atlas-init 0.9.0__py3-none-any.whl → 0.10.0__py3-none-any.whl

atlas_init/__init__.py

@@ -1,6 +1,6 @@
 from pathlib import Path
 
-VERSION = "0.9.0"
+VERSION = "0.10.0"
 
 
 def running_in_repo() -> bool:

atlas_init/cli_root/aws_clean.py

@@ -0,0 +1,108 @@
+import logging
+from datetime import datetime, timedelta
+from pathlib import Path
+
+import humanize
+import typer
+from ask_shell import run_and_wait
+from boto3.session import Session
+from model_lib import Entity
+from mypy_boto3_iam import IAMClient
+from mypy_boto3_iam.type_defs import RoleTypeDef
+from zero_3rdparty.datetime_utils import utc_now
+
+from atlas_init.cloud.aws import PascalAlias
+from atlas_init.settings.env_vars import init_settings
+from atlas_init.typer_app import app_command
+
+logger = logging.getLogger(__name__)
+
+
+class LastUsed(Entity):
+    model_config = PascalAlias
+    last_used_date: datetime
+
+
+class IAMRole(Entity):
+    model_config = PascalAlias
+    arn: str
+    role_name: str
+    create_date: datetime
+    role_last_used: LastUsed | None = None
+
+
+@app_command()
+def aws_clean(
+    skip_iam_roles: bool = typer.Option(False, help="skip iam roles"),
+    iam_role_prefix_name: str = typer.Option(
+        "mongodb-atlas-test-acc-tf-",
+        help="prefix name of iam roles to clean",
+    ),
+):
+    init_settings()
+    if skip_iam_roles:
+        return
+    client: IAMClient = Session().client("iam")  # pyright: ignore[reportAssignmentType]
+    all_roles: list[RoleTypeDef] = []
+    aws_account_id = run_and_wait("aws sts get-caller-identity --query Account --output text").stdout_one_line
+
+    roles_response = client.list_roles()
+
+    all_roles.extend(roles_response["Roles"])
+    marker = roles_response.get("Marker", "")
+    while marker:
+        roles_response = client.list_roles(Marker=marker)
+        all_roles.extend(roles_response["Roles"])
+        marker = roles_response.get("Marker", "")
+    total_roles = len(all_roles)
+    logger.info(f"found {total_roles} roles")
+    roles_parsed: list[IAMRole] = []
+    delete_if_created_before = utc_now() - timedelta(days=5)
+    delete_count = 0
+    role_names: list[str] = []
+    for role in all_roles:
+        parsed = IAMRole.model_validate(role)
+        roles_parsed.append(parsed)
+        role_name = parsed.role_name
+        role_names.append(role_name)
+        if not role_name.startswith(iam_role_prefix_name):
+            continue
+        # want to delete 'mongodb-atlas-test-acc-tf-1345851232260229574'
+        # want to keep  'mongodb-atlas-test-acc-tf-7973337217371171538-git-ear'?
+        if role_name[-1].isdigit() and parsed.create_date < delete_if_created_before:
+            logger.info(f"role: {parsed.arn} will be deleted")
+            delete_count += 1
+            delete_role(client, role_name)
+        else:
+            logger.info(f"skipping role: {parsed.arn}, created: {humanize.naturaltime(parsed.create_date)}")
+    logger.info(f"deleted {delete_count}/{total_roles} roles")
+    out_path = Path(f"aws_roles_{aws_account_id}.txt")
+    out_path.write_text("\n".join(sorted(role_names)))
+
+
+def delete_role(client: IAMClient, role_name: str):
+    try:
+        attached_policies = client.list_attached_role_policies(RoleName=role_name)
+        for policy in attached_policies["AttachedPolicies"]:
+            policy_arn = policy.get("PolicyArn")
+            if policy_arn:
+                logger.info(f"detaching managed policy: {policy_arn} from role: {role_name}")
+                client.detach_role_policy(RoleName=role_name, PolicyArn=policy_arn)
+    except Exception as e:
+        logger.warning(f"failed to detach managed policies from role {role_name}: {e}")
+
+    # Second, delete all inline policies
+    try:
+        inline_policies = client.list_role_policies(RoleName=role_name)
+        for policy_name in inline_policies["PolicyNames"]:
+            logger.info(f"deleting inline policy: {policy_name} from role: {role_name}")
+            client.delete_role_policy(RoleName=role_name, PolicyName=policy_name)
+    except Exception as e:
+        logger.warning(f"failed to delete inline policies from role {role_name}: {e}")
+
+    # Finally, delete the role
+    try:
+        client.delete_role(RoleName=role_name)
+        logger.info(f"deleted role: {role_name}")
+    except Exception as e:
+        logger.error(f"failed to delete role {role_name}: {e}")

