@stacksjs/ts-cloud 0.1.3 → 0.1.5

package/bin/commands/audit.ts

@@ -1,501 +0,0 @@
-import type { CLI } from '@stacksjs/clapp'
-import * as cli from '../../src/utils/cli'
-import { loadValidatedConfig } from './shared'
-
-// CloudTrail client will be created inline since it may not exist
-async function getCloudTrailClient(region: string) {
-  const { AWSClient } = await import('../../src/aws/client')
-
-  class CloudTrailClient {
-    private client: InstanceType<typeof AWSClient>
-    private region: string
-
-    constructor(region: string) {
-      this.region = region
-      this.client = new AWSClient()
-    }
-
-    private async jsonRpcRequest(action: string, params: Record<string, any>): Promise<any> {
-      return this.client.request({
-        service: 'cloudtrail',
-        region: this.region,
-        method: 'POST',
-        path: '/',
-        headers: {
-          'Content-Type': 'application/x-amz-json-1.1',
-          'X-Amz-Target': `com.amazonaws.cloudtrail.v20131101.CloudTrail_20131101.${action}`,
-        },
-        body: JSON.stringify(params),
-      })
-    }
-
-    async describeTrails() {
-      return this.jsonRpcRequest('DescribeTrails', {})
-    }
-
-    async getTrailStatus(name: string) {
-      return this.jsonRpcRequest('GetTrailStatus', { Name: name })
-    }
-
-    async lookupEvents(params: {
-      LookupAttributes?: Array<{ AttributeKey: string; AttributeValue: string }>
-      StartTime?: Date
-      EndTime?: Date
-      MaxResults?: number
-    }) {
-      return this.jsonRpcRequest('LookupEvents', {
-        ...params,
-        StartTime: params.StartTime?.toISOString(),
-        EndTime: params.EndTime?.toISOString(),
-      })
-    }
-
-    async getEventSelectors(trailName: string) {
-      return this.jsonRpcRequest('GetEventSelectors', { TrailName: trailName })
-    }
-
-    async createTrail(params: {
-      Name: string
-      S3BucketName: string
-      S3KeyPrefix?: string
-      IncludeGlobalServiceEvents?: boolean
-      IsMultiRegionTrail?: boolean
-      EnableLogFileValidation?: boolean
-    }) {
-      return this.jsonRpcRequest('CreateTrail', params)
-    }
-
-    async startLogging(name: string) {
-      return this.jsonRpcRequest('StartLogging', { Name: name })
-    }
-
-    async stopLogging(name: string) {
-      return this.jsonRpcRequest('StopLogging', { Name: name })
-    }
-
-    async deleteTrail(name: string) {
-      return this.jsonRpcRequest('DeleteTrail', { Name: name })
-    }
-  }
-
-  return new CloudTrailClient(region)
-}
-
-export function registerAuditCommands(app: CLI): void {
-  app
-    .command('audit:trails', 'List CloudTrail trails')
-    .option('--region <region>', 'AWS region')
-    .action(async (options: { region?: string }) => {
-      cli.header('CloudTrail Trails')
-
-      try {
-        const config = await loadValidatedConfig()
-        const region = options.region || config.project.region || 'us-east-1'
-        const cloudtrail = await getCloudTrailClient(region)
-
-        const spinner = new cli.Spinner('Fetching trails...')
-        spinner.start()
-
-        const result = await cloudtrail.describeTrails()
-        const trails = result.trailList || []
-
-        spinner.succeed(`Found ${trails.length} trail(s)`)
-
-        if (trails.length === 0) {
-          cli.info('No CloudTrail trails found')
-          cli.info('Use `cloud audit:create` to create a new trail')
-          return
-        }
-
-        cli.table(
-          ['Name', 'Multi-Region', 'S3 Bucket', 'Log Validation', 'Home Region'],
-          trails.map((trail: any) => [
-            trail.Name || 'N/A',
-            trail.IsMultiRegionTrail ? 'Yes' : 'No',
-            trail.S3BucketName || 'N/A',
-            trail.LogFileValidationEnabled ? 'Yes' : 'No',
-            trail.HomeRegion || 'N/A',
-          ]),
-        )
-      }
-      catch (error: any) {
-        cli.error(`Failed to list trails: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:trail <trailName>', 'Show CloudTrail trail details')
-    .option('--region <region>', 'AWS region')
-    .action(async (trailName: string, options: { region?: string }) => {
-      cli.header(`CloudTrail: ${trailName}`)
-
-      try {
-        const config = await loadValidatedConfig()
-        const region = options.region || config.project.region || 'us-east-1'
-        const cloudtrail = await getCloudTrailClient(region)
-
-        const spinner = new cli.Spinner('Fetching trail details...')
