npm - @beesolve/aws-accounts - Versions diffs - 1.0.0 - Mend

@beesolve/aws-accounts 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/LICENSE +21 -0
package/README.md +189 -0
package/dist/accountCreation.js +135 -0
package/dist/applyLogic.js +1203 -0
package/dist/awsClientConfig.js +26 -0
package/dist/awsConfig.js +1365 -0
package/dist/cli.js +201 -0
package/dist/commands/graveyard.js +46 -0
package/dist/commands/regenerate.js +17 -0
package/dist/commands/remote.js +925 -0
package/dist/diff.js +1012 -0
package/dist/error.js +66 -0
package/dist/helpers.js +21 -0
package/dist/lambda/handler.js +375 -0
package/dist/lambdaClient.js +220 -0
package/dist/logger.js +26 -0
package/dist/operations.js +218 -0
package/dist/remoteStateCache.js +38 -0
package/dist/reservedOuDeletion.js +46 -0
package/dist/scanLogic.js +456 -0
package/dist/state.js +618 -0
package/dist/tags.js +14 -0
package/dist-lambda/handler.mjs +3558 -0
package/dist-lambda/lambda.zip +0 -0
package/package.json +59 -0

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,201 @@
+import { parseArgs } from "node:util";
+import { createInterface } from "node:readline/promises";
+import { S3Client } from "@aws-sdk/client-s3";
+import { IAMClient } from "@aws-sdk/client-iam";
+import { LambdaClient } from "@aws-sdk/client-lambda";
+import { STSClient } from "@aws-sdk/client-sts";
+import { SSOAdminClient } from "@aws-sdk/client-sso-admin";
+import {
+  buildAwsClientConfig,
+  resolveAwsProfile,
+  resolveAwsRegion
+} from "./awsClientConfig.js";
+import { consoleLogger } from "./logger.js";
+import { runGraveyardCommand } from "./commands/graveyard.js";
+import { runRegenerateCommand } from "./commands/regenerate.js";
+import {
+  runRemoteBootstrap,
+  runRemoteScan,
+  runRemoteInit,
+  runRemotePlan,
+  runRemoteApply,
+  runRemoteUpgrade
+} from "./commands/remote.js";
+import {
+  classifyCliError,
+  exitCodeForCliErrorKind,
+  toUsageError
+} from "./error.js";
+const commands = [
+  "bootstrap",
+  "scan",
+  "init",
+  "regenerate",
+  "graveyard",
+  "plan",
+  "apply",
+  "upgrade"
+];
+function isCommandName(value) {
+  return commands.includes(value);
+}
+const contextPath = "aws.context.json";
+async function main() {
+  const logger = consoleLogger;
+  const args = parseArgs({
+    options: {
+      profile: { type: "string" },
+      region: { type: "string" },
+      yes: { type: "boolean", default: false },
+      json: { type: "boolean", default: false },
+      "ignore-unsupported": { type: "boolean", default: false },
+      "allow-destructive": { type: "boolean", default: false },
+      refresh: { type: "boolean", default: false },
+      help: { type: "boolean", default: false }
+    },
+    allowPositionals: true
+  });
+  const commandArg = args.positionals[0];
+  if (args.values.help || commandArg == null) {
+    printHelp(logger);
+    return;
+  }
+  if (!isCommandName(commandArg)) {
+    printHelp(logger);
+    throw toUsageError(`Unknown command: "${commandArg}".`);
+  }
+  const command = commandArg;
+  const profile = resolveAwsProfile({ profileArg: args.values.profile });
+  const region = resolveAwsRegion({ regionArg: args.values.region });
+  const clientConfig = buildAwsClientConfig({
+    profile,
+    region
+  });
+  if (command === "regenerate") {
+    const overwriteConfirmation2 = buildOverwriteConfirmation({
+      yes: args.values.yes ?? false,
+      isTty: process.stdin.isTTY
+    });
+    const result = await runRegenerateCommand({
+      logger,
+      overwriteConfirmation: overwriteConfirmation2
+    });
+    logger.log("");
+    logger.log("Regenerate complete.");
+    for (const file of result.files) {
+      logger.log(`${file.path}: ${file.status}`);
+    }
+    return;
+  }
+  if (command === "graveyard") {
+    await runGraveyardCommand({
+      logger,
+      cachePath: ".remote-state-cache.json",
+      contextPath
+    });
+    return;
+  }
+  const overwriteConfirmation = buildOverwriteConfirmation({
+    yes: args.values.yes ?? false,
+    isTty: process.stdin.isTTY
+  });
+  const remoteInput = {
+    subcommand: command,
+    profile,
+    region,
+    flags: {
+      yes: args.values.yes ?? false,
+      refresh: args.values.refresh ?? false,
+      allowDestructive: args.values["allow-destructive"] ?? false,
+      ignoreUnsupported: args.values["ignore-unsupported"] ?? false
+    },
+    logger,
+    overwriteConfirmation,
+    stsClient: new STSClient(clientConfig),
+    s3Client: new S3Client(clientConfig),
+    iamClient: new IAMClient(clientConfig),
+    lambdaClient: new LambdaClient(clientConfig),
+    ssoAdminClient: new SSOAdminClient(clientConfig)
+  };
+  if (command === "bootstrap") {
+    return runRemoteBootstrap(remoteInput);
+  }
+  if (command === "scan") {
+    return runRemoteScan(remoteInput);
+  }
+  if (command === "init") {
+    return runRemoteInit(remoteInput);
+  }
+  if (command === "plan") {
+    return runRemotePlan(remoteInput);
+  }
+  if (command === "apply") {
+    return runRemoteApply(remoteInput);
+  }
+  if (command === "upgrade") {
+    return runRemoteUpgrade(remoteInput);
+  }
+  printHelp(logger);
+  process.exitCode = 1;
+}
+function printHelp(logger) {
+  logger.log("@beesolve/aws-accounts");
+  logger.log("");
+  logger.log("Usage:");
+  logger.log(
+    "  npm run cli -- bootstrap [--profile <name>] [--region <region>] [--yes]"
+  );
+  logger.log(
+    "  npm run cli -- scan [--profile <name>] [--region <region>]"
+  );
+  logger.log(
+    "  npm run cli -- init [--profile <name>] [--region <region>] [--yes]"
+  );
+  logger.log("  npm run cli -- regenerate [--yes]");
+  logger.log("  npm run cli -- graveyard");
+  logger.log(
+    "  npm run cli -- plan [--profile <name>] [--region <region>] [--refresh]"
+  );
+  logger.log(
+    "  npm run cli -- apply [--profile <name>] [--region <region>] [--yes] [--allow-destructive] [--ignore-unsupported]"
+  );
+  logger.log(
+    "  npm run cli -- upgrade [--profile <name>] [--region <region>]"
+  );
+  logger.log("");
+  logger.log("Environment fallback:");
+  logger.log("  AWS_PROFILE, AWS_REGION, AWS_DEFAULT_REGION");
+}
+function buildOverwriteConfirmation(props) {
+  return async (overwriteProps) => {
+    if (overwriteProps.fileSummaries.length === 0) {
+      return true;
+    }
+    if (props.yes) {
+      return true;
+    }
+    if (props.isTty !== true) {
+      throw new Error(
+        "Refusing to overwrite config files in non-interactive mode without --yes."
+      );
+    }
+    const readlineInterface = createInterface({
+      input: process.stdin,
+      output: process.stdout
+    });
+    try {
+      const answer = await readlineInterface.question(
+        "Proceed with writing config files? [y/N] "
+      );
+      const normalized = answer.trim().toLowerCase();
+      return normalized === "y" || normalized === "yes";
+    } finally {
+      readlineInterface.close();
+    }
+  };
+}
+main().catch((error) => {
+  const classified = classifyCliError(error);
+  consoleLogger.error(`CLI ${classified.kind} error: ${classified.message}`);
+  process.exitCode = exitCodeForCliErrorKind(classified.kind);
+});

