@cloud-copilot/iam-simulate 0.1.5 → 0.1.7

package/dist/cjs/util.d.ts

@@ -1,3 +1,5 @@
+import { ResourceType } from '@cloud-copilot/iam-data';
+import { ConditionKeyType } from './ConditionKeys.js';
 import { AwsRequest } from './request/request.js';
 interface StringReplaceOptions {
     replaceWildcards: boolean;
@@ -20,6 +22,12 @@ export interface ArnParts {
     resourceType: string | undefined;
     resourcePath: string | undefined;
 }
+/**
+ * Split an ARN into its parts
+ *
+ * @param arn the arn to split
+ * @returns the parts of the ARN
+ */
 export declare function splitArnParts(arn: string): ArnParts;
 /**
  * Splits a resource into two segments. The first segment is the product segment and the second segment is the resource id segment.
@@ -43,5 +51,66 @@ export declare function isDefined<T>(value: T | undefined): value is T;
  * @returns if the value is not defined or null
  */
 export declare function isNotDefined<T>(value: T | undefined): value is undefined;
+/**
+ * Checks if an action is a wildcard only action
+ *
+ * @param service the service the action belongs to
+ * @param action the action to check if it is a wildcard only action
+ * @returns if the action is a wildcard only action
+ * @throws an error if the service or action does not exist
+ */
+export declare function isWildcardOnlyAction(service: string, action: string): Promise<boolean>;
+/**
+ * Get the the possible reource types for an action and resource
+ *
+ * @param service the service the action belongs to
+ * @param action the action to get the resource type for
+ * @param resource the resource type matching the action, if any
+ * @throws an error if the service or action does not exist, or if the action is a wildcard only action
+ */
+export declare function getResourceTypesForAction(service: string, action: string, resource: string): Promise<ResourceType[]>;
+/**
+ * Convert a resource pattern from iam-data to a regex pattern
+ *
+ * @param pattern the pattern to convert to a regex
+ * @returns the regex pattern
+ */
+export declare function convertResourcePatternToRegex(pattern: string): string;
+/**
+ * Lowercase all strings in an array
+ *
+ * @param strings the strings to lowercase
+ * @returns the lowercased strings
+ */
+export declare function lowerCaseAll(strings: string[]): string[];
+/**
+ * Check the capitalization of a context key and return the correct capitalization
+ *
+ * @param contextKey the condition key to check
+ * @returns if the condition key is an array type
+ */
+export declare function normalizeContextKeyCase(contextKey: string): Promise<string>;
+/**
+ * Get the type of a context key
+ *
+ * @param contextKey - The string condition key to get the type for
+ * @returns The type of the condition key
+ * @throws an error if the condition key is not found
+ */
+export declare function typeForContextKey(contextKey: string): Promise<ConditionKeyType>;
+/**
+ * Gets the IAM variables from a string
+ *
+ * @param value the string to get the variables from
+ * @returns the variables in the string, if any
+ */
+export declare function getVariablesFromString(value: string): string[];
+/**
+ * Check if a context key actually exists
+ *
+ * @param key The context key to check
+ * @returns true if the context key is valid, false otherwise
+ */
+export declare function isActualContextKey(key: string): Promise<boolean>;
 export {};
 //# sourceMappingURL=util.d.ts.map

package/dist/cjs/util.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAIjD,UAAU,oBAAoB;IAC5B,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAMD;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,MAAM,CA4DlI;AAsCD,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,OAAO,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;IAC1B,SAAS,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,YAAY,EAAE,MAAM,GAAG,SAAS,CAAA;IAChC,YAAY,EAAE,MAAM,GAAG,SAAS,CAAA;CACjC;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,QAAQ,CAyBnD;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAgBtE;AAED;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,GAAG,KAAK,IAAI,CAAC,CAE7D;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,GAAG,KAAK,IAAI,SAAS,CAExE"}
+{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAA6G,YAAY,EAAE,MAAM,yBAAyB,CAAA;AACjK,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAIjD,UAAU,oBAAoB;IAC5B,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAMD;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,MAAM,CA4DlI;AA8CD,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,OAAO,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;IAC1B,SAAS,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,YAAY,EAAE,MAAM,GAAG,SAAS,CAAA;IAChC,YAAY,EAAE,MAAM,GAAG,SAAS,CAAA;CACjC;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,QAAQ,CAyBnD;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAgBtE;AAED;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,GAAG,KAAK,IAAI,CAAC,CAE7D;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,GAAG,KAAK,IAAI,SAAS,CAExE;AAED;;;;;;;GAOG;AACH,wBAAsB,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAG5F;AAED;;;;;;;GAOG;AACH,wBAAsB,yBAAyB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CAiB1H;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAOrE;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAExD;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAgBjF;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAarF;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAY9D;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAiBtE"}

