opal-security 2.0.15 → 2.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +23 -21
- package/lib/commands/iam-roles/start.d.ts +1 -0
- package/lib/commands/iam-roles/start.js +8 -0
- package/oclif.manifest.json +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -22,7 +22,7 @@ $ npm install -g opal-security
|
|
|
22
22
|
$ opal COMMAND
|
|
23
23
|
running command...
|
|
24
24
|
$ opal (-v|--version|version)
|
|
25
|
-
opal-security/2.0.
|
|
25
|
+
opal-security/2.0.16 darwin-x64 node-v16.16.0
|
|
26
26
|
$ opal --help [COMMAND]
|
|
27
27
|
USAGE
|
|
28
28
|
$ opal COMMAND
|
|
@@ -87,7 +87,7 @@ EXAMPLE
|
|
|
87
87
|
opal aws:identity
|
|
88
88
|
```
|
|
89
89
|
|
|
90
|
-
_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
90
|
+
_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/aws/identity.ts)_
|
|
91
91
|
|
|
92
92
|
## `opal curl-example`
|
|
93
93
|
|
|
@@ -101,24 +101,24 @@ OPTIONS
|
|
|
101
101
|
-h, --help show CLI help
|
|
102
102
|
```
|
|
103
103
|
|
|
104
|
-
_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
104
|
+
_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/curl-example.ts)_
|
|
105
105
|
|
|
106
106
|
## `opal help [COMMAND]`
|
|
107
107
|
|
|
108
|
-
|
|
108
|
+
display help for opal
|
|
109
109
|
|
|
110
110
|
```
|
|
111
111
|
USAGE
|
|
112
112
|
$ opal help [COMMAND]
|
|
113
113
|
|
|
114
114
|
ARGUMENTS
|
|
115
|
-
COMMAND
|
|
115
|
+
COMMAND command to show help for
|
|
116
116
|
|
|
117
117
|
OPTIONS
|
|
118
|
-
|
|
118
|
+
--all see all commands in CLI
|
|
119
119
|
```
|
|
120
120
|
|
|
121
|
-
_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/
|
|
121
|
+
_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v3.2.18/src/commands/help.ts)_
|
|
122
122
|
|
|
123
123
|
## `opal iam-roles:start`
|
|
124
124
|
|
|
@@ -129,16 +129,18 @@ USAGE
|
|
|
129
129
|
$ opal iam-roles:start
|
|
130
130
|
|
|
131
131
|
OPTIONS
|
|
132
|
-
-h, --help
|
|
133
|
-
--id=id
|
|
134
|
-
--
|
|
132
|
+
-h, --help show CLI help
|
|
133
|
+
--id=id The ID of the Opal role resource.
|
|
134
|
+
--profileName=profileName Uses a custom AWS profile name for the IAM role. Default value is the role's name.
|
|
135
|
+
--sessionId=sessionId SessionId of a session that has already been created via the web flow.
|
|
135
136
|
|
|
136
137
|
EXAMPLES
|
|
137
138
|
opal iam-roles:start
|
|
138
139
|
opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
140
|
+
opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
|
|
139
141
|
```
|
|
140
142
|
|
|
141
|
-
_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
143
|
+
_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/iam-roles/start.ts)_
|
|
142
144
|
|
|
143
145
|
## `opal kube-roles:start`
|
|
144
146
|
|
|
@@ -161,7 +163,7 @@ EXAMPLES
|
|
|
161
163
|
"arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
|
|
162
164
|
```
|
|
163
165
|
|
|
164
|
-
_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
166
|
+
_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/kube-roles/start.ts)_
|
|
165
167
|
|
|
166
168
|
## `opal login`
|
|
167
169
|
|
|
@@ -178,7 +180,7 @@ EXAMPLE
|
|
|
178
180
|
$ opal login
|
|
179
181
|
```
|
|
180
182
|
|
|
181
|
-
_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
183
|
+
_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/login.ts)_
|
|
182
184
|
|
|
183
185
|
## `opal logout`
|
|
184
186
|
|
|
@@ -195,7 +197,7 @@ EXAMPLE
|
|
|
195
197
|
$ opal logout
|
|
196
198
|
```
|
|
197
199
|
|
|
198
|
-
_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
200
|
+
_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/logout.ts)_
|
|
199
201
|
|
|
200
202
|
## `opal postgres-instances:start`
|
|
201
203
|
|
|
@@ -217,7 +219,7 @@ EXAMPLES
|
|
|
217
219
|
opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "fullaccess"
|
|
218
220
|
```
|
|
219
221
|
|
|
220
|
-
_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
