@flowcore/cli-plugin-iam 1.1.0 → 1.2.1

package/CHANGELOG.md

@@ -1,5 +1,24 @@
 # Changelog
 
+## [1.2.1](https://github.com/flowcore-io/cli-plugin-iam/compare/v1.2.0...v1.2.1) (2024-10-22)
+
+
+### Bug Fixes
+
+* **configuration:** :bug: changed from prompt to enquirer import ([172ae77](https://github.com/flowcore-io/cli-plugin-iam/commit/172ae77e0a96f61786f334da1de8d2f388c10463))
+
+## [1.2.0](https://github.com/flowcore-io/cli-plugin-iam/compare/v1.1.0...v1.2.0) (2024-10-22)
+
+
+### Features
+
+* :sparkles: added delete and updated get for policies and roles ([22fe717](https://github.com/flowcore-io/cli-plugin-iam/commit/22fe71767c39f4a234583ae637d5204c7732900c))
+
+
+### Bug Fixes
+
+* **configuration:** :bug: switched from jsr to npm for obj-diff ([141d75e](https://github.com/flowcore-io/cli-plugin-iam/commit/141d75e1b9efb1c5c851dfbfc466e03c58c8fcfa))
+
 ## [1.1.0](https://github.com/flowcore-io/cli-plugin-iam/compare/v1.0.0...v1.1.0) (2024-10-21)
 
 

package/README.md

@@ -18,7 +18,7 @@ $ npm install -g @flowcore/cli-plugin-iam
 $ iam COMMAND
 running command...
 $ iam (--version)
-@flowcore/cli-plugin-iam/1.1.0 linux-x64 node-v20.18.0
+@flowcore/cli-plugin-iam/1.2.1 linux-x64 node-v20.18.0
 $ iam --help [COMMAND]
 USAGE
   $ iam COMMAND
@@ -27,9 +27,57 @@ USAGE
 <!-- usagestop -->
 # Commands
 <!-- commands -->
+* [`iam delete policy NAME`](#iam-delete-policy-name)
+* [`iam delete role NAME`](#iam-delete-role-name)
 * [`iam get policy [NAME]`](#iam-get-policy-name)
 * [`iam get role [NAME]`](#iam-get-role-name)
 
+## `iam delete policy NAME`
+
+Delete a policy
+
+```
+USAGE
+  $ iam delete policy NAME -t <value> [--profile <value>] [-j] [-y]
+
+ARGUMENTS
+  NAME  name
+
+FLAGS
+  -j, --json             json output
+  -t, --tenant=<value>   (required) tenant
+  -y, --yes              yes to all
+      --profile=<value>  Specify the configuration profile to use
+
+DESCRIPTION
+  Delete a policy
+```
+
+_See code: [src/commands/delete/policy.ts](https://github.com/flowcore-io/cli-plugin-iam/blob/v1.2.1/src/commands/delete/policy.ts)_
+
+## `iam delete role NAME`
+
+Delete a role
+
+```
+USAGE
+  $ iam delete role NAME -t <value> [--profile <value>] [-j] [-y]
+
+ARGUMENTS
+  NAME  name
+
+FLAGS
+  -j, --json             json output
+  -t, --tenant=<value>   (required) tenant
+  -y, --yes              yes to all
+      --profile=<value>  Specify the configuration profile to use
+
+DESCRIPTION
+  Delete a role
+```
+
+_See code: [src/commands/delete/role.ts](https://github.com/flowcore-io/cli-plugin-iam/blob/v1.2.1/src/commands/delete/role.ts)_
+
 ## `iam get policy [NAME]`
 
 Get a policy
@@ -51,7 +99,7 @@ DESCRIPTION
   Get a policy
 ```
 
-_See code: [src/commands/get/policy.ts](https://github.com/flowcore-io/cli-plugin-iam/blob/v1.1.0/src/commands/get/policy.ts)_
+_See code: [src/commands/get/policy.ts](https://github.com/flowcore-io/cli-plugin-iam/blob/v1.2.1/src/commands/get/policy.ts)_
 
 ## `iam get role [NAME]`
 
@@ -74,5 +122,5 @@ DESCRIPTION
   Get a role
 ```
 
