UNPKG

alks

Version:

CLI for working with ALKS

github.com/Cox-Automotive/ALKS-CLI

Cox-Automotive/ALKS-CLI

103 lines (91 loc) 3.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
import clc from 'cli-color'; import commander from 'commander'; import { isEmpty, isUndefined } from 'underscore'; import { badAccountMessage } from '../badAccountMessage'; import { checkForUpdate } from '../checkForUpdate'; import { errorAndExit } from '../errorAndExit'; import { getAlks } from '../getAlks'; import { getAuth } from '../getAuth'; import { getAwsAccountFromString } from '../getAwsAccountFromString'; import { log } from '../log'; import { promptForAlksAccountAndRole } from '../promptForAlksAccountAndRole'; import { tryToExtractRole } from '../tryToExtractRole'; import { unpackTags } from '../unpackTags'; export async function handleAlksIamCreateLtk(options: commander.OptionValues) { const nameDesc = 'alphanumeric including @+=._-'; const NAME_REGEX = /^[a-zA-Z0-9!@+=._-]+$/g; const iamUsername = options.iamusername; let alksAccount: string | undefined = options.account; let alksRole: string | undefined = options.role; const filterFaves = options.favorites || false; const output = options.output || 'text'; const tags = options.tags ? unpackTags(options.tags) : undefined; try { log('validating iam user name: ' + iamUsername); if (isEmpty(iamUsername)) { errorAndExit('Please provide a username (-n)'); } else if (!NAME_REGEX.test(iamUsername)) { errorAndExit( 'The username provided contains illegal characters. It must be ' + nameDesc ); } if (!isUndefined(alksAccount) && isUndefined(alksRole)) { log('trying to extract role from account'); alksRole = tryToExtractRole(alksAccount); } if (!alksAccount || !alksRole) { ({ alksAccount, alksRole } = await promptForAlksAccountAndRole({ iamOnly: true, filterFavorites: filterFaves, })); } const auth = await getAuth(); const alks = await getAlks({ ...auth, }); const awsAccount = await getAwsAccountFromString(alksAccount); if (!awsAccount) { throw new Error(badAccountMessage); } log('calling api to create ltk: ' + iamUsername); const ltk = await alks.createAccessKeys({ account: awsAccount.id, role: alksRole, iamUserName: iamUsername, tags, }); if (output === 'json') { const ltkData = { accessKey: ltk.accessKey, secretKey: ltk.secretKey, iamUserName: iamUsername, iamUserArn: ltk.iamUserArn, }; console.log(JSON.stringify(ltkData, null, 4)); } else { const ltkData = { accessKey: ltk.accessKey, secretKey: ltk.secretKey, iamUserName: iamUsername, iamUserArn: ltk.iamUserArn, alksAccount: awsAccount.id, alksRole, }; console.log( clc.white( `LTK created for IAM User "${iamUsername}" was created with the ARN: ` ) + clc.white.underline(ltkData.iamUserArn) ); console.log( clc.white('LTK Access Key: ') + clc.white.underline(ltkData.accessKey) ); console.log( clc.white('LTK Secret Key: ') + clc.white.underline(ltkData.secretKey) ); } await checkForUpdate(); } catch (err) { errorAndExit((err as Error).message, err as Error); } }