@cloud-copilot/iam-lens 0.1.2 → 0.1.4

package/dist/esm/collect/client.js

@@ -1,63 +1,4 @@
-import { splitArnParts } from '../util/arn.js';
-// export interface IamCollectClient {
-//   /**
-//    * Does an account exist in the store?
-//    *
-//    * @param accountId the id of the account to check
-//    * @returns true if the account exists, false otherwise
-//    */
-//   accountExists: (accountId: string) => Promise<boolean>
-//   /**
-//    * Does a principal exist in the store?
-//    *
-//    * @param principalArn the arn of the principal to check
-//    * @returns true if the principal exists, false otherwise
-//    */
-//   principalExists: (principalArn: string) => Promise<boolean>
-//   /**
-//    * Get the org id for an account
-//    */
-//   getOrgIdForAccount: (accountId: string) => Promise<string | undefined>
-//   /**
-//    * Get the SCPs for an account and only the account
-//    *
-//    * @param accountId the id of the account to get the policies for
-//    * @returns the policies for the account
-//    */
-//   getScpsForAccount: (accountId: string) => Promise<OrgPolicy[]>
-//   /**
-//    * Get the SCP Hierarchy for an account. The first element is the root, the last element is the account itself.
-//    *
-//    * @param accountId the id of the account to get the policies for
-//    * @returns the policies for the account
-//    */
-//   getScpHierarchyForAccount(accountId: string): Promise<SimulationOrgPolicies[]>
-//   /**
-//    * Get the RCPs for an account
-//    *
-//    * @param accountId the account id to get the policies for
-//    * @returns the policies for the account
-//    */
-//   getRcpsForAccount: (accountId: string) => Promise<OrgPolicy[]>
-//   getRcpHierarchyForAccount(accountId: string): Promise<SimulationOrgPolicies[]>
-//   /**
-//    * Get the SCPs for an org unit
-//    *
-//    * @param orgUnitId the id of the org unit to get the policies for
-//    * @returns the policies for the org unit
-//    */
-//   getScpsForOrgUnit: (orgId: string, orgUnitId: string) => Promise<OrgPolicy[]>
-//   /**
-//    * Get the RCPs for an org unit
-//    *
-//    * @param orgUnitId
-//    * @returns
-//    */
-//   getRcpsForOrgUnit: (orgId: string, orgUnitId: string) => Promise<OrgPolicy[]>
-//   getAccountIdForBucket: (bucketName: string) => Promise<string | undefined>
-//   getAccountIdForRestApi: (apiArn: string) => Promise<string | undefined>
-//   getManagedPoliciesForUser(userArn: string): Promise<ManagedPolicy[]>
-// }
+import { splitArnParts } from '@cloud-copilot/iam-utils';
 export class IamCollectClient {
     constructor(storageClient) {
         this.storageClient = storageClient;
@@ -450,5 +391,51 @@ export class IamCollectClient {
     async getOrganizationMetadata(organizationId) {
         return this.storageClient.getOrganizationMetadata(organizationId, 'metadata');
     }
+    /**
+     * Gets the resource policy for a given resource ARN and account.
+     *
+     * @param resourceArn The ARN of the resource.
+     * @param accountId The ID of the account.
+     * @returns The resource policy, or undefined if not found.
+     */
+    async getResourcePolicyForArn(resourceArn, accountId) {
+        const resourcePolicy = await this.storageClient.getResourceMetadata(accountId, resourceArn, 'policy');
+        return resourcePolicy;
+    }
+    /**
+     * Gets the RAM share policy for a given resource ARN and account.
+     *
+     * @param resourceArn The ARN of the resource.
+     * @param accountId The ID of the account.
+     * @returns The RAM share policy, or undefined if not found.
+     */
+    async getRamSharePolicyForArn(resourceArn, accountId) {
+        const armSharePolicy = await this.storageClient.getRamResource(accountId, resourceArn);
+        return armSharePolicy?.policy;
+    }
+    /**
+     * Gets the tags for a given resource ARN and account.
+     *
+     * @param resourceArn The ARN of the resource.
+     * @param accountId The ID of the account.
+     * @returns The tags as a record, or undefined if not found.
+     */
+    async getTagsForResource(resourceArn, accountId) {
+        const tags = await this.storageClient.getResourceMetadata(accountId, resourceArn, 'tags');
+        return tags || {};
+    }
+    /**
+     * Gets a unique ID for an IAM resource based on its ARN and account ID.
+     * Used specifically for IAM Users and Roles
+     *
+     * @param resourceArn the ARN of the IAM resource
+     * @param accountId the ID of the account the resource belongs to
+     * @returns a unique ID for the resource, or undefined if not found
+     */
+    async getUniqueIdForIamResource(resourceArn) {
+        const accountId = splitArnParts(resourceArn).accountId;
+        const resourceMetadata = await this.storageClient.getResourceMetadata(accountId, resourceArn, 'metadata');
+        return resourceMetadata?.id;
+    }
 }
 //# sourceMappingURL=client.js.map