-_See code: [src/commands/get/role.ts](https://github.com/flowcore-io/cli-plugin-iam/blob/v1.1.0/src/commands/get/role.ts)_
+_See code: [src/commands/get/role.ts](https://github.com/flowcore-io/cli-plugin-iam/blob/v1.2.1/src/commands/get/role.ts)_
 <!-- commandsstop -->

package/dist/commands/delete/policy.d.ts

@@ -0,0 +1,17 @@
+import { BaseCommand } from "@flowcore/cli-plugin-config";
+export declare const DELETE_POLICY_ARGS: {
+    NAME: import("@oclif/core/interfaces").Arg<string, Record<string, unknown>>;
+};
+export default class DeletePolicy extends BaseCommand<typeof DeletePolicy> {
+    static args: {
+        NAME: import("@oclif/core/interfaces").Arg<string, Record<string, unknown>>;
+    };
+    static description: string;
+    static examples: never[];
+    static flags: {
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        tenant: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        yes: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/delete/policy.js

@@ -0,0 +1,84 @@
+import { BaseCommand, ValidateLogin } from "@flowcore/cli-plugin-config";
+import { ClientFactory } from "@flowcore/cli-plugin-core";
+import { Args, Flags, ux } from "@oclif/core";
+import enquirer from "enquirer";
+import { tryit } from "radash";
+import { OrganizationService } from "../../services/organization.service.js";
+import { Api as IamApi } from "../../utils/clients/iam/Api.js";
+export const DELETE_POLICY_ARGS = {
+    NAME: Args.string({ description: "name", required: true }),
+};
+export default class DeletePolicy extends BaseCommand {
+    static args = DELETE_POLICY_ARGS;
+    static description = "Delete a policy";
+    static examples = [];
+    static flags = {
+        json: Flags.boolean({
+            char: "j",
+            description: "json output",
+            required: false,
+        }),
+        tenant: Flags.string({
+            char: "t",
+            description: "tenant",
+            required: true,
+        }),
+        yes: Flags.boolean({
+            char: "y",
+            description: "yes to all",
+            required: false,
+        }),
+    };
+    async run() {
+        const { args, flags } = await this.parse(DeletePolicy);
+        const graphqlClient = await ClientFactory.create(this.cliConfiguration, this.logger, flags.json);
+        const organizationService = new OrganizationService(graphqlClient);
+        const organizations = await organizationService.getMyOrganizations();
+        const iamClient = new IamApi();
+        const config = this.cliConfiguration.getConfig();
+        const login = new ValidateLogin(config.login.url);
+        await login.validate(config, this.cliConfiguration, !flags.json);
+        const { auth } = config;
+        if (!auth?.accessToken) {
+            this.logger.fatal("Not logged in, run 'flowcore login'");
+        }
+        const organization = organizations.me.organizations.find((org) => org.organization.org === flags.tenant);
+        if (!organization) {
+            this.logger.fatal(`Organization ${flags.tenant} not found, or you are not a member`);
+        }
+        const [policiesErr, policies] = await tryit(iamClient.getApiV1PolicyAssociationsOrganizationByOrganizationId)(organization.organization.id, {
+            headers: {
+                Authorization: `Bearer ${auth?.accessToken}`,
+            },
+        });
+        if (policiesErr) {
+            this.logger.fatal(`Failed to get policies: ${policiesErr.message}`);
+        }
+        const policy = policies.data.find((policy) => policy.name === args.NAME);
+        if (!policy) {
+            this.logger.fatal(`Policy ${args.NAME} not found in tenant: ${flags.tenant}`);
+        }
+        if (!flags.yes) {
+            const { confirm } = await enquirer.prompt([
+                {
+                    message: `Are you sure you want to delete policy ${ux.colorize("cyan", policy.name)} in tenant: ${ux.colorize("cyan", flags.tenant)}?`,
+                    name: "confirm",
+                    type: "confirm",
+                },
+            ]);
+            if (!confirm) {
+                this.logger.info("Aborted");
+                return;
+            }
+        }
+        const [err] = await tryit(iamClient.deleteApiV1PoliciesById)(policy.id, {
+            headers: {
+                Authorization: `Bearer ${auth?.accessToken}`,
+            },
+        });
+        if (err) {
+            this.logger.fatal(`Failed to delete policy: ${err.message}`);
+        }
+        this.logger.info(`Policy ${policy.name} deleted`);
+    }
+}