222
|
+
_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/postgres-instances/start.ts)_
|
|
221
223
|
|
|
222
224
|
## `opal resources:get`
|
|
223
225
|
|
|
@@ -235,7 +237,7 @@ EXAMPLE
|
|
|
235
237
|
opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
|
|
236
238
|
```
|
|
237
239
|
|
|
238
|
-
_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
240
|
+
_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/resources/get.ts)_
|
|
239
241
|
|
|
240
242
|
## `opal set-token`
|
|
241
243
|
|
|
@@ -252,7 +254,7 @@ EXAMPLE
|
|
|
252
254
|
$ opal set-token
|
|
253
255
|
```
|
|
254
256
|
|
|
255
|
-
_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
257
|
+
_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/set-token.ts)_
|
|
256
258
|
|
|
257
259
|
## `opal set-url`
|
|
258
260
|
|
|
@@ -276,7 +278,7 @@ EXAMPLE
|
|
|
276
278
|
$ opal set-host
|
|
277
279
|
```
|
|
278
280
|
|
|
279
|
-
_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
281
|
+
_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/set-url.ts)_
|
|
280
282
|
|
|
281
283
|
## `opal ssh:copyFrom`
|
|
282
284
|
|
|
@@ -303,7 +305,7 @@ EXAMPLES
|
|
|
303
305
|
opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
304
306
|
```
|
|
305
307
|
|
|
306
|
-
_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
308
|
+
_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/ssh/copyFrom.ts)_
|
|
307
309
|
|
|
308
310
|
## `opal ssh:copyTo`
|
|
309
311
|
|
|
@@ -330,7 +332,7 @@ EXAMPLES
|
|
|
330
332
|
opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
331
333
|
```
|
|
332
334
|
|
|
333
|
-
_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
335
|
+
_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/ssh/copyTo.ts)_
|
|
334
336
|
|
|
335
337
|
## `opal ssh:start`
|
|
336
338
|
|
|
@@ -350,5 +352,5 @@ EXAMPLES
|
|
|
350
352
|
opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
351
353
|
```
|
|
352
354
|
|
|
353
|
-
_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
355
|
+
_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/ssh/start.ts)_
|
|
354
356
|
<!-- commandsstop -->
|
|
@@ -6,6 +6,7 @@ export default class StartIAMRoleSession extends Command {
|
|
|
6
6
|
help: import("@oclif/parser/lib/flags").IBooleanFlag<void>;
|
|
7
7
|
id: flags.IOptionFlag<string | undefined>;
|
|
8
8
|
sessionId: flags.IOptionFlag<string | undefined>;
|
|
9
|
+
profileName: flags.IOptionFlag<string | undefined>;
|
|
9
10
|
};
|
|
10
11
|
run(): Promise<void>;
|
|
11
12
|
}
|
|
@@ -114,6 +114,9 @@ class StartIAMRoleSession extends command_1.Command {
|
|
|
114
114
|
}
|
|
115
115
|
roleName = (sshInstanceResp === null || sshInstanceResp === void 0 ? void 0 : sshInstanceResp.data.resource.resource.name) || 'iam-role';
|
|
116
116
|
}
|
|
117
|
+
if (flags.profileName && flags.profileName !== "") {
|
|
118
|
+
roleName = flags.profileName;
|
|
119
|
+
}
|
|
117
120
|
const { resp, error } = await handler_1.runMutation({
|
|
118
121
|
command: this,
|
|
119
122
|
query: StartIAMRoleSessionDocument,
|
|
@@ -150,6 +153,7 @@ StartIAMRoleSession.description = 'Starts a session to assume an IAM role.';
|
|
|
150
153
|
StartIAMRoleSession.examples = [
|
|
151
154
|
'opal iam-roles:start',
|
|
152
155
|
'opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398',
|
|
156
|
+
'opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"',
|
|
153
157
|
];
|
|
154
158
|
StartIAMRoleSession.flags = {
|
|
155
159
|
help: command_1.flags.help({ char: 'h' }),
|
|
@@ -161,4 +165,8 @@ StartIAMRoleSession.flags = {
|
|
|
161
165
|
multiple: false,
|
|
162
166
|
description: 'SessionId of a session that has already been created via the web flow.',
|
|
163
167
|
}),
|
|
168
|
+
profileName: command_1.flags.string({
|
|
169
|
+
multiple: false,
|
|
170
|
+
description: 'Uses a custom AWS profile name for the IAM role. Default value is the role\'s name.'