atlas_init/cli_tf/hcl/modifier2.py

@@ -2,10 +2,12 @@ from collections import defaultdict
 import logging
 from contextlib import suppress
 from pathlib import Path
-from typing import NamedTuple
+from typing import Any, NamedTuple
 from lark import Token, Transformer, Tree, UnexpectedToken, v_args
 from hcl2.transformer import Attribute, DictTransformer
 from hcl2.api import reverse_transform, writes, parses
+from model_lib import Entity
+from pydantic import field_validator
 import rich
 
 logger = logging.getLogger(__name__)
@@ -58,6 +60,54 @@ def attribute_transfomer(attr_name: str, obj_key: str, new_value: str) -> tuple[
     return AttributeTransformer(with_meta=True), changes
 
 
+_unset = object()
+
+
+class TFVar(Entity):
+    name: str
+    description: str | None = ""
+    default: Any = _unset
+    type: str = ""
+    sensitive: bool = False
+
+    @field_validator("default", mode="before")
+    def unpack_token(cls, v: Any) -> Any:
+        if isinstance(v, Token):
+            return v.value.strip('"')
+        return v
+
+
+def variable_reader_typed(tree: Tree) -> dict[str, TFVar]:
+    variables: dict[str, TFVar] = {}
+
+    class TFVarReader(DictTransformer):
+        def __init__(self, with_meta: bool = False, *, name: str):
+            super().__init__(with_meta)
+            self.kwargs: dict[str, Any] = {
+                "name": name,
+            }
+
+        def attribute(self, args: list) -> Attribute:
+            if len(args) == 3:
+                name, _, value = args
+                self.kwargs[name] = value
+            return super().attribute(args)
+
+    class BlockReader(Transformer):
+        @v_args(tree=True)
+        def block(self, block_tree: Tree) -> Tree:
+            current_block_name = _identifier_name(block_tree)
+            if current_block_name == "variable":
+                variable_name = token_name(block_tree.children[1])
+                reader = TFVarReader(name=variable_name)
+                reader.transform(block_tree)
+                variables[variable_name] = TFVar(**reader.kwargs)
+            return block_tree
+
+    BlockReader().transform(tree)
+    return variables
+
+
 def variable_reader(tree: Tree) -> dict[str, str | None]:
     """
     Reads the variable names from a parsed HCL2 tree.

atlas_init/tf_ext/paths.py

@@ -9,7 +9,14 @@ from model_lib import Entity
 from pydantic import Field, RootModel
 from zero_3rdparty.file_utils import iter_paths
 
-from atlas_init.cli_tf.hcl.modifier2 import resource_types_vars_usage, safe_parse, variable_reader, variable_usages
+from atlas_init.cli_tf.hcl.modifier2 import (
+    TFVar,
+    resource_types_vars_usage,
+    safe_parse,
+    variable_reader,
+    variable_reader_typed,
+    variable_usages,
+)
 from atlas_init.tf_ext.constants import ATLAS_PROVIDER_NAME, DEFAULT_EXTERNAL_SUBSTRINGS, DEFAULT_INTERNAL_SUBSTRINGS
 
 logger = logging.getLogger(__name__)
@@ -32,6 +39,16 @@ def get_example_directories(repo_path: Path, skip_names: list[str]):
     return example_dirs
 
 
+def find_variables_typed(variables_tf: Path) -> dict[str, TFVar]:
+    if not variables_tf.exists():
+        return {}
+    tree = safe_parse(variables_tf)
+    if not tree:
+        logger.warning(f"Failed to parse {variables_tf}")
+        return {}
+    return variable_reader_typed(tree)
+
+
 def find_variables(variables_tf: Path) -> dict[str, str | None]:
     if not variables_tf.exists():
         return {}

atlas_init/tf_ext/run_tf.py

@@ -0,0 +1,20 @@
+from ask_shell import new_task, run_and_wait
+from pathlib import Path
+
+
+def validate_tf_workspace(
+    tf_workdir: Path, *, tf_cli_config_file: Path | None = None, env_extra: dict[str, str] | None = None
+):
+    terraform_commands = [
+        "terraform init",
+        "terraform fmt .",
+        "terraform validate .",
+    ]
+    env_extra = env_extra or {}
+    if tf_cli_config_file:
+        env_extra["TF_CLI_CONFIG_FILE"] = str(tf_cli_config_file)
+    with new_task("Terraform Module Validate Checks", total=len(terraform_commands)) as task:
+        for command in terraform_commands:
+            attempts = 3 if command == "terraform init" else 1  # terraform init can fail due to network issues
+            run_and_wait(command, cwd=tf_workdir, env=env_extra, attempts=attempts)
+            task.update(advance=1)

atlas_init/tf_ext/settings.py

@@ -175,6 +175,14 @@ class TfExtSettings(StaticSettings):
     def provider_cache_dir(self, provider_name: str) -> Path:
         return self.cache_root / "provider_cache" / provider_name
 