package/dist/commands/graveyard.js ADDED Viewed

@@ -0,0 +1,46 @@
+import { readAwsContextFromFile } from "../awsConfig.js";
+import { readStateCache } from "../remoteStateCache.js";
+async function runGraveyardCommand(props) {
+  const [cache, context] = await Promise.all([
+    readStateCache(props.cachePath),
+    readAwsContextFromFile(props.contextPath)
+  ]);
+  if (cache == null) {
+    throw new Error(
+      `No remote state cache found at "${props.cachePath}". Run a scan or apply command first to populate the cache.`
+    );
+  }
+  const state = cache.state;
+  const graveyardOuId = context.organization.graveyardOuId;
+  const graveyardAccounts = state.organization.accounts.filter((account) => account.parentId === graveyardOuId).sort((left, right) => left.name.localeCompare(right.name)).map((account) => ({
+    id: account.id,
+    name: account.name,
+    email: account.email,
+    status: account.status
+  }));
+  props.logger.log(`Graveyard OU: ${graveyardOuId}`);
+  props.logger.log(`Accounts in Graveyard: ${graveyardAccounts.length}`);
+  if (graveyardAccounts.length === 0) {
+    props.logger.log("No accounts currently parked in Graveyard.");
+    return {
+      graveyardOuId,
+      accounts: graveyardAccounts
+    };
+  }
+  props.logger.log("");
+  for (const account of graveyardAccounts) {
+    props.logger.log(
+      `- ${account.name} (${account.id}) [${account.status}] <${account.email}>`
+    );
+    props.logger.log(
+      `  aws organizations close-account --account-id ${account.id}`
+    );
+  }
+  return {
+    graveyardOuId,
+    accounts: graveyardAccounts
+  };
+}
+export {
+  runGraveyardCommand
+};

package/dist/commands/regenerate.js ADDED Viewed

@@ -0,0 +1,17 @@
+import { regenerateAwsConfigTypes } from "../awsConfig.js";
+async function runRegenerateCommand(props) {
+  const result = await regenerateAwsConfigTypes({
+    configPath: props.configPath ?? "aws.config.ts",
+    typesPath: props.typesPath ?? "aws.config.types.ts",
+    logger: props.logger,
+    overwriteConfirmation: props.overwriteConfirmation
+  });
+  return {
+    typesPath: result.typesPath,
+    changed: result.changed,
+    files: result.files
+  };
+}
+export {
+  runRegenerateCommand
+};