npm - viza - Versions diffs - 1.6.45 → 1.6.47 - Mend

viza 1.6.45 → 1.6.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/src/commands/aws/rolesanywhere/register.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import { registerAwsRolesAnywhereBootstrap } from "./bootstrap/register.js";
 import { registerAwsRolesAnywhereRotate } from "./rotate/register.js";
 import { registerAwsRolesAnywhereRebootstrap } from "./rebootstrap/register.js";
+import { registerAwsRolesAnywhereUpdateRole } from "./update-role/register.js";
 export function registerAwsRolesAnywhereCommand(program) {
     const aws = program.command("aws").description("AWS related commands");
     const rolesanywhere = aws
@@ -9,4 +10,5 @@ export function registerAwsRolesAnywhereCommand(program) {
     registerAwsRolesAnywhereBootstrap(rolesanywhere);
     registerAwsRolesAnywhereRebootstrap(rolesanywhere);
     registerAwsRolesAnywhereRotate(rolesanywhere);
+    registerAwsRolesAnywhereUpdateRole(rolesanywhere);
 }

package/dist/src/commands/aws/rolesanywhere/update-role/register.js ADDED Viewed

@@ -0,0 +1,13 @@
+import { updateAwsRolesAnywhereRoleCommand } from "./update-role.js";
+import { getResolvedOptions } from "../../../../cli/resolveOptions.js";
+export function registerAwsRolesAnywhereUpdateRole(program) {
+    program
+        .command("update-role")
+        .description("Update AWS RolesAnywhere IAM role policies")
+        .option("--prod", "Use production environment")
+        .option("--dev", "Use development environment")
+        .action(async (_opts, command) => {
+        const fullOpts = getResolvedOptions(command);
+        await updateAwsRolesAnywhereRoleCommand(fullOpts);
+    });
+}

package/dist/src/commands/aws/rolesanywhere/update-role/update-role.js ADDED Viewed

@@ -0,0 +1,52 @@
+import { resolveEnv } from "../../../../context/env.js";
+import { resolveResourceHubIntent } from "../../../../context/hubIntent.js";
+import { dispatchIntentAndWait } from "../../../../core/dispatch.js";
+/**
+ * Target teams for `viza aws rolesanywhere update-role`.
+ * CLI-only fail-fast UX constraint.
+ * NOT a policy and MUST NOT be sent to gateway.
+ */
+const TARGET_TEAMS = {
+    "dev": [
+        "viza-admin",
+        "viza-super"
+    ],
+    "prod": [
+        "viza-admin",
+        "viza-super"
+    ]
+};
+/**
+ * viza aws rolesanywhere update-role
+ *
+ * Flow:
+ * 1) Resolve env
+ * 2) Resolve hub intent
+ * 3) Derive allowed teams (CLI UX only)
+ * 4) Dispatch frozen intent
+ */
+export async function updateAwsRolesAnywhereRoleCommand(options) {
+    // 1) Resolve environment
+    const env = resolveEnv(options);
+    const intent = resolveResourceHubIntent(env);
+    // 2) Resolve allowed teams (no status mode for rotate)
+    const allowedTeams = TARGET_TEAMS[env];
+    // 3) Dispatch intent (freeze)
+    await dispatchIntentAndWait({
+        intent,
+        commandType: "aws.rolesanywhere.update-role",
+        infraKey: "core",
+        targetEnv: env,
+        allowedTeams,
+        // Canonical CLI contract (explicit, non-magical)
+        selfHosted: options.selfHosted === true,
+        keepLog: options.removeLog !== true,
+        flowGates: {
+            secrets: true,
+        },
+        payload: {}
+    }, {
+        status: options.status === true,
+        log: "show",
+    });
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "viza",
-  "version": "1.6.45",
+  "version": "1.6.47",
   "type": "module",
   "description": "Viza unified command line interface",
   "bin": {