package/dist/esm/collect/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/collect/client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAyF9C,sCAAsC;AACtC,QAAQ;AACR,2CAA2C;AAC3C,OAAO;AACP,uDAAuD;AACvD,4DAA4D;AAC5D,QAAQ;AACR,2DAA2D;AAE3D,QAAQ;AACR,4CAA4C;AAC5C,OAAO;AACP,6DAA6D;AAC7D,8DAA8D;AAC9D,QAAQ;AACR,gEAAgE;AAEhE,QAAQ;AACR,qCAAqC;AACrC,QAAQ;AACR,2EAA2E;AAE3E,QAAQ;AACR,wDAAwD;AACxD,OAAO;AACP,sEAAsE;AACtE,6CAA6C;AAC7C,QAAQ;AACR,mEAAmE;AAEnE,QAAQ;AACR,oHAAoH;AACpH,OAAO;AACP,sEAAsE;AACtE,6CAA6C;AAC7C,QAAQ;AACR,mFAAmF;AAEnF,QAAQ;AACR,mCAAmC;AACnC,OAAO;AACP,+DAA+D;AAC/D,6CAA6C;AAC7C,QAAQ;AACR,mEAAmE;AAEnE,mFAAmF;AAEnF,QAAQ;AACR,oCAAoC;AACpC,OAAO;AACP,uEAAuE;AACvE,8CAA8C;AAC9C,QAAQ;AACR,kFAAkF;AAElF,QAAQ;AACR,oCAAoC;AACpC,OAAO;AACP,wBAAwB;AACxB,gBAAgB;AAChB,QAAQ;AACR,kFAAkF;AAElF,+EAA+E;AAE/E,4EAA4E;AAE5E,yEAAyE;AACzE,IAAI;AAEJ,MAAM,OAAO,gBAAgB;IAC3B,YAAoB,aAA0B;QAA1B,kBAAa,GAAb,aAAa,CAAa;IAAG,CAAC;IAElD;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAA;QAC1D,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IACrC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,YAAoB;QACxC,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;QACxD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAChE,SAAS,EACT,YAAY,EACZ,UAAU,CACX,CAAA;QACD,OAAO,CAAC,CAAC,aAAa,CAAA;IACxB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,+BAA+B,CACnC,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,iDAAiD;QACjD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAA;QAC7D,IAAI,WAAW,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,eAAe,GAA4B,EAAE,CAAA;QACnD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,SAAS,CAAC,CAAA;QAExE,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;YAE7E,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,IAAI;gBACnB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC7B,IAAI,EAAE,CAAC,CAAC,GAAG;oBACX,MAAM,EAAE,CAAC,CAAC,MAAM;iBACjB,CAAC,CAAC;aACJ,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClF,eAAe,CAAC,IAAI,CAAC;YACnB,aAAa,EAAE,SAAS;YACxB,QAAQ,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpC,IAAI,EAAE,CAAC,CAAC,GAAG;gBACX,MAAM,EAAE,CAAC,CAAC,MAAM;aACjB,CAAC,CAAC;SACJ,CAAC,CAAA;QAEF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,SAAiB;QACnD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QACD,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAA;QACvD,KAAK,CAAC,IAAI,CAAC,IAAK,CAAC,CAAA;QACjB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,4BAA4B,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACvE,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YAC3B,CAAC;YACD,IAAI,GAAG,UAAU,CAAA;QACnB,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,SAAiB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAA;QACvD,OAAO,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAA;IAC/B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,4BAA4B,CAAC,KAAa,EAAE,IAAY;QAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QACtD,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QACvB,OAAO,EAAE,CAAC,MAAM,CAAA;IAClB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB,CAC5B,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAA;QACvD,MAAM,cAAc,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC,CAAA;QAC7C,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAA2B,KAAK,EAAE,UAAU,CAAC,CAAA;IAChG,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,KAAa;QACvC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAAqB,KAAK,EAAE,KAAK,CAAC,CAAA;IACrF,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAChB,KAAa,EACb,UAAyB,EACzB,SAAiB;QAEjB,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAC7C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAGvE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAA;QAC1C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAC3E,KAAK,EACL,UAAU,EACV,QAAQ,EACR,QAAQ,CACT,CAAA;QAED,OAAO;YACL,GAAG,EAAE,UAAU,CAAC,GAAG;YACnB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,SAAiB,EACjB,UAAyB;QAEzB,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QAClE,MAAM,OAAO,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAA;QAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;QACvC,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,WAAW,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,SAAiB;QACxC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAyB,kBAAkB,EAAE,EAAE,CAAC,CAAA;QAC/F,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAA;QAClC,OAAO,eAAe,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,UAAkB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,qBAAqB,EACrB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,UAAU,CAAC,EAAE,SAAS,CAAA;IAClD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,MAAc;QACzC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,yBAAyB,EACzB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,SAAiB,EAAE,SAAiB;QACzD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;QACnC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAA;QACD,OAAO;YACL,GAAG,EAAE,cAAc,CAAC,GAAG;YACvB,IAAI,EAAE,cAAc,CAAC,IAAI;YACzB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,OAAe;QACtC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,OAAO,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC3C,SAAS,EACT,OAAO,EACP,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,gBAAgB,CAAC,OAAe;QACpC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACzD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,EAAE,CACH,CAAA;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,0BAA0B,CAAC,QAAgB;QAC/C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,QAAQ,EACR,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,QAAgB;QAC9C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE7C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,uBAAuB,CAAC,cAAsB;QAClD,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAC/C,cAAc,EACd,UAAU,CACX,CAAA;IACH,CAAC;CACF"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/collect/client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AA+FxD,MAAM,OAAO,gBAAgB;IAC3B,YAAoB,aAA0B;QAA1B,kBAAa,GAAb,aAAa,CAAa;IAAG,CAAC;IAElD;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAA;QAC1D,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IACrC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,YAAoB;QACxC,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;QACxD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAChE,SAAS,EACT,YAAY,EACZ,UAAU,CACX,CAAA;QACD,OAAO,CAAC,CAAC,aAAa,CAAA;IACxB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,+BAA+B,CACnC,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,iDAAiD;QACjD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAA;QAC7D,IAAI,WAAW,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,eAAe,GAA4B,EAAE,CAAA;QACnD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,SAAS,CAAC,CAAA;QAExE,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;YAE7E,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,IAAI;gBACnB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC7B,IAAI,EAAE,CAAC,CAAC,GAAG;oBACX,MAAM,EAAE,CAAC,CAAC,MAAM;iBACjB,CAAC,CAAC;aACJ,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClF,eAAe,CAAC,IAAI,CAAC;YACnB,aAAa,EAAE,SAAS;YACxB,QAAQ,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpC,IAAI,EAAE,CAAC,CAAC,GAAG;gBACX,MAAM,EAAE,CAAC,CAAC,MAAM;aACjB,CAAC,CAAC;SACJ,CAAC,CAAA;QAEF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,SAAiB;QACnD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QACD,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAA;QACvD,KAAK,CAAC,IAAI,CAAC,IAAK,CAAC,CAAA;QACjB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,4BAA4B,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACvE,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YAC3B,CAAC;YACD,IAAI,GAAG,UAAU,CAAA;QACnB,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,SAAiB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAA;QACvD,OAAO,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAA;IAC/B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,4BAA4B,CAAC,KAAa,EAAE,IAAY;QAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QACtD,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QACvB,OAAO,EAAE,CAAC,MAAM,CAAA;IAClB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB,CAC5B,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAA;QACvD,MAAM,cAAc,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC,CAAA;QAC7C,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAA2B,KAAK,EAAE,UAAU,CAAC,CAAA;IAChG,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,KAAa;QACvC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAAqB,KAAK,EAAE,KAAK,CAAC,CAAA;IACrF,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAChB,KAAa,EACb,UAAyB,EACzB,SAAiB;QAEjB,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAC7C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAGvE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAA;QAC1C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAC3E,KAAK,EACL,UAAU,EACV,QAAQ,EACR,QAAQ,CACT,CAAA;QAED,OAAO;YACL,GAAG,EAAE,UAAU,CAAC,GAAG;YACnB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,SAAiB,EACjB,UAAyB;QAEzB,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QAClE,MAAM,OAAO,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAA;QAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;QACvC,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,WAAW,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,SAAiB;QACxC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAyB,kBAAkB,EAAE,EAAE,CAAC,CAAA;QAC/F,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAA;QAClC,OAAO,eAAe,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,UAAkB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,qBAAqB,EACrB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,UAAU,CAAC,EAAE,SAAS,CAAA;IAClD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,MAAc;QACzC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,yBAAyB,EACzB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,SAAiB,EAAE,SAAiB;QACzD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;QACnC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAA;QACD,OAAO;YACL,GAAG,EAAE,cAAc,CAAC,GAAG;YACvB,IAAI,EAAE,cAAc,CAAC,IAAI;YACzB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,OAAe;QACtC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,OAAO,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC3C,SAAS,EACT,OAAO,EACP,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,gBAAgB,CAAC,OAAe;QACpC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACzD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,EAAE,CACH,CAAA;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,0BAA0B,CAAC,QAAgB;QAC/C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,QAAQ,EACR,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,QAAgB;QAC9C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE7C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,uBAAuB,CAAC,cAAsB;QAClD,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAC/C,cAAc,EACd,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,WAAmB,EAAE,SAAiB;QAClE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,WAAW,EACX,QAAQ,CACT,CAAA;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,WAAmB,EAAE,SAAiB;QAClE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAC5D,SAAS,EACT,WAAW,CACZ,CAAA;QACD,OAAO,cAAc,EAAE,MAAM,CAAA;IAC/B,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,kBAAkB,CACtB,WAAmB,EACnB,SAAiB;QAEjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGvD,SAAS,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;QACjC,OAAO,IAAI,IAAI,EAAE,CAAA;IACnB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC,SAAU,CAAA;QACvD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGnE,SAAS,EAAE,WAAW,EAAE,UAAU,CAAC,CAAA;QAErC,OAAO,gBAAgB,EAAE,EAAE,CAAA;IAC7B,CAAC;CACF"}