package/dist/cjs/util.js

@@ -5,6 +5,16 @@ exports.splitArnParts = splitArnParts;
 exports.getResourceSegments = getResourceSegments;
 exports.isDefined = isDefined;
 exports.isNotDefined = isNotDefined;
+exports.isWildcardOnlyAction = isWildcardOnlyAction;
+exports.getResourceTypesForAction = getResourceTypesForAction;
+exports.convertResourcePatternToRegex = convertResourcePatternToRegex;
+exports.lowerCaseAll = lowerCaseAll;
+exports.normalizeContextKeyCase = normalizeContextKeyCase;
+exports.typeForContextKey = typeForContextKey;
+exports.getVariablesFromString = getVariablesFromString;
+exports.isActualContextKey = isActualContextKey;
+const iam_data_1 = require("@cloud-copilot/iam-data");
+const globalConditionKeys_js_1 = require("./global_conditions/globalConditionKeys.js");
 const matchesNothing = new RegExp('a^');
 const defaultStringReplaceOptions = {
     replaceWildcards: true
@@ -104,12 +114,26 @@ function getContextSingleValue(request, contextKeyName) {
     }
     return undefined;
 }
+/**
+ * Get the replacement value for a string
+ *
+ * @param rawString the string to replace the value in
+ * @param wildcard the value to replace the wildcard with
+ * @param replaceWildcards if the wildcard or raw string should be used
+ * @returns
+ */
 function replacementValue(rawString, wildcard, replaceWildcards) {
     if (replaceWildcards) {
         return wildcard;
     }
     return rawString;
 }
+/**
+ * Split an ARN into its parts
+ *
+ * @param arn the arn to split
+ * @returns the parts of the ARN
+ */
 function splitArnParts(arn) {
     const parts = arn.split(':');
     const partition = parts.at(1);
@@ -177,4 +201,146 @@ function isDefined(value) {
 function isNotDefined(value) {
     return !isDefined(value);
 }
+/**
+ * Checks if an action is a wildcard only action
+ *
+ * @param service the service the action belongs to
+ * @param action the action to check if it is a wildcard only action
+ * @returns if the action is a wildcard only action
+ * @throws an error if the service or action does not exist
+ */
+async function isWildcardOnlyAction(service, action) {
+    const actionDetails = await (0, iam_data_1.iamActionDetails)(service, action);
+    return actionDetails.resourceTypes.length === 0;
+}
+/**
+ * Get the the possible reource types for an action and resource
+ *
+ * @param service the service the action belongs to
+ * @param action the action to get the resource type for
+ * @param resource the resource type matching the action, if any
+ * @throws an error if the service or action does not exist, or if the action is a wildcard only action
+ */
+async function getResourceTypesForAction(service, action, resource) {
+    const actionDetails = await (0, iam_data_1.iamActionDetails)(service, action);
+    if (actionDetails.resourceTypes.length === 0) {
+        throw new Error(`${service}:${action} does not have any resource types`);
+    }
+    const matchingResourceTypes = [];
+    for (const rt of actionDetails.resourceTypes) {
+        const resourceType = await (0, iam_data_1.iamResourceTypeDetails)(service, rt.name);
+        const pattern = convertResourcePatternToRegex(resourceType.arn);
+        const match = resource.match(new RegExp(pattern));
+        if (match) {
+            matchingResourceTypes.push(resourceType);
+        }
+    }
+    return matchingResourceTypes;
+}
+/**
+ * Convert a resource pattern from iam-data to a regex pattern
+ *
+ * @param pattern the pattern to convert to a regex
+ * @returns the regex pattern
+ */
+function convertResourcePatternToRegex(pattern) {
+    const regex = pattern.replace(/\$\{.*?\}/g, (match) => {
+        const name = match.substring(2, match.length - 1);
+        const camelName = name.at(0)?.toLowerCase() + name.substring(1);
+        return `(?<${camelName}>(.*?))`;
+    });
+    return `^${regex}$`;
+}
+/**
+ * Lowercase all strings in an array
+ *
+ * @param strings the strings to lowercase
+ * @returns the lowercased strings
+ */
+function lowerCaseAll(strings) {
+    return strings.map(s => s.toLowerCase());
+}
+/**
+ * Check the capitalization of a context key and return the correct capitalization
+ *
+ * @param contextKey the condition key to check
+ * @returns if the condition key is an array type
+ */
+async function normalizeContextKeyCase(contextKey) {
+    const [service, key] = contextKey.split(":");
+    const serviceExists = await (0, iam_data_1.iamServiceExists)(service);
+    if (serviceExists) {
+        const serviceKeyExists = await (0, iam_data_1.iamConditionKeyExists)(service, contextKey);
+        if (serviceKeyExists) {
+            const keyDetails = await (0, iam_data_1.iamConditionKeyDetails)(service, contextKey);
+            return keyDetails.key;
+        }
+    }
+    const globalConditionKey = (0, globalConditionKeys_js_1.getGlobalConditionKey)(contextKey);
+    if (globalConditionKey) {
+        return globalConditionKey.key;
+    }
+    throw new Error(`Context key ${contextKey} not found`);
+}
+/**
+ * Get the type of a context key
+ *
+ * @param contextKey - The string condition key to get the type for
+ * @returns The type of the condition key
+ * @throws an error if the condition key is not found
+ */
+async function typeForContextKey(contextKey) {
+    const [service, key] = contextKey.split(":");
+    const serviceKeyExists = await (0, iam_data_1.iamConditionKeyExists)(service, contextKey);
+    if (serviceKeyExists) {
+        const keyDetails = await (0, iam_data_1.iamConditionKeyDetails)(service, contextKey);
+        return keyDetails.type;
+    }
+    const globalConditionKey = (0, globalConditionKeys_js_1.getGlobalConditionKey)(contextKey);
+    if (globalConditionKey) {
+        return globalConditionKey.dataType;
+    }
+    throw new Error(`Condition key ${contextKey} not found`);
+}
+/**
+ * Gets the IAM variables from a string
+ *
+ * @param value the string to get the variables from
+ * @returns the variables in the string, if any
+ */
+function getVariablesFromString(value) {
+    const matches = value.match(/\$\{.*?\}/g);
+    if (matches) {
+        return matches.map((m) => {
+            const inBrackets = m.slice(2, -1);
+            if (inBrackets.includes(',')) {
+                return inBrackets.split(',')[0].trim();
+            }
+            return inBrackets;
+        });
+    }
+    return [];
+}
+/**
+ * Check if a context key actually exists
+ *
+ * @param key The context key to check
+ * @returns true if the context key is valid, false otherwise
+ */
+async function isActualContextKey(key) {
+    if ((0, globalConditionKeys_js_1.globalConditionKeyExists)(key)) {
+        return true;
+    }
+    const parts = key.split(":");
+    if (parts.length !== 2) {
+        return false;
+    }
+    const [service, action] = parts;
+    const serviceExists = await (0, iam_data_1.iamServiceExists)(service);
+    if (!serviceExists) {
+        return false;
+    }
+    const actionExists = await (0, iam_data_1.iamConditionKeyExists)(service, key);
+    return actionExists;
+}
 //# sourceMappingURL=util.js.map

