import type { Severity, WAFPillars } from '../types/analysis.types';
/**
 * CDK Nag rules that should always be treated as CRITICAL severity.
 * These represent severe security misconfigurations that could lead to breaches.
 */
export declare const CRITICAL_NAG_RULES: Set<string>;
/**
 * CDK Nag documentation base URLs by rule pack
 */
export declare const CDK_NAG_DOC_URLS: {
    readonly AwsSolutions: "https://github.com/cdklabs/cdk-nag/blob/main/RULES.md#awssolutions-rules";
    readonly 'HIPAA.Security': "https://github.com/cdklabs/cdk-nag/blob/main/RULES.md#hipaasecurity-rules";
    readonly 'NIST.800.53.R4': "https://github.com/cdklabs/cdk-nag/blob/main/RULES.md#nist-80053-rules";
    readonly 'NIST.800.53.R5': "https://github.com/cdklabs/cdk-nag/blob/main/RULES.md#nist-80053-rules";
    readonly 'PCI.DSS.321': "https://github.com/cdklabs/cdk-nag/blob/main/RULES.md#pcidss-rules";
};
/**
 * CDK Nag rule prefix to WAF pillar mapping.
 * Used for categorizing findings by Well-Architected Framework pillar.
 */
export declare const CDK_NAG_RULE_PREFIX_TO_WAF_PILLAR: Record<string, WAFPillars>;
/**
 * Extract rule ID from CDK Nag message.
 * Handles formats like:
 * - "AwsSolutions-IAM4: Description"
 * - "AwsSolutions-IAM4[Policy::arn...]"
 * - "HIPAA.Security-IAMNoInlinePolicy: Description"
 * - "NIST.800.53.R5-IAM4: Description"
 * - "PCI.DSS.321-IAM4: Description"
 */
export declare const extractNagRuleId: (message: string) => string | undefined;
/**
 * Extract the rule prefix (e.g., "IAM" from "AwsSolutions-IAM4")
 */
export declare const extractNagRulePrefix: (ruleId: string) => string | undefined;
/**
 * Get severity for CDK Nag finding, with CRITICAL override for known critical rules.
 *
 * @param entryType - The CDK metadata entry type (aws:cdk:error, aws:cdk:warning, aws:cdk:info)
 * @param ruleId - The CDK Nag rule ID
 * @returns The severity level for the finding
 */
export declare const getNagSeverity: (entryType: string, ruleId: string | undefined) => Severity;
/**
 * Get WAF pillar for a CDK Nag rule.
 *
 * @param ruleId - The CDK Nag rule ID (e.g., "AwsSolutions-IAM4")
 * @returns The WAF pillar for the rule
 */
export declare const getNagWafPillar: (ruleId: string | undefined) => WAFPillars;
/**
 * Get documentation URL for a CDK Nag rule.
 *
 * @param ruleId - The CDK Nag rule ID
 * @returns The documentation URL or undefined
 */
export declare const getNagDocUrl: (ruleId: string | undefined) => string | undefined;
/**
 * Check if a message is a CDK Nag finding from any supported rule pack.
 */
export declare const isCdkNagFinding: (message: string) => boolean;