.prototype.internalFetch = function (path, args, method) { - if (args === void 0) { args = {}; } - if (method === void 0) { method = 'POST'; } - return tslib_1.__awaiter(this, void 0, void 0, function () { - var opts, payload, headers, credentials, response, json, err_1; - return tslib_1.__generator(this, function (_a) { - switch (_a.label) { - case 0: - opts = tslib_1.__assign(tslib_1.__assign({}, this.config), args); - payload = tslib_1.__assign({}, opts); - headers = { - 'Content-Type': 'application/json', - 'User-Agent': "AlksJS/" + packageJson.version, - }; - if (isTokenAuth(opts)) { - headers['Authorization'] = "Bearer " + opts.accessToken; - delete payload.accessToken; - } - else if (isStsAuth(opts)) { - headers['ALKS-STS-Access-Key'] = opts.accessKey; - headers['ALKS-STS-Secret-Key'] = opts.secretKey; - headers['ALKS-STS-Session-Token'] = opts.sessionToken; - delete payload.accessKey; - delete payload.secretKey; - delete payload.sessionToken; - } - else if (isPasswordAuth(opts)) { - console.error('The userid and password properties are deprecated and should be replaced with an access token'); - credentials = base64Encode(opts.userid + ":" + opts.password); - headers['Authorization'] = "Basic " + credentials; - delete payload.userid; - delete payload.password; - } - else ; - if (opts.userAgent) { - headers['User-Agent'] += " " + opts.userAgent; - delete payload.userAgent; - } - return [4 /*yield*/, opts._fetch(opts.baseUrl + "/" + path, { - method: method, - headers: headers, - credentials: 'omit', - body: method == 'GET' ? undefined : JSON.stringify(payload), - })]; - case 1: - response = _a.sent(); - _a.label = 2; - case 2: - _a.trys.push([2, 4, , 5]); - return [4 /*yield*/, response.json()]; - case 3: - json = _a.sent(); - return [3 /*break*/, 5]; - case 4: - err_1 = _a.sent(); - json = { - errors: [err_1.message], - }; - return [3 /*break*/, 5]; - case 5: - if (!response.ok) { - throw new AlksError(response, json); - } - return [2 /*return*/, json]; - } - }); - }); - }; - return Alks; - }()); - ALKS.Alks = Alks; - var AlksError = /** @class */ (function (_super) { - tslib_1.__extends(AlksError, _super); - function AlksError(response, json) { - var _this = this; - var errors = Array.isArray(json === null || json === void 0 ? void 0 : json.errors) ? json.errors : []; - if (response.statusText) { - errors.unshift(response.statusText); - } - var message = errors.join('; '); - _this = _super.call(this, message) || this; - _this.status = response.status; - _this.message = message; - Object.assign(_this, json); - return _this; - } - return AlksError; - }(Error)); - ALKS.AlksError = AlksError; - /** - * Encodes a string to base 64 - * - * @param str - the string to encode - * @private - * @returns the base64 encoded string - * @example - * var input = 'password'; - * base64Encode(input); - */ - function base64Encode(str) { - if (str === void 0) { str = ''; } - return buffer_1.Buffer.from(str).toString('base64'); - } - function pick(obj, props) { - return props.reduce(function (acc, prop) { return ((acc[prop] = obj[prop]), acc); }, {}); - } - var defaultConfig = { - _fetch: fetch, - }; - var defaultAlks = Alks.prototype.create.call({}, defaultConfig); - ALKS.create = Alks.prototype.create.bind(defaultAlks); - ALKS.getAccounts = Alks.prototype.getAccounts.bind(defaultAlks); - ALKS.getKeys = Alks.prototype.getKeys.bind(defaultAlks); - ALKS.getIAMKeys = Alks.prototype.getIAMKeys.bind(defaultAlks); - ALKS.getAllAWSRoleTypes = Alks.prototype.getAllAWSRoleTypes.bind(defaultAlks); - ALKS.getAWSRoleTypes = Alks.prototype.getAWSRoleTypes.bind(defaultAlks); - ALKS.getNonServiceAWSRoleTypes = Alks.prototype.getNonServiceAWSRoleTypes.bind(defaultAlks); - ALKS.createRole = Alks.prototype.createRole.bind(defaultAlks); - ALKS.createNonServiceRole = Alks.prototype.createNonServiceRole.bind(defaultAlks); - ALKS.awsAccountRoles = Alks.prototype.awsAccountRoles.bind(defaultAlks); - ALKS.listAWSAccountRoles = Alks.prototype.listAWSAccountRoles.bind(defaultAlks); - ALKS.getAccountRole = Alks.prototype.getAccountRole.bind(defaultAlks); - ALKS.updateRole = Alks.prototype.updateRole.bind(defaultAlks); - ALKS.deleteRole = Alks.prototype.deleteRole.bind(defaultAlks); - ALKS.addRoleMachineIdentity = Alks.prototype.addRoleMachineIdentity.bind(defaultAlks); - ALKS.deleteRoleMachineIdentity = Alks.prototype.deleteRoleMachineIdentity.bind(defaultAlks); - ALKS.getUserAccess = Alks.prototype.getUserAccess.bind(defaultAlks); - ALKS.getUserAccessByRole = Alks.prototype.getUserAccessByRole.bind(defaultAlks); - ALKS.getUserRoleAccess = Alks.prototype.getUserRoleAccess.bind(defaultAlks); - ALKS.getAccountOwners = Alks.prototype.getAccountOwners.bind(defaultAlks); - ALKS.createAccessKeys = Alks.prototype.createAccessKeys.bind(defaultAlks); - ALKS.getIamUser = Alks.prototype.getIamUser.bind(defaultAlks); - ALKS.updateIamUser = Alks.prototype.updateIamUser.bind(defaultAlks); - ALKS.deleteIAMUser = Alks.prototype.deleteIAMUser.bind(defaultAlks); - ALKS.version = Alks.prototype.version.bind(defaultAlks); - ALKS.getLoginRole = Alks.prototype.getLoginRole.bind(defaultAlks); - ALKS.getAccessToken = Alks.prototype.getAccessToken.bind(defaultAlks); - ALKS.getRefreshTokens = Alks.prototype.getRefreshTokens.bind(defaultAlks); - ALKS.revoke = Alks.prototype.revoke.bind(defaultAlks); - ALKS.getCostTotals = Alks.prototype.getCostTotals.bind(defaultAlks); - })(ALKS || (ALKS = {})); + var tslib_1 = require$$0$1; + var packageJson = tslib_1.__importStar(require$$1$1); + var buffer_1 = require$$2; + tslib_1.__importDefault(require$$3); + var fetch = window.fetch.bind(window) + ; + var ALKS; + (function (ALKS) { + function isStsAuth(a) { + return a.accessKey !== undefined; + } + function isPasswordAuth(a) { + return a.userid !== undefined; + } + function isTokenAuth(a) { + return a.accessToken !== undefined; + } + (function (TrustType) { + TrustType["CrossAccount"] = "Cross Account"; + TrustType["InnerAccount"] = "Inner Account"; + })(ALKS.TrustType || (ALKS.TrustType = {})); + (function (PseudoBoolean) { + PseudoBoolean[PseudoBoolean["True"] = 1] = "True"; + PseudoBoolean[PseudoBoolean["False"] = 0] = "False"; + })(ALKS.PseudoBoolean || (ALKS.PseudoBoolean = {})); + /** + * ALKS JavaScript API + */ + var Alks = /** @class */ (function () { + function Alks(config) { + this.config = config; + } + /** + * Returns a new instance of alks with pre-defined properties (which don't need to be supplied to every method). + * + * Any of the properties required by other methods can be specified here. + * + * Properties present on the current object are carried through to the newly created one. + * + * @param {Object} props - An object containing settings for the new ALKS object + * @returns {alks} + * @example + * var myAlks = alks.create({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * }) + * + * myAlks.getKeys({ + * account: 'anAccount', + * role: 'PowerUser', + * sessionTime: 2 + * }).then((creds) => { + * // creds.accessKey, creds.secretKey, creds.sessionToken + * }) + */ + Alks.prototype.create = function (props) { + var config = tslib_1.__assign(tslib_1.__assign({}, this.config), props); + return new Alks(config); + }; + /** + * Returns a Promise for an array of AWS accounts (and roles) accessible by the user + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @returns {Promise} + * @example + * alks.getAccounts({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * }).then((accounts) => { + * // accounts[0].account, accounts[0].role, accounts[0].iamKeyActive, accounts[0].maxKeyDuration, accounts[0].skypieaAccount + * }) + */ + Alks.prototype.getAccounts = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('getAccounts', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, Object.keys(results.accountListRole).map(function (key) { return ({ + account: key, + role: results.accountListRole[key][0].role, + iamKeyActive: results.accountListRole[key][0].iamKeyActive, + maxKeyDuration: results.accountListRole[key][0].maxKeyDuration, + securityLevel: results.accountListRole[key][0].securityLevel, + skypieaAccount: results.accountListRole[key][0].skypieaAccount, + }); })]; + } + }); + }); + }; + /** + * Returns a Promise for AWS STS credentials from ALKS. + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The AWS account to use when provisioning the credentials + * @param {string} props.role - The ALKS role to use when provisioning the credentials + * @param {string} props.sessionTime - The session length for the credentials, in hours + * @returns {Promise} + * @example + * alks.getKeys({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'PowerUser', + * sessionTime: 2 + * }).then((creds) => { + * // creds.accessKey, creds.secretKey, creds.sessionToken, creds.consoleURL + * }) + */ + Alks.prototype.getKeys = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('getKeys', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, [ + 'accessKey', + 'secretKey', + 'sessionToken', + 'consoleURL', + 'sessionTime', + ])]; + } + }); + }); + }; + /** + * Returns a Promise for AWS STS credentials with IAM permissions from ALKS. + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The AWS account to use when provisioning the credentials + * @param {string} props.role - The ALKS role to use when provisioning the credentials + * @param {number} props.sessionTime - The session length for the credentials, in hours + * @returns {Promise} + * @example + * alks.getIAMKeys({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * sessionTime: 1 + * }).then((creds) => { + * // creds.accessKey, creds.secretKey, creds.sessionToken, creds.consoleURL + * }) + */ + Alks.prototype.getIAMKeys = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('getIAMKeys', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, [ + 'accessKey', + 'secretKey', + 'sessionToken', + 'consoleURL', + 'sessionTime', + ])]; + } + }); + }); + }; + /** + * Returns a Promise for an array of all available role types (AWS IAM role types, custom role types) and their details + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {boolean} [props.getDynamicValues] - Whether to include the names of any template variables in the response (defaults to false) + * @returns {Promise>} + * @example + * alks.getAllAWSRoleTypes({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * }).then((roleTypes) { + * // roleTypes[i].roleTypeName, roleTypes[i].defaultArns, roleTypes[i].trustRelationship + * }) + * + * @example + * alks.getAllAWSRoleTypes({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * getDynamicValues: true, + * }).then((roleTypes) { + * // roleTypes[i].roleTypeName, roleTypes[i].defaultArns, roleTypes[i].trustRelationship, roleTypes[i].templateVariables[i] + * }) + */ + Alks.prototype.getAllAWSRoleTypes = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var url, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + url = props.getDynamicValues + ? 'allAwsRoleTypes?getDynamicValues=true' + : 'allAwsRoleTypes'; + return [4 /*yield*/, this.internalFetch(url, props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.roleTypes]; + } + }); + }); + }; + /** + * Returns a Promise for an array of available AWS IAM role types + * + * @deprecated Replaced by getAllAWSRoleTypes which includes all AWS role types and their details + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @returns {Promise>} + * @example + * alks.getAWSRoleTypes({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * }).then((roleTypes) { + * // ['AWS Lambda', 'Amazon EC2', ... ] + * }) + */ + Alks.prototype.getAWSRoleTypes = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('getAWSRoleTypes', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, JSON.parse(results.roleTypes)]; + } + }); + }); + }; + /** + * Returns a Promise for an array of available custom role types + * + * @deprecated Replaced by getAllAWSRoleTypes which includes all AWS role types and their details + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @returns {Promise>} + * @example + * alks.getNonServiceAWSRoleTypes({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * }).then((roleTypes) => { + * // ['AWS Lambda', 'Amazon EC2', ...] + * }) + */ + Alks.prototype.getNonServiceAWSRoleTypes = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('getNonServiceAWSRoleTypes', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, JSON.parse(results.roleTypes)]; + } + }); + }); + }; + /** + * Returns a Promise for the results of creating a new custom AWS IAM account role + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.roleName - The name of the custom AWS IAM role to create + * @param {string} props.roleType - The type of AWS role to use when creating the new role + * @param {Object} props.trustPolicy + * @param {number} props.includeDefaultPolicy - Whether to include the default policy in the new role (1 = yes, 0 = no) + * @param {boolean} props.enableAlksAccess - Whether the role has a machine identity + * @param {Object} props.templateFields - An object whose keys are template variable names and values are the value to substitute for those template variables + * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} + * @returns {Promise} + * @example + * alks.createRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName', + * roleType: 'Amazon EC2', + * includeDefaultPolicy: 1, + * enableAlksAccess: true + * }).then((role) => { + * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags + * }) + * @example + * alks.createRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName', + * trustPolicy: { + * "Version": "2012-10-17", + * "Statement": [ + * { + * "Action": "sts:AssumeRole", + * "Effect": "Allow", + * "Principal": { + * "Service": "ec2.amazonaws.com" + * } + * } + * ] + * }, + * includeDefaultPolicy: 1, + * enableAlksAccess: true + * }).then((role) => { + * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags + * }) + * @example + * alks.createRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName', + * roleType: 'Amazon EKS IRSA', + * includeDefaultPolicy: 1, + * enableAlksAccess: false, + * templateFields: { + * OIDC_PROVIDER: 'oidc.eks.us-east-1.amazonaws.com/id/88G998884RBAD6687HBE3GETY67FQE04', + * K8S_NAMESPACE: 'myNamespace', + * K8S_SERVICE_ACCOUNT: 'myServiceAccount' + * } + * tags: [ + * { + * key: "tagkey1", + * value: "tagValue1" + * }, + * { + * key: "tagkey1", + * value: "tagvalue2" + * } + * ], + * }).then((role) => { + * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags + * }) + */ + Alks.prototype.createRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var roleTypeExists, trustPolicyExists, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + roleTypeExists = props.roleType != null; + trustPolicyExists = props.trustPolicy != null; + if (!