package/dist/cjs/util.js.map

@@ -1 +1 @@
-{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":";;AAoBA,0DA4DC;AAgDD,sCAyBC;AASD,kDAgBC;AAQD,8BAEC;AAQD,oCAEC;AApMD,MAAM,cAAc,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAA;AAMvC,MAAM,2BAA2B,GAAyB;IACxD,gBAAgB,EAAE,IAAI;CACvB,CAAA;AAED;;;;;;;GAOG;AACH,SAAgB,uBAAuB,CAAC,KAAa,EAAE,OAAmB,EAAE,cAA8C;IACxH,MAAM,OAAO,GAAG,EAAC,GAAG,2BAA2B,EAAE,GAAG,cAAc,EAAC,CAAA;IAEnE,IAAI,oBAAoB,GAAG,KAAK,CAAA;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAC3E,IAAI,KAAK,IAAI,GAAG,EAAE,CAAC;YACjB,OAAO,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YAC7D,aAAa;QACf,CAAC;aAAM,IAAI,KAAK,IAAI,GAAG,EAAE,CAAC;YACxB,OAAO,gBAAgB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YAC/D,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;QACD,EAAE;QACF,4BAA4B;QAC5B,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAExC,IAAI,YAAY,GAAG,SAAS,CAAA;QAC5B,MAAM,YAAY,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAC9C,IAAG,YAAY,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC5B,MAAM,iBAAiB,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC5C,IAAG,iBAAiB,EAAE,UAAU,CAAC,GAAG,CAAC,IAAI,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzE,YAAY,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC/C,CAAC;QACH,CAAC;QACD,MAAM,YAAY,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAA;QAE/C,MAAM,YAAY,GAAG,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;QAEjE,IAAG,YAAY,EAAE,CAAC;YAChB,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;aAAM,IAAG,YAAY,EAAE,CAAC;YACvB;;;cAGE;YACF,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,IAAI,CAAA;YAC3B;;cAEE;YACF,OAAO,gBAAgB,CAAA;QACzB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;IAC7C,CAAC,CAAC,CAAA;IAEF,IAAG,oBAAoB,EAAE,CAAC;QACxB,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO,IAAI,MAAM,CAAC,GAAG,GAAG,QAAQ,GAAG,GAAG,CAAC,CAAA;AACzC,CAAC;AAED;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,OAAmB,EAAE,cAAsB;IACxE,IAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,cAAc,CAAC,EAAE,CAAC;QAC7C,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;IAC3D,IAAG,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC;QAC5B,OAAO,QAAQ,CAAC,KAAK,CAAA;IACvB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,SAAS,gBAAgB,CAAC,SAAiB,EAAE,QAAgB,EAAE,gBAAyB;IACtF,IAAG,gBAAgB,EAAE,CAAC;QACpB,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAYD,SAAgB,aAAa,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,MAAM,SAAS,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC1B,MAAM,SAAS,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAEzC,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAG,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtD,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAA;QAChF,YAAY,GAAG,mBAAmB,CAAA;QAClC,YAAY,GAAG,mBAAmB,CAAA;IACpC,CAAC;IAED,OAAO;QACL,SAAS;QACT,OAAO;QACP,MAAM;QACN,SAAS;QACT,QAAQ;QACR,YAAY;QACZ,YAAY;KACb,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IAExC,IAAI,UAAU,GAAG,UAAU,CAAA;IAC3B,IAAG,UAAU,IAAI,CAAC,CAAC,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QACxC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,CAAA;IACnD,CAAC;SAAM,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QAC5B,UAAU,GAAG,UAAU,GAAG,CAAC,CAAA;IAC7B,CAAC;SAAM,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QAC5B,UAAU,GAAG,UAAU,GAAG,CAAC,CAAA;IAC7B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,EAAE,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAA;AACpE,CAAC;AAED;;;;;GAKG;AACH,SAAgB,SAAS,CAAI,KAAoB;IAC/C,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC;AAC/C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,YAAY,CAAI,KAAoB;IAClD,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC1B,CAAC"}
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":";;AAuBA,0DA4DC;AA8DD,sCAyBC;AASD,kDAgBC;AAQD,8BAEC;AAQD,oCAEC;AAUD,oDAGC;AAUD,8DAiBC;AAQD,sEAOC;AAQD,oCAEC;AAQD,0DAgBC;AASD,8CAaC;AAQD,wDAYC;AAQD,gDAiBC;AAnXD,sDAAiK;AAEjK,uFAA4G;AAG5G,MAAM,cAAc,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAA;AAMvC,MAAM,2BAA2B,GAAyB;IACxD,gBAAgB,EAAE,IAAI;CACvB,CAAA;AAED;;;;;;;GAOG;AACH,SAAgB,uBAAuB,CAAC,KAAa,EAAE,OAAmB,EAAE,cAA8C;IACxH,MAAM,OAAO,GAAG,EAAC,GAAG,2BAA2B,EAAE,GAAG,cAAc,EAAC,CAAA;IAEnE,IAAI,oBAAoB,GAAG,KAAK,CAAA;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAC3E,IAAI,KAAK,IAAI,GAAG,EAAE,CAAC;YACjB,OAAO,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YAC7D,aAAa;QACf,CAAC;aAAM,IAAI,KAAK,IAAI,GAAG,EAAE,CAAC;YACxB,OAAO,gBAAgB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YAC/D,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;QACD,EAAE;QACF,4BAA4B;QAC5B,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAExC,IAAI,YAAY,GAAG,SAAS,CAAA;QAC5B,MAAM,YAAY,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAC9C,IAAG,YAAY,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC5B,MAAM,iBAAiB,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC5C,IAAG,iBAAiB,EAAE,UAAU,CAAC,GAAG,CAAC,IAAI,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzE,YAAY,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC/C,CAAC;QACH,CAAC;QACD,MAAM,YAAY,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAA;QAE/C,MAAM,YAAY,GAAG,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;QAEjE,IAAG,YAAY,EAAE,CAAC;YAChB,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;aAAM,IAAG,YAAY,EAAE,CAAC;YACvB;;;cAGE;YACF,