+    @property
+    def variable_plan_resolvers_file_path(self) -> Path:
+        return self.static_root / "variable_plan_resolvers.yaml"
+
+    @property
+    def variable_plan_resolvers_dumped_file_path(self) -> Path:
+        return self.static_root / "variable_plan_resolvers_dumped.yaml"
+
 
 def init_tf_ext_settings(*, allow_empty_out_path: bool = False) -> TfExtSettings:
     settings = TfExtSettings.from_env()

atlas_init/tf_ext/tf_mod_gen.py

@@ -32,6 +32,7 @@ from atlas_init.tf_ext.plan_diffs import (
     read_variables_path,
 )
 from atlas_init.tf_ext.provider_schema import AtlasSchemaInfo, ResourceSchema, parse_atlas_schema
+from atlas_init.tf_ext.run_tf import validate_tf_workspace
 from atlas_init.tf_ext.schema_to_dataclass import convert_and_format
 from atlas_init.tf_ext.settings import TfExtSettings
 
@@ -131,29 +132,13 @@ def generate_resource_module(config: ModuleGenConfig, resource_type: str, atlas_
 def finalize_and_validate_module(config: ModuleGenConfig) -> Path:
     dump_versions_tf(config.module_out_path, skip_python=config.skip_python)
     logger.info(f"Module dumped to {config.module_out_path}, running checks")
-    validate_module(config.module_out_path, tf_cli_config_file=config.settings.tf_cli_config_file)
+    validate_tf_workspace(config.module_out_path, tf_cli_config_file=config.settings.tf_cli_config_file)
     return config.module_out_path
 
 
 OUT_BINARY_PATH = "tfplan.binary"
 
 
-def validate_module(tf_workdir: Path, *, tf_cli_config_file: Path | None = None):
-    terraform_commands = [
-        "terraform init",
-        "terraform fmt .",
-        "terraform validate .",
-    ]
-    env_extra = {}
-    if tf_cli_config_file:
-        env_extra["TF_CLI_CONFIG_FILE"] = str(tf_cli_config_file)
-    with new_task("Terraform Module Validate Checks", total=len(terraform_commands)) as task:
-        for command in terraform_commands:
-            attempts = 3 if command == "terraform init" else 1  # terraform init can fail due to network issues
-            run_and_wait(command, cwd=tf_workdir, env=env_extra, attempts=attempts)
-            task.update(advance=1)
-
-
 def module_examples_and_readme(config: ModuleGenConfig, *, example_var_file: Path | None = None) -> Path:
     path = config.module_out_path
     if (examples_test := config.examples_test_path) and examples_test.exists():
@@ -165,7 +150,7 @@ def module_examples_and_readme(config: ModuleGenConfig, *, example_var_file: Pat
         if examples_generated:
             with run_pool("Validating examples", total=len(examples_generated), exit_wait_timeout=60) as pool:
                 for example_path in examples_generated:
-                    pool.submit(validate_module, example_path)
+                    pool.submit(validate_tf_workspace, example_path)
 
     attribute_descriptions = parse_attribute_descriptions(config.settings)
     settings = config.settings
@@ -225,7 +210,7 @@ def example_plan_checks(config: ModuleGenConfig, timeout_all_seconds: int = 60)
         with TemporaryDirectory() as temp_dir:
             stored_plan = Path(temp_dir) / "plan.json"
             tf_dir = config.example_path(check.example_name)
-            validate_module(tf_dir)
+            validate_tf_workspace(tf_dir)
             var_arg = f" -var-file={variables_path}" if variables_path else ""
             run_and_wait(f"terraform plan -out={OUT_BINARY_PATH}{var_arg}", cwd=tf_dir)
             run_and_wait(f"terraform show -json {OUT_BINARY_PATH} > {stored_plan}", cwd=tf_dir)

