/** * Module to deal with available AIMS Public API endpoints */ import { AlApiClient } from "../client"; import { AIMSAccessKey, AIMSAccount, AIMSAuthenticationTokenInfo, AIMSOrganization, AIMSRole, AIMSSessionDescriptor, AIMSTopology, AIMSUser, AIMSUserDetails, AIMSEnrollURI, AIMSLicenseAcceptanceStatus, AIMSMappedAccount } from './types'; export declare class AIMSClientInstance { private client; private serviceName; private serviceVersion; private _usersDict; get usersDict(): {}; constructor(client?: AlApiClient); /** * Create a user * POST * /aims/v1/:account_id/users?one_time_password=:one_time_password * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users" * -d '{ "name": "Bob Dobalina", "email": "admin@company.com", "mobile_phone": "123-555-0123" }' */ createUser(accountId: string, name: string, email: string, mobilePhone: string): Promise; /** * Create a user with details * POST * /aims/v1/:account_id/users * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users" * -d '{ "name": "Bob Dobalina", "email": "admin@company.com", "phone": "12321312", "mobile_phone": "123-555-0123" }' */ createUserWithDetails(accountId: string, userDetails: AIMSUserDetails): Promise; /** * Update user details * POST * /aims/v1/:account_id/users/:user_id * -d '{"name": "Bob Odenkirk", "email": "bodenkirk@company.com", "mobile_phone": "123-555-0124"}' "https://api.product.dev.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23" */ updateUserDetails(accountId: string, userId: string, data: AIMSUserDetails): Promise; /** * Delete a user * DELETE * /aims/v1/:account_id/users/:user_id * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23" */ deleteUser(accountId: string, userId: string): Promise; recordSessionStart(accountId: string, userId: string): Promise; /** * Get user details * GET * /aims/v1/:account_id/users/:user_id * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23" */ getUserDetailsById(accountId: string, userId: string): Promise; getUserDetailsByUserId(userId: string): Promise; /** * Asynchronously loads user names for a list of user IDs. * Updates the user dictionary with the user's name or sets it to "Unknown User" in case of an error. * @param {string[]} userIds - Array of user IDs to load details for. * @returns {Promise} A promise that resolves once all user details are loaded. */ loadUserNames(userIds: string[]): Promise; /** * Get user permissions * GET * /aims/v1/:account_id/users/:user_id/permissions * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/permissions" */ getUserPermissions(accountId: string, userId: string): Promise; /** * Get Account Details * GET * /aims/v1/:account_id/account * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/account" */ getAccountDetails(accountId: string): Promise; /** * @deprecated use getAccountsByRelationship * List managed accounts * GET * /aims/v1/:account_id/accounts/:relationship * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/accounts/managed" */ getManagedAccounts(accountId: string, queryParams?: any): Promise; /** * @deprecated use getAccountIdsByRelationship * List managed account IDs * GET * /aims/v1/:account_id/account_ids/:relationship * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/account_ids/managed" */ getManagedAccountIds(accountId: string, queryParams?: any): Promise; /** * List account IDs, by relationship can be managing, managed and bills_to * GET * /aims/v1/:account_id/account_ids/:relationship * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/account_ids/managing" * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/account_ids/managed" * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/account_ids/bills_to" */ getAccountIdsByRelationship(accountId: string, relationship: string, queryParams?: any): Promise; /** * List accounts, by relationship can be managing, managed and bills_to * GET * /aims/v1/:account_id/accounts/:relationship * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/accounts/managing" * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/accounts/managed" * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/accounts/bills_to" */ getAccountsByRelationship(accountId: string, relationship: string, queryParams?: any): Promise; /** * Retrieve a union of user records corresponding to a managed relationship hierarchy between two accounts. * This is a placeholder for a better implementation based on a relationship topology endpoint from AIMS.0 * @deprecated use getAccountsIdsByRelationship in conjunction with getUsersFromAccounts */ getUsersFromManagedRelationship(leafAccountId: string, terminalAccountId?: string, failOnError?: boolean): Promise; /** * Update account MFA requirements * POST * /aims/v1/:account_id/account * -d '{"mfa_required": true}' "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/account" */ requireMFA(accountId: string, mfaRequired: boolean): Promise; /** * Update account session idle expiration * POST * This updates a