@beesolve/aws-accounts 1.0.6 → 1.0.7

package/README.md

@@ -22,21 +22,27 @@ npm init -y
 npm pkg set type=module
 npm install @beesolve/aws-accounts
 
-# 2. Deploy remote infrastructure (S3 bucket, IAM role, Lambda)
+# 2. Initialize git and add a .gitignore
+git init
+echo -e "node_modules/\n.remote-state-cache.json" > .gitignore
+
+# 3. Deploy remote infrastructure (S3 bucket, IAM role, Lambda)
 npx aws-accounts bootstrap --region us-east-1
 
-# 3. Scan your AWS org and generate aws.config.ts
+# 4. Scan your AWS org and generate aws.config.ts
 npx aws-accounts init
 
-# 4. Edit aws.config.ts to model your desired state
+# 5. Edit aws.config.ts to model your desired state
 
-# 5. Preview and apply changes
+# 6. Preview and apply changes
 npx aws-accounts plan
 npx aws-accounts apply
 ```
 
 After `init`, `aws.config.ts` is your source of truth. Edit it to add accounts, move OUs, manage permission sets, and control access — then sync with `plan` / `apply`.
 
+> **`.gitignore` recommendation:** Add `node_modules/` and `.remote-state-cache.json` to your `.gitignore`. The cache file is a local copy of remote state that varies per environment and should not be committed.
+
 ## Commands
 
 | Command | Description |

package/dist/awsConfig.js

@@ -11,7 +11,6 @@ import {
 } from "@beesolve/iam-policy-ts";
 import {
   createAccessRoleName,
-  readStateFile,
   validateState
 } from "./state.js";
 import { assertUnreachable, toRecordByProperty } from "./helpers.js";
@@ -114,7 +113,7 @@ const moduleDirectoryPath = resolve(
 );
 const projectRootPath = resolve(moduleDirectoryPath, "..");
 async function writeAwsConfigFromState(props) {
-  const state = await readStateFile(props.statePath);
+  const state = props.state;
   const context = await readAwsContextFile(props.contextPath);
   assertStateMatchesContext({
     state,

package/dist/commands/remote.js

@@ -398,7 +398,6 @@ async function runRemoteScan(input) {
   await writeStateCache(cachePath, response.state);
   input.logger.log("State cache updated.");
 }
-const statePath = "state.json";
 async function runRemoteInit(input) {
   const deployment = await readDeploymentFromContext();
   input.logger.log("Invoking remote scan...");
@@ -421,12 +420,8 @@ async function runRemoteInit(input) {
   input.logger.log(`  Groups: ${response.summary.groups}`);
   input.logger.log(`  Permission Sets: ${response.summary.permissionSets}`);
   input.logger.log(`  Account Assignments: ${response.summary.accountAssignments}`);
-  await Promise.all([
-    writeFile(statePath, `${JSON.stringify(response.state, null, 2)}
-`, "utf8"),
-    writeStateCache(cachePath, response.state)
-  ]);
-  input.logger.log("State written to state.json and cache updated.");
+  await writeStateCache(cachePath, response.state);
+  input.logger.log("State cache updated.");
   const context = await readAwsContextFromFile(contextFilePath);
   const graveyardOu = response.state.organization.organizationalUnits.find(
     (ou) => ou.name === "Graveyard"
@@ -453,7 +448,7 @@ async function runRemoteInit(input) {
   await writeFile(contextFilePath, `${JSON.stringify(ordered, null, 2)}
 `, "utf8");
   const configWriteResult = await writeAwsConfigFromState({
-    statePath,
+    state: response.state,
     contextPath: contextFilePath,
     configPath: configFilePath,
     typesPath: typesFilePath,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@beesolve/aws-accounts",
-  "version": "1.0.6",
+  "version": "1.0.7",
   "description": "AWS Organizations and IAM Identity Center management CLI",
   "main": "dist/cli.js",
   "bin": {