import { ArmClient } from '../client/ArmClient.js'; /** * Processed Key Vault summary. */ export interface KeyVaultSummary { id: string; name: string; resourceGroup: string; location: string; vaultUri?: string; sku?: string; enableSoftDelete?: boolean; enablePurgeProtection?: boolean; enableRbacAuthorization?: boolean; networkAcls?: { defaultAction?: string; ipRules?: string[]; virtualNetworkRules?: string[]; }; accessPolicies?: Array<{ objectId: string; tenantId: string; permissions: { keys?: string[]; secrets?: string[]; certificates?: string[]; }; }>; } /** * Processed secret metadata. */ export interface SecretMetadata { name: string; enabled: boolean; created: string; updated: string; contentType?: string; tags?: Record; } /** * Service for Azure Key Vault operations. */ export declare class KeyVaultService { private client; constructor(client: ArmClient); /** * List all Key Vaults in the subscription or resource group. */ listKeyVaults(options?: { resourceGroup?: string; }): Promise<{ vaults: KeyVaultSummary[]; summary: { total: number; bySku: Record; byRbacEnabled: { enabled: number; disabled: number; }; }; }>; /** * Get detailed information about a Key Vault. */ getKeyVault(options: { name: string; resourceGroup?: string; includeAccessPolicies?: boolean; }): Promise<{ vault: KeyVaultSummary; }>; /** * List secret names (NOT values) in a Key Vault. * Uses the Key Vault data plane API. */ listKeyVaultSecrets(options: { vaultName: string; }): Promise<{ secrets: SecretMetadata[]; summary: { total: number; enabled: number; disabled: number; }; }>; /** * Process a KeyVault into a KeyVaultSummary. */ private processKeyVault; /** * Extract secret name from Key Vault secret ID. * ID format: https://{vault}.vault.azure.net/secrets/{name} */ private extractSecretName; } //# sourceMappingURL=KeyVaultService.d.ts.map