package/dist/commands/delete/role.d.ts

@@ -0,0 +1,17 @@
+import { BaseCommand } from "@flowcore/cli-plugin-config";
+export declare const DELETE_ROLE_ARGS: {
+    NAME: import("@oclif/core/interfaces").Arg<string, Record<string, unknown>>;
+};
+export default class DeleteRole extends BaseCommand<typeof DeleteRole> {
+    static args: {
+        NAME: import("@oclif/core/interfaces").Arg<string, Record<string, unknown>>;
+    };
+    static description: string;
+    static examples: never[];
+    static flags: {
+        json: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        tenant: import("@oclif/core/interfaces").OptionFlag<string, import("@oclif/core/interfaces").CustomOptions>;
+        yes: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+    };
+    run(): Promise<void>;
+}

package/dist/commands/delete/role.js

@@ -0,0 +1,84 @@
+import { BaseCommand, ValidateLogin } from "@flowcore/cli-plugin-config";
+import { ClientFactory } from "@flowcore/cli-plugin-core";
+import { Args, Flags, ux } from "@oclif/core";
+import enquirer from "enquirer";
+import { tryit } from "radash";
+import { OrganizationService } from "../../services/organization.service.js";
+import { Api as IamApi } from "../../utils/clients/iam/Api.js";
+export const DELETE_ROLE_ARGS = {
+    NAME: Args.string({ description: "name", required: true }),
+};
+export default class DeleteRole extends BaseCommand {
+    static args = DELETE_ROLE_ARGS;
+    static description = "Delete a role";
+    static examples = [];
+    static flags = {
+        json: Flags.boolean({
+            char: "j",
+            description: "json output",
+            required: false,
+        }),
+        tenant: Flags.string({
+            char: "t",
+            description: "tenant",
+            required: true,
+        }),
+        yes: Flags.boolean({
+            char: "y",
+            description: "yes to all",
+            required: false,
+        }),
+    };
+    async run() {
+        const { args, flags } = await this.parse(DeleteRole);
+        const graphqlClient = await ClientFactory.create(this.cliConfiguration, this.logger, flags.json);
+        const organizationService = new OrganizationService(graphqlClient);
+        const organizations = await organizationService.getMyOrganizations();
+        const iamClient = new IamApi();
+        const config = this.cliConfiguration.getConfig();
+        const login = new ValidateLogin(config.login.url);
+        await login.validate(config, this.cliConfiguration, !flags.json);
+        const { auth } = config;
+        if (!auth?.accessToken) {
+            this.logger.fatal("Not logged in, run 'flowcore login'");
+        }
+        const organization = organizations.me.organizations.find((org) => org.organization.org === flags.tenant);
+        if (!organization) {
+            this.logger.fatal(`Organization ${flags.tenant} not found, or you are not a member`);
+        }
+        const [rolesErr, roles] = await tryit(iamClient.getApiV1RoleAssociationsOrganizationByOrganizationId)(organization.organization.id, {
+            headers: {
+                Authorization: `Bearer ${auth?.accessToken}`,
+            },
+        });
+        if (rolesErr) {
+            this.logger.fatal(`Failed to get roles: ${rolesErr.message}`);
+        }
+        const role = roles.data.find((role) => role.name === args.NAME);
+        if (!role) {
+            this.logger.fatal(`Role ${args.NAME} not found in tenant: ${flags.tenant}`);
+        }
+        if (!flags.yes) {
+            const { confirm } = await enquirer.prompt([
+                {
+                    message: `Are you sure you want to delete role ${ux.colorize("cyan", role.name)} in tenant: ${ux.colorize("cyan", flags.tenant)}?`,
+                    name: "confirm",
+                    type: "confirm",
+                },
+            ]);
+            if (!confirm) {
+                this.logger.info("Aborted");
+                return;
+            }
+        }
+        const [err] = await tryit(iamClient.deleteApiV1RolesById)(role.id, {
+            headers: {
+                Authorization: `Bearer ${auth?.accessToken}`,
+            },
+        });
+        if (err) {
+            this.logger.fatal(`Failed to delete role: ${err.message}`);
+        }
+        this.logger.info(`Role ${role.name} deleted`);
+    }
+}