atlas_init/tf_ext/tf_ws.py

@@ -0,0 +1,269 @@
+from datetime import datetime
+from enum import StrEnum
+import fnmatch
+import logging
+from collections import defaultdict
+from pathlib import Path
+from typing import Any, Literal, Self
+
+import typer
+import humanize
+from ask_shell import run_and_wait, run_pool
+from model_lib import Entity, dump, parse_model
+from pydantic import ConfigDict, Field
+from zero_3rdparty.file_utils import ensure_parents_write_text, iter_paths_and_relative
+import stringcase
+
+from atlas_init.cli_tf.hcl.modifier2 import TFVar
+from atlas_init.settings.env_vars import init_settings
+from atlas_init.settings.env_vars_generated import AtlasSettingsWithProject, AWSSettings
+from atlas_init.tf_ext.paths import find_variables_typed
+from atlas_init.tf_ext.settings import TfExtSettings, init_tf_ext_settings
+from atlas_init.tf_ext.tf_mod_gen import validate_tf_workspace
+
+logger = logging.getLogger(__name__)
+LOCKFILE_NAME = ".terraform.tfstate.lock.info"
+PascalAlias = ConfigDict(alias_generator=stringcase.pascalcase, populate_by_name=True)
+
+
+class Lockfile(Entity):
+    model_config = PascalAlias
+    created: datetime
+    path: str
+    operation: str
+
+    def __str__(self) -> str:
+        return (
+            f"lockfile for state {self.path} created={humanize.naturaltime(self.created)}, operation={self.operation})"
+        )
+
+
+class ResolvedEnvVar(Entity):
+    var_matches: list[str] = Field(default_factory=list)
+    name: str
+    value: str
+    sensitive: bool = False
+    type: Literal["env"] = "env"
+
+    def can_resolve(self, variable: TFVar) -> bool:
+        return any(fnmatch.fnmatch(variable.name, var) for var in self.var_matches)
+
+
+class ResolvedStringVar(Entity):
+    var_matches: list[str] = Field(default_factory=list)
+    value: str = ""
+    sensitive: bool = False
+    type: Literal["string"] = "string"
+
+    def can_resolve(self, variable: TFVar) -> bool:
+        if variable.type and variable.type != self.type:
+            return False
+        return any(fnmatch.fnmatch(variable.name, var) for var in self.var_matches)
+
+
+ResolverVar = ResolvedStringVar | ResolvedEnvVar
+
+
+def as_tfvars_env(resolver_vars: dict[str, ResolverVar]) -> tuple[dict[str, Any], dict[str, Any]]:
+    env_vars = {}
+    tf_vars = {}
+    for var_name, var in resolver_vars.items():
+        match var:
+            case ResolvedEnvVar(name=name, value=value):
+                env_vars[name] = value
+            case ResolvedStringVar(value=value):
+                tf_vars[var_name] = value
+    return tf_vars, env_vars
+
+
+class _MissingResolverVarsError(Exception):
+    def __init__(self, missing_vars: list[str], path: Path, rel_path: str):
+        self.missing_vars = missing_vars
+        self.path = path
+        self.rel_path = rel_path
+        super().__init__(f"Missing variables: {missing_vars} for path: {path} with rel_path: {rel_path}")
+
+    def __str__(self) -> str:
+        return f"Missing variables: {self.missing_vars} for path: {self.path} with rel_path: {self.rel_path}"
+
+
+class VariablesPlanResolver(Entity):
+    paths: dict[str, list[ResolverVar]]
+
+    def merge(self, other: Self) -> Self:
+        merged = defaultdict(list)
+        for path, vars in self.paths.items():
+            merged[path].extend(vars)
+        for path, vars in other.paths.items():
+            merged[path].extend(vars)
+        return type(self)(paths=merged)
+
+    def variable_path_matches(self, path: Path, rel_path: str) -> list[ResolverVar]:
+        resolved = []
+        for path_pattern, vars in self.paths.items():
+            if fnmatch.fnmatch(rel_path, path_pattern):
+                resolved.extend(vars)
+        return resolved
+
+    def resolve_vars(self, path: Path, rel_path: str) -> dict[str, ResolverVar]:
+        variables = find_variables_typed(path / "variables.tf")
+        resolved_vars: dict[str, ResolverVar] = {}
+        for var in variables.values():
+            for resolver_var in self.variable_path_matches(path, rel_path):
+                if resolver_var.can_resolve(var):
+                    resolved_vars[var.name] = resolver_var
+        if missing_vars := set(variables.keys()) - set(resolved_vars.keys()):
+            raise _MissingResolverVarsError(sorted(missing_vars), path, rel_path)
+        return resolved_vars
+
+
+def update_dumped_vars(path: Path) -> VariablesPlanResolver:
+    assert init_settings(AWSSettings, AtlasSettingsWithProject), "Settings must be initialized"
+    project_settings = AtlasSettingsWithProject.from_env()
+    dumped_vars = VariablesPlanResolver(
+        paths={
+            "*": [
+                ResolvedStringVar(
+                    var_matches=["project*"],
+                    value=project_settings.MONGODB_ATLAS_PROJECT_ID,
+                    sensitive=False,
+                ),
+                ResolvedStringVar(
+                    var_matches=["org*"],
+                    value=project_settings.MONGODB_ATLAS_ORG_ID,
+                    sensitive=False,
+                ),
+                ResolvedEnvVar(
+                    var_matches=["atlas_private_key"],
+                    sensitive=True,