package/dist/esm/collect/inMemoryClient.d.ts

@@ -0,0 +1,6 @@
+import { IamCollectClient } from './client.js';
+export declare function testStore(): {
+    store: import("@cloud-copilot/iam-collect").AwsIamStore;
+    client: IamCollectClient;
+};
+//# sourceMappingURL=inMemoryClient.d.ts.map

package/dist/esm/collect/inMemoryClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inMemoryClient.d.ts","sourceRoot":"","sources":["../../../src/collect/inMemoryClient.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAE9C,wBAAgB,SAAS;;;EAIxB"}

package/dist/esm/collect/inMemoryClient.js

@@ -0,0 +1,8 @@
+import { createInMemoryStorageClient } from '@cloud-copilot/iam-collect';
+import { IamCollectClient } from './client.js';
+export function testStore() {
+    const store = createInMemoryStorageClient();
+    const client = new IamCollectClient(store);
+    return { store, client };
+}
+//# sourceMappingURL=inMemoryClient.js.map

package/dist/esm/collect/inMemoryClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inMemoryClient.js","sourceRoot":"","sources":["../../../src/collect/inMemoryClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,2BAA2B,EAAE,MAAM,4BAA4B,CAAA;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAE9C,MAAM,UAAU,SAAS;IACvB,MAAM,KAAK,GAAG,2BAA2B,EAAE,CAAA;IAC3C,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,KAAK,CAAC,CAAA;IAC1C,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAA;AAC1B,CAAC"}

package/dist/esm/contextKeys.d.ts

@@ -0,0 +1,5 @@
+import { IamCollectClient } from './collect/client.js';
+import { SimulationRequest } from './simulate.js';
+export type ContextKeys = Record<string, string | string[]>;
+export declare function createContextKeys(collectClient: IamCollectClient, simulationRequest: SimulationRequest, contextKeyOverrides: ContextKeys): Promise<ContextKeys>;
+//# sourceMappingURL=contextKeys.d.ts.map

package/dist/esm/contextKeys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"contextKeys.d.ts","sourceRoot":"","sources":["../../src/contextKeys.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAEtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAA;AAEjD,MAAM,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,CAAA;AAE3D,wBAAsB,iBAAiB,CACrC,aAAa,EAAE,gBAAgB,EAC/B,iBAAiB,EAAE,iBAAiB,EACpC,mBAAmB,EAAE,WAAW,GAC/B,OAAO,CAAC,WAAW,CAAC,CAkGtB"}

