@uipath/apms-tool 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +43 -0
- package/dist/index.js +31571 -0
- package/dist/tool.js +29467 -0
- package/package.json +38 -0
package/README.md
ADDED
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
# APMS Tool
|
|
2
|
+
|
|
3
|
+
CLI plugin for the UiPath Access Policy Management Service (APMS), surfaced as the `ip-restriction` command group.
|
|
4
|
+
|
|
5
|
+
Composed under `admin-tool`, so commands are invoked as `uip admin ip-restriction <subject> <verb>`.
|
|
6
|
+
|
|
7
|
+
## Command tree
|
|
8
|
+
|
|
9
|
+
```
|
|
10
|
+
uip admin ip-restriction
|
|
11
|
+
├── ip-ranges
|
|
12
|
+
│ ├── list [--filter <fragment>]
|
|
13
|
+
│ ├── get [<id>] [--cidr <cidr>]
|
|
14
|
+
│ ├── create [--file <path> | --name --cidr [--cidr ...] | --name --start-ip --end-ip] [--expires <duration>]
|
|
15
|
+
│ ├── update <id> [--file <path> | --name | --cidr | --start-ip | --end-ip]
|
|
16
|
+
│ └── delete [<id>] [--cidr <cidr>] --confirm
|
|
17
|
+
├── enforcement
|
|
18
|
+
│ ├── get
|
|
19
|
+
│ ├── enable --confirm
|
|
20
|
+
│ └── disable
|
|
21
|
+
├── bypass-rules
|
|
22
|
+
│ ├── list [--filter <fragment>]
|
|
23
|
+
│ ├── get <id>
|
|
24
|
+
│ ├── create --file <path>
|
|
25
|
+
│ ├── update <id> [--file <path> | --regex-entry <pattern>]
|
|
26
|
+
│ └── delete <id>
|
|
27
|
+
└── my-ip
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
## Subjects
|
|
31
|
+
|
|
32
|
+
- `ip-ranges` — list / get / create / update / delete IP range allowlist entries (CIDR or start/end IP).
|
|
33
|
+
- `enforcement` — get / enable / disable the singleton IP-range enforcement switch.
|
|
34
|
+
- `bypass-rules` — list / get / create / update / delete URL-pattern exceptions to IP allowlisting.
|
|
35
|
+
- `my-ip` — show the public IP the platform sees for the current caller.
|
|
36
|
+
|
|
37
|
+
## Conventions
|
|
38
|
+
|
|
39
|
+
- Authenticated via `uip login` (or `--s2s-token` once wired through).
|
|
40
|
+
- Most mutating commands accept inline flags for common cases and `--file <path>` for full-body control. The two paths are mutually exclusive — pick one. `bypass-rules create` is file-only because the request has 4 required business fields.
|
|
41
|
+
- `--filter <fragment>` is a client-side, case-insensitive substring filter (on `name` for ip-ranges, on `regexEntry`/`appName` for bypass-rules).
|
|
42
|
+
- `ip-ranges delete` accepts either a positional UUID or `--cidr <cidr>` and runs a lockout-safety pre-flight when enforcement is enabled.
|
|
43
|
+
- `enforcement enable` runs an IP pre-flight (compares `my-ip` against the allowlist) before flipping the switch.
|