+                    value=project_settings.MONGODB_ATLAS_PRIVATE_KEY,
+                    name="MONGODB_ATLAS_PRIVATE_KEY",
+                ),
+                ResolvedEnvVar(
+                    var_matches=["atlas_public_key"],
+                    sensitive=True,
+                    value=project_settings.MONGODB_ATLAS_PUBLIC_KEY,
+                    name="MONGODB_ATLAS_PUBLIC_KEY",
+                ),
+                ResolvedEnvVar(
+                    var_matches=["atlas_base_url"],
+                    sensitive=False,
+                    value=project_settings.MONGODB_ATLAS_BASE_URL,
+                    name="MONGODB_ATLAS_BASE_URL",
+                ),
+            ]
+        }
+    )
+    yaml = dump(dumped_vars, "yaml")
+    ensure_parents_write_text(path, yaml)
+    return dumped_vars
+
+
+_ignored_workspace_dirs = [
+    ".terraform",
+]
+
+
+class TFWorkspacRunConfig(Entity):
+    path: Path
+    rel_path: str
+    resolved_vars: dict[str, Any]
+    resolved_env_vars: dict[str, Any]
+
+    def tf_data_dir(self, settings: TfExtSettings) -> Path:
+        repo_out = settings.repo_out
+        assert self.path.is_relative_to(repo_out.base), f"path {self.path} is not relative to {repo_out.base}"
+        relative_repo_path = str(self.path.relative_to(repo_out.base))
+        return settings.static_root / "tf-ws-check" / relative_repo_path / ".terraform"
+
+    def tf_vars_path_json(self, settings: TfExtSettings) -> Path:
+        return self.tf_data_dir(settings) / "vars.auto.tfvars.json"
+
+
+class TFWsCommands(StrEnum):
+    VALIDATE = "validate"
+    PLAN = "plan"
+    APPLY = "apply"
+    DESTROY = "destroy"
+
+
+def tf_ws(
+    command: TFWsCommands = typer.Argument("plan", help="The command to run in the workspace"),
+    root_path: Path = typer.Option(
+        ...,
+        "-p",
+        "--root-path",
+        help="Path to the root directory, will recurse and look for **/main.tf",
+        default_factory=Path.cwd,
+    ),
+):
+    settings = init_tf_ext_settings()
+    variable_resolvers = update_dumped_vars(settings.variable_plan_resolvers_dumped_file_path)
+    manual_path = settings.variable_plan_resolvers_file_path
+    if manual_path.exists():
+        manual_resolvers = parse_model(manual_path, t=VariablesPlanResolver)
+        variable_resolvers = variable_resolvers.merge(manual_resolvers)
+
+    def include_path(rel_path: str) -> bool:
+        return all(f"/{dir}/" not in rel_path for dir in _ignored_workspace_dirs)
+
+    paths = sorted(
+        (path.parent, rel_path)
+        for path, rel_path in iter_paths_and_relative(root_path, "main.tf", only_files=True)
+        if include_path(rel_path)
+    )
+    run_configs = []
+    missing_vars_errors = []
+    for path, rel_path in paths:
+        try:
+            resolver_vars = variable_resolvers.resolve_vars(path, rel_path)
+            resolved_vars, resolved_env_vars = as_tfvars_env(resolver_vars)
+            run_configs.append(
+                TFWorkspacRunConfig(
+                    path=path, rel_path=rel_path, resolved_vars=resolved_vars, resolved_env_vars=resolved_env_vars
+                )
+            )
+        except _MissingResolverVarsError as e:
+            missing_vars_errors.append(e)
+            continue
+    if missing_vars_errors:
+        missing_vars_formatted = "\n".join(str(e) for e in missing_vars_errors)
+        logger.warning(f"Missing variables:\n{missing_vars_formatted}")
+
+    run_count = len(run_configs)
+    assert run_count > 0, f"No run configs found from {root_path}"
+
+    def run_cmd(run_config: TFWorkspacRunConfig):
+        tf_vars_str = dump(run_config.resolved_vars, "pretty_json")
+        tf_vars_path = run_config.tf_vars_path_json(settings)
+        ensure_parents_write_text(tf_vars_path, tf_vars_str)
+        env_extra = run_config.resolved_env_vars | {"TF_DATA_DIR": str(run_config.tf_data_dir(settings))}
+
+        lockfile_path = run_config.path / LOCKFILE_NAME
+        if lockfile_path.exists():
+            lockfile = parse_model(lockfile_path, t=Lockfile, format="json")
+            logger.warning(f"Lockfile exists for {run_config.path}, skipping: {lockfile}")
+            return
+
+        validate_tf_workspace(run_config.path, tf_cli_config_file=settings.tf_cli_config_file, env_extra=env_extra)
+        if command == TFWsCommands.VALIDATE:
+            return
+        command_extra = ""
+        if command in {TFWsCommands.APPLY, TFWsCommands.DESTROY}:
+            command_extra = " -auto-approve"
+
+        run_and_wait(
+            f"terraform {command} -var-file={tf_vars_path}{command_extra}",
+            cwd=run_config.path,
+            env=env_extra,
+            user_input=run_count == 1,
+        )
+
+    with run_pool(f"{command} in TF Workspaces", total=run_count, max_concurrent_submits=9) as pool:
+        futures = {pool.submit(run_cmd, run_config): run_config for run_config in run_configs}
+        for future, run_config in futures.items():
+            try:
+                future.result()
+            except Exception as e:
+                logger.error(f"Error running {command} for {run_config.path}: {e}")
+                continue