package/dist/commands/get/policy.js

@@ -126,6 +126,47 @@ export default class GetPolicy extends BaseCommand {
                     documentTable = documentTable.row(row);
                 }
                 documentTable.render();
+                this.logger.info("");
+                const [associationsErr, associations] = await tryit(iamClient.getApiV1PolicyAssociationsByPolicyId)(policy.id, {
+                    headers: {
+                        Authorization: `Bearer ${auth?.accessToken}`,
+                    },
+                });
+                if (associationsErr) {
+                    this.logger.fatal(`Failed to get associations: ${associationsErr.message}`);
+                }
+                const userAssociationHeaders = ["User ID"];
+                const keyAssociationHeaders = ["Key ID"];
+                const roleAssociationHeaders = ["Role ID"];
+                const userAssociationTable = this.ui
+                    .table()
+                    .head(userAssociationHeaders);
+                const keyAssociationTable = this.ui.table().head(keyAssociationHeaders);
+                const roleAssociationTable = this.ui.table().head(roleAssociationHeaders);
+                for (const association of associations.data.keys) {
+                    keyAssociationTable.row([association.keyId]);
+                }
+                for (const association of associations.data.users) {
+                    userAssociationTable.row([association.userId]);
+                }
+                for (const association of associations.data.roles) {
+                    roleAssociationTable.row([association.roleId]);
+                }
+                this.logger.info("");
+                this.logger.info("Key Associations:");
+                associations.data.keys.length > 0 && !flags.json
+                    ? keyAssociationTable.render()
+                    : this.logger.info("No key associations");
+                this.logger.info("");
+                this.logger.info("User Associations:");
+                associations.data.users.length > 0 && !flags.json
+                    ? userAssociationTable.render()
+                    : this.logger.info("No user associations");
+                this.logger.info("");
+                this.logger.info("Role Associations:");
+                associations.data.roles.length > 0 && !flags.json
+                    ? roleAssociationTable.render()
+                    : this.logger.info("No role associations");
             }
         }
         else if (flags.json) {