package/dist/esm/contextKeys.js

@@ -0,0 +1,108 @@
+import { convertAssumedRoleArnToRoleArn, splitArnParts } from '@cloud-copilot/iam-utils';
+import { isArnPrincipal, isServicePrincipal } from './principals.js';
+export async function createContextKeys(collectClient, simulationRequest, contextKeyOverrides) {
+    const result = {
+        'aws:SecureTransport': 'true',
+        'aws:CurrentTime': new Date().toISOString(),
+        'aws:EpochTime': Math.floor(Date.now() / 1000).toString()
+    };
+    if (isArnPrincipal(simulationRequest.principal)) {
+        result['aws:PrincipalArn'] = simulationRequest.principal;
+        const arnParts = splitArnParts(simulationRequest.principal);
+        const principalAccountId = arnParts.accountId;
+        result['aws:PrincipalAccount'] = arnParts.accountId || '';
+        const orgId = await collectClient.getOrgIdForAccount(principalAccountId);
+        if (orgId) {
+            result['aws:PrincipalOrgId'] = orgId;
+            const orgStructure = await collectClient.getOrgUnitHierarchyForAccount(principalAccountId);
+            result['aws:PrincipalOrgPaths'] = [`${orgId}/${orgStructure.join('/')}/`];
+        }
+        const tags = await collectClient.getTagsForResource(simulationRequest.principal, principalAccountId);
+        for (const [key, value] of Object.entries(tags)) {
+            result[`aws:PrincipalTag/${key}`] = value;
+        }
+        result['aws:PrincipalIsAWSService'] = 'false';
+        if (simulationRequest.principal.endsWith(':root')) {
+            result['aws:PrincipalType'] = 'Account';
+            result['aws:userid'] = principalAccountId;
+        }
+        else if (arnParts.resourceType === 'user') {
+            result['aws:PrincipalType'] = 'User';
+            const userUniqueId = await collectClient.getUniqueIdForIamResource(simulationRequest.principal);
+            result['aws:userid'] = userUniqueId || 'UNKNOWN';
+            const userName = arnParts.resourcePath?.split('/').at(-1);
+            result['aws:username'] = userName;
+        }
+        else if (arnParts.resourceType === 'federated-user') {
+            result['aws:PrincipalType'] = 'FederatedUser';
+            result['aws:userid'] = `${arnParts.accountId}:${arnParts.resourcePath}`;
+        }
+        else if (arnParts.resourceType === 'assumed-role') {
+            result['aws:PrincipalType'] = 'AssumedRole';
+            const sessionName = arnParts.resourcePath?.split('/').at(-1);
+            const roleArn = convertAssumedRoleArnToRoleArn(simulationRequest.principal);
+            const roleUniqueId = await collectClient.getUniqueIdForIamResource(roleArn);
+            result['aws:userid'] = `${roleUniqueId || 'UNKNOWN'}:${sessionName}`;
+        }
+    }
+    //Resource context keys
+    if (!isAwsResourceInfoExcludedAction(simulationRequest.action)) {
+        result['aws:ResourceAccount'] = simulationRequest.resourceAccount;
+        const resourceOrgId = await collectClient.getOrgIdForAccount(simulationRequest.resourceAccount);
+        if (resourceOrgId) {
+            result['aws:ResourceOrgID'] = resourceOrgId;
+            const orgStructure = await collectClient.getOrgUnitHierarchyForAccount(simulationRequest.resourceAccount);
+            result['aws:ResourceOrgPaths'] = [`${resourceOrgId}/${orgStructure.join('/')}/`];
+        }
+    }
+    if (simulationRequest.resourceArn) {
+        const resourceTags = await collectClient.getTagsForResource(simulationRequest.resourceArn, simulationRequest.resourceAccount);
+        for (const [key, value] of Object.entries(resourceTags)) {
+            result[`aws:ResourceTag/${key}`] = value;
+        }
+    }
+    //Service Principal context keys
+    if (isServicePrincipal(simulationRequest.principal)) {
+        result['aws:PrincipalIsAWSService'] = 'true';
+        result['aws:PrincipalServiceName'] = simulationRequest.principal;
+        result['aws:SourceAccount'] = simulationRequest.resourceAccount;
+        result['aws:SourceOrgID'] = result['aws:ResourceOrgID'];
+        result['aws:SourceOrgPaths'] = result['aws:ResourceOrgPaths'];
+    }
+    //Apply any custom context key overrides
+    for (const [key, value] of Object.entries(contextKeyOverrides)) {
+        result[key] = value;
+    }
+    return result;
+}
+const awsResourceInfoExcludedActions = new Set([
+    'auditmanager:updateassessmentframeworkshare',
+    'detective:acceptinvitation',
+    'ds:acceptshareddirectory',
+    'ec2:accepttransitgatewaypeeringattachment',
+    'ec2:acceptvpcendpointconnections',
+    'ec2:acceptvpcpeeringconnection',
+    'ec2:copysnapshot',
+    'ec2:createtransitgatewaypeeringattachment',
+    'ec2:createvpcendpoint',
+    'ec2:createvpcpeeringconnection',
+    'ec2:deletetransitgatewaypeeringattachment',
+    'ec2:deletevpcpeeringconnection',
+    'ec2:rejecttransitgatewaypeeringattachment',
+    'ec2:rejectvpcendpointconnections',
+    'ec2:rejectvpcpeeringconnection',
+    'guardduty:acceptadministratorinvitation',
+    'macie2:acceptinvitation',
+    'es:acceptinboundconnection',
+    'route53:associatevpcwithhostedzone',
+    'route53:createvpcassociationauthorization',
+    'route53:deletevpcassociationauthorization',
+    'route53:disassociatevpcfromhostedzone',
+    'route53:listhostedzonesbyvpc',
+    'securityhub:acceptadministratorinvitation'
+]);
+function isAwsResourceInfoExcludedAction(action) {
+    const lowerCaseAction = action.toLowerCase();
+    return lowerCaseAction.startsWith('ebs:') || awsResourceInfoExcludedActions.has(lowerCaseAction);
+}
+//# sourceMappingURL=contextKeys.js.map