atlas_init/tf_ext/typer_app.py

@@ -1,7 +1,7 @@
 from ask_shell import configure_logging
 from typer import Typer
 
-from atlas_init.tf_ext import api_call, settings, tf_desc_gen, tf_example_readme, tf_mod_gen_provider
+from atlas_init.tf_ext import api_call, settings, tf_desc_gen, tf_example_readme, tf_mod_gen_provider, tf_ws
 
 
 def typer_main():
@@ -21,6 +21,7 @@ def typer_main():
     app.command(name="mod-gen-provider")(tf_mod_gen_provider.tf_mod_gen_provider_resource_modules)
     app.command(name="check-env-vars")(settings.init_tf_ext_settings)
     app.command(name="example-readme")(tf_example_readme.tf_example_readme)
+    app.command(name="ws")(tf_ws.tf_ws)
     configure_logging(app)
     app()
 

atlas_init/typer_app.py

@@ -58,11 +58,12 @@ app_command = partial(
 
 
 def extra_root_commands():
-    from atlas_init.cli_root import go_test, trigger, mms_released
+    from atlas_init.cli_root import go_test, trigger, mms_released, aws_clean
 
     assert trigger
     assert go_test
     assert mms_released
+    assert aws_clean
 
 
 @app.callback(invoke_without_command=True)

{atlas_init-0.9.0.dist-info → atlas_init-0.10.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: atlas-init
-Version: 0.9.0
+Version: 0.10.0
 Project-URL: Documentation, https://github.com/EspenAlbert/atlas-init#readme
 Project-URL: Issues, https://github.com/EspenAlbert/atlas-init/issues
 Project-URL: Source, https://github.com/EspenAlbert/atlas-init
@@ -20,6 +20,7 @@ Requires-Dist: inflection==0.5.1
 Requires-Dist: model-lib
 Requires-Dist: motor==3.7.1
 Requires-Dist: mypy-boto3-cloudformation==1.37.22
+Requires-Dist: mypy-boto3-iam>=1.40.0
 Requires-Dist: orjson==3.10.13
 Requires-Dist: pydantic-settings==2.7.1
 Requires-Dist: pydot==4.0.1