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,IAAI,CAAA;YAC3B;;cAEE;YACF,OAAO,gBAAgB,CAAA;QACzB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;IAC7C,CAAC,CAAC,CAAA;IAEF,IAAG,oBAAoB,EAAE,CAAC;QACxB,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO,IAAI,MAAM,CAAC,GAAG,GAAG,QAAQ,GAAG,GAAG,CAAC,CAAA;AACzC,CAAC;AAED;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,OAAmB,EAAE,cAAsB;IACxE,IAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,cAAc,CAAC,EAAE,CAAC;QAC7C,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;IAC3D,IAAG,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC;QAC5B,OAAO,QAAQ,CAAC,KAAK,CAAA;IACvB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,gBAAgB,CAAC,SAAiB,EAAE,QAAgB,EAAE,gBAAyB;IACtF,IAAG,gBAAgB,EAAE,CAAC;QACpB,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAYD;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,MAAM,SAAS,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC1B,MAAM,SAAS,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAEzC,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAG,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtD,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAA;QAChF,YAAY,GAAG,mBAAmB,CAAA;QAClC,YAAY,GAAG,mBAAmB,CAAA;IACpC,CAAC;IAED,OAAO;QACL,SAAS;QACT,OAAO;QACP,MAAM;QACN,SAAS;QACT,QAAQ;QACR,YAAY;QACZ,YAAY;KACb,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IAExC,IAAI,UAAU,GAAG,UAAU,CAAA;IAC3B,IAAG,UAAU,IAAI,CAAC,CAAC,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QACxC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,CAAA;IACnD,CAAC;SAAM,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QAC5B,UAAU,GAAG,UAAU,GAAG,CAAC,CAAA;IAC7B,CAAC;SAAM,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QAC5B,UAAU,GAAG,UAAU,GAAG,CAAC,CAAA;IAC7B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,EAAE,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAA;AACpE,CAAC;AAED;;;;;GAKG;AACH,SAAgB,SAAS,CAAI,KAAoB;IAC/C,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC;AAC/C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,YAAY,CAAI,KAAoB;IAClD,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC1B,CAAC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,oBAAoB,CAAC,OAAe,EAAE,MAAc;IACxE,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC7D,OAAO,aAAa,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,CAAA;AACjD,CAAC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,yBAAyB,CAAC,OAAe,EAAE,MAAc,EAAE,QAAgB;IAC/F,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC7D,IAAG,aAAa,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,IAAI,MAAM,mCAAmC,CAAC,CAAA;IAC1E,CAAC;IAED,MAAM,qBAAqB,GAAmB,EAAE,CAAC;IACjD,KAAI,MAAM,EAAE,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;QAC5C,MAAM,YAAY,GAAG,MAAM,IAAA,iCAAsB,EAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,6BAA6B,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QAClD,IAAG,KAAK,EAAE,CAAC;YACT,qBAAqB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO,qBAAqB,CAAA;AAC9B,CAAC;AAED;;;;;GAKG;AACH,SAAgB,6BAA6B,CAAC,OAAe;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE;QACpD,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/D,OAAO,MAAM,SAAS,SAAS,CAAA;IACjC,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,KAAK,GAAG,CAAA;AACrB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,YAAY,CAAC,OAAiB;IAC5C,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAA;AAC1C,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,uBAAuB,CAAC,UAAkB;IAC9D,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAC;IACtD,IAAG,aAAa,EAAE,CAAC;QACjB,MAAM,gBAAgB,GAAG,MAAM,IAAA,gCAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC1E,IAAG,gBAAgB,EAAE,CAAC;YACpB,MAAM,UAAU,GAAG,MAAM,IAAA,iCAAsB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YACrE,OAAO,UAAU,CAAC,GAAG,CAAC;QACxB,CAAC;IACH,CAAC;IACD,MAAM,kBAAkB,GAAG,IAAA,8CAAqB,EAAC,UAAU,CAAC,CAAC;IAC7D,IAAG,kBAAkB,EAAE,CAAC;QACtB,OAAO,kBAAkB,CAAC,GAAG,CAAC;IAChC,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,eAAe,UAAU,YAAY,CAAC,CAAC;AACzD,CAAC;AAED;;;;;;GAMG;AACI,KAAK,UAAU,iBAAiB,CAAC,UAAkB;IACxD,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,gBAAgB,GAAG,MAAM,IAAA,gCAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC1E,IAAG,gBAAgB,EAAE,CAAC;QACpB,MAAM,UAAU,GAAG,MAAM,IAAA,iCAAsB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACrE,OAAO,UAAU,CAAC,IAAwB,CAAC;IAC7C,CAAC;IACD,MAAM,kBAAkB,GAAG,IAAA,8CAAqB,EAAC,UAAU,CAAC,CAAC;IAC7D,IAAG,kBAAkB,EAAE,CAAC;QACtB,OAAO,kBAAkB,CAAC,QAA4B,CAAC;IACzD,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,iBAAiB,UAAU,YAAY,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,KAAa;IAClD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;IACzC,IAAG,OAAO,EAAE,CAAC;QACX,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACvB,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACjC,IAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;YACxC,CAAC;YACD,OAAO,UAAU,CAAA;QACnB,CAAC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,IAAG,IAAA,iDAAwB,EAAC,GAAG,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC;IAChC,MAAM,aAAa,GAAG,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAC;IAEtD,IAAG,CAAC,aAAa,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,IAAA,gCAAqB,EAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC/D,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/esm/ConditionKeys.d.ts