(roleTypeExists !== trustPolicyExists)) return [3 /*break*/, 2]; + return [4 /*yield*/, this.internalFetch('createRole', props)]; + case 1: + results = _a.sent(); + results.denyArns = results.denyArns.split(','); + return [2 /*return*/, pick(results, [ + 'roleArn', + 'denyArns', + 'instanceProfileArn', + 'addedRoleToInstanceProfile', + 'tags', + ])]; + case 2: throw new Error("Must include roleType or trustPolicy, but not both."); + } + }); + }); + }; + /** + * Returns a Promise for the results of creating a new custom AWS IAM trust role + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.roleName - The name of the custom AWS IAM role to create + * @param {string} props.roleType - The type of AWS role to use when creating the new role + * @param {number} props.includeDefaultPolicy - Whether to include the default policy in the new role (1 = yes, 0 = no) + * @param {string} props.trustArn - The Arn of the existing role to trust + * @param {string} props.trustType - Whether the trust is 'Cross Account' or 'Inner Account' + * @param {boolean} props.enableAlksAccess - Whether the role has a machine identity + * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} + * @returns {Promise} + * @example + * alks.createNonServiceRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName', + * roleType: 'Amazon EC2', + * includeDefaultPolicy: 1, + * trustArn: 'anExistingRoleArn', + * trustType: 'Cross Account', + * enableAlksAccess: true + * }).then((role) => { + * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags + * }) + * @@example + * * alks.createNonServiceRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName', + * roleType: 'Amazon EC2', + * includeDefaultPolicy: 1, + * trustArn: 'anExistingRoleArn', + * trustType: 'Cross Account', + * enableAlksAccess: true, + * tags: [ + * { + * key: "tagkey1", + * value: "tagValue1" + * }, + * { + * key: "tagkey1", + * value: "tagvalue2" + * } + * ], + * }).then((role) => { + * // role.roleArn, role.denyArns, role.instanceProfileArn, role.addedRoleToInstanceProfile, role.tags + * }) + */ + Alks.prototype.createNonServiceRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('createNonServiceRole', props)]; + case 1: + results = _a.sent(); + results.denyArns = results.denyArns.split(','); + return [2 /*return*/, pick(results, [ + 'roleArn', + 'denyArns', + 'instanceProfileArn', + 'addedRoleToInstanceProfile', + 'tags', + ])]; + } + }); + }); + }; + /** + * Returns a Promise for an array of AWS account roles + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The account number to get AWS roles for + * @returns {Promise} + * @example + * alks.awsAccountRoles({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: '1234567890', + * }).then((roles) => { + * // roles[i].roleArn, roles[i].isMachineIdentity, roles[i].assumeRolePolicyDocument + * }) + */ + Alks.prototype.awsAccountRoles = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch("awsAccountRoles?account=" + props.account, props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.awsRoleList]; + } + }); + }); + }; + /** + * Returns a Promise for an array of AWS custom AWS IAM account roles + * + * @deprecated Replaced by awsAccountRoles which includes AWS account roles and their details + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @returns {Promise} + * @example + * alks.listAWSAccountRoles({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * }).then((roleNames) => { + * // ['customRole1', 'customRole2', ...] + * }) + */ + Alks.prototype.listAWSAccountRoles = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('listAWSAccountRoles', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, JSON.parse(results.jsonAWSRoleList).map(function (r) { return r.split('/').slice(-1)[0]; })]; + } + }); + }); + }; + /** + * Returns a Promise for the Amazon Resource Name (ARN) of a custom AWS IAM account role + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.roleName - The name of the custom AWS IAM role + * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} + * @returns {Promise} + * @example + * alks.getAccountRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName' + * }).then((role) => { + * // role.roleArn, role.isMachineIdentity, role.instanceProfileArn, role.tags, role.maxSessionDurationInSeconds + * }) + */ + Alks.prototype.getAccountRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('getAccountRole', props)]; + case 1: + results = _a.sent(); + if (!results.roleExists) { + throw new Error("Role " + props.roleName + " does not exist in this account"); + } + return [2 /*return*/, tslib_1.__assign(tslib_1.__assign({}, pick(results, [ + 'roleArn', + 'isMachineIdentity', + 'tags', + 'maxSessionDurationInSeconds', + ])), { instanceProfileArn: results.instanceProfileARN })]; + } + }); + }); + }; + /** + * Returns a Promise for the Amazon Resource Name (ARN) of a custom AWS IAM account role + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.roleName - The name of the custom AWS IAM role + * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} + * @returns {Promise} + * @example + * alks.updateRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName' + * }).then((role) => { + * // role.roleArn, role.isMachineIdentity, role.instanceProfileArn, role.tags + * }) + */ + Alks.prototype.updateRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('role', props, 'PATCH')]; + case 1: + results = _a.sent(); + if (!results.roleExists) { + throw new Error("Role " + props.roleName + " does not exist in this account"); + } + return [2 /*return*/, tslib_1.__assign(tslib_1.__assign({}, pick(results, ['roleArn', 'isMachineIdentity', 'tags'])), { instanceProfileArn: results.instanceProfileARN })]; + } + }); + }); + }; + /** + * Returns a Promise for a boolean "true" indicating the role was deleted + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.roleName - The name of the custom AWS IAM role + * @returns {Promise} + * @example + * alks.deleteRole({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * roleName: 'awsRoleName' + * }).then(() => { + * // success! + * }) + */ + Alks.prototype.deleteRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('deleteRole', props)]; + case 1: + _a.sent(); + return [2 /*return*/, true]; + } + }); + }); + }; + /** + * Returns a Promise for a string arn indicating the role was enabled for machine identity + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.roleArn - The Amazon Resource Name (ARN) associated with the role + * @returns {Promise} + * @example + * alks.addRoleMachineIdentity({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * roleARN: 'arn:aws:iam::123:role/acct-managed/awsRoleName' + * }).then((roleARN) => { + * // arn:aws:iam::123:role/acct-managed/awsRoleName + * }) + */ + Alks.prototype.addRoleMachineIdentity = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('roleMachineIdentity', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, ['machineIdentityArn'])]; + } + }); + }); + }; + /** + * Returns a Promise for a string arn indicating the role was disabled for machine identity + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.roleArn - The Amazon Resource Name (ARN) associated with the role + * @returns {Promise} + * @example + * alks.deleteRoleMachineIdentity({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * roleARN: 'arn:aws:iam::123:role/acct-managed/awsRoleName' + * }).then((roleARN) => { + * // arn:aws:iam::123:role/acct-managed/awsRoleName + * }) + */ + Alks.prototype.deleteRoleMachineIdentity = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('roleMachineIdentity', props, 'DELETE')]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, ['machineIdentityArn'])]; + } + }); + }); + }; + /** + * Returns a Promise for a list of users who have access to the given account + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.accountId - The accountId used to find which users have access to the account + * @returns {Promise} + * @example + * alks.getUserAccess({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * accountId: '012345678910', + * }).then((users) => { + * // users[i].sAMAccountName, users[i].displayName, users[i].email, users[i].title, users[i].department + * }) + */ + Alks.prototype.getUserAccess = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var accountId, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + accountId = props.accountId; + return [4 /*yield*/, this.internalFetch("userAccess/" + accountId, props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.users]; + } + }); + }); + }; + /** + * Returns a Promise for a map of role names to the list of users with that role for a given account + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.accountId - The accountId used to find which users have access to the account + * @returns {Promise} + * @example + * alks.getUserAccess({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * accountId: '012345678910', + * }).then((users) => { + * // users['Admin'].sAMAccountName, users['Admin'].displayName, users['Admin'].email, users['Admin'].title, users['Admin'].department + * }) + */ + Alks.prototype.getUserAccessByRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var accountId, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + accountId = props.accountId; + return [4 /*yield*/, this.internalFetch("reports/users-by-role?accountId=" + accountId, props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.users]; + } + }); + }); + }; + /** + * Returns a Promise for a list of roles a user has for a given account + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.accountId - The accountId used to find which users have access to the account + * @param {string} props.sAMAccountName - The network id of the user to lookup + * @returns {Promise} + * @example + * alks.getUserRoleAccess({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * accountId: '012345678910', + * sAMAccountName: 'bob1', + * }).then((roles) => { + * // ['Admin', 'LabAdmin', ...] + * }) + */ + Alks.prototype.getUserRoleAccess = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var accountId, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + accountId = props.accountId; + return [4 /*yield*/, this.internalFetch("userAccess/roles/" + accountId, props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.roles]; + } + }); + }); + }; + /** + * Returns a Promise containing a list of the account owners for an account + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.accountId - The accountId used to find which users have access to the account + * @returns {Promise} + * @example + * alks.getAccountOwners({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * accountId: '012345678910', + * }).then((owners) => { + * // owners[0].sAMAccountName, owners[0].displayName, owners[0].email, owners[0].title, owners[0].department + * }) + */ + Alks.prototype.getAccountOwners = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var accountId, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + accountId = props.accountId; + return [4 /*yield*/, this.internalFetch("userAccess/owners/" + accountId, props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.accountOwners]; + } + }); + }); + }; + /** + * Returns a Promise for the results of creating new IAM user and long-term access keys + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.iamUserName - The name of the IAM user to create + * @returns {Promise} + * @example + * alks.createAccessKeys({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * iamUserName: 'iamUserName' + * }).then((user) => { + * // user.iamUserArn, user.accessKey, user.secretKey, user.addedIAMUserToGroup + * }) + * @example + * alks.createAccessKeys({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * iamUserName: 'iamUserName' + * tags: [ + * { + * key: "tagkey1", + * value: "tagValue1" + * }, + * { + * key: "tagkey1", + * value: "tagvalue2" + * } + * ], + * }).then((user) => { + * // user.iamUserArn, user.accessKey, user.secretKey, user.addedIAMUserToGroup + * }) + */ + Alks.prototype.createAccessKeys = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('accessKeys', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, [ + 'iamUserArn', + 'accessKey', + 'secretKey', + 'addedIAMUserToGroup', + 'tags', + ])]; + } + }); + }); + }; + /** + * Returns a Promise for an IamUser + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.iamUserName - The name of the custom AWS IAM user + * @returns {Promise} + * @example + * alks.getIamUser({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * iamUserName: 'iamUserName' + * }).then((role) => { + * user.iamUserArn, user.AccountId, user.userName, user.accessKey, user.tags + * }) + */ + Alks.prototype.getIamUser = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch("iam-users/id/" + props.account + "/" + props.iamUserName, props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results.item, [ + 'arn', + 'accountId', + 'userName', + 'accessKey', + 'tags', + ])]; + } + }); + }); + }; + /** + * Returns a Promise for the results of updating an IAM user + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.iamUserName - The name of the IAM user to update + * @param {Array.