{atlas_init-0.9.0.dist-info → atlas_init-0.10.0.dist-info}/RECORD

@@ -1,11 +1,11 @@
-atlas_init/__init__.py,sha256=SxwCA6YCJ-sDX3qOsnEH3L4WjI9tXH14OB1liYWsnHw,213
+atlas_init/__init__.py,sha256=Q4aM4T7e9LAIWZNe0514lJ1Mi_S3ixIJVWFvbzSGLTg,214
 atlas_init/__main__.py,sha256=dY1dWWvwxRZMmnOFla6RSfti-hMeLeKdoXP7SVYqMUc,52
 atlas_init/atlas_init.yaml,sha256=aCCg6PJgLcqh75v3tdEEG4UPrcJlbmbRaLj0c7PCumE,2373
 atlas_init/cli.py,sha256=0b4_osi67Oj-hZnrtK70IbSKQDREjwUFv1_30_A03Zg,9447
 atlas_init/cli_args.py,sha256=4lbEz6IVf0kHSULLXQ05SLmB4gvLfminbxFJ3qVTFNU,1202
 atlas_init/humps.py,sha256=l0ZXXuI34wwd9TskXhCjULfGbUyK-qNmiyC6_2ow6kU,7339
 atlas_init/terraform.yaml,sha256=qPrnbzBEP-JAQVkYadHsggRnDmshrOJyiv0ckyZCxwY,2734
-atlas_init/typer_app.py,sha256=TBOT986r7kmvDYQ7_XS0VQuak0zPjvF3ujykCvNrbgs,3959
+atlas_init/typer_app.py,sha256=rEEDe871M4D1eVciDHMQhv59k8GdvG5-0pBwHH0h9OE,3991
 atlas_init/cli_cfn/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 atlas_init/cli_cfn/app.py,sha256=N0z4LtAyfnKAZHlrWNQ0m5TbmarECrwXBH1qp-0xkrA,6025
 atlas_init/cli_cfn/aws.py,sha256=KtJWJmYDknPFtd4j6evMFRwmnFGcLYUFHArV6J49TjI,17911
@@ -21,6 +21,7 @@ atlas_init/cli_helper/sdk.py,sha256=exh58-VZwxtosaxM269C62EEy1VnpJPOVziPDPkGsmE,
 atlas_init/cli_helper/sdk_auto_changes.py,sha256=oWyXw7P0PdO28hclRvza_RcIVXAyzu0lCYTJTNBDMeo,189
 atlas_init/cli_helper/tf_runner.py,sha256=V8pfxPSDBSeQWkR27kI8JLu-MEadUR9TGnoXBjSP4G4,3610
 atlas_init/cli_root/__init__.py,sha256=Mf0wqy4kqq8pmbjLa98zOGuUWv0bLk2OYGc1n1_ZmZ4,223
+atlas_init/cli_root/aws_clean.py,sha256=n5bTjEhV5whVVN3W6Lk91Mb5LFwcR0ZBLiJS4V4H-Ak,4061
 atlas_init/cli_root/go_test.py,sha256=roQIOS-qVfNhJMztR-V3hjtxFMf7-Ioy3e1ffqtTRyo,4601
 atlas_init/cli_root/mms_released.py,sha256=gaUWzY4gqb1Tuo7u-8HqkOC6pW8QSjcwTz2UJMCV3Cw,1765
 atlas_init/cli_root/trigger.py,sha256=vT32qeWq946r8UaU8ZUKtWafpU0kodbUJpQXctFGjjk,8526
@@ -57,7 +58,7 @@ atlas_init/cli_tf/hcl/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3h
 atlas_init/cli_tf/hcl/cli.py,sha256=6V1kU_a1c4LA3rS7sWN821gQex00fb70AUyd07xO0es,5760
 atlas_init/cli_tf/hcl/cluster_mig.py,sha256=kMb_0V_XWr_iQj-mZZ-mmzIvYOLfuC4FYGYYSe9VKkQ,12496
 atlas_init/cli_tf/hcl/modifier.py,sha256=imcKuQZLkzeD_-_DKAUjwbW_zKbPvAElmVDIjKaQfrI,8199
-atlas_init/cli_tf/hcl/modifier2.py,sha256=Ra9Wx6BT0uF43n49MIx1WDTryt8T1vkqEU4Rtzn4Zmc,7815
+atlas_init/cli_tf/hcl/modifier2.py,sha256=jszWiCzwcKJquG8bb9SMqH8TA3Y3jRVRGORHgGW7GkI,9317
 atlas_init/cli_tf/hcl/parser.py,sha256=wqj0YIn9nyEfjRqZnM7FH4yL43-K9ANvRiy9RCahImc,4833
 atlas_init/cloud/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 atlas_init/cloud/aws.py,sha256=AXVobJ724S6OeEs_uXH9dvecc_klnXqejRnI7KaLyzo,4935
@@ -133,23 +134,25 @@ atlas_init/tf_ext/gen_versions.py,sha256=yYX4jIgQfAZuG2wfu6OsIbDAqt9g8btiLcgKm7D
 atlas_init/tf_ext/models.py,sha256=vS725jiEc0t61IO1Db0mpxWVQPGaJKIGeZLOb2SOf4I,4430