@@ -0,0 +1,19 @@
+export type BaseConditionKeyType = 'String' | 'ARN' | 'Numeric' | 'Bool' | 'Date' | 'IPAddress' | 'Binary';
+export type ArrayConditionKeyType = `ArrayOf${BaseConditionKeyType}`;
+export type ConditionKeyType = BaseConditionKeyType | ArrayConditionKeyType;
+/**
+ * Check if a condition key is an array types
+ *
+ * @param key the condition key type to check
+ * @returns true if the key is an array type, otherwise false
+ */
+export declare function isConditionKeyArray(key: ConditionKeyType): key is ArrayConditionKeyType;
+/**
+ * Get the BaseConditionKeyType from an ArrayConditionKeyType
+ *
+ * @param key the ArrayConditionKeyType to get the base type from
+ * @returns the base type of the array key
+ * @throws if the key is not an array type
+ */
+export declare function getBaseConditionKeyType(key: ArrayConditionKeyType): BaseConditionKeyType;
+//# sourceMappingURL=ConditionKeys.d.ts.map

package/dist/esm/ConditionKeys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConditionKeys.d.ts","sourceRoot":"","sources":["../../src/ConditionKeys.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,oBAAoB,GAAG,QAAQ,GAAG,KAAK,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM,GAAG,WAAW,GAAG,QAAQ,CAAA;AAC1G,MAAM,MAAM,qBAAqB,GAAG,UAAU,oBAAoB,EAAE,CAAA;AACpE,MAAM,MAAM,gBAAgB,GAAG,oBAAoB,GAAG,qBAAqB,CAAA;AAE3E;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,gBAAgB,GAAG,GAAG,IAAI,qBAAqB,CAEvF;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,qBAAqB,GAAG,oBAAoB,CAKxF"}

package/dist/esm/ConditionKeys.js

@@ -0,0 +1,23 @@
+/**
+ * Check if a condition key is an array types
+ *
+ * @param key the condition key type to check
+ * @returns true if the key is an array type, otherwise false
+ */
+export function isConditionKeyArray(key) {
+    return key.startsWith('ArrayOf');
+}
+/**
+ * Get the BaseConditionKeyType from an ArrayConditionKeyType
+ *
+ * @param key the ArrayConditionKeyType to get the base type from
+ * @returns the base type of the array key
+ * @throws if the key is not an array type
+ */
+export function getBaseConditionKeyType(key) {
+    if (!isConditionKeyArray(key)) {
+        throw new Error(`Expected ArrayConditionType, got ${key}`);
+    }
+    return key.slice(7);
+}
+//# sourceMappingURL=ConditionKeys.js.map

package/dist/esm/ConditionKeys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ConditionKeys.js","sourceRoot":"","sources":["../../src/ConditionKeys.ts"],"names":[],"mappings":"AAIA;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAqB;IACvD,OAAO,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAA;AAClC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,GAA0B;IAChE,IAAG,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,EAAE,CAAC,CAAA;IAC5D,CAAC;IACD,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAyB,CAAA;AAC7C,CAAC"}

package/dist/esm/SCPAnalysis.d.ts

@@ -0,0 +1,6 @@
+import { StatementAnalysis } from "./StatementAnalysis.js";
+export interface SCPAnalysis {
+    orgIdentifier: string;
+    statementAnalysis: StatementAnalysis[];
+}
+//# sourceMappingURL=SCPAnalysis.d.ts.map

package/dist/esm/SCPAnalysis.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SCPAnalysis.d.ts","sourceRoot":"","sources":["../../src/SCPAnalysis.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,iBAAiB,EAAE,CAAC;CACxC"}

package/dist/esm/SCPAnalysis.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=SCPAnalysis.js.map

package/dist/esm/SCPAnalysis.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SCPAnalysis.js","sourceRoot":"","sources":["../../src/SCPAnalysis.ts"],"names":[],"mappings":""}

package/dist/esm/context_keys/findContextKeys.d.ts

@@ -0,0 +1,19 @@
+import { Policy } from "@cloud-copilot/iam-policy";
+/**
+ * Find all the context keys in a list of policies
+ *
+ * @param policies - The list of policies to search
+ * @returns The list of valid and invalid context keys found in the policies
+ */
+export declare function findContextKeys(policies: Policy[]): Promise<{
+    validKeys: string[];
+    invalidKeys: string[];
+}>;
+/**
+ * Get the context variables used in a policy
+ *
+ * @param policy - The policy to extract variables from
+ * @returns The list of variables used in the policy
+ */
+export declare function getContextKeysFromPolicy(policy: Policy): string[];
+//# sourceMappingURL=findContextKeys.d.ts.map

package/dist/esm/context_keys/findContextKeys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"findContextKeys.d.ts","sourceRoot":"","sources":["../../../src/context_keys/findContextKeys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAC;AAGnD;;;;;GAKG;AACH,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAAE,SAAS,EAAE,MAAM,EAAE,CAAC;IAAC,WAAW,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC,CAqBjH;AAED;;;;;GAKG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAiBjE"}