} props.tags - A list of tag objects, where each object is in the form {key: "tagKey" value: "tagValue"} + * @returns {Promise} + * @example + * alks.updateIamUser({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * iamUserName: 'iamUserName', + * }).then((user) => { + * // user.iamUserArn, user.AccountId, user.userName, user.accessKey, user.tags + * }) + * @example + * alks.updateIamUser({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * iamUserName: 'iamUserName' + * tags: [ + * { + * key: "tagkey1", + * value: "tagValue1" + * }, + * { + * key: "tagkey1", + * value: "tagvalue2" + * } + * ], + * }).then((user) => { + * // user.iamUserArn, user.AccountId, user.userName, user.accessKey, user.tags + * }) + */ + Alks.prototype.updateIamUser = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var internalFetchProps, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + internalFetchProps = tslib_1.__assign(tslib_1.__assign({}, props), { user: { + tags: props.tags, + } }); + delete internalFetchProps.tags; + return [4 /*yield*/, this.internalFetch("iam-users/id/" + props.account + "/" + props.iamUserName, internalFetchProps, 'PATCH')]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results.item, [ + 'arn', + 'accountId', + 'userName', + 'accessKey', + 'tags', + ])]; + } + }); + }); + }; + /** + * Returns a Promise for a boolean "true" indicating the IAM user and long-term access keys were deleted + * + * @param {Object} props - An object containing the following properties + * @param {string} props.baseUrl - The base URL of the ALKS service + * @param {string} props.accessToken - The OAuth2 access token used to authorize the request + * @param {string} props.account - The user's account associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @param {string} props.iamUserName - The name of the IAM user to delete + * @returns {Promise} + * @example + * alks.deleteIAMUser({ + * baseUrl: 'https://your.alks-host.com', + * accessToken: 'abc123', + * account: 'anAccount', + * role: 'IAMAdmin', + * iamUserName: 'iamUserName' + * }).then(() => { + * // success! + * }) + */ + Alks.prototype.deleteIAMUser = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('IAMUser', props, 'DELETE')]; + case 1: + _a.sent(); + return [2 /*return*/, true]; + } + }); + }); + }; + /** + * Returns the version of the ALKS Rest API + * + * @param {Object} props - An object containing the following properties + * @returns {Promise} + * @example + * alks.version({ + * ... + * }).then((data) => { + * // data.version + * }) + */ + Alks.prototype.version = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('version', props, 'GET')]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, ['version'])]; + } + }); + }); + }; + /** + * Returns information about one of the roles used to generate keys + * + * @param {Object} props - An object containing the following properties + * @param {string} props.accountId - The 12-digit account ID associated with the custom role + * @param {string} props.role - The user's role associated with the account + * @returns {Promise} + * @example + * alks.getLoginRole({ + * ... + * }).then((loginRole) => { + * // loginRole.account, loginRole.role, loginRole.iamKeyActive, loginRole.maxKeyDuration + * }) + */ + Alks.prototype.getLoginRole = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var accountId, role, results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + accountId = props.accountId, role = props.role; + return [4 /*yield*/, this.internalFetch("loginRoles/id/" + accountId + "/" + role, props, 'GET')]; + case 1: + results = (_a.sent()); + // TODO we should probably update this function to include skypieaAccount in the result since it's already being fetched - Ben W 5/10/21 + return [2 /*return*/, pick(results.loginRole, [ + 'account', + 'role', + 'iamKeyActive', + 'maxKeyDuration', + 'securityLevel', + ])]; + } + }); + }); + }; + /** + * Exchanges a refresh token for an access token + * + * @param {Object} props - An object containing the following properties + * @param {string} props.refreshToken - the refresh token to exchange + * @returns {Promise} + * @example + * alks.getAccessToken({ + * ... + * }).then((data) => { + * // data.accessToken, data.expiresIn + * }) + */ + Alks.prototype.getAccessToken = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('accessToken', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, pick(results, ['accessToken', 'expiresIn'])]; + } + }); + }); + }; + /** + * Returns a list of a user's refresh tokens (Does not return the full token) + * + * @param {Object} props - An object containing the following properties + * @returns {Array} + * @example + * alks.getRefreshTokens({ + * ... + * }).then((tokens) => { + * // token[i].clientId, token[i].id, token[i].userId, token[i].value + * }) + */ + Alks.prototype.getRefreshTokens = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('refreshTokens', props, 'GET')]; + case 1: + results = (_a.sent()); + return [2 /*return*/, results.refreshTokens.map(function (token) { + return pick(token, ['clientId', 'id', 'userId', 'value']); + })]; + } + }); + }); + }; + /** + * Revokes a refresh or access token + * + * @param {Object} props - An object containing the following properties + * @param {string} [props.token] - the access or refresh token to revoke (Required if tokenId not specified) + * @param {string} [props.tokenId] - the ID of the refresh token to revoke (Required if token not specified) + * @returns {boolean} + * @example + * alks.revoke({ + * token: '...', + * ... + * }).then((success) => { + * // success == true + * }) + * + * // or + * + * alks.revoke({ + * tokenId: '...', + * ... + * }).then((success) => { + * // success == true + * }) + */ + Alks.prototype.revoke = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch('revoke', props)]; + case 1: + results = _a.sent(); + return [2 /*return*/, results.statusMessage == 'Success']; + } + }); + }); + }; + /** + * Returns cost totals for the specified account for the day, week, month, year, and a breakdown of costs by service for the day and month + * + * @param {Object} props - An object containing the following properties + * @param {String} props.accountId - the 12-digit AWS account ID to get cost data for + * @returns {Object} + * @example + * alks.getCostTotals({ + * accountId: '012345678910', + * }).then((costTotals) => { + * // costTotals.awsAccountId, costTotals.daily, costTotals.weekly, etc. + * }) + */ + Alks.prototype.getCostTotals = function (props) { + return tslib_1.__awaiter(this, void 0, void 0, function () { + var results; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: return [4 /*yield*/, this.internalFetch("costTotals/" + props.accountId, props, 'GET')]; + case 1: + results = (_a.sent()); + return [2 /*return*/, pick(results.costTotals, [ + 'awsAccountId', + 'yyyy', + 'mm', + 'dd', + 'daily', + 'weekly', + 'monthly', + 'yearly', + 'dailyCostsByService', + 'monthlyCostsByService', + ])]; + } + }); + }); + }; + Alks.prototype.internalFetch = function (path, args, method) { + if (args === void 0) { args = {}; } + if (method === void 0) { method = 'POST'; } + return tslib_1.__awaiter(this, void 0, void 0, function () { + var opts, payload, headers, credentials, response, json, err_1; + return tslib_1.__generator(this, function (_a) { + switch (_a.label) { + case 0: + opts = tslib_1.__assign(tslib_1.__assign({}, this.config), args); + payload = tslib_1.__assign({}, opts); + headers = { + 'Content-Type': 'application/json', + 'User-Agent': "AlksJS/" + packageJson.version, + }; + if (isTokenAuth(opts)) { + headers['Authorization'] = "Bearer " + opts.accessToken; + delete payload.accessToken; + } + else if (isStsAuth(opts)) { + headers['ALKS-STS-Access-Key'] = opts.accessKey; + headers['ALKS-STS-Secret-Key'] = opts.secretKey; + headers['ALKS-STS-Session-Token'] = opts.sessionToken; + delete payload.accessKey; + delete payload.secretKey; + delete payload.sessionToken; + } + else if (isPasswordAuth(opts)) { + console.error('The userid and password properties are deprecated and should be replaced with an access token'); + credentials = base64Encode(opts.userid + ":" + opts.password); + headers['Authorization'] = "Basic " + credentials; + delete payload.userid; + delete payload.password; + } + else ; + if (opts.userAgent) { + headers['User-Agent'] += " " + opts.userAgent; + delete payload.userAgent; + } + return [4 /*yield*/, opts._fetch(opts.baseUrl + "/" + path, { + method: method, + headers: headers, + credentials: 'omit', + body: method == 'GET' ? undefined : JSON.stringify(payload), + })]; + case 1: + response = _a.sent(); + _a.label = 2; + case 2: + _a.trys.push([2, 4, , 5]); + return [4 /*yield*/, response.json()]; + case 3: + json = _a.sent(); + return [3 /*break*/, 5]; + case 4: + err_1 = _a.sent(); + json = { + errors: [err_1.message], + }; + return [3 /*break*/, 5]; + case 5: + if (!response.ok) { + throw new AlksError(response, json); + } + return [2 /*return*/, json]; + } + }); + }); + }; + return Alks; + }()); + ALKS.Alks = Alks; + var AlksError = /** @class */ (function (_super) { + tslib_1.__extends(AlksError, _super); + function AlksError(response, json) { + var _this = this; + var errors = Array.isArray(json === null || json === void 0 ? void 0 : json.errors) ? json.errors : []; + if (response.statusText) { + errors.unshift(response.statusText); + } + var message = errors.join('; '); + _this = _super.call(this, message) || this; + _this.status = response.status; + _this.message = message; + Object.assign(_this, json); + return _this; + } + return AlksError; + }(Error)); + ALKS.AlksError = AlksError; + /** + * Encodes a string to base 64 + * + * @param str - the string to encode + * @private + * @returns the base64 encoded string + * @example + * var input = 'password'; + * base64Encode(input); + */ + function base64Encode(str) { + if (str === void 0) { str = ''; } + return buffer_1.Buffer.from(str).toString('base64'); + } + function pick(obj, props) { + return props.reduce(function (acc, prop) { return ((acc[prop] = obj[prop]), acc); }, {}); + } + var defaultConfig = { + _fetch: fetch, + }; + var defaultAlks = Alks.prototype.create.call({}, defaultConfig); + ALKS.create = Alks.prototype.create.bind(defaultAlks); + ALKS.getAccounts = Alks.prototype.getAccounts.bind(defaultAlks); + ALKS.getKeys = Alks.prototype.getKeys.bind(defaultAlks); + ALKS.getIAMKeys = Alks.prototype.getIAMKeys.bind(defaultAlks); + ALKS.getAllAWSRoleTypes = Alks.prototype.getAllAWSRoleTypes.bind(defaultAlks); + ALKS.getAWSRoleTypes = Alks.prototype.getAWSRoleTypes.bind(defaultAlks); + ALKS.getNonServiceAWSRoleTypes = Alks.prototype.getNonServiceAWSRoleTypes.bind(defaultAlks); + ALKS.createRole = Alks.prototype.createRole.bind(defaultAlks); + ALKS.createNonServiceRole = Alks.prototype.createNonServiceRole.bind(defaultAlks); + ALKS.awsAccountRoles = Alks.prototype.awsAccountRoles.bind(defaultAlks); + ALKS.listAWSAccountRoles = Alks.prototype.listAWSAccountRoles.bind(defaultAlks); + ALKS.getAccountRole = Alks.prototype.getAccountRole.bind(defaultAlks); + ALKS.updateRole = Alks.prototype.updateRole.bind(defaultAlks); + ALKS.deleteRole = Alks.prototype.deleteRole.bind(defaultAlks); + ALKS.addRoleMachineIdentity = Alks.prototype.addRoleMachineIdentity.bind(defaultAlks); + ALKS.deleteRoleMachineIdentity = Alks.prototype.deleteRoleMachineIdentity.bind(defaultAlks); + ALKS.getUserAccess = Alks.prototype.getUserAccess.bind(defaultAlks); + ALKS.getUserAccessByRole = Alks.prototype.getUserAccessByRole.bind(defaultAlks); + ALKS.getUserRoleAccess = Alks.prototype.getUserRoleAccess.bind(defaultAlks); + ALKS.getAccountOwners = Alks.prototype.getAccountOwners.bind(defaultAlks); + ALKS.createAccessKeys = Alks.prototype.createAccessKeys.bind(defaultAlks); + ALKS.getIamUser = Alks.prototype.getIamUser.bind(defaultAlks); + ALKS.updateIamUser = Alks.prototype.updateIamUser.bind(defaultAlks); + ALKS.deleteIAMUser = Alks.prototype.deleteIAMUser.bind(defaultAlks); + ALKS.version = Alks.prototype.version.bind(defaultAlks); + ALKS.getLoginRole = Alks.prototype.getLoginRole.bind(defaultAlks); + ALKS.getAccessToken = Alks.prototype.getAccessToken.bind(defaultAlks); + ALKS.getRefreshTokens = Alks.prototype.getRefreshTokens.bind(defaultAlks); + ALKS.revoke = Alks.prototype.revoke.bind(defaultAlks); + ALKS.getCostTotals = Alks.prototype.getCostTotals.bind(defaultAlks); + })(ALKS || (ALKS = {})); var alks = ALKS; exports.default = alks; diff --git a/docs/classes/export_.Alks.html b/docs/classes/export_.Alks.html index 6ce9ce91..6f8af180 100644 --- a/docs/classes/export_.Alks.html +++ b/docs/classes/export_.Alks.html @@ -1,6 +1,6 @@ Alks | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Class Alks