 atlas_init/tf_ext/models_module.py,sha256=JngaAxN-54hYPffx1rZ-_j-hYT_GELq7lf24e-EQHb0,18276
 atlas_init/tf_ext/newres.py,sha256=quMSLlkJRuvA3attTvJ-DQNSwRPFyT_XJ32ucmEhA-s,3104
-atlas_init/tf_ext/paths.py,sha256=3VQri_VKS5sVKdkHu2XKgHziB1uQpB8hBGBY7GwiAwU,4917
+atlas_init/tf_ext/paths.py,sha256=9MK7UdiHs9ViUmUOa1MhXsZjhlGIH1MHe53_s2yztxg,5264
 atlas_init/tf_ext/plan_diffs.py,sha256=Sc-VFrq2k7p01ZZzgtAfqRXCog2h6bbFlonGfaxSzog,5237
 atlas_init/tf_ext/provider_schema.py,sha256=6XrJ3UHjpQ_8yBqWeZ1b4xIPLOqPL9L1ljn4mGF2Cj4,6908
 atlas_init/tf_ext/py_gen.py,sha256=orZLX2c-tw9eJb8MyTunhkdfqs-f6uOngu5RlLUb9uI,11243
+atlas_init/tf_ext/run_tf.py,sha256=iMaNbjsq4sQe9cesP-uI9En3FifPUaqXFQFbm7K20kM,818
 atlas_init/tf_ext/schema_to_dataclass.py,sha256=kqg0OxqYZwmNGvlayZkXPwU2CueiHsnAAgLyoXkDUtY,19797
-atlas_init/tf_ext/settings.py,sha256=qRSm8e_TquEKoBpYE6VFmXSpiRaHExR00cVykpK1_OI,6814
+atlas_init/tf_ext/settings.py,sha256=_NVOt_464XyWq69sT-dwA1hfJ9Ag1H2QssE2datx_rU,7102
 atlas_init/tf_ext/tf_dep.py,sha256=UFrNmolw3qW02E7mq23vVGY0C8HOSSY3-6AHmSEqYno,13453
 atlas_init/tf_ext/tf_desc_gen.py,sha256=G6Hv9kKJDNbNL8nRRkPA7w8c7MCDgijjdTv-2BjKrZ0,2575
 atlas_init/tf_ext/tf_desc_update.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 atlas_init/tf_ext/tf_example_readme.py,sha256=A8yBJq9Ts0NzBnurWbbmADrfursjhxfdWX3ZxkYZ5cs,14992
-atlas_init/tf_ext/tf_mod_gen.py,sha256=mOXFfKoghkeV-CCYbqknwII5LmY1iguoUsTjYxndwi4,12141
+atlas_init/tf_ext/tf_mod_gen.py,sha256=J3BDPHoTqScZ0CmNiYpE_sJaV17jFkMrfgtgejGzhi4,11536
 atlas_init/tf_ext/tf_mod_gen_provider.py,sha256=M7jJeH0VR1uN440d2H5-9lnj0s0d9QtaMeYsLwWW3Ak,5866
 atlas_init/tf_ext/tf_modules.py,sha256=h_E8Po1fmOcIjU_d92dCjKZytBij4N9Mux70yLW7xVQ,16248
 atlas_init/tf_ext/tf_vars.py,sha256=A__zcIBNvJ5y0l5F5G7KMQsYCuyr3iBZtRzXm4e6DQU,7875
-atlas_init/tf_ext/typer_app.py,sha256=5Zqgs5RMYitlGmPyyXq3WctRcWMRC6RQa7EWJhVeQlA,1063
-atlas_init-0.9.0.dist-info/METADATA,sha256=uOYn0ME4hd1OvjjpfksJWWCC_aV0XNqklFTFbjzygh0,5863
-atlas_init-0.9.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-atlas_init-0.9.0.dist-info/entry_points.txt,sha256=l38KdfCjY2v5q8Ves1qkWNvPTPND6Tp2EKX-RL-MN3c,200
-atlas_init-0.9.0.dist-info/licenses/LICENSE,sha256=aKnucPyXnK1A-aXn4vac71zRpcB5BXjDyl4PDyi_hZg,1069
-atlas_init-0.9.0.dist-info/RECORD,,
+atlas_init/tf_ext/tf_ws.py,sha256=Wm17_Zgn4KrnWFpuShuEPabE8M4TtOxoG3EM3gCOr1Y,10099
+atlas_init/tf_ext/typer_app.py,sha256=wzC6pwt7W0u2Ce3xcWVYRbFeP8C8pLw1Gy5BPeWQjZo,1110
+atlas_init-0.10.0.dist-info/METADATA,sha256=JwoMAGhhoJc1VD5usMTGOZvRIgRLHyH1CuCjw9sx2Us,5902
+atlas_init-0.10.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+atlas_init-0.10.0.dist-info/entry_points.txt,sha256=l38KdfCjY2v5q8Ves1qkWNvPTPND6Tp2EKX-RL-MN3c,200
+atlas_init-0.10.0.dist-info/licenses/LICENSE,sha256=aKnucPyXnK1A-aXn4vac71zRpcB5BXjDyl4PDyi_hZg,1069
+atlas_init-0.10.0.dist-info/RECORD,,