package/dist/esm/contextKeys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"contextKeys.js","sourceRoot":"","sources":["../../src/contextKeys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAExF,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AAKpE,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,aAA+B,EAC/B,iBAAoC,EACpC,mBAAgC;IAEhC,MAAM,MAAM,GAAgB;QAC1B,qBAAqB,EAAE,MAAM;QAC7B,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC3C,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE;KAC1D,CAAA;IAED,IAAI,cAAc,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,kBAAkB,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAA;QACxD,MAAM,QAAQ,GAAG,aAAa,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAA;QAC3D,MAAM,kBAAkB,GAAG,QAAQ,CAAC,SAAU,CAAA;QAC9C,MAAM,CAAC,sBAAsB,CAAC,GAAG,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAA;QAEzD,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAA;QACxE,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAA;YAEpC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,kBAAkB,CAAC,CAAA;YAC1F,MAAM,CAAC,uBAAuB,CAAC,GAAG,CAAC,GAAG,KAAK,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAC3E,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,kBAAkB,CACjD,iBAAiB,CAAC,SAAS,EAC3B,kBAAkB,CACnB,CAAA;QAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,MAAM,CAAC,oBAAoB,GAAG,EAAE,CAAC,GAAG,KAAK,CAAA;QAC3C,CAAC;QAED,MAAM,CAAC,2BAA2B,CAAC,GAAG,OAAO,CAAA;QAE7C,IAAI,iBAAiB,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAClD,MAAM,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAA;YACvC,MAAM,CAAC,YAAY,CAAC,GAAG,kBAAkB,CAAA;QAC3C,CAAC;aAAM,IAAI,QAAQ,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;YAC5C,MAAM,CAAC,mBAAmB,CAAC,GAAG,MAAM,CAAA;YACpC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAChE,iBAAiB,CAAC,SAAS,CAC5B,CAAA;YACD,MAAM,CAAC,YAAY,CAAC,GAAG,YAAY,IAAI,SAAS,CAAA;YAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;YAC1D,MAAM,CAAC,cAAc,CAAC,GAAG,QAAQ,CAAA;QACnC,CAAC;aAAM,IAAI,QAAQ,CAAC,YAAY,KAAK,gBAAgB,EAAE,CAAC;YACtD,MAAM,CAAC,mBAAmB,CAAC,GAAG,eAAe,CAAA;YAC7C,MAAM,CAAC,YAAY,CAAC,GAAG,GAAG,QAAQ,CAAC,SAAS,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAA;QACzE,CAAC;aAAM,IAAI,QAAQ,CAAC,YAAY,KAAK,cAAc,EAAE,CAAC;YACpD,MAAM,CAAC,mBAAmB,CAAC,GAAG,aAAa,CAAA;YAE3C,MAAM,WAAW,GAAG,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;YAC7D,MAAM,OAAO,GAAG,8BAA8B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAA;YAC3E,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAA;YAC3E,MAAM,CAAC,YAAY,CAAC,GAAG,GAAG,YAAY,IAAI,SAAS,IAAI,WAAW,EAAE,CAAA;QACtE,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,qBAAqB,CAAC,GAAG,iBAAiB,CAAC,eAAgB,CAAA;QAElE,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,eAAgB,CAAC,CAAA;QAChG,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,CAAC,mBAAmB,CAAC,GAAG,aAAa,CAAA;YAE3C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,6BAA6B,CACpE,iBAAiB,CAAC,eAAgB,CACnC,CAAA;YAED,MAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,aAAa,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAClF,CAAC;IACH,CAAC;IAED,IAAI,iBAAiB,CAAC,WAAW,EAAE,CAAC;QAClC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,kBAAkB,CACzD,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,eAAgB,CACnC,CAAA;QAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YACxD,MAAM,CAAC,mBAAmB,GAAG,EAAE,CAAC,GAAG,KAAK,CAAA;QAC1C,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,IAAI,kBAAkB,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;QACpD,MAAM,CAAC,2BAA2B,CAAC,GAAG,MAAM,CAAA;QAC5C,MAAM,CAAC,0BAA0B,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAA;QAChE,MAAM,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC,eAAgB,CAAA;QAChE,MAAM,CAAC,iBAAiB,CAAC,GAAG,MAAM,CAAC,mBAAmB,CAAC,CAAA;QACvD,MAAM,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC,sBAAsB,CAAC,CAAA;IAC/D,CAAC;IAED,wCAAwC;IACxC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAC;IAC7C,6CAA6C;IAC7C,4BAA4B;IAC5B,0BAA0B;IAC1B,2CAA2C;IAC3C,kCAAkC;IAClC,gCAAgC;IAChC,kBAAkB;IAClB,2CAA2C;IAC3C,uBAAuB;IACvB,gCAAgC;IAChC,2CAA2C;IAC3C,gCAAgC;IAChC,2CAA2C;IAC3C,kCAAkC;IAClC,gCAAgC;IAChC,yCAAyC;IACzC,yBAAyB;IACzB,4BAA4B;IAC5B,oCAAoC;IACpC,2CAA2C;IAC3C,2CAA2C;IAC3C,uCAAuC;IACvC,8BAA8B;IAC9B,2CAA2C;CAC5C,CAAC,CAAA;AAEF,SAAS,+BAA+B,CAAC,MAAc;IACrD,MAAM,eAAe,GAAG,MAAM,CAAC,WAAW,EAAE,CAAA;IAC5C,OAAO,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,8BAA8B,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;AAClG,CAAC"}