ALKS JavaScript API

-

Hierarchy

  • Alks

Index

Constructors

Properties

Methods

Constructors

Private constructor

Properties

Private config

config: export=.AlksProps

Methods

addRoleMachineIdentity

Hierarchy

  • Alks

Index

Constructors

Properties

Methods

Constructors

Private constructor

Properties

Private config

config: export=.AlksProps

Methods

addRoleMachineIdentity

awsAccountRoles

Returns Promise<export=.MachineIdentity>

awsAccountRoles

create

Returns Promise<export=.AwsAccountRole[]>

create

  • Returns a new instance of alks with pre-defined properties (which don't need to be supplied to every method).

    Any of the properties required by other methods can be specified here.

    Properties present on the current object are carried through to the newly created one.

    @@ -39,7 +39,7 @@ })

    Parameters

    • props: export=.AlksProps

      An object containing settings for the new ALKS object

      -

    Returns Alks

createAccessKeys

Returns Alks

createAccessKeys

createNonServiceRole

Returns Promise<export=.LongTermKey>

createNonServiceRole

createRole

Returns Promise<export=.Role>

createRole

deleteIAMUser

Returns Promise<export=.Role>

deleteIAMUser

deleteRole

Returns Promise<boolean>

deleteRole

deleteRoleMachineIdentity

Returns Promise<boolean>

deleteRoleMachineIdentity

getAWSRoleTypes

Returns Promise<export=.MachineIdentity>

getAWSRoleTypes

  • Returns a Promise for an array of available AWS IAM role types

    deprecated

    Replaced by getAllAWSRoleTypes which includes all AWS role types and their details

    example

    alks.getAWSRoleTypes({ @@ -228,7 +228,7 @@ })

    Parameters

    Returns Promise<string[]>

getAccessToken

Returns Promise<string[]>

getAccessToken

getAccountOwners

Returns Promise<export=.AccessToken>

getAccountOwners

getAccountRole

Returns Promise<export=.User[]>

getAccountRole

getAccounts

Returns Promise<export=.Role>

getAccounts

getAllAWSRoleTypes

Returns Promise<export=.Account[]>

getAllAWSRoleTypes

getCostTotals

Returns Promise<export=.AwsRoleType[]>

getCostTotals

  • Returns cost totals for the specified account for the day, week, month, year, and a breakdown of costs by service for the day and month

    example

    alks.getCostTotals({ accountId: '012345678910', @@ -297,7 +297,7 @@ })

    Parameters

    Returns Promise<export=.CostTotal>

getIAMKeys

Returns Promise<export=.CostTotal>

getIAMKeys

getIamUser

Returns Promise<export=.Key>

getIamUser

getKeys

Returns Promise<export=.IamUser>

getKeys

getLoginRole

Returns Promise<export=.Key>

getLoginRole

  • Returns information about one of the roles used to generate keys

    example

    alks.getLoginRole({ ... @@ -344,7 +344,7 @@ })

    Parameters

    Returns Promise<Omit<export=.Account, "skypieaAccount">>

getNonServiceAWSRoleTypes

Returns Promise<Omit<export=.Account, "skypieaAccount">>

getNonServiceAWSRoleTypes

  • Returns a Promise for an array of available custom role types

    deprecated

    Replaced by getAllAWSRoleTypes which includes all AWS role types and their details

    example

    alks.getNonServiceAWSRoleTypes({ @@ -355,7 +355,7 @@ })

    Parameters

    Returns Promise<string[]>

getRefreshTokens

Returns Promise<string[]>

getRefreshTokens

getUserAccess

Returns Promise<export=.RefreshToken[]>

getUserAccess

getUserAccessByRole

Returns Promise<export=.User[]>

getUserAccessByRole

getUserRoleAccess

Returns Promise<Record<string, export=.User[]>>

getUserRoleAccess

Private internalFetch

  • internalFetch(path: string, args?: Partial<export=.AlksProps>, method?: string): Promise<any>

listAWSAccountRoles

Returns Promise<string[]>

Private internalFetch

  • internalFetch(path: string, args?: Partial<export=.AlksProps>, method?: string): Promise<any>

listAWSAccountRoles

  • Returns a Promise for an array of AWS custom AWS IAM account roles

    deprecated

    Replaced by awsAccountRoles which includes AWS account roles and their details

    example

    alks.listAWSAccountRoles({ @@ -411,7 +411,7 @@ })

    Parameters

    Returns Promise<string[]>

revoke

Returns Promise<string[]>

revoke

  • Revokes a refresh or access token

    example

    alks.revoke({ token: '...', @@ -428,7 +428,7 @@ })

    Parameters

    Returns Promise<boolean>

updateIamUser

Returns Promise<boolean>

updateIamUser

updateRole

Returns Promise<export=.IamUser>

updateRole

version

Returns Promise<export=.Role>

version

  • Returns the version of the ALKS Rest API

    example

    alks.version({ ... diff --git a/docs/classes/export_.AlksError.html b/docs/classes/export_.AlksError.html index 3b434962..1d9ade89 100644 --- a/docs/classes/export_.AlksError.html +++ b/docs/classes/export_.AlksError.html @@ -1,4 +1,4 @@ -AlksError | alks.js

    Options
    All
    • Public
    • Public/Protected
    • All
    Menu

    Class AlksError

    Hierarchy

    • Error
      • AlksError

    Indexable

    [s: string]: any

    Index

    Constructors

    Properties

    Methods

    Constructors

    constructor

    • new AlksError(response: Response, json: any): AlksError

    Properties

    message

    message: string

    name

    name: string

    Optional stack

    stack?: string

    status

    status: number

    Static stackTraceLimit

    stackTraceLimit: number

    Methods

    Static captureStackTrace

    • captureStackTrace(targetObject: object, constructorOpt?: Function): void
    • +AlksError | alks.js
      Options
      All
      • Public
      • Public/Protected
      • All
      Menu