single property of an AIMS account record, affecting how long users of that account * can be idle before their sessions will be terminated due to inactivity. */ setAccountIdleThreshold(accountId: string, seconds: number | null): Promise; /** * Authenticate a user's identity * POST * /aims/v1/authenticate * -u username:password "https://api.cloudinsight.alertlogic.com/aims/v1/authenticate" */ authenticate(user: string, pass: string, mfa?: string): Promise; /** * Authenticate a user's identity with an mfa code and session token */ authenticateWithMFASessionToken(token: string, mfa: string): Promise; /** * Change a user's password * POST * /aims/v1/change_password * -d '{"email": "admin@company.com", "current_password": "hunter2", "new_password": "Fraudulent$Foes"}' "https://api.cloudinsight.alertlogic.com/aims/v1/change_password" */ changePassword(email: string, password: string, newPassword: string): Promise; /** * Obtain Authentication Token Information (Account, User, Roles, etc.) * * @deprecated * * GET * /aims/v1/token_info * "https://api.cloudinsight.alertlogic.com/aims/v1/token_info" */ tokenInfo(): Promise; /** * Obtain Authentication Token Information for a specific access token */ getTokenInfo(accessToken: string, useAuthenticationHeader?: boolean): Promise; /** * Initiate the password reset process for a user * POST * /aims/v1/reset_password * -d '{"email": "admin@company.com", "return_to": "https://console.alertlogic.net"}' "https://api.cloudinsight.alertlogic.com/aims/v1/reset_password" */ initiateReset(email: string, returnTo: string): Promise; /** * Reset a user's password using a token * PUT * /aims/v1/reset_password/:token * -d '{"password": "hunter2"}' "https://api.cloudinsight.alertlogic.com/aims/v1/reset_password/69EtspCz3c4" */ resetWithToken(token: string, password: string): Promise; /** * Create a role * POST * /aims/v1/:account_id/roles * -d '{"name": "Super Mega Power User", "permissions": {"*:own:*:*": "allowed", "aims:own:grant:*":"allowed"}}' "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles" */ createRole(accountId: string, name: string, permissions: any): Promise; /** * Delete a role * DELETE * /aims/v1/:account_id/roles/:role_id * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles/C7C5BE57-F199-4F14-BCB5-43E31CA02842" */ deleteRole(accountId: string, roleId: string): Promise; /** * Grant a role * PUT * /aims/v1/:account_id/users/:user_id/roles/:role_id * "https://api.product.dev.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ grantRole(accountId: string, userId: string, roleId: string): Promise; /** * Revoke a role * DELETE * /aims/v1/:account_id/users/:user_id/roles/:role_id * "https://api.product.dev.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ revokeRole(accountId: string, userId: string, roleId: string): Promise; /** * Get global role, a role that is shared among accounts. * GET * /aims/v1/roles/:role_id * "https://api.cloudinsight.alertlogic.com/aims/v1/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ getGlobalRole(roleId: string): Promise; /** * Get role * GET * /aims/v1/:account_id/roles/:role_id * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ getAccountRole(accountId: string, roleId: string): Promise; /** * Get assigned roles * GET * /aims/v1/:account_id/users/:user_id/roles * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/roles" */ getAssignedRoles(accountId: string, userId: string): Promise; /** * List global roles, roles that are shared among all accounts. * GET * /aims/v1/roles * "https://api.cloudinsight.alertlogic.com/aims/v1/roles" */ getGlobalRoles(): Promise; /** * List roles for an account. Global roles are included in the list. * GET * /aims/v1/:account_id/roles * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles" */ getAccountRoles(accountId: string): Promise; /** * Update Role Name and Permissions * POST * /aims/v1/:account_id/roles/:role_id * -d '{"name": "Mega Power User", "permissions": {"*:own:*:*": "allowed", "aims:own:grant:*":"allowed"}}' "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ updateRole(accountId: string, name: string, permissions: any): Promise; /** * Update Role Name * POST * /aims/v1/:account_id/roles/:role_id * -d '{"name": "Mega Power User"}' "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ updateRoleName(accountId: string, name: string): Promise; /** * Update Role Permissions * POST * /aims/v1/:account_id/roles/:role_id * -d '{"permissions": {"*:own:*:*": "allowed", "aims:own:grant:*":"allowed"}}' "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/roles/2A33175D-86EF-44B5-AA39-C9549F6306DF" */ updateRolePermissions(accountId: string, permissions: any): Promise; /** * Enroll an MFA device for a user * POST * /aims/v1/user/mfa/enroll * "https://api.cloudinsight.alertlogic.com/aims/v1/user/mfa/enroll" \ * -H "Content-Type: application/json" \ * -H "X-Aims-Session-Token: a3e12fwafge1g9" \ * -d @- << EOF * { * "mfa_uri": "otpauth://totp/Alert%20Logic:admin@company.com?secret=GFZSA5CINFJSA4ZTNNZDG5BAKM2EMMZ7&issuer=Alert%20Logic&algorithm=SHA1" * "mfa_codes": ["123456", "456789"] * } * EOF */ enrollMFA(uri: string, sessionToken: string, codes: string[]): Promise; /** * Enroll an MFA device for a user (when no AIMS token available). * POST * /aims/v1/user/mfa/enroll * "https://api.cloudinsight.alertlogic.com/aims/v1/user/mfa/enroll" \ * -H "Content-Type: application/json" \ * -d @- << EOF * { * "mfa_uri": "otpauth://totp/Alert%20Logic:admin@company.com?secret=GFZSA5CINFJSA4ZTNNZDG5BAKM2EMMZ7&issuer=Alert%20Logic&algorithm=SHA1" * "mfa_codes": ["123456", "456789"], * "password" : "password", * "email" : "user@email.com" * } * EOF */ enrollMFAWithoutAIMSToken(uri: AIMSEnrollURI, codes: string[], email: string, password: string): Promise; /** * Remove a user's MFA device * DELETE * /aims/v1/user/mfa/:email * "https://api.cloudinsight.alertlogic.com/aims/v1/user/mfa/admin@company.com" */ deleteMFA(email: string): Promise; getUserDetails(accountId: string, userId: string, queryParams?: { include_role_ids?: boolean; include_user_credential?: boolean; }): Promise; /** * List Users * GET * /aims/v1/:account_id/users * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users" */ getUsers(accountId: string, queryParams?: { include_role_ids?: boolean; include_user_credential?: boolean; }): Promise; /** * Create Access Key * POST * /aims/v1/:account_id/users/:user_id/access_keys * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/access_keys" * -d '{"label": "api access"}' */ createAccessKey(accountId: string, userId: string, label: string): Promise; /** * Update Access Key * POST * /aims/v1/access_keys/:access_key_id * "https://api.cloudinsight.alertlogic.com/aims/v1/access_keys/61fb235617960503" * -d '{"label": "api access"}' */ updateAccessKey(accessKeyId: string, label: string): Promise; /** * Get Access Key * GET * /aims/v1/access_keys/:access_key_id * "https://api.cloudinsight.alertlogic.com/aims/v1/access_keys/61fb235617960503" */ getAccessKey(accessKeyId: string): Promise; /** * List Access Keys * GET * /aims/v1/:account_id/users/:user_id/access_keys?out=:out * https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/access_keys?out=full" */ getAccessKeys(accountId: string, userId: string, ttl?: number): Promise; /** * Delete Access Key * DELETE * /aims/v1/:account_id/users/:user_id/access_keys/:access_key_id * "https://api.cloudinsight.alertlogic.com/aims/v1/12345678/users/715A4EC0-9833-4D6E-9C03-A537E3F98D23/access_keys/61FB235617960503" */ deleteAccessKey(accountId: string, userId: string, accessKeyId: string): Promise; /** * Retrieve linked organization */ getAccountOrganization(accountId: string): Promise; /** * Retrieves licensing status information for a given accountId. */ getLicenseAcceptanceStatus(accountId: string): Promise; /** * Updates license acceptance for a given accountId. */ setLicenseAcceptance(accountId: string, accepted: boolean): Promise; /** * This endpoint render's an accounts related accounts topologically by adding a :relationship field to the account object, * which contains an array of accounts that are directly related to it. * GET * /aims/v1/:account_id/accounts/:relationship/topology * https://console.product.dev.alertlogic.com/api/aims/index.html#api-AIMS_Account_Resources-AccountRelationshipExists * @param accountId {string} * @param relationship {'managed' | 'managing'} * @param queryParms {Object} */ getAccountRelationshipTopology(accountId: string, relationship: 'managed' | 'managing', queryParams?: any): Promise; /** * Returns the ids of the accounts to which an account is related. * The related accounts that are returned depend oonf the :relationship param. * If using a "managed" relationship, this returns all accounts that the current account manages. * If using a "managing" relationship, this returns all accounts that managing the current account. * @param accountId {string} * @param relationship {'managed' | 'managing'} * @param addCurrentId {boolean} [addCurrentId=true] true if wants add the current id to the return */ getAccountsIdsByRelationship(accountId: string, relationship: 'managed' | 'managing', addCurrentId?: boolean): Promise; /** * Retrieves the Frontline PCI scan migration status for a given account. This is a placeholder for future functionality. */ getFrontlineMigrationStatus(accountId: string): Promise<{ import_status: "PENDING" | "RUNNING" | "COMPLETED" | "ERRORED"; import_details: any; }>; /** * Retrieves the mapped account given an account ID * @param accountId ALert Logic's account ID */ getMappedAccount(accountId: string): Promise; /** * Triggers Frontline PCI scan migration for a given account. */ startFrontlineMigration(accountId: string): Promise; /** * Returns all users associated with a list of accounts * @param accountList {string[]} */ getUsersFromAccounts(accountList: string[]): Promise; } export declare const AIMSClient: AIMSClientInstance;