package/dist/esm/principals.d.ts

@@ -1,9 +1,21 @@
 import { AwsIamStore } from '@cloud-copilot/iam-collect';
-import { IamCollectClient } from './collect/client.js';
+import { IamCollectClient, InlinePolicy, ManagedPolicy, SimulationOrgPolicies } from './collect/client.js';
 /**
  * Check if a principal exists in the specified AWS IAM store.
  */
 export declare function principalExists(storageClient: AwsIamStore, principalArn: string): Promise<boolean>;
+export interface PrincipalPolicies {
+    managedPolicies: ManagedPolicy[];
+    inlinePolicies: InlinePolicy[];
+    permissionBoundary: ManagedPolicy | undefined;
+    scps: SimulationOrgPolicies[];
+    rcps: SimulationOrgPolicies[];
+    groupPolicies?: {
+        group: string;
+        managedPolicies: ManagedPolicy[];
+        inlinePolicies: InlinePolicy[];
+    }[];
+}
 /**
  * Get all the IAM policies for a user, including managed and inline policies, permission boundaries, and group policies.
  *
@@ -11,18 +23,7 @@ export declare function principalExists(storageClient: AwsIamStore, principalArn
  * @param principalArn the ARN of the user to get policies for
  * @returns an object containing the managed policies, inline policies, permission boundary, and group policies
  */
-export declare function getAllPoliciesForUser(collectClient: IamCollectClient, principalArn: string): Promise<{
-    scps: import("./collect/client.js").SimulationOrgPolicies[];
-    rcps: import("./collect/client.js").SimulationOrgPolicies[];
-    managedPolicies: import("./collect/client.js").ManagedPolicy[];
-    inlinePolicies: import("./collect/client.js").InlinePolicy[];
-    permissionBoundary: import("./collect/client.js").ManagedPolicy | undefined;
-    groupPolicies: {
-        group: string;
-        managedPolices: import("./collect/client.js").ManagedPolicy[];
-        inlinePolicies: import("./collect/client.js").InlinePolicy[];
-    }[];
-}>;
+export declare function getAllPoliciesForUser(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>;
 /**
  * Get all the IAM policies for a role, including managed and inline policies and permission boundaries.
  *
@@ -30,11 +31,9 @@ export declare function getAllPoliciesForUser(collectClient: IamCollectClient, p
  * @param principalArn the ARN of the role to get policies for
  * @returns an object containing the managed policies, inline policies, and permission boundary
  */
-export declare function getAllPoliciesForRole(collectClient: IamCollectClient, principalArn: string): Promise<{
-    scps: import("./collect/client.js").SimulationOrgPolicies[];
-    rcps: import("./collect/client.js").SimulationOrgPolicies[];
-    managedPolices: import("./collect/client.js").ManagedPolicy[];
-    inlinePolicies: import("./collect/client.js").InlinePolicy[];
-    permissionBoundary: import("./collect/client.js").ManagedPolicy | undefined;
-}>;
+export declare function getAllPoliciesForRole(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>;
+export declare function getAllPoliciesForPrincipal(collectClient: IamCollectClient, principalArn: string): Promise<PrincipalPolicies>;
+export declare function isArnPrincipal(principal: string): boolean;
+export declare function isServicePrincipal(principal: string): boolean;
+export declare function isServiceLinkedRole(principal: string): boolean;
 //# sourceMappingURL=principals.d.ts.map

package/dist/esm/principals.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"principals.d.ts","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAGtD;;GAEG;AACH,wBAAsB,eAAe,CACnC,aAAa,EAAE,WAAW,EAC1B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,OAAO,CAAC,CAIlB;AAOD;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CAAC,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM;;;;;;;;;;;GA2BhG;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CAAC,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM;;;;;;GAgBhG"}
+{"version":3,"file":"principals.d.ts","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAQxD,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,aAAa,EACb,qBAAqB,EACtB,MAAM,qBAAqB,CAAA;AAE5B;;GAEG;AACH,wBAAsB,eAAe,CACnC,aAAa,EAAE,WAAW,EAC1B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,OAAO,CAAC,CAIlB;AAED,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,aAAa,EAAE,CAAA;IAChC,cAAc,EAAE,YAAY,EAAE,CAAA;IAC9B,kBAAkB,EAAE,aAAa,GAAG,SAAS,CAAA;IAC7C,IAAI,EAAE,qBAAqB,EAAE,CAAA;IAC7B,IAAI,EAAE,qBAAqB,EAAE,CAAA;IAC7B,aAAa,CAAC,EAAE;QACd,KAAK,EAAE,MAAM,CAAA;QACb,eAAe,EAAE,aAAa,EAAE,CAAA;QAChC,cAAc,EAAE,YAAY,EAAE,CAAA;KAC/B,EAAE,CAAA;CACJ;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,gBAAgB,EAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CA2B5B;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,gBAAgB,EAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CAgB5B;AAED,wBAAsB,0BAA0B,CAC9C,aAAa,EAAE,gBAAgB,EAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CAqB5B;AAED,wBAAgB,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAEzD;AAED,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAG9D"}