      Class AlksError

      Hierarchy

      • Error
        • AlksError

      Indexable

      [s: string]: any

      Index

      Constructors

      Properties

      Methods

      Constructors

      constructor

      • new AlksError(response: Response, json: any): AlksError

      Properties

      message

      message: string

      name

      name: string

      Optional stack

      stack?: string

      status

      status: number

      Static stackTraceLimit

      stackTraceLimit: number

      Methods

      Static captureStackTrace

      • captureStackTrace(targetObject: object, constructorOpt?: Function): void

      • Create .stack property on a target object

        Parameters

        • targetObject: object
        • Optional constructorOpt: Function

        Returns void

      Static Optional prepareStackTrace

      • prepareStackTrace(err: Error, stackTraces: CallSite[]): any

      • Optional override for formatting stack traces

        diff --git a/docs/enums/export_.PseudoBoolean.html b/docs/enums/export_.PseudoBoolean.html index 585dbdef..d0cfffa4 100644 --- a/docs/enums/export_.PseudoBoolean.html +++ b/docs/enums/export_.PseudoBoolean.html @@ -1 +1 @@ -PseudoBoolean | alks.js
        Options
        All
        • Public
        • Public/Protected
        • All
        Menu

        Enumeration PseudoBoolean

        Index

        Enumeration members

        Enumeration members

        False

        False = 0

        True

        True = 1

        Legend

        • Property

        Settings

        Theme

        Generated using TypeDoc

        \ No newline at end of file +PseudoBoolean | alks.js
        Options
        All
        • Public
        • Public/Protected
        • All
        Menu

        Enumeration PseudoBoolean

        Index

        Enumeration members

        Enumeration members

        False

        False = 0

        True

        True = 1

        Legend

        • Property

        Settings

        Theme

        Generated using TypeDoc

        \ No newline at end of file diff --git a/docs/enums/export_.TrustType.html b/docs/enums/export_.TrustType.html index 614f678f..852460f1 100644 --- a/docs/enums/export_.TrustType.html +++ b/docs/enums/export_.TrustType.html @@ -1 +1 @@ -TrustType | alks.js
        Options
        All
        • Public
        • Public/Protected
        • All
        Menu

        Enumeration TrustType

        Index

        Enumeration members

        Enumeration members

        CrossAccount

        CrossAccount = "Cross Account"

        InnerAccount

        InnerAccount = "Inner Account"

        Legend

        • Property

        Settings

        Theme

        Generated using TypeDoc

        \ No newline at end of file +TrustType | alks.js
        Options
        All
        • Public
        • Public/Protected
        • All
        Menu

        Enumeration TrustType

        Index

        Enumeration members

        Enumeration members

        CrossAccount

        CrossAccount = "Cross Account"

        InnerAccount

        InnerAccount = "Inner Account"

        Legend

        • Property

        Settings

        Theme

        Generated using TypeDoc

        \ No newline at end of file diff --git a/docs/interfaces/AccessToken.html b/docs/interfaces/AccessToken.html index 012d7f0b..f9849607 100644 --- a/docs/interfaces/AccessToken.html +++ b/docs/interfaces/AccessToken.html @@ -1 +1 @@ -AccessToken | alks.js
        Options
        All
        • Public
        • Public/Protected
        • All
        Menu

        Interface AccessToken

        Hierarchy

        • AccessToken

        Index

        Properties

        Properties

        accessToken

        accessToken: string

        expiresIn

        expiresIn: string

        Legend

        • Property

        Settings

        Theme

        Generated using TypeDoc

        \ No newline at end of file +AccessToken | alks.js
        Options
        All
        • Public
        • Public/Protected
        • All
        Menu

        Interface AccessToken

        Hierarchy

        • AccessToken

        Index

        Properties

        Properties

        accessToken

        accessToken: string

        expiresIn

        expiresIn: string

        Legend

        • Property

        Settings

        Theme

        Generated using TypeDoc

        \ No newline at end of file diff --git a/docs/interfaces/Account.html b/docs/interfaces/Account.html index 10f6a8f7..57758900 100644 --- a/docs/interfaces/Account.html +++ b/docs/interfaces/Account.html @@ -5,4 +5,4 @@
    property

    iamKeyActive - Whether credentials with IAM permissions can be provisioned from this account

    property

    maxKeyDuration - The maximum key duration for this account

    property

    skypieaAccount - extra information about the account from Skypiea

    -

Hierarchy

  • Account

Index

Properties

Properties

account

account: string

iamKeyActive

iamKeyActive: boolean

maxKeyDuration

maxKeyDuration: number

role

role: string

securityLevel

securityLevel: string

skypieaAccount

skypieaAccount: null | export=.SkypieaAccount

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Account

Index

Properties

Properties

account

account: string

iamKeyActive

iamKeyActive: boolean

maxKeyDuration

maxKeyDuration: number

role

role: string

securityLevel

securityLevel: string

skypieaAccount

skypieaAccount: null | export=.SkypieaAccount

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/AccountUserDetails.html b/docs/interfaces/AccountUserDetails.html index 99a1666f..2f767001 100644 --- a/docs/interfaces/AccountUserDetails.html +++ b/docs/interfaces/AccountUserDetails.html @@ -3,4 +3,4 @@
property

samAccountName - the samAccountName of the user

property

email - the email of the user

property

href - the href self link

-

Hierarchy

  • AccountUserDetails

Index

Properties

Properties

email

email: string

href

href: string

samAccountName

samAccountName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • AccountUserDetails

Index

Properties

Properties

email

email: string

href

href: string

samAccountName

samAccountName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/AwsAccountRole.html b/docs/interfaces/AwsAccountRole.html index 1e0ce59d..ed572f36 100644 --- a/docs/interfaces/AwsAccountRole.html +++ b/docs/interfaces/AwsAccountRole.html @@ -3,4 +3,4 @@
property

roleArn - The AWS Role ARN

property

isMachineIdentity - true|false value of if this role is a machine identity

property

assumeRolePolicyDocument - The AWS assume role policy document associated with this role

-

Hierarchy

  • AwsAccountRole

Index

Properties

Properties

assumeRolePolicyDocument

assumeRolePolicyDocument: object

isMachineIdentity

isMachineIdentity: boolean

roleArn

roleArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • AwsAccountRole

Index

Properties

Properties

assumeRolePolicyDocument

assumeRolePolicyDocument: object

isMachineIdentity

isMachineIdentity: boolean

roleArn

roleArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/AwsRoleType.html b/docs/interfaces/AwsRoleType.html index 479cc71d..59fc0f10 100644 --- a/docs/interfaces/AwsRoleType.html +++ b/docs/interfaces/AwsRoleType.html @@ -5,4 +5,4 @@
property

trustRelationship - The AWS trust policy document associated with this role

property

instanceProfile - Whether this role is an instance profile

property

templateVariables - A list of template variables that exist within the role type's trust policy document

-

Hierarchy

  • AwsRoleType

Index

Properties

Properties

defaultArns

defaultArns: string[]

instanceProfile

instanceProfile: boolean

roleTypeName

roleTypeName: string

Optional templateVariables

templateVariables?: string[]

trustRelationship

trustRelationship: object

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • AwsRoleType

Index

Properties

Properties

defaultArns

defaultArns: string[]

instanceProfile

instanceProfile: boolean

roleTypeName

roleTypeName: string

Optional templateVariables

templateVariables?: string[]

trustRelationship

trustRelationship: object

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/CloudsploitReport.html b/docs/interfaces/CloudsploitReport.html index e37e787e..87a9d0b8 100644 --- a/docs/interfaces/CloudsploitReport.html +++ b/docs/interfaces/CloudsploitReport.html @@ -12,4 +12,4 @@
property

warning - the amount of warnings

property

failing - the amount of fails

property

unknown - the amount of unknowns

-

Hierarchy

  • CloudsploitReport

Index

Properties

Properties

awsAccountId

awsAccountId: string

day

day: number

failing

failing: number

href

href: string

month

month: number

newRisks

newRisks: number

passing

passing: number

scanDate

scanDate: string

scanId

scanId: number

unknown

unknown: number

warning

warning: number

year

year: number

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • CloudsploitReport

Index

Properties

Properties

awsAccountId

awsAccountId: string

day

day: number

failing

failing: number

href

href: string

month

month: number

newRisks

newRisks: number

passing

passing: number

scanDate

scanDate: string

scanId

scanId: number

unknown

unknown: number

warning

warning: number

year

year: number

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/CostTotal.html b/docs/interfaces/CostTotal.html index 9d804ed2..976c663e 100644 --- a/docs/interfaces/CostTotal.html +++ b/docs/interfaces/CostTotal.html @@ -1 +1 @@ -CostTotal | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface CostTotal

Hierarchy

  • CostTotal

Index

Properties

Properties

awsAccountId

awsAccountId: string

daily

daily: string

dailyCostsByService

dailyCostsByService: Record<string, string>

dd

dd: string

mm

mm: string

monthly

monthly: string

monthlyCostsByService

monthlyCostsByService: Record<string, string>

weekly

weekly: string

yearly

yearly: string

yyyy

yyyy: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +CostTotal | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface CostTotal

Hierarchy

  • CostTotal

Index

Properties

Properties

awsAccountId

awsAccountId: string

daily

daily: string

dailyCostsByService

dailyCostsByService: Record<string, string>

dd

dd: string

mm

mm: string

monthly

monthly: string

monthlyCostsByService

monthlyCostsByService: Record<string, string>

weekly

weekly: string

yearly

yearly: string

yyyy

yyyy: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/IamUser.html b/docs/interfaces/IamUser.html index c28376aa..82dd37e2 100644 --- a/docs/interfaces/IamUser.html +++ b/docs/interfaces/IamUser.html @@ -1 +1 @@ -IamUser | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface IamUser

Hierarchy

  • IamUser

Index

Properties

Properties

accessKey

accessKey: string

accountId

accountId: string

arn

arn: string

tags

tags: export=.Tag[]

userName

userName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +IamUser | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface IamUser