package/dist/esm/context_keys/findContextKeys.js

@@ -0,0 +1,53 @@
+import { getVariablesFromString, isActualContextKey, normalizeContextKeyCase } from "../util.js";
+/**
+ * Find all the context keys in a list of policies
+ *
+ * @param policies - The list of policies to search
+ * @returns The list of valid and invalid context keys found in the policies
+ */
+export async function findContextKeys(policies) {
+    const rawKeys = new Set();
+    for (const policy of policies) {
+        getContextKeysFromPolicy(policy).forEach(v => rawKeys.add(v));
+    }
+    const validKeys = new Set();
+    const invalidKeys = new Set();
+    for (const key of rawKeys) {
+        const valid = await isActualContextKey(key);
+        if (valid) {
+            const normalizedKey = await normalizeContextKeyCase(key);
+            validKeys.add(normalizedKey);
+        }
+        else {
+            invalidKeys.add(key);
+        }
+    }
+    return {
+        validKeys: Array.from(validKeys),
+        invalidKeys: Array.from(invalidKeys)
+    };
+}
+/**
+ * Get the context variables used in a policy
+ *
+ * @param policy - The policy to extract variables from
+ * @returns The list of variables used in the policy
+ */
+export function getContextKeysFromPolicy(policy) {
+    const variables = [];
+    for (const statement of policy.statements()) {
+        if (statement.isResourceStatement()) {
+            statement.resources().forEach(r => {
+                variables.push(...getVariablesFromString(r.value()));
+            });
+            for (const condition of statement.conditions()) {
+                variables.push(condition.conditionKey());
+                condition.conditionValues().forEach(v => {
+                    variables.push(...getVariablesFromString(v));
+                });
+            }
+        }
+    }
+    return variables;
+}
+//# sourceMappingURL=findContextKeys.js.map

package/dist/esm/context_keys/findContextKeys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"findContextKeys.js","sourceRoot":"","sources":["../../../src/context_keys/findContextKeys.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAEjG;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,QAAkB;IACtD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAI,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC7B,wBAAwB,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;IACpC,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;IACtC,KAAI,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,MAAM,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAC5C,IAAG,KAAK,EAAE,CAAC;YACT,MAAM,aAAa,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;YACzD,SAAS,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,OAAO;QACL,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;QAChC,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC;KACrC,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,wBAAwB,CAAC,MAAc;IACrD,MAAM,SAAS,GAAa,EAAE,CAAA;IAC9B,KAAI,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC3C,IAAG,SAAS,CAAC,mBAAmB,EAAE,EAAE,CAAC;YACnC,SAAS,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBAChC,SAAS,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;YACtD,CAAC,CAAC,CAAA;YACF,KAAI,MAAM,SAAS,IAAI,SAAS,CAAC,UAAU,EAAE,EAAE,CAAC;gBAC9C,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC,CAAC;gBACzC,SAAS,CAAC,eAAe,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;oBACtC,SAAS,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC/C,CAAC,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/esm/core_engine/coreSimulatorEngine.d.ts

@@ -1,8 +1,22 @@
 import { Policy } from "@cloud-copilot/iam-policy";
 import { EvaluationResult } from "../evaluate.js";
 import { AwsRequest } from "../request/request.js";
+import { SCPAnalysis } from "../SCPAnalysis.js";
 import { ServiceAuthorizer } from "../services/ServiceAuthorizer.js";
 import { StatementAnalysis } from "../StatementAnalysis.js";
+/**
+ * A set of service control policies for each level of an organization tree
+ */
+export interface ServiceControlPolicies {
+    /**
+     * The organization identifier for the organizational unit these policies apply to.
+     */
+    orgIdentifier: string;
+    /**
+     * The policies that apply to this organizational unit.
+     */
+    policies: Policy[];
+}
 /**
  * A reqest to authorize a service action.
  */
@@ -15,6 +29,15 @@ export interface AuthorizationRequest {
      * The identity policies that are applicable to the principal making the request.
      */
     identityPolicies: Policy[];
+    /**
+     * The service control policies that apply to the principal making the request. In
+     * order of the orgnaization hierarchy. So the root ou SCPS should be first.
+     */
+    serviceControlPolicies: ServiceControlPolicies[];
+    /**
+     * The resource policy that applies to the resource being accessed.
+     */
+    resourcePolicy: Policy | undefined;
 }
 /**
  * Authorizes a request.
@@ -41,4 +64,20 @@ export declare function getServiceAuthorizer(request: AuthorizationRequest): Ser
  * @returns an array of statement analysis results
  */
 export declare function analyzeIdentityPolicies(identityPolicies: Policy[], request: AwsRequest): StatementAnalysis[];
+/**
+ * Analyzes a set of service control policies and the statements within them.
+ *
+ * @param serviceControlPolicies the service control policies to analyze
+ * @param request the request to analyze against
+ * @returns an array of SCP analysis results
+ */
+export declare function analyzeServiceControlPolicies(serviceControlPolicies: ServiceControlPolicies[], request: AwsRequest): SCPAnalysis[];
+/**
+ * Analyze a resource policy and return the results
+ *
+ * @param resourcePolicy the resource policy to analyze
+ * @param request the request to analyze against
+ * @returns an array of statement analysis results
+ */
+export declare function analyzeResourcePolicy(resourcePolicy: Policy, request: AwsRequest): StatementAnalysis[];
 //# sourceMappingURL=coreSimulatorEngine.d.ts.map