package/dist/esm/principals.js

@@ -1,4 +1,4 @@
-import { splitArnParts } from './util/arn.js';
+import { convertAssumedRoleArnToRoleArn, isAssumedRoleArn, isIamRoleArn, isIamUserArn, splitArnParts } from '@cloud-copilot/iam-utils';
 /**
  * Check if a principal exists in the specified AWS IAM store.
  */
@@ -28,7 +28,7 @@ export async function getAllPoliciesForUser(collectClient, principalArn) {
         const groupInlinePolicies = await collectClient.getInlinePoliciesForGroup(group);
         groupPolicies.push({
             group,
-            managedPolices: groupManagedPolicies,
+            managedPolicies: groupManagedPolicies,
             inlinePolicies: groupInlinePolicies
         });
     }
@@ -50,7 +50,7 @@ export async function getAllPoliciesForUser(collectClient, principalArn) {
  */
 export async function getAllPoliciesForRole(collectClient, principalArn) {
     const accountId = splitArnParts(principalArn).accountId;
-    const managedPolices = await collectClient.getManagedPoliciesForRole(principalArn);
+    const managedPolicies = await collectClient.getManagedPoliciesForRole(principalArn);
     const inlinePolicies = await collectClient.getInlinePoliciesForRole(principalArn);
     const permissionBoundary = await collectClient.getPermissionsBoundaryForRole(principalArn);
     const scps = await collectClient.getScpHierarchyForAccount(accountId);
@@ -58,9 +58,42 @@ export async function getAllPoliciesForRole(collectClient, principalArn) {
     return {
         scps,
         rcps,
-        managedPolices,
+        managedPolicies,
         inlinePolicies,
         permissionBoundary
     };
 }
+export async function getAllPoliciesForPrincipal(collectClient, principalArn) {
+    if (isServicePrincipal(principalArn)) {
+        return {
+            scps: [],
+            rcps: [],
+            managedPolicies: [],
+            inlinePolicies: [],
+            permissionBoundary: undefined,
+            groupPolicies: []
+        };
+    }
+    if (isIamUserArn(principalArn)) {
+        return getAllPoliciesForUser(collectClient, principalArn);
+    }
+    else if (isIamRoleArn(principalArn)) {
+        return getAllPoliciesForRole(collectClient, principalArn);
+    }
+    else if (isAssumedRoleArn(principalArn)) {
+        const roleArn = convertAssumedRoleArnToRoleArn(principalArn);
+        return getAllPoliciesForRole(collectClient, roleArn);
+    }
+    throw new Error(`Unsupported principal type: ${principalArn}`);
+}
+export function isArnPrincipal(principal) {
+    return principal.startsWith('arn:');
+}
+export function isServicePrincipal(principal) {
+    return !isArnPrincipal(principal) && principal.endsWith('amazonaws.com');
+}
+export function isServiceLinkedRole(principal) {
+    const arnParts = splitArnParts(principal);
+    return isArnPrincipal(principal) && !!arnParts.resourcePath?.startsWith('aws-service-role/');
+}
 //# sourceMappingURL=principals.js.map

package/dist/esm/principals.js.map

@@ -1 +1 @@
-{"version":3,"file":"principals.js","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAE7C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,aAA0B,EAC1B,YAAoB;IAEpB,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IACxD,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,mBAAmB,CAAC,SAAS,EAAE,YAAY,EAAE,UAAU,CAAC,CAAA;IAClG,OAAO,CAAC,CAAC,aAAa,CAAA;AACxB,CAAC;AAOD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,aAA+B,EAAE,YAAoB;IAC/F,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IAExD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAA;IACnF,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAA;IACjF,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAA;IAC1F,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAA;IACjE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,aAAa,GAAG,EAAE,CAAA;IACxB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAClF,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAA;QAChF,aAAa,CAAC,IAAI,CAAC;YACjB,KAAK;YACL,cAAc,EAAE,oBAAoB;YACpC,cAAc,EAAE,mBAAmB;SACpC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,eAAe;QACf,cAAc;QACd,kBAAkB;QAClB,aAAa;KACd,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,aAA+B,EAAE,YAAoB;IAC/F,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IAExD,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAA;IAClF,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAA;IACjF,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAA;IAC1F,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IAErE,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,cAAc;QACd,cAAc;QACd,kBAAkB;KACnB,CAAA;AACH,CAAC"}
+{"version":3,"file":"principals.js","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"AACA,OAAO,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,aAAa,EACd,MAAM,0BAA0B,CAAA;AAQjC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,aAA0B,EAC1B,YAAoB;IAEpB,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IACxD,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,mBAAmB,CAAC,SAAS,EAAE,YAAY,EAAE,UAAU,CAAC,CAAA;IAClG,OAAO,CAAC,CAAC,aAAa,CAAA;AACxB,CAAC;AAeD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,YAAoB;IAEpB,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IAExD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAA;IACnF,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAA;IACjF,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAA;IAC1F,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAA;IACjE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,aAAa,GAAG,EAAE,CAAA;IACxB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAClF,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAA;QAChF,aAAa,CAAC,IAAI,CAAC;YACjB,KAAK;YACL,eAAe,EAAE,oBAAoB;YACrC,cAAc,EAAE,mBAAmB;SACpC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,eAAe;QACf,cAAc;QACd,kBAAkB;QAClB,aAAa;KACd,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,YAAoB;IAEpB,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IAExD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAA;IACnF,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAA;IACjF,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAA;IAC1F,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IAErE,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,eAAe;QACf,cAAc;QACd,kBAAkB;KACnB,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,aAA+B,EAC/B,YAAoB;IAEpB,IAAI,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;QACrC,OAAO;YACL,IAAI,EAAE,EAAE;YACR,IAAI,EAAE,EAAE;YACR,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,EAAE;YAClB,kBAAkB,EAAE,SAAS;YAC7B,aAAa,EAAE,EAAE;SAClB,CAAA;IACH,CAAC;IAED,IAAI,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/B,OAAO,qBAAqB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IAC3D,CAAC;SAAM,IAAI,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QACtC,OAAO,qBAAqB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IAC3D,CAAC;SAAM,IAAI,gBAAgB,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,8BAA8B,CAAC,YAAY,CAAC,CAAA;QAC5D,OAAO,qBAAqB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAA;IACtD,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,+BAA+B,YAAY,EAAE,CAAC,CAAA;AAChE,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,SAAiB;IAC9C,OAAO,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;AACrC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;AAC1E,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,SAAiB;IACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,SAAS,CAAC,CAAA;IACzC,OAAO,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,YAAY,EAAE,UAAU,CAAC,mBAAmB,CAAC,CAAA;AAC9F,CAAC"}

package/dist/esm/resources.d.ts

@@ -16,4 +16,5 @@ export declare function getAccountIdForResource(collectClient: IamCollectClient,
  * @returns an array of resource control policies for the specified resource
  */
 export declare function getRcpsForResource(collectClient: IamCollectClient, resourceArn: string): Promise<Simulation['resourceControlPolicies']>;
+export declare function getResourcePolicyForResource(collectClient: IamCollectClient, resourceArn: string): Promise<any | undefined>;
 //# sourceMappingURL=resources.d.ts.map