-        spinner.start()
-
-        const [trailsResult, statusResult] = await Promise.all([
-          cloudtrail.describeTrails(),
-          cloudtrail.getTrailStatus(trailName),
-        ])
-
-        const trail = (trailsResult.trailList || []).find((t: any) => t.Name === trailName)
-
-        if (!trail) {
-          spinner.fail('Trail not found')
-          return
-        }
-
-        spinner.succeed('Trail details loaded')
-
-        cli.info('\nTrail Configuration:')
-        cli.info(`  Name: ${trail.Name}`)
-        cli.info(`  ARN: ${trail.TrailARN}`)
-        cli.info(`  Home Region: ${trail.HomeRegion}`)
-        cli.info(`  Multi-Region: ${trail.IsMultiRegionTrail ? 'Yes' : 'No'}`)
-        cli.info(`  Organization Trail: ${trail.IsOrganizationTrail ? 'Yes' : 'No'}`)
-
-        cli.info('\nStorage:')
-        cli.info(`  S3 Bucket: ${trail.S3BucketName}`)
-        if (trail.S3KeyPrefix) {
-          cli.info(`  S3 Prefix: ${trail.S3KeyPrefix}`)
-        }
-        cli.info(`  Log Validation: ${trail.LogFileValidationEnabled ? 'Enabled' : 'Disabled'}`)
-
-        if (trail.CloudWatchLogsLogGroupArn) {
-          cli.info('\nCloudWatch Logs:')
-          cli.info(`  Log Group: ${trail.CloudWatchLogsLogGroupArn}`)
-        }
-
-        if (trail.KMSKeyId) {
-          cli.info('\nEncryption:')
-          cli.info(`  KMS Key: ${trail.KMSKeyId}`)
-        }
-
-        cli.info('\nStatus:')
-        cli.info(`  Logging: ${statusResult.IsLogging ? 'Active' : 'Stopped'}`)
-
-        if (statusResult.LatestDeliveryTime) {
-          cli.info(`  Latest Delivery: ${new Date(statusResult.LatestDeliveryTime).toLocaleString()}`)
-        }
-
-        if (statusResult.LatestDeliveryError) {
-          cli.warn(`  Latest Error: ${statusResult.LatestDeliveryError}`)
-        }
-
-        // Get event selectors
-        try {
-          const selectors = await cloudtrail.getEventSelectors(trailName)
-
-          if (selectors.EventSelectors && selectors.EventSelectors.length > 0) {
-            cli.info('\nEvent Selectors:')
-            for (const selector of selectors.EventSelectors) {
-              cli.info(`  - Read/Write: ${selector.ReadWriteType}`)
-              cli.info(`    Management Events: ${selector.IncludeManagementEvents ? 'Yes' : 'No'}`)
-              if (selector.DataResources && selector.DataResources.length > 0) {
-                cli.info(`    Data Resources: ${selector.DataResources.length} configured`)
-              }
-            }
-          }
-        }
-        catch {
-          // Event selectors might not be available for all trails
-        }
-      }
-      catch (error: any) {
-        cli.error(`Failed to get trail: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:events', 'Look up recent CloudTrail events')
-    .option('--region <region>', 'AWS region')
-    .option('--user <username>', 'Filter by IAM user')
-    .option('--event <eventName>', 'Filter by event name')
-    .option('--resource <resourceName>', 'Filter by resource name')
-    .option('--hours <number>', 'Hours to look back', { default: '24' })
-    .option('--limit <number>', 'Maximum events to return', { default: '50' })
-    .action(async (options: {
-      region?: string
-      user?: string
-      event?: string
-      resource?: string
-      hours: string
-      limit: string
-    }) => {
-      cli.header('CloudTrail Events')
-
-      try {
-        const config = await loadValidatedConfig()
-        const region = options.region || config.project.region || 'us-east-1'
-        const cloudtrail = await getCloudTrailClient(region)
-
-        const spinner = new cli.Spinner('Looking up events...')