package/dist/commands/get/role.js

@@ -1,7 +1,6 @@
 import { BaseCommand, ValidateLogin } from "@flowcore/cli-plugin-config";
 import { ClientFactory } from "@flowcore/cli-plugin-core";
 import { Args, Flags } from "@oclif/core";
-import _ from "lodash";
 import { tryit } from "radash";
 import { OrganizationService } from "../../services/organization.service.js";
 import { Api as IamApi } from "../../utils/clients/iam/Api.js";
@@ -47,55 +46,39 @@ export default class GetRole extends BaseCommand {
         if (!auth?.accessToken) {
             this.logger.fatal("Not logged in, run 'flowcore login'");
         }
-        const [err, rolesResponse] = await tryit(iamClient.getApiV1Roles)({
-            headers: {
-                Authorization: `Bearer ${auth?.accessToken}`,
-            },
-        });
-        if (err) {
-            this.logger.fatal(`Failed to get roles: ${err.message}`);
-        }
-        const roles = rolesResponse.data
-            .map((role) => {
-            const organizationLink = organizations.me.organizations.find((organization) => organization.organization.id === role.organizationId);
-            if (!organizationLink) {
-                return;
-            }
-            return {
-                description: role.description,
-                id: role.id,
-                name: role.name,
-                organization: organizationLink,
-                organizationId: role.organizationId,
-            };
-        })
-            .filter((role) => role !== undefined)
-            .filter((role) => {
-            if (flags.tenant) {
-                return role.organization.organization.org === flags.tenant;
-            }
-            return true;
-        });
-        if (args.NAME) {
-            const role = roles.find((role) => role.name === args.NAME);
-            if (!role) {
-                this.logger.fatal(`Role ${args.NAME} not found`);
+        if (flags.tenant) {
+            const organization = organizations.me.organizations.find((organization) => flags.tenant ? organization.organization.org === flags.tenant : true);
+            if (!organization) {
+                this.logger.fatal(`Organization ${flags.tenant} not found, or not accessible`);
             }
-            if (flags.json) {
-                console.log(JSON.stringify(_.omit(role, "organization"), null, 2));
+            this.logger.info(`Roles for ${flags.tenant}:`);
+            const [err, roles] = await tryit(iamClient.getApiV1RoleAssociationsOrganizationByOrganizationId)(organization.organization.id, {
+                headers: {
+                    Authorization: `Bearer ${auth?.accessToken}`,
+                },
+            });
+            if (err) {
+                this.logger.fatal(`Failed to get roles: ${err.message}`);
             }
-            else {
-                this.ui
-                    .sticker()
-                    .add(`Role ${this.ui.colors.green(role.name)}`)
-                    .add("")
-                    .add(`ID: ${this.ui.colors.green(role.id)}`)
-                    .add(`Description: ${this.ui.colors.green(role.description ?? "")}`)
-                    .add(`Organization: ${this.ui.colors.green(role.organization.organization.displayName === "" ? role.organization.organization.org : role.organization.organization.displayName)}`)
-                    .render();
+            if (args.NAME && flags.tenant) {
+                const role = roles.data.find((role) => role.name === args.NAME);
+                if (!role) {
+                    this.logger.fatal(`Role ${args.NAME} not found`);
+                }
+                !flags.json &&
+                    this.ui
+                        .sticker()
+                        .add(`Role ${this.ui.colors.green(role.name)}`)
+                        .add("")
+                        .add(`ID: ${this.ui.colors.green(role.id)}`)
+                        .add(`Description: ${this.ui.colors.green(role.description ?? "")}`)
+                        .add(`Organization: ${this.ui.colors.green(organization.organization.displayName === ""
+                        ? organization.organization.org
+                        : organization.organization.displayName)}`)
+                        .render();
                 this.logger.info("");
                 this.logger.info("Policies:");
-                const [err, policies] = await tryit(iamClient.getApiV1PolicyAssociationsOrganizationByOrganizationId)(role.organization.organization.id, {
+                const [err, policies] = await tryit(iamClient.getApiV1PolicyAssociationsRoleByRoleId)(role.id, {
                     headers: {
                         Authorization: `Bearer ${auth?.accessToken}`,
                     },
@@ -123,35 +106,97 @@ export default class GetRole extends BaseCommand {
                     ];
                     policyTable = policyTable.row(row);
                 }
-                policyTable.render();
+                !flags.json && policyTable.render();
                 this.logger.info("");
+                const [associationsErr, associations] = await tryit(iamClient.getApiV1RoleAssociationsByRoleId)(role.id, {
+                    headers: {
+                        Authorization: `Bearer ${auth?.accessToken}`,
+                    },
+                });
+                if (associationsErr) {
+                    this.logger.fatal(`Failed to get associations: ${associationsErr.message}`);
+                }
+                const userAssociationHeaders = ["User ID"];
+                const keyAssociationHeaders = ["Key ID"];
+                const userAssociationTable = this.ui
+                    .table()
+                    .head(userAssociationHeaders);
+                const keyAssociationTable = this.ui.table().head(keyAssociationHeaders);
+                for (const association of associations.data.keys) {
+                    keyAssociationTable.row([association.keyId]);
+                }
+                for (const association of associations.data.users) {
+                    userAssociationTable.row([association.userId]);
+                }
+                this.logger.info("");
+                this.logger.info("Key Associations:");
+                associations.data.keys.length > 0 && !flags.json
+                    ? keyAssociationTable.render()
+                    : this.logger.info("No key associations");
+                this.logger.info("");
+                this.logger.info("User Associations:");
+                associations.data.users.length > 0 && !flags.json
+                    ? userAssociationTable.render()
+                    : this.logger.info("No user associations");
+                if (flags.json) {
+                    console.log(JSON.stringify({
+                        associations: associations.data,
+                        policies: policies.data,
+                        role: roles.data,
+                    }, null, 2));
+                }
             }
+            else if (!args.NAME && flags.tenant) {
+                const roleHeaders = ["Role ID", "Name", "Description"];
+                let roleTable = this.ui.table().head(roleHeaders);
+                for (const role of roles.data) {
+                    const row = [role.id, role.name, role.description ?? ""];
+                    roleTable = roleTable.row(row);
+                }
+                !flags.json && roleTable.render();
+                this.logger.info("");
+                if (flags.json) {
+                    console.log(JSON.stringify({ role: roles.data }, null, 2));
+                }
+            }
+            return;
         }
-        else if (flags.json) {
-            console.log(JSON.stringify(roles.map((role) => _.omit(role, "organization")), null, 2));
+        const [err, userRoles] = await tryit(iamClient.getApiV1Roles)({
+            headers: {
+                Authorization: `Bearer ${auth?.accessToken}`,
+            },
+        });
+        if (err) {
+            this.logger.fatal(`Failed to get roles: ${err.message}`);
         }
-        else {
-            const headers = [
-                "Role ID",
-                "Name",
-                "Description",
-                "Organization Name",
-                ...(flags.wide ? ["Organization ID"] : []),
-            ];
-            let listTable = this.ui.table().head(headers);
-            for (const role of roles) {
-                const row = [
-                    role.id,
-                    role.name,
-                    role.description ?? "",
-                    role.organization.organization.displayName === ""
-                        ? role.organization.organization.org
-                        : role.organization.organization.displayName,
-                    ...(flags.wide ? [role.organization.organization.id] : []),
-                ];
-                listTable = listTable.row(row);
+        console.log(userRoles.data);
+        const headers = [
+            "Role ID",
+            "Name",
+            "Description",
+            "Organization Name",
+            ...(flags.wide ? ["Organization ID"] : []),
+        ];
+        const listTable = this.ui.table().head(headers);
+        for (const role of userRoles.data) {
+            const organization = organizations.me.organizations.find((organization) => organization.organization.id === role.organizationId);
+            if (!organization) {
+                continue;
             }
-            listTable.render();
+            const row = [
+                role.id,
+                role.name,
+                role.description ?? "",
+                organization.organization.displayName === ""
+                    ? organization.organization.org
+                    : organization.organization.displayName,
+                ...(flags.wide ? [organization.organization.id] : []),
+            ];
+            listTable.row(row);
+        }
+        !flags.json && listTable.render();
+        if (flags.json) {
+            console.log(JSON.stringify({ role: userRoles.data }, null, 2));
         }
     }
 }