package/dist/esm/resources.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"resources.d.ts","sourceRoot":"","sources":["../../src/resources.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAGtD;;;;;;GAMG;AACH,wBAAsB,uBAAuB,CAC3C,aAAa,EAAE,gBAAgB,EAC/B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAc7B;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CACtC,aAAa,EAAE,gBAAgB,EAC/B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,UAAU,CAAC,yBAAyB,CAAC,CAAC,CAMhD"}
+{"version":3,"file":"resources.d.ts","sourceRoot":"","sources":["../../src/resources.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAA;AAExD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAEtD;;;;;;GAMG;AACH,wBAAsB,uBAAuB,CAC3C,aAAa,EAAE,gBAAgB,EAC/B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAc7B;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CACtC,aAAa,EAAE,gBAAgB,EAC/B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,UAAU,CAAC,yBAAyB,CAAC,CAAC,CAMhD;AAED,wBAAsB,4BAA4B,CAChD,aAAa,EAAE,gBAAgB,EAC/B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,GAAG,GAAG,SAAS,CAAC,CAkB1B"}

package/dist/esm/resources.js

@@ -1,4 +1,4 @@
-import { splitArnParts } from './util/arn.js';
+import { splitArnParts } from '@cloud-copilot/iam-utils';
 /**
  * Get the account ID for a given resource ARN. Lookup index if necessary to find the account ID.
  *
@@ -36,4 +36,21 @@ export async function getRcpsForResource(collectClient, resourceArn) {
     }
     return collectClient.getRcpHierarchyForAccount(accountId);
 }
+export async function getResourcePolicyForResource(collectClient, resourceArn) {
+    //TODO: Should this return a policy object?
+    const accountId = await getAccountIdForResource(collectClient, resourceArn);
+    if (!accountId) {
+        throw new Error(`Unable to determine account ID for resource ARN: ${resourceArn}`);
+    }
+    const resourcePolicy = await collectClient.getResourcePolicyForArn(resourceArn, accountId);
+    if (resourcePolicy) {
+        return resourcePolicy;
+    }
+    const ramPolicy = await collectClient.getRamSharePolicyForArn(resourceArn, accountId);
+    if (ramPolicy) {
+        return ramPolicy;
+    }
+    //TODO: there should be more here for things like glue resources
+    return undefined;
+}
 //# sourceMappingURL=resources.js.map

package/dist/esm/resources.js.map

@@ -1 +1 @@
-{"version":3,"file":"resources.js","sourceRoot":"","sources":["../../src/resources.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAE7C;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAA;IAClC,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI,IAAI,QAAQ,CAAC,YAAY,KAAK,EAAE,EAAE,CAAC;QAC9D,MAAM,UAAU,GAAG,QAAQ,CAAC,YAAa,CAAA;QACzC,OAAO,aAAa,CAAC,qBAAqB,CAAC,UAAU,CAAC,CAAA;IACxD,CAAC;SAAM,IAAI,QAAQ,CAAC,OAAO,KAAK,YAAY,IAAI,QAAQ,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;QACrF,MAAM,KAAK,GAAG,QAAQ,CAAC,YAAa,CAAA;QACpC,OAAO,aAAa,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAA;IACpD,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,SAAS,GAAG,MAAM,uBAAuB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,oDAAoD,WAAW,EAAE,CAAC,CAAA;IACpF,CAAC;IACD,OAAO,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;AAC3D,CAAC"}
+{"version":3,"file":"resources.js","sourceRoot":"","sources":["../../src/resources.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAGxD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAA;IAClC,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI,IAAI,QAAQ,CAAC,YAAY,KAAK,EAAE,EAAE,CAAC;QAC9D,MAAM,UAAU,GAAG,QAAQ,CAAC,YAAa,CAAA;QACzC,OAAO,aAAa,CAAC,qBAAqB,CAAC,UAAU,CAAC,CAAA;IACxD,CAAC;SAAM,IAAI,QAAQ,CAAC,OAAO,KAAK,YAAY,IAAI,QAAQ,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;QACrF,MAAM,KAAK,GAAG,QAAQ,CAAC,YAAa,CAAA;QACpC,OAAO,aAAa,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAA;IACpD,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,SAAS,GAAG,MAAM,uBAAuB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,oDAAoD,WAAW,EAAE,CAAC,CAAA;IACpF,CAAC;IACD,OAAO,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,aAA+B,EAC/B,WAAmB;IAEnB,2CAA2C;IAC3C,MAAM,SAAS,GAAG,MAAM,uBAAuB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,oDAAoD,WAAW,EAAE,CAAC,CAAA;IACpF,CAAC;IACD,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,uBAAuB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAA;IAC1F,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,cAAc,CAAA;IACvB,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,uBAAuB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAA;IACrF,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,gEAAgE;IAChE,OAAO,SAAS,CAAA;AAClB,CAAC"}

package/dist/esm/simulate.d.ts

@@ -0,0 +1,11 @@
+import { IamCollectClient } from './collect/client.js';
+import { ContextKeys } from './contextKeys.js';
+export interface SimulationRequest {
+    resourceArn: string;
+    resourceAccount: string | undefined;
+    action: string;
+    principal: string;
+    customContextKeys: ContextKeys;
+}
+export declare function simulateRequest(simulationRequest: SimulationRequest, collectClient: IamCollectClient): Promise<import("@cloud-copilot/iam-simulate").SimulationResult>;
+//# sourceMappingURL=simulate.d.ts.map

package/dist/esm/simulate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"simulate.d.ts","sourceRoot":"","sources":["../../src/simulate.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,gBAAgB,EAAyB,MAAM,qBAAqB,CAAA;AAC7E,OAAO,EAAE,WAAW,EAAqB,MAAM,kBAAkB,CAAA;AAQjE,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;IAEjB,iBAAiB,EAAE,WAAW,CAAA;CAC/B;AAED,wBAAsB,eAAe,CACnC,iBAAiB,EAAE,iBAAiB,EACpC,aAAa,EAAE,gBAAgB,mEAsEhC"}