-        spinner.start()
-
-        const endTime = new Date()
-        const startTime = new Date(endTime.getTime() - Number.parseInt(options.hours) * 60 * 60 * 1000)
-
-        const lookupParams: any = {
-          StartTime: startTime,
-          EndTime: endTime,
-          MaxResults: Number.parseInt(options.limit),
-        }
-
-        if (options.user) {
-          lookupParams.LookupAttributes = [{
-            AttributeKey: 'Username',
-            AttributeValue: options.user,
-          }]
-        }
-        else if (options.event) {
-          lookupParams.LookupAttributes = [{
-            AttributeKey: 'EventName',
-            AttributeValue: options.event,
-          }]
-        }
-        else if (options.resource) {
-          lookupParams.LookupAttributes = [{
-            AttributeKey: 'ResourceName',
-            AttributeValue: options.resource,
-          }]
-        }
-
-        const result = await cloudtrail.lookupEvents(lookupParams)
-        const events = result.Events || []
-
-        spinner.succeed(`Found ${events.length} event(s)`)
-
-        if (events.length === 0) {
-          cli.info('No events found matching criteria')
-          return
-        }
-
-        cli.table(
-          ['Time', 'Event', 'User', 'Source IP', 'Resources'],
-          events.map((event: any) => [
-            event.EventTime ? new Date(event.EventTime).toLocaleString() : 'N/A',
-            event.EventName || 'N/A',
-            event.Username || 'N/A',
-            event.SourceIPAddress || 'N/A',
-            (event.Resources || []).map((r: any) => r.ResourceName).join(', ').substring(0, 30) || '-',
-          ]),
-        )
-      }
-      catch (error: any) {
-        cli.error(`Failed to lookup events: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:event <eventId>', 'Show CloudTrail event details')
-    .option('--region <region>', 'AWS region')
-    .action(async (eventId: string, options: { region?: string }) => {
-      cli.header(`Event: ${eventId}`)
-
-      try {
-        const config = await loadValidatedConfig()
-        const region = options.region || config.project.region || 'us-east-1'
-        const cloudtrail = await getCloudTrailClient(region)
-
-        const spinner = new cli.Spinner('Fetching event...')
-        spinner.start()
-
-        // Look up event by ID
-        const result = await cloudtrail.lookupEvents({
-          LookupAttributes: [{
-            AttributeKey: 'EventId',
-            AttributeValue: eventId,
-          }],
-          MaxResults: 1,
-        })
-
-        const event = result.Events?.[0]
-
-        if (!event) {
-          spinner.fail('Event not found')
-          return
-        }
-
-        spinner.succeed('Event loaded')
-
-        cli.info('\nEvent Information:')
-        cli.info(`  Event ID: ${event.EventId}`)
-        cli.info(`  Event Name: ${event.EventName}`)
-        cli.info(`  Event Time: ${event.EventTime ? new Date(event.EventTime).toLocaleString() : 'N/A'}`)
-        cli.info(`  Event Source: ${event.EventSource}`)
-        cli.info(`  Username: ${event.Username}`)
-        cli.info(`  Source IP: ${event.SourceIPAddress}`)
-        cli.info(`  Access Key: ${event.AccessKeyId || 'N/A'}`)
-
-        if (event.Resources && event.Resources.length > 0) {
-          cli.info('\nResources:')
-          for (const resource of event.Resources) {
-            cli.info(`  - ${resource.ResourceType}: ${resource.ResourceName}`)
-          }
-        }
-
-        if (event.CloudTrailEvent) {
-          cli.info('\nFull Event Record:')
-          const fullEvent = JSON.parse(event.CloudTrailEvent)
-          console.log(JSON.stringify(fullEvent, null, 2))
-        }
-      }
-      catch (error: any) {
-        cli.error(`Failed to get event: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:create <trailName>', 'Create a new CloudTrail trail')
-    .option('--region <region>', 'AWS region', { default: 'us-east-1' })
-    .option('--bucket <name>', 'S3 bucket for logs')
-    .option('--prefix <prefix>', 'S3 key prefix')
-    .option('--multi-region', 'Enable multi-region trail')
-    .option('--validation', 'Enable log file validation')
-    .option('--global-events', 'Include global service events')
-    .action(async (trailName: string, options: {
-      region: string
-      bucket?: string
-      prefix?: string
-      multiRegion?: boolean
-      validation?: boolean
-      globalEvents?: boolean
-    }) => {
-      cli.header('Create CloudTrail Trail')
-
-      try {
-        if (!options.bucket) {
-          cli.error('--bucket is required')
-          return
-        }
-
-        const cloudtrail = await getCloudTrailClient(options.region)
-
-        cli.info(`Trail Name: ${trailName}`)
-        cli.info(`S3 Bucket: ${options.bucket}`)
-        cli.info(`Multi-Region: ${options.multiRegion ? 'Yes' : 'No'}`)
-        cli.info(`Log Validation: ${options.validation ? 'Yes' : 'No'}`)
-        cli.info(`Global Events: ${options.globalEvents ? 'Yes' : 'No'}`)
-
-        const confirmed = await cli.confirm('\nCreate this trail?', true)
-        if (!confirmed) {
-          cli.info('Operation cancelled')
-          return
-        }
-
-        const spinner = new cli.Spinner('Creating trail...')
