import { CustomAuthorizerResult, ConditionBlock } from 'aws-lambda';
export declare enum HttpVerb {
    GET = "GET",
    POST = "POST",
    PUT = "PUT",
    PATCH = "PATCH",
    HEAD = "HEAD",
    DELETE = "DELETE",
    OPTIONS = "OPTIONS",
    ALL = "*"
}
export declare enum Effect {
    Allow = "Allow",
    Deny = "Deny"
}
declare type ApiOptions = {
    restApiId?: string;
    stage?: string;
    region?: string;
};
declare type AuthResponseContext = {
    [name: string]: string | number | boolean;
};
export declare class AuthPolicy {
    private readonly principalId;
    private readonly awsAccountId;
    private restApiId;
    private region;
    private stage;
    /**
     * The policy version used for the evaluation. This should always be "2012-10-17"
     *
     * @property version
     * @type {String}
     * @default "2012-10-17"
     */
    private readonly version;
    private readonly allowMethods;
    private readonly denyMethods;
    private context;
    constructor(principalId: string, awsAccountId: string, apiOptions?: ApiOptions);
    static parseMethodArn(methodArn: string): {
        region: string;
        accountId: string;
        restApiId: string;
        stage: string;
        method: string;
    };
    /**
     * Adds a method to the internal lists of allowed or denied methods. Each object in
     * the internal list contains a resource ARN and a condition statement. The condition
     * statement can be null.
     */
    private addMethod;
    addContext(context: AuthResponseContext): void;
    /**
     * Adds an allow "*" statement to the policy.
     */
    allowAllMethods(): void;
    /**
     * Adds a deny "*" statement to the policy.
     */
    denyAllMethods(): void;
    /**
     * Adds an API Gateway method (Http verb + Resource path) to the list of allowed
     * methods for the policy
     */
    allowMethod(verb: HttpVerb, resource: string): void;
    /**
     * Adds an API Gateway method (Http verb + Resource path) to the list of denied
     * methods for the policy
     */
    denyMethod(verb: HttpVerb, resource: string): void;
    /**
     * Adds an API Gateway method (Http verb + Resource path) to the list of allowed
     * methods and includes a condition for the policy statement. More on AWS policy
     * conditions here: http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Condition
     */
    allowMethodWithConditions(verb: HttpVerb, resource: string, conditions: ConditionBlock): void;
    /**
     * Adds an API Gateway method (Http verb + Resource path) to the list of denied
     * methods and includes a condition for the policy statement. More on AWS policy
     * conditions here: http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Condition
     */
    denyMethodWithConditions(verb: HttpVerb, resource: string, conditions: ConditionBlock): void;
    /**
     * Generates the policy document based on the internal lists of allowed and denied
     * conditions. This will generate a policy with two main statements for the effect:
     * one statement for Allow and one statement for Deny.
     * Methods that includes conditions will have their own statement in the policy.
     */
    build(): CustomAuthorizerResult;
    /**
     * Returns an empty statement object prepopulated with the correct action and the
     * desired effect
     */
    private getEmptyStatement;
    /**
     * This function loops over an array of objects containing a resourceArn and
     * conditions statement and generates the array of statements for the policy.
     */
    private getStatementsForEffect;
}
export {};