Hierarchy

  • IamUser

Index

Properties

Properties

accessKey

accessKey: string

accountId

accountId: string

arn

arn: string

tags

tags: export=.Tag[]

userName

userName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/Key.html b/docs/interfaces/Key.html index 23c5b650..68437a4f 100644 --- a/docs/interfaces/Key.html +++ b/docs/interfaces/Key.html @@ -5,4 +5,4 @@
property

sessionToken - AWS STS session token

property

consoleURL - a URL to the AWS console using these keys

property

sessionTime - the number of hours until the key expires

-

Hierarchy

  • Key

Index

Properties

Properties

accessKey

accessKey: string

consoleURL

consoleURL: string

secretKey

secretKey: string

sessionTime

sessionTime: number

sessionToken

sessionToken: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Key

Index

Properties

Properties

accessKey

accessKey: string

consoleURL

consoleURL: string

secretKey

secretKey: string

sessionTime

sessionTime: number

sessionToken

sessionToken: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/LongTermKey.html b/docs/interfaces/LongTermKey.html index 5ed81316..c71b767a 100644 --- a/docs/interfaces/LongTermKey.html +++ b/docs/interfaces/LongTermKey.html @@ -4,4 +4,4 @@
property

accessKey - the long term access key

property

secretKey - the secret key for the long term access key

property

addedIAMUserToGroup - whether the user was successfully added to the deny policy group

-

Hierarchy

  • LongTermKey

Index

Properties

Properties

accessKey

accessKey: string

addedIAMUserToGroup

addedIAMUserToGroup: boolean

iamUserArn

iamUserArn: string

secretKey

secretKey: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • LongTermKey

Index

Properties

Properties

accessKey

accessKey: string

addedIAMUserToGroup

addedIAMUserToGroup: boolean

iamUserArn

iamUserArn: string

secretKey

secretKey: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/MachineIdentity.html b/docs/interfaces/MachineIdentity.html index d73296a7..6d42ba65 100644 --- a/docs/interfaces/MachineIdentity.html +++ b/docs/interfaces/MachineIdentity.html @@ -1 +1 @@ -MachineIdentity | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface MachineIdentity

Hierarchy

  • MachineIdentity

Index

Properties

Properties

machineIdentityArn

machineIdentityArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +MachineIdentity | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface MachineIdentity

Hierarchy

  • MachineIdentity

Index

Properties

Properties

machineIdentityArn

machineIdentityArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/RefreshToken.html b/docs/interfaces/RefreshToken.html index 64fb72a2..9b0812d2 100644 --- a/docs/interfaces/RefreshToken.html +++ b/docs/interfaces/RefreshToken.html @@ -1 +1 @@ -RefreshToken | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface RefreshToken

Hierarchy

  • RefreshToken

Index

Properties

Properties

clientId

clientId: string

id

id: string

userId

userId: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +RefreshToken | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface RefreshToken

Hierarchy

  • RefreshToken

Index

Properties

Properties

clientId

clientId: string

id

id: string

userId

userId: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/Role.html b/docs/interfaces/Role.html index 7892d7f2..de0e5c6a 100644 --- a/docs/interfaces/Role.html +++ b/docs/interfaces/Role.html @@ -5,4 +5,4 @@
property

instanceProfileArn - The Instance Profile ARN associated with this role

property

addedRoleToInstanceProfile - Whether this role was added to an Instance Profile

property

tags - Resource tags associated with the IAM account role

-

Hierarchy

  • Role

Index

Properties

Properties

Optional addedRoleToInstanceProfile

addedRoleToInstanceProfile?: boolean

Optional denyArns

denyArns?: string

instanceProfileArn

instanceProfileArn: string

Optional isMachineIdentity

isMachineIdentity?: boolean

Optional maxSessionDurationInSeconds

maxSessionDurationInSeconds?: number

roleArn

roleArn: string

Optional tags

tags?: export=.Tag[]

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Role

Index

Properties

Properties

Optional addedRoleToInstanceProfile

addedRoleToInstanceProfile?: boolean

Optional denyArns

denyArns?: string

instanceProfileArn

instanceProfileArn: string

Optional isMachineIdentity

isMachineIdentity?: boolean

Optional maxSessionDurationInSeconds

maxSessionDurationInSeconds?: number

roleArn

roleArn: string

Optional tags

tags?: export=.Tag[]

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/SkypieaAccount.html b/docs/interfaces/SkypieaAccount.html index e5a0fce1..61aed8f2 100644 --- a/docs/interfaces/SkypieaAccount.html +++ b/docs/interfaces/SkypieaAccount.html @@ -3,4 +3,4 @@
property

label - the friendly name of the account

property

accountOwners - the samAccountNames of the account owners

property

cloudsploitTrend - the CloudSploit trends

-

Hierarchy

  • SkypieaAccount

Index

Properties

Properties

accountOwners

accountOwners: export=.AccountUserDetails[]

cloudsploitTrend

cloudsploitTrend: export=.CloudsploitReport[]

label

label: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • SkypieaAccount

Index

Properties

Properties

accountOwners

accountOwners: export=.AccountUserDetails[]

cloudsploitTrend

cloudsploitTrend: export=.CloudsploitReport[]

label

label: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/Tag.html b/docs/interfaces/Tag.html index a58f132b..210ab737 100644 --- a/docs/interfaces/Tag.html +++ b/docs/interfaces/Tag.html @@ -2,4 +2,4 @@

Alks role tags

property

key - The AWS role tag key

property

value - The AWS role tag value

-

Hierarchy

  • Tag

Index

Properties

Properties

key

key: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Tag

Index

Properties

Properties

key

key: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/User.html b/docs/interfaces/User.html index caf950e2..649aae9b 100644 --- a/docs/interfaces/User.html +++ b/docs/interfaces/User.html @@ -5,4 +5,4 @@
property

email - The user email

property

title - The user title

property

department - The user department

-

Hierarchy

  • User

Index

Properties

Properties

department

department: string

displayName

displayName: string

email

email: string

sAMAccountName

sAMAccountName: string

title

title: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • User

Index

Properties

Properties

department

department: string

displayName

displayName: string

email

email: string

sAMAccountName

sAMAccountName: string

title

title: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.AccessToken.html b/docs/interfaces/export_.AccessToken.html index 00124e41..b2b01167 100644 --- a/docs/interfaces/export_.AccessToken.html +++ b/docs/interfaces/export_.AccessToken.html @@ -1 +1 @@ -AccessToken | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface AccessToken

Hierarchy

  • AccessToken

Index

Properties

Properties

accessToken

accessToken: string

expiresIn

expiresIn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +AccessToken | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface AccessToken

Hierarchy

  • AccessToken

Index

Properties

Properties

accessToken

accessToken: string

expiresIn

expiresIn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.Account.html b/docs/interfaces/export_.Account.html index 80cff6e4..fcb5e9b1 100644 --- a/docs/interfaces/export_.Account.html +++ b/docs/interfaces/export_.Account.html @@ -5,4 +5,4 @@
property

iamKeyActive - Whether credentials with IAM permissions can be provisioned from this account

property

maxKeyDuration - The maximum key duration for this account

property

skypieaAccount - extra information about the account from Skypiea

-

Hierarchy

  • Account

Index

Properties

Properties

account

account: string

iamKeyActive

iamKeyActive: boolean

maxKeyDuration

maxKeyDuration: number

role

role: string

securityLevel

securityLevel: string

skypieaAccount

skypieaAccount: null | export=.SkypieaAccount

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Account

Index

Properties

Properties

account

account: string

iamKeyActive

iamKeyActive: boolean

maxKeyDuration

maxKeyDuration: number

role

role: string

securityLevel

securityLevel: string

skypieaAccount

skypieaAccount: null | export=.SkypieaAccount

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.AccountUserDetails.html b/docs/interfaces/export_.AccountUserDetails.html index dd1ddf4b..3c19916d 100644 --- a/docs/interfaces/export_.AccountUserDetails.html +++ b/docs/interfaces/export_.AccountUserDetails.html @@ -3,4 +3,4 @@
property

samAccountName - the samAccountName of the user

property

email - the email of the user

property

href - the href self link

-

Hierarchy

  • AccountUserDetails

Index

Properties

Properties

email

email: string

href

href: string

samAccountName

samAccountName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • AccountUserDetails

Index

Properties

Properties

email

email: string

href

href: string

samAccountName

samAccountName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.AwsAccountRole.html b/docs/interfaces/export_.AwsAccountRole.html index a080b7d8..925a6189 100644 --- a/docs/interfaces/export_.AwsAccountRole.html +++ b/docs/interfaces/export_.AwsAccountRole.html @@ -3,4 +3,4 @@
property

roleArn - The AWS Role ARN

property

isMachineIdentity - true|false value of if this role is a machine identity

property

assumeRolePolicyDocument - The AWS assume role policy document associated with this role

-

Hierarchy

  • AwsAccountRole

Index

Properties

Properties

assumeRolePolicyDocument

assumeRolePolicyDocument: object

isMachineIdentity

isMachineIdentity: boolean

roleArn

roleArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • AwsAccountRole

Index

Properties

Properties

assumeRolePolicyDocument

assumeRolePolicyDocument: object

isMachineIdentity

isMachineIdentity: boolean

roleArn

roleArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.AwsRoleType.html b/docs/interfaces/export_.AwsRoleType.html index 1e5d3089..c7e8bd39 100644 --- a/docs/interfaces/export_.AwsRoleType.html +++ b/docs/interfaces/export_.AwsRoleType.html @@ -5,4 +5,4 @@
property

trustRelationship - The AWS trust policy document associated with this role

property

instanceProfile - Whether this role is an instance profile

property

templateVariables - A list of template variables that exist within the role type's trust policy document

-

Hierarchy

  • AwsRoleType

Index

Properties

Properties

defaultArns

defaultArns: string[]

instanceProfile

instanceProfile: boolean

roleTypeName

roleTypeName: string

Optional templateVariables

templateVariables?: string[]

trustRelationship

trustRelationship: object

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • AwsRoleType

Index

Properties

Properties

defaultArns

defaultArns: string[]

instanceProfile

instanceProfile: boolean

roleTypeName

roleTypeName: string

Optional templateVariables

templateVariables?: string[]

trustRelationship

trustRelationship: object

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.CloudsploitReport.html b/docs/interfaces/export_.CloudsploitReport.html index 6fb28165..46e950e3 100644 --- a/docs/interfaces/export_.CloudsploitReport.html +++ b/docs/interfaces/export_.CloudsploitReport.html @@ -12,4 +12,4 @@
property

warning - the amount of warnings

property

failing - the amount of fails

property

unknown - the amount of unknowns

-

Hierarchy

  • CloudsploitReport

Index

Properties

Properties

awsAccountId

awsAccountId: string

day

day: number

failing

failing: number

href

href: string

month

month: number

newRisks

newRisks: number

passing

passing: number

scanDate

scanDate: string

scanId

scanId: number

unknown

unknown: number

warning

warning: number

year

year: number

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • CloudsploitReport

Index

Properties

Properties

awsAccountId

awsAccountId: string

day

day: number

failing

failing: number

href

href: string

month

month: number

newRisks

newRisks: number

passing

passing: number

scanDate

scanDate: string

scanId

scanId: number

unknown

unknown: number

warning

warning: number

year

year: number

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.CostTotal.html b/docs/interfaces/export_.CostTotal.html index 37094b6e..3f9d781f 100644 --- a/docs/interfaces/export_.CostTotal.html +++ b/docs/interfaces/export_.CostTotal.html @@ -1 +1 @@ -CostTotal | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface CostTotal