-        spinner.start()
-
-        const result = await cloudtrail.createTrail({
-          Name: trailName,
-          S3BucketName: options.bucket,
-          S3KeyPrefix: options.prefix,
-          IsMultiRegionTrail: options.multiRegion,
-          EnableLogFileValidation: options.validation,
-          IncludeGlobalServiceEvents: options.globalEvents ?? true,
-        })
-
-        spinner.text = 'Starting logging...'
-        await cloudtrail.startLogging(trailName)
-
-        spinner.succeed('Trail created and logging started')
-
-        cli.success(`\nTrail ARN: ${result.TrailARN}`)
-        cli.info(`S3 Bucket: ${result.S3BucketName}`)
-      }
-      catch (error: any) {
-        cli.error(`Failed to create trail: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:start <trailName>', 'Start CloudTrail logging')
-    .option('--region <region>', 'AWS region', { default: 'us-east-1' })
-    .action(async (trailName: string, options: { region: string }) => {
-      cli.header('Start CloudTrail Logging')
-
-      try {
-        const cloudtrail = await getCloudTrailClient(options.region)
-
-        const spinner = new cli.Spinner('Starting logging...')
-        spinner.start()
-
-        await cloudtrail.startLogging(trailName)
-
-        spinner.succeed('Logging started')
-      }
-      catch (error: any) {
-        cli.error(`Failed to start logging: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:stop <trailName>', 'Stop CloudTrail logging')
-    .option('--region <region>', 'AWS region', { default: 'us-east-1' })
-    .action(async (trailName: string, options: { region: string }) => {
-      cli.header('Stop CloudTrail Logging')
-
-      try {
-        const cloudtrail = await getCloudTrailClient(options.region)
-
-        cli.warn(`This will stop logging for trail: ${trailName}`)
-
-        const confirmed = await cli.confirm('\nStop logging?', false)
-        if (!confirmed) {
-          cli.info('Operation cancelled')
-          return
-        }
-
-        const spinner = new cli.Spinner('Stopping logging...')
-        spinner.start()
-
-        await cloudtrail.stopLogging(trailName)
-
-        spinner.succeed('Logging stopped')
-      }
-      catch (error: any) {
-        cli.error(`Failed to stop logging: ${error.message}`)
-        process.exit(1)
-      }
-    })
-
-  app
-    .command('audit:delete <trailName>', 'Delete a CloudTrail trail')
-    .option('--region <region>', 'AWS region', { default: 'us-east-1' })
-    .action(async (trailName: string, options: { region: string }) => {
-      cli.header('Delete CloudTrail Trail')
-
-      try {
-        const cloudtrail = await getCloudTrailClient(options.region)
-
-        cli.warn(`This will permanently delete trail: ${trailName}`)
-
-        const confirmed = await cli.confirm('\nDelete this trail?', false)
-        if (!confirmed) {
-          cli.info('Operation cancelled')
-          return
-        }
-
-        const spinner = new cli.Spinner('Deleting trail...')
-        spinner.start()
-
-        await cloudtrail.deleteTrail(trailName)
-
-        spinner.succeed('Trail deleted')
-      }
-      catch (error: any) {
-        cli.error(`Failed to delete trail: ${error.message}`)
-        process.exit(1)
-      }
-    })
-}