package/dist/esm/core_engine/coreSimulatorEngine.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"coreSimulatorEngine.d.ts","sourceRoot":"","sources":["../../../src/core_engine/coreSimulatorEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAC;AAGnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE5D;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,OAAO,EAAE,UAAU,CAAC;IAEpB;;OAEG;IACH,gBAAgB,EAAE,MAAM,EAAE,CAAA;CAC3B;AAID;;;;;;;GAOG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,oBAAoB,GAAG,gBAAgB,CAOzE;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,oBAAoB,GAAG,iBAAiB,CAMrF;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,gBAAgB,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,UAAU,GAAG,iBAAiB,EAAE,CAe5G"}
+{"version":3,"file":"coreSimulatorEngine.d.ts","sourceRoot":"","sources":["../../../src/core_engine/coreSimulatorEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAC;AAGnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEnD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAEhD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE5D;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,OAAO,EAAE,UAAU,CAAC;IAEpB;;OAEG;IACH,gBAAgB,EAAE,MAAM,EAAE,CAAA;IAE1B;;;OAGG;IACH,sBAAsB,EAAE,sBAAsB,EAAE,CAAA;IAEhD;;OAEG;IACH,cAAc,EAAE,MAAM,GAAG,SAAS,CAAC;CACpC;AAID;;;;;;;GAOG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,oBAAoB,GAAG,gBAAgB,CAYzE;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,oBAAoB,GAAG,iBAAiB,CAMrF;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,gBAAgB,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,UAAU,GAAG,iBAAiB,EAAE,CAe5G;AAED;;;;;;GAMG;AACH,wBAAgB,6BAA6B,CAAC,sBAAsB,EAAE,sBAAsB,EAAE,EAAE,OAAO,EAAE,UAAU,GAAG,WAAW,EAAE,CAsBlI;AAED;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,iBAAiB,EAAE,CAatG"}

package/dist/esm/core_engine/coreSimulatorEngine.js

@@ -1,5 +1,6 @@
 import { requestMatchesStatementActions } from "../action/action.js";
 import { requestMatchesConditions } from "../condition/condition.js";
+import { requestMatchesStatementPrincipals } from "../principal/principal.js";
 import { requestMatchesStatementResources } from "../resource/resource.js";
 import { DefaultServiceAuthorizer } from "../services/DefaultServiceAuthorizer.js";
 const serviceEngines = {};
@@ -13,10 +14,14 @@ const serviceEngines = {};
  */
 export function authorize(request) {
     const identityAnalysis = analyzeIdentityPolicies(request.identityPolicies, request.request);
+    const scpAnalysis = analyzeServiceControlPolicies(request.serviceControlPolicies, request.request);
     const serviceAuthorizer = getServiceAuthorizer(request);
+    const resourceAnalysis = request.resourcePolicy ? analyzeResourcePolicy(request.resourcePolicy, request.request) : [];
     return serviceAuthorizer.authorize({
         request: request.request,
         identityStatements: identityAnalysis,
+        scpAnalysis,
+        resourceAnalysis
     });
 }
 /**
@@ -55,4 +60,53 @@ export function analyzeIdentityPolicies(identityPolicies, request) {
     }
     return analysis;
 }
+/**
+ * Analyzes a set of service control policies and the statements within them.
+ *
+ * @param serviceControlPolicies the service control policies to analyze
+ * @param request the request to analyze against
+ * @returns an array of SCP analysis results
+ */
+export function analyzeServiceControlPolicies(serviceControlPolicies, request) {
+    const analysis = [];
+    for (const controlPolicy of serviceControlPolicies) {
+        const ouAnalysis = {
+            orgIdentifier: controlPolicy.orgIdentifier,
+            statementAnalysis: [],
+        };
+        for (const policy of controlPolicy.policies) {
+            for (const statement of policy.statements()) {
+                ouAnalysis.statementAnalysis.push({
+                    statement,
+                    resourceMatch: requestMatchesStatementResources(request, statement),
+                    actionMatch: requestMatchesStatementActions(request, statement),
+                    conditionMatch: requestMatchesConditions(request, statement.conditions()),
+                    principalMatch: 'Match',
+                });
+            }
+        }
+        analysis.push(ouAnalysis);
+    }
+    return analysis;
+}
+/**
+ * Analyze a resource policy and return the results
+ *
+ * @param resourcePolicy the resource policy to analyze
+ * @param request the request to analyze against
+ * @returns an array of statement analysis results
+ */
+export function analyzeResourcePolicy(resourcePolicy, request) {
+    const analysis = [];
+    for (const statement of resourcePolicy.statements()) {
+        analysis.push({
+            statement,
+            resourceMatch: requestMatchesStatementResources(request, statement),
+            actionMatch: requestMatchesStatementActions(request, statement),
+            conditionMatch: requestMatchesConditions(request, statement.conditions()),
+            principalMatch: requestMatchesStatementPrincipals(request, statement),
+        });
+    }
+    return analysis;
+}
 //# sourceMappingURL=coreSimulatorEngine.js.map