Hierarchy

  • CostTotal

Index

Properties

Properties

awsAccountId

awsAccountId: string

daily

daily: string

dailyCostsByService

dailyCostsByService: Record<string, string>

dd

dd: string

mm

mm: string

monthly

monthly: string

monthlyCostsByService

monthlyCostsByService: Record<string, string>

weekly

weekly: string

yearly

yearly: string

yyyy

yyyy: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +CostTotal | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface CostTotal

Hierarchy

  • CostTotal

Index

Properties

Properties

awsAccountId

awsAccountId: string

daily

daily: string

dailyCostsByService

dailyCostsByService: Record<string, string>

dd

dd: string

mm

mm: string

monthly

monthly: string

monthlyCostsByService

monthlyCostsByService: Record<string, string>

weekly

weekly: string

yearly

yearly: string

yyyy

yyyy: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.IamUser.html b/docs/interfaces/export_.IamUser.html index 100f379c..811d942a 100644 --- a/docs/interfaces/export_.IamUser.html +++ b/docs/interfaces/export_.IamUser.html @@ -1 +1 @@ -IamUser | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface IamUser

Hierarchy

  • IamUser

Index

Properties

Properties

accessKey

accessKey: string

accountId

accountId: string

arn

arn: string

tags

tags: export=.Tag[]

userName

userName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +IamUser | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface IamUser

Hierarchy

  • IamUser

Index

Properties

Properties

accessKey

accessKey: string

accountId

accountId: string

arn

arn: string

tags

tags: export=.Tag[]

userName

userName: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.Key.html b/docs/interfaces/export_.Key.html index a8d89d46..6a577f0e 100644 --- a/docs/interfaces/export_.Key.html +++ b/docs/interfaces/export_.Key.html @@ -5,4 +5,4 @@
property

sessionToken - AWS STS session token

property

consoleURL - a URL to the AWS console using these keys

property

sessionTime - the number of hours until the key expires

-

Hierarchy

  • Key

Index

Properties

Properties

accessKey

accessKey: string

consoleURL

consoleURL: string

secretKey

secretKey: string

sessionTime

sessionTime: number

sessionToken

sessionToken: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Key

Index

Properties

Properties

accessKey

accessKey: string

consoleURL

consoleURL: string

secretKey

secretKey: string

sessionTime

sessionTime: number

sessionToken

sessionToken: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.LongTermKey.html b/docs/interfaces/export_.LongTermKey.html index 637cf84c..ad5533be 100644 --- a/docs/interfaces/export_.LongTermKey.html +++ b/docs/interfaces/export_.LongTermKey.html @@ -4,4 +4,4 @@
property

accessKey - the long term access key

property

secretKey - the secret key for the long term access key

property

addedIAMUserToGroup - whether the user was successfully added to the deny policy group

-

Hierarchy

  • LongTermKey

Index

Properties

Properties

accessKey

accessKey: string

addedIAMUserToGroup

addedIAMUserToGroup: boolean

iamUserArn

iamUserArn: string

secretKey

secretKey: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • LongTermKey

Index

Properties

Properties

accessKey

accessKey: string

addedIAMUserToGroup

addedIAMUserToGroup: boolean

iamUserArn

iamUserArn: string

secretKey

secretKey: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.MachineIdentity.html b/docs/interfaces/export_.MachineIdentity.html index ae198878..3299743c 100644 --- a/docs/interfaces/export_.MachineIdentity.html +++ b/docs/interfaces/export_.MachineIdentity.html @@ -1 +1 @@ -MachineIdentity | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface MachineIdentity

Hierarchy

  • MachineIdentity

Index

Properties

Properties

machineIdentityArn

machineIdentityArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +MachineIdentity | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface MachineIdentity

Hierarchy

  • MachineIdentity

Index

Properties

Properties

machineIdentityArn

machineIdentityArn: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.RefreshToken.html b/docs/interfaces/export_.RefreshToken.html index d939fb95..fca7a639 100644 --- a/docs/interfaces/export_.RefreshToken.html +++ b/docs/interfaces/export_.RefreshToken.html @@ -1 +1 @@ -RefreshToken | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface RefreshToken

Hierarchy

  • RefreshToken

Index

Properties

Properties

clientId

clientId: string

id

id: string

userId

userId: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +RefreshToken | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface RefreshToken

Hierarchy

  • RefreshToken

Index

Properties

Properties

clientId

clientId: string

id

id: string

userId

userId: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.Role.html b/docs/interfaces/export_.Role.html index 7cc10f3d..1244ba02 100644 --- a/docs/interfaces/export_.Role.html +++ b/docs/interfaces/export_.Role.html @@ -5,4 +5,4 @@
property

instanceProfileArn - The Instance Profile ARN associated with this role

property

addedRoleToInstanceProfile - Whether this role was added to an Instance Profile

property

tags - Resource tags associated with the IAM account role

-

Hierarchy

  • Role

Index

Properties

Properties

Optional addedRoleToInstanceProfile

addedRoleToInstanceProfile?: boolean

Optional denyArns

denyArns?: string

instanceProfileArn

instanceProfileArn: string

Optional isMachineIdentity

isMachineIdentity?: boolean

Optional maxSessionDurationInSeconds

maxSessionDurationInSeconds?: number

roleArn

roleArn: string

Optional tags

tags?: export=.Tag[]

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Role

Index

Properties

Properties

Optional addedRoleToInstanceProfile

addedRoleToInstanceProfile?: boolean

Optional denyArns

denyArns?: string

instanceProfileArn

instanceProfileArn: string

Optional isMachineIdentity

isMachineIdentity?: boolean

Optional maxSessionDurationInSeconds

maxSessionDurationInSeconds?: number

roleArn

roleArn: string

Optional tags

tags?: export=.Tag[]

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.SkypieaAccount.html b/docs/interfaces/export_.SkypieaAccount.html index c56c7328..6b016808 100644 --- a/docs/interfaces/export_.SkypieaAccount.html +++ b/docs/interfaces/export_.SkypieaAccount.html @@ -3,4 +3,4 @@
property

label - the friendly name of the account

property

accountOwners - the samAccountNames of the account owners

property

cloudsploitTrend - the CloudSploit trends

-

Hierarchy

  • SkypieaAccount

Index

Properties

Properties

accountOwners

accountOwners: export=.AccountUserDetails[]

cloudsploitTrend

cloudsploitTrend: export=.CloudsploitReport[]

label

label: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • SkypieaAccount

Index

Properties

Properties

accountOwners

accountOwners: export=.AccountUserDetails[]

cloudsploitTrend

cloudsploitTrend: export=.CloudsploitReport[]

label

label: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.Tag.html b/docs/interfaces/export_.Tag.html index 3fb75103..74af48bc 100644 --- a/docs/interfaces/export_.Tag.html +++ b/docs/interfaces/export_.Tag.html @@ -2,4 +2,4 @@

Alks role tags

property

key - The AWS role tag key

property

value - The AWS role tag value

-

Hierarchy

  • Tag

Index

Properties

Properties

key

key: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • Tag

Index

Properties

Properties

key

key: string

value

value: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/interfaces/export_.User.html b/docs/interfaces/export_.User.html index 75fb6162..4fd123d2 100644 --- a/docs/interfaces/export_.User.html +++ b/docs/interfaces/export_.User.html @@ -5,4 +5,4 @@
property

email - The user email

property

title - The user title

property

department - The user department

-

Hierarchy

  • User

Index

Properties

Properties

department

department: string

displayName

displayName: string

email

email: string

sAMAccountName

sAMAccountName: string

title

title: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +

Hierarchy

  • User

Index

Properties

Properties

department

department: string

displayName

displayName: string

email

email: string

sAMAccountName

sAMAccountName: string

title

title: string

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/modules.html b/docs/modules.html index b1762c38..64a876cf 100644 --- a/docs/modules.html +++ b/docs/modules.html @@ -1 +1 @@ -alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

alks.js

Index

Namespaces

Interfaces

Type aliases

Type aliases

AddRoleMachineIdentityProps

AddRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

AlksProps

AlksProps: BaseConfig & Auth

AwsAccountRolesProps

AwsAccountRolesProps: Partial<export=.AlksProps> & { account: string }

CreateAccessKeysProps

CreateAccessKeysProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string; tags?: export=.Tag[] }

CreateNonServiceRoleProps

CreateNonServiceRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; externalId?: string; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType: TrustType; tags?: export=.Tag[]; trustArn: string }

CreateRoleProps

CreateRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType?: string; tags?: export=.Tag[]; templateFields?: Record<string, string>; trustPolicy?: Record<string, unknown> }

DeleteIAMUserProps

DeleteIAMUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string }

DeleteRoleMachineIdentityProps

DeleteRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

DeleteRoleProps

DeleteRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAWSRoleTypesProps

GetAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetAccessTokenProps

GetAccessTokenProps: Partial<export=.AlksProps> & { refreshToken: string }

GetAccountOwnersProps

GetAccountOwnersProps: Partial<export=.AlksProps> & { accountId: string }

GetAccountRoleProps

GetAccountRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAccountsProps

GetAccountsProps: Partial<export=.AlksProps> & {}

GetAllAWSRoleTypesProps

GetAllAWSRoleTypesProps: Partial<export=.AlksProps> & { getDynamicValues?: boolean }

GetCostTotalsProps

GetCostTotalsProps: Partial<export=.AlksProps> & { accountId: string }

GetIAMKeysProps

GetIAMKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetIamUserProps

GetIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string }

GetKeysProps

GetKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetLoginRoleProps

GetLoginRoleProps: Partial<export=.AlksProps> & { accountId: string; role: string }

GetNonServiceAWSRoleTypesProps

GetNonServiceAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetRefreshTokensProps

GetRefreshTokensProps: Partial<export=.AlksProps> & {}

GetUserAccessByRoleProps

GetUserAccessByRoleProps: Partial<export=.AlksProps> & { accountId: string }

GetUserAccessProps

GetUserAccessProps: Partial<export=.AlksProps> & { accountId: string }

GetUserRoleAccessProps

GetUserRoleAccessProps: Partial<export=.AlksProps> & { accountId: string; sAMAccountName: string }

ListAWSAccountRolesProps

ListAWSAccountRolesProps: Partial<export=.AlksProps> & { account: string; role: string }

RevokeByIdProps

RevokeByIdProps: Partial<export=.AlksProps> & { tokenId: string }

RevokeByValueProps

RevokeByValueProps: Partial<export=.AlksProps> & { token: string }

RevokeProps

RevokeProps: export=.RevokeByIdProps | export=.RevokeByValueProps

UpdateIamUserProps

UpdateIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; tags?: export=.Tag[] }

UpdateRoleProps

UpdateRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string; tags: export=.Tag[] }