package/oclif.manifest.json

@@ -1,5 +1,127 @@
 {
   "commands": {
+    "delete:policy": {
+      "aliases": [],
+      "args": {
+        "NAME": {
+          "description": "name",
+          "name": "NAME",
+          "required": true
+        }
+      },
+      "description": "Delete a policy",
+      "examples": [],
+      "flags": {
+        "profile": {
+          "description": "Specify the configuration profile to use",
+          "name": "profile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "json": {
+          "char": "j",
+          "description": "json output",
+          "name": "json",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "tenant": {
+          "char": "t",
+          "description": "tenant",
+          "name": "tenant",
+          "required": true,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "yes": {
+          "char": "y",
+          "description": "yes to all",
+          "name": "yes",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "delete:policy",
+      "pluginAlias": "@flowcore/cli-plugin-iam",
+      "pluginName": "@flowcore/cli-plugin-iam",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": true,
+      "relativePath": [
+        "dist",
+        "commands",
+        "delete",
+        "policy.js"
+      ]
+    },
+    "delete:role": {
+      "aliases": [],
+      "args": {
+        "NAME": {
+          "description": "name",
+          "name": "NAME",
+          "required": true
+        }
+      },
+      "description": "Delete a role",
+      "examples": [],
+      "flags": {
+        "profile": {
+          "description": "Specify the configuration profile to use",
+          "name": "profile",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "json": {
+          "char": "j",
+          "description": "json output",
+          "name": "json",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "tenant": {
+          "char": "t",
+          "description": "tenant",
+          "name": "tenant",
+          "required": true,
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        },
+        "yes": {
+          "char": "y",
+          "description": "yes to all",
+          "name": "yes",
+          "required": false,
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "delete:role",
+      "pluginAlias": "@flowcore/cli-plugin-iam",
+      "pluginName": "@flowcore/cli-plugin-iam",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": true,
+      "relativePath": [
+        "dist",
+        "commands",
+        "delete",
+        "role.js"
+      ]
+    },
     "get:policy": {
       "aliases": [],
       "args": {
@@ -123,5 +245,5 @@
       ]
     }
   },
-  "version": "1.1.0"
+  "version": "1.2.1"
 }

package/package.json

@@ -9,7 +9,8 @@
 		"@oclif/core": "^4.0.21",
 		"@oclif/plugin-help": "^6",
 		"@oclif/plugin-plugins": "^5.4.7",
-		"@opentf/obj-diff": "npm:@jsr/opentf__obj-diff",
+		"@opentf/obj-diff": "^0.12.0",
+		"add": "^2.0.6",
 		"dayjs": "^1.11.10",
 		"deepmerge": "^4.3.1",
 		"enquirer": "^2.4.1",
@@ -20,6 +21,7 @@
 		"lodash": "^4.17.21",
 		"radash": "^12.1.0",
 		"uuid": "^9.0.1",
+		"yarn": "^1.22.22",
 		"zod": "^3.22.4"
 	},
 	"description": "Flowcore CLI plugin for managing the IAM of the Flowcore Platform",
@@ -88,7 +90,7 @@
 		"version": "oclif readme && git add README.md",
 		"update-schema": "rover graph introspect https://graph.api.flowcore.io/graphql -o schema.gql"
 	},
-	"version": "1.1.0",
+	"version": "1.2.1",
 	"bugs": "https://github.com/flowcore-io/cli-plugin-iam/issues",
 	"keywords": [
 		"oclif"