package/dist/esm/core_engine/coreSimulatorEngine.js.map

@@ -1 +1 @@
-{"version":3,"file":"coreSimulatorEngine.js","sourceRoot":"","sources":["../../../src/core_engine/coreSimulatorEngine.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AAGrE,OAAO,EAAE,gCAAgC,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAC;AAmBnF,MAAM,cAAc,GAAgD,EAAE,CAAC;AAEvE;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,OAA6B;IACrD,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,OAAO,CAAC,gBAAgB,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5F,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;IACxD,OAAO,iBAAiB,CAAC,SAAS,CAAC;QACjC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,kBAAkB,EAAE,gBAAgB;KACrC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA6B;IAChE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAC;IACnE,IAAG,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,OAAO,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;IAC3C,CAAC;IACD,OAAO,IAAI,wBAAwB,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,gBAA0B,EAAE,OAAmB;IACrF,MAAM,QAAQ,GAAwB,EAAE,CAAC;IACzC,KAAI,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACrC,KAAI,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,SAAS;gBACT,aAAa,EAAE,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC;gBACnE,WAAW,EAAE,8BAA8B,CAAC,OAAO,EAAE,SAAS,CAAC;gBAC/D,cAAc,EAAE,wBAAwB,CAAC,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC;gBACzE,cAAc,EAAE,OAAO;aACxB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
+{"version":3,"file":"coreSimulatorEngine.js","sourceRoot":"","sources":["../../../src/core_engine/coreSimulatorEngine.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AAErE,OAAO,EAAE,iCAAiC,EAAE,MAAM,2BAA2B,CAAC;AAE9E,OAAO,EAAE,gCAAgC,EAAE,MAAM,yBAAyB,CAAC;AAE3E,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAC;AA6CnF,MAAM,cAAc,GAAgD,EAAE,CAAC;AAEvE;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,OAA6B;IACrD,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,OAAO,CAAC,gBAAgB,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5F,MAAM,WAAW,GAAG,6BAA6B,CAAC,OAAO,CAAC,sBAAsB,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACnG,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,qBAAqB,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEtH,OAAO,iBAAiB,CAAC,SAAS,CAAC;QACjC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,kBAAkB,EAAE,gBAAgB;QACpC,WAAW;QACX,gBAAgB;KACjB,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAA6B;IAChE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAC;IACnE,IAAG,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,OAAO,IAAI,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;IAC3C,CAAC;IACD,OAAO,IAAI,wBAAwB,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,gBAA0B,EAAE,OAAmB;IACrF,MAAM,QAAQ,GAAwB,EAAE,CAAC;IACzC,KAAI,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;QACrC,KAAI,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,SAAS;gBACT,aAAa,EAAE,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC;gBACnE,WAAW,EAAE,8BAA8B,CAAC,OAAO,EAAE,SAAS,CAAC;gBAC/D,cAAc,EAAE,wBAAwB,CAAC,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC;gBACzE,cAAc,EAAE,OAAO;aACxB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,6BAA6B,CAAC,sBAAgD,EAAE,OAAmB;IACjH,MAAM,QAAQ,GAAkB,EAAE,CAAC;IACnC,KAAI,MAAM,aAAa,IAAI,sBAAsB,EAAE,CAAC;QAClD,MAAM,UAAU,GAAgB;YAC9B,aAAa,EAAE,aAAa,CAAC,aAAa;YAC1C,iBAAiB,EAAE,EAAE;SACtB,CAAA;QACD,KAAI,MAAM,MAAM,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC3C,KAAI,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;gBAC3C,UAAU,CAAC,iBAAiB,CAAC,IAAI,CAAC;oBAChC,SAAS;oBACT,aAAa,EAAE,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC;oBACnE,WAAW,EAAE,8BAA8B,CAAC,OAAO,EAAE,SAAS,CAAC;oBAC/D,cAAc,EAAE,wBAAwB,CAAC,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC;oBACzE,cAAc,EAAE,OAAO;iBACxB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CAAC,cAAsB,EAAE,OAAmB;IAC/E,MAAM,QAAQ,GAAwB,EAAE,CAAC;IACzC,KAAI,MAAM,SAAS,IAAI,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,SAAS;YACT,aAAa,EAAE,gCAAgC,CAAC,OAAO,EAAE,SAAS,CAAC;YACnE,WAAW,EAAE,8BAA8B,CAAC,OAAO,EAAE,SAAS,CAAC;YAC/D,cAAc,EAAE,wBAAwB,CAAC,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE,CAAC;YACzE,cAAc,EAAE,iCAAiC,CAAC,OAAO,EAAE,SAAS,CAAC;SACtE,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/esm/evaluate.d.ts

@@ -1,2 +1,3 @@
 export type EvaluationResult = 'Allowed' | 'ExplicitlyDenied' | 'AllowedWithConditions' | 'ImplicitlyDenied' | 'Unknown';
+export type ResourceEvaluationResult = 'NotApplicable' | 'Allowed' | 'ExplicitlyDenied' | 'AllowedForAccount' | 'DeniedForAccount' | 'ImplicityDenied';
 //# sourceMappingURL=evaluate.d.ts.map

package/dist/esm/evaluate.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"evaluate.d.ts","sourceRoot":"","sources":["../../src/evaluate.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,kBAAkB,GAAG,uBAAuB,GAAG,kBAAkB,GAAG,SAAS,CAAC"}
+{"version":3,"file":"evaluate.d.ts","sourceRoot":"","sources":["../../src/evaluate.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,kBAAkB,GAAG,uBAAuB,GAAG,kBAAkB,GAAG,SAAS,CAAC;AACzH,MAAM,MAAM,wBAAwB,GAAG,eAAe,GAAG,SAAS,GAAG,kBAAkB,GAAG,mBAAmB,GAAG,kBAAkB,GAAG,iBAAiB,CAAC"}

package/dist/esm/global_conditions/globalConditionKeys.d.ts

@@ -1,9 +1,17 @@
+import { ConditionKeyType } from "../ConditionKeys.js";
 interface GlobalConditionKey {
     key: string;
     category: string;
-    dataType: string;
+    dataType: ConditionKeyType;
 }
 export declare function getGlobalConditionKey(key: string): GlobalConditionKey | undefined;
+export declare function globalConditionKeyExists(key: string): boolean;
 export declare function getGlobalConditionKeysByCategory(category: string): GlobalConditionKey[];
+/**
+ * Get all the global condition keys as lower case strings
+ *
+ * @returns a list of all the global condition keys
+ */
+export declare function allGlobalConditionKeys(): string[];
 export {};
 //# sourceMappingURL=globalConditionKeys.d.ts.map