npm - @wraps.dev/cli - Versions diffs - 2.22.4 → 2.22.6 - Mend

@wraps.dev/cli 2.22.4 → 2.22.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/api-lambda.zip +0 -0
package/dist/cli.js +38 -9
package/dist/cli.js.map +1 -1
package/dist/lambda/event-processor/.bundled +1 -1
package/dist/lambda/inbound-processor/.bundled +1 -1
package/dist/lambda/sms-event-processor/.bundled +1 -1
package/package.json +1 -1

package/dist/api-lambda.zip CHANGED Viewed

Binary file

package/dist/cli.js CHANGED Viewed

@@ -34309,22 +34309,51 @@ The deployment may have failed partway through. Re-run ${pc48.cyan("wraps selfho
     "# ============================================================================="
   );
   console.log("#");
-  console.log("# 1. In Vercel: Project Settings \u2192 Cloud \u2192 Configure AWS");
+  console.log("# 1. In AWS IAM \u2192 Identity providers \u2192 Add provider:");
+  console.log("#    Provider type: OpenID Connect");
+  console.log("#    Provider URL:  https://oidc.vercel.com/<team-slug>");
+  console.log("#    Audience:      https://vercel.com/<team-slug>");
+  console.log("#");
   console.log(
-    "#    Copy the OIDC Provider URL (looks like https://oidc.vercel.com/<team-id>)"
+    "# 3. Create an IAM role in this account with the following trust policy,"
   );
+  console.log("#    replacing <team-slug> with your Vercel team slug:");
   console.log("#");
-  console.log("# 2. In AWS IAM \u2192 Identity providers \u2192 Add provider:");
-  console.log("#    Provider type: OpenID Connect");
-  console.log("#    Provider URL:  <your Vercel OIDC URL from step 1>");
-  console.log("#    Audience:      sts.amazonaws.com");
-  console.log("#");
+  console.log("#    {");
+  console.log(`#      "Version": "2012-10-17",`);
+  console.log(`#      "Statement": [{`);
+  console.log(`#        "Effect": "Allow",`);
+  console.log(`#        "Principal": {`);
+  console.log(
+    `#          "Federated": "arn:aws:iam::${identity.accountId}:oidc-provider/oidc.vercel.com/<team-slug>"`
+  );
+  console.log("#        },");
+  console.log(`#        "Action": "sts:AssumeRoleWithWebIdentity",`);
+  console.log(`#        "Condition": {`);
+  console.log(`#          "StringEquals": {`);
+  console.log(
+    `#            "oidc.vercel.com/<team-slug>:aud": "https://vercel.com/<team-slug>",`
+  );
   console.log(
-    "# 3. Create an IAM role that trusts that OIDC provider, with this permission:"
+    `#            "oidc.vercel.com/<team-slug>:sub": "owner:<team-slug>:project:<project-name>:environment:production"`
   );
+  console.log("#          }");
+  console.log("#        }");
+  console.log("#      }]");
+  console.log("#    }");
+  console.log("#");
+  console.log("#    Attach this permission policy to the role:");
+  console.log("#");
+  console.log("#    {");
+  console.log(`#      "Version": "2012-10-17",`);
+  console.log(`#      "Statement": [{`);
+  console.log(`#        "Effect": "Allow",`);
+  console.log(`#        "Action": "sts:AssumeRole",`);
   console.log(
-    `#    sts:AssumeRole on arn:aws:iam::${identity.accountId}:role/wraps-console-access-role`
+    `#        "Resource": "arn:aws:iam::*:role/wraps-console-access-role"`
   );
+  console.log("#      }]");
+  console.log("#    }");
   console.log("#");
   console.log("# 4. Set AWS_ROLE_ARN to that role's ARN in Vercel:");
   console.log(