VersionProps

VersionProps: Partial<export=.AlksProps> & {}

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

alks.js

Index

Namespaces

Interfaces

Type aliases

Type aliases

AddRoleMachineIdentityProps

AddRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

AlksProps

AlksProps: BaseConfig & Auth

AwsAccountRolesProps

AwsAccountRolesProps: Partial<export=.AlksProps> & { account: string }

CreateAccessKeysProps

CreateAccessKeysProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string; tags?: export=.Tag[] }

CreateNonServiceRoleProps

CreateNonServiceRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; externalId?: string; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType: TrustType; tags?: export=.Tag[]; trustArn: string }

CreateRoleProps

CreateRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType?: string; tags?: export=.Tag[]; templateFields?: Record<string, string>; trustPolicy?: Record<string, unknown> }

DeleteIAMUserProps

DeleteIAMUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string }

DeleteRoleMachineIdentityProps

DeleteRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

DeleteRoleProps

DeleteRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAWSRoleTypesProps

GetAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetAccessTokenProps

GetAccessTokenProps: Partial<export=.AlksProps> & { refreshToken: string }

GetAccountOwnersProps

GetAccountOwnersProps: Partial<export=.AlksProps> & { accountId: string }

GetAccountRoleProps

GetAccountRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAccountsProps

GetAccountsProps: Partial<export=.AlksProps> & {}

GetAllAWSRoleTypesProps

GetAllAWSRoleTypesProps: Partial<export=.AlksProps> & { getDynamicValues?: boolean }

GetCostTotalsProps

GetCostTotalsProps: Partial<export=.AlksProps> & { accountId: string }

GetIAMKeysProps

GetIAMKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetIamUserProps

GetIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string }

GetKeysProps

GetKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetLoginRoleProps

GetLoginRoleProps: Partial<export=.AlksProps> & { accountId: string; role: string }

GetNonServiceAWSRoleTypesProps

GetNonServiceAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetRefreshTokensProps

GetRefreshTokensProps: Partial<export=.AlksProps> & {}

GetUserAccessByRoleProps

GetUserAccessByRoleProps: Partial<export=.AlksProps> & { accountId: string }

GetUserAccessProps

GetUserAccessProps: Partial<export=.AlksProps> & { accountId: string }

GetUserRoleAccessProps

GetUserRoleAccessProps: Partial<export=.AlksProps> & { accountId: string; sAMAccountName: string }

ListAWSAccountRolesProps

ListAWSAccountRolesProps: Partial<export=.AlksProps> & { account: string; role: string }

RevokeByIdProps

RevokeByIdProps: Partial<export=.AlksProps> & { tokenId: string }

RevokeByValueProps

RevokeByValueProps: Partial<export=.AlksProps> & { token: string }

RevokeProps

RevokeProps: export=.RevokeByIdProps | export=.RevokeByValueProps

UpdateIamUserProps

UpdateIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; tags?: export=.Tag[] }

UpdateRoleProps

UpdateRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string; tags: export=.Tag[] }

VersionProps

VersionProps: Partial<export=.AlksProps> & {}

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file diff --git a/docs/modules/export_.html b/docs/modules/export_.html index ef047084..ca2afa3c 100644 --- a/docs/modules/export_.html +++ b/docs/modules/export_.html @@ -1 +1 @@ -export= | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Namespace export=

Index

Enumerations

Classes

Interfaces

Type aliases

Functions

Type aliases

AddRoleMachineIdentityProps

AddRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

AlksProps

AlksProps: BaseConfig & Auth

AwsAccountRolesProps

AwsAccountRolesProps: Partial<export=.AlksProps> & { account: string }

CreateAccessKeysProps

CreateAccessKeysProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string; tags?: export=.Tag[] }

CreateNonServiceRoleProps

CreateNonServiceRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; externalId?: string; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType: TrustType; tags?: export=.Tag[]; trustArn: string }

CreateRoleProps

CreateRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType?: string; tags?: export=.Tag[]; templateFields?: Record<string, string>; trustPolicy?: Record<string, unknown> }

DeleteIAMUserProps

DeleteIAMUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string }

DeleteRoleMachineIdentityProps

DeleteRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

DeleteRoleProps

DeleteRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAWSRoleTypesProps

GetAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetAccessTokenProps

GetAccessTokenProps: Partial<export=.AlksProps> & { refreshToken: string }

GetAccountOwnersProps

GetAccountOwnersProps: Partial<export=.AlksProps> & { accountId: string }

GetAccountRoleProps

GetAccountRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAccountsProps

GetAccountsProps: Partial<export=.AlksProps> & {}

GetAllAWSRoleTypesProps

GetAllAWSRoleTypesProps: Partial<export=.AlksProps> & { getDynamicValues?: boolean }

GetCostTotalsProps

GetCostTotalsProps: Partial<export=.AlksProps> & { accountId: string }

GetIAMKeysProps

GetIAMKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetIamUserProps

GetIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string }

GetKeysProps

GetKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetLoginRoleProps

GetLoginRoleProps: Partial<export=.AlksProps> & { accountId: string; role: string }

GetNonServiceAWSRoleTypesProps

GetNonServiceAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetRefreshTokensProps

GetRefreshTokensProps: Partial<export=.AlksProps> & {}

GetUserAccessByRoleProps

GetUserAccessByRoleProps: Partial<export=.AlksProps> & { accountId: string }

GetUserAccessProps

GetUserAccessProps: Partial<export=.AlksProps> & { accountId: string }

GetUserRoleAccessProps

GetUserRoleAccessProps: Partial<export=.AlksProps> & { accountId: string; sAMAccountName: string }

ListAWSAccountRolesProps

ListAWSAccountRolesProps: Partial<export=.AlksProps> & { account: string; role: string }

RevokeByIdProps

RevokeByIdProps: Partial<export=.AlksProps> & { tokenId: string }

RevokeByValueProps

RevokeByValueProps: Partial<export=.AlksProps> & { token: string }

RevokeProps

RevokeProps: export=.RevokeByIdProps | export=.RevokeByValueProps

UpdateIamUserProps

UpdateIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; tags?: export=.Tag[] }

UpdateRoleProps

UpdateRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string; tags: export=.Tag[] }

VersionProps

VersionProps: Partial<export=.AlksProps> & {}

Functions

addRoleMachineIdentity

awsAccountRoles

create

createAccessKeys

createNonServiceRole

createRole

deleteIAMUser

deleteRole

deleteRoleMachineIdentity

getAWSRoleTypes

getAccessToken

getAccountOwners

getAccountRole

getAccounts

getAllAWSRoleTypes

getCostTotals

getIAMKeys

getIamUser

getKeys

getLoginRole

getNonServiceAWSRoleTypes

getRefreshTokens

getUserAccess

getUserAccessByRole

getUserRoleAccess

listAWSAccountRoles

revoke

updateIamUser

updateRole

version

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file +export= | alks.js
Options
All
  • Public
  • Public/Protected
  • All
Menu

Namespace export=

Index

Enumerations

Classes

Interfaces

Type aliases

Functions

Type aliases

AddRoleMachineIdentityProps

AddRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

AlksProps

AlksProps: BaseConfig & Auth

AwsAccountRolesProps

AwsAccountRolesProps: Partial<export=.AlksProps> & { account: string }

CreateAccessKeysProps

CreateAccessKeysProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string; tags?: export=.Tag[] }

CreateNonServiceRoleProps

CreateNonServiceRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; externalId?: string; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType: TrustType; tags?: export=.Tag[]; trustArn: string }

CreateRoleProps

CreateRoleProps: Partial<export=.AlksProps> & { account: string; enableAlksAccess: boolean; includeDefaultPolicy: PseudoBoolean; role: string; roleName: string; roleType?: string; tags?: export=.Tag[]; templateFields?: Record<string, string>; trustPolicy?: Record<string, unknown> }

DeleteIAMUserProps

DeleteIAMUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; role: string }

DeleteRoleMachineIdentityProps

DeleteRoleMachineIdentityProps: Partial<export=.AlksProps> & { roleARN: string }

DeleteRoleProps

DeleteRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAWSRoleTypesProps

GetAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetAccessTokenProps

GetAccessTokenProps: Partial<export=.AlksProps> & { refreshToken: string }

GetAccountOwnersProps

GetAccountOwnersProps: Partial<export=.AlksProps> & { accountId: string }

GetAccountRoleProps

GetAccountRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string }

GetAccountsProps

GetAccountsProps: Partial<export=.AlksProps> & {}

GetAllAWSRoleTypesProps

GetAllAWSRoleTypesProps: Partial<export=.AlksProps> & { getDynamicValues?: boolean }

GetCostTotalsProps

GetCostTotalsProps: Partial<export=.AlksProps> & { accountId: string }

GetIAMKeysProps

GetIAMKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetIamUserProps

GetIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string }

GetKeysProps

GetKeysProps: Partial<export=.AlksProps> & { account: string; role: string; sessionTime: number }

GetLoginRoleProps

GetLoginRoleProps: Partial<export=.AlksProps> & { accountId: string; role: string }

GetNonServiceAWSRoleTypesProps

GetNonServiceAWSRoleTypesProps: Partial<export=.AlksProps> & {}

GetRefreshTokensProps

GetRefreshTokensProps: Partial<export=.AlksProps> & {}

GetUserAccessByRoleProps

GetUserAccessByRoleProps: Partial<export=.AlksProps> & { accountId: string }

GetUserAccessProps

GetUserAccessProps: Partial<export=.AlksProps> & { accountId: string }

GetUserRoleAccessProps

GetUserRoleAccessProps: Partial<export=.AlksProps> & { accountId: string; sAMAccountName: string }

ListAWSAccountRolesProps

ListAWSAccountRolesProps: Partial<export=.AlksProps> & { account: string; role: string }

RevokeByIdProps

RevokeByIdProps: Partial<export=.AlksProps> & { tokenId: string }

RevokeByValueProps

RevokeByValueProps: Partial<export=.AlksProps> & { token: string }

RevokeProps

RevokeProps: export=.RevokeByIdProps | export=.RevokeByValueProps

UpdateIamUserProps

UpdateIamUserProps: Partial<export=.AlksProps> & { account: string; iamUserName: string; tags?: export=.Tag[] }

UpdateRoleProps

UpdateRoleProps: Partial<export=.AlksProps> & { account: string; role: string; roleName: string; tags: export=.Tag[] }

VersionProps

VersionProps: Partial<export=.AlksProps> & {}

Functions

addRoleMachineIdentity

awsAccountRoles

create

createAccessKeys

createNonServiceRole

createRole

deleteIAMUser

deleteRole

deleteRoleMachineIdentity

getAWSRoleTypes

getAccessToken

getAccountOwners

getAccountRole

getAccounts

getAllAWSRoleTypes

getCostTotals

getIAMKeys

getIamUser

getKeys

getLoginRole

getNonServiceAWSRoleTypes

getRefreshTokens

getUserAccess

getUserAccessByRole

getUserRoleAccess

listAWSAccountRoles

revoke

updateIamUser

updateRole

version

Legend

  • Property

Settings

Theme

Generated using TypeDoc

\ No newline at end of file