|
|
171
|
+
})
|
|
164
172
|
};
|
package/oclif.manifest.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"2.0.
|
|
1
|
+
{"version":"2.0.16","commands":{"curl-example":{"id":"curl-example","description":"Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.","pluginName":"opal-security","pluginType":"core","aliases":[],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"login":{"id":"login","description":"Authenticates you with the Opal server.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal login"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"logout":{"id":"logout","description":"Clears locally stored Opal server authentication credentials.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal logout"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"set-token":{"id":"set-token","description":"Sets an API token to authenticate with the Opal server - alternative auth flow for headless environments.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal set-token"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"set-url":{"id":"set-url","description":"Sets the url of the Opal server. Defaults to https://app.opal.dev.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal set-host"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"custom":{"name":"custom","type":"option"},"allowSelfSignedCerts":{"name":"allowSelfSignedCerts","type":"boolean","allowNo":false},"prod":{"name":"prod","type":"boolean","allowNo":false},"staging":{"name":"staging","type":"boolean","allowNo":false},"demo":{"name":"demo","type":"boolean","allowNo":false},"dev":{"name":"dev","type":"boolean","allowNo":false},"devLocal":{"name":"devLocal","type":"boolean","allowNo":false}},"args":[]},"aws:identity":{"id":"aws:identity","description":"Gets the current caller identity for the \"opal\" AWS profile.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal aws:identity"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"iam-roles:start":{"id":"iam-roles:start","description":"Starts a session to assume an IAM role.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal iam-roles:start","opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398","opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName \"custom-profile\""],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal role resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."},"profileName":{"name":"profileName","type":"option","description":"Uses a custom AWS profile name for the IAM role. Default value is the role's name."}},"args":[]},"kube-roles:start":{"id":"kube-roles:start","description":"Starts a session to assume a Kubernetes cluster IAM role.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal kube-roles:start","opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398","opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId \"arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role\""],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal role resource."},"accessLevelRemoteId":{"name":"accessLevelRemoteId","type":"option","description":"The remote ID of the access level with which to access the cluster."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"postgres-instances:start":{"id":"postgres-instances:start","description":"Starts a session to query a Postgres database.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal postgres-instances:start","opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398","opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId \"fullaccess\""],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"accessLevelRemoteId":{"name":"accessLevelRemoteId","type":"option","description":"The remote ID of the access level with which to access the database."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"resources:get":{"id":"resources:get","description":"Get resource info for a particular resource.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","required":true}},"args":[]},"ssh:copyFrom":{"id":"ssh:copyFrom","description":"Use SCP to copy files from a compute instance.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal ssh:copyFrom --src instance/dir --dest my/dir","opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"src":{"name":"src","type":"option","description":"The path of the directory or file you would like to copy over SCP. Note we only support one file or directory at a time.","required":true},"dest":{"name":"dest","type":"option","description":"Pick which directory you want your files to be copied to.","required":false,"default":"."},"user":{"name":"user","type":"option","description":"Pick which user you want to run SCP over. Keep in mind not all users will have access to each other's home directory.","required":false,"default":"ssm-user"},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"ssh:copyTo":{"id":"ssh:copyTo","description":"Use SCP to copy files to a compute instance.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal ssh:copyTo --src my/dir --dest instance/dir","opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"src":{"name":"src","type":"option","description":"The path of the directory or file you would like to copy over SCP. Note we only support one file or directory at a time.","required":true},"dest":{"name":"dest","type":"option","description":"Pick which directory you want your files to be copied to.","required":false,"default":"."},"user":{"name":"user","type":"option","description":"Pick which user you want to run SCP over. Keep in mind not all users will have access to each other's home directory.","required":false,"default":"ssm-user"},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"ssh:start":{"id":"ssh:start","description":"Start an SSH session to access a particular compute instance.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal ssh:start","opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]}}}
|