tezda-ip-whitelist-cli/dist/cli.js

CLI tool to update IP whitelist via AWS Lambda

#!/usr/bin/env node
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const commander_1 = require("commander");
const promises_1 = require("dns/promises");
const invoke_1 = require("./invoke");
const client_sts_1 = require("@aws-sdk/client-sts");
/**
 * Parses and retrieves command-line arguments.
 */
const program = new commander_1.Command();
program
    .name('ip-whitelist-cli')
    .description('CLI tool to update IP whitelist via AWS Lambda')
    .version('1.0.0')
    .option('-p, --profile <profile>', 'AWS profile to use')
    .option('-r, --region <region>', 'AWS region', 'us-east-1')
    .parse(process.argv);
const options = program.opts();
/**
 * Retrieves the current caller's identity using AWS STS.
 *
 * @param stsClient - An instance of STSClient.
 * @returns The caller's identity.
 */
const getCallerIdentity = async (stsClient) => {
    const command = new client_sts_1.GetCallerIdentityCommand({});
    try {
        const response = await stsClient.send(command);
        return response;
    }
    catch (error) {
        console.error('Error fetching caller identity:', error.message || error);
        throw error;
    }
};
/**
 * The main function orchestrating the CLI tool's operations.
 */
const main = async () => {
    var _a;
    const { profile, region } = options;
    const lambdaClient = (0, invoke_1.createLambdaClient)(region, profile);
    const stsClient = new client_sts_1.STSClient({
        region,
        credentials: profile ? undefined : undefined,
    });
    let callerIdentity;
    try {
        callerIdentity = await getCallerIdentity(stsClient);
        const { UserId, Account, Arn } = callerIdentity;
        console.log(`Caller Identity - UserId: ${UserId}, Account: ${Account}, Arn: ${Arn}`);
    }
    catch (error) {
        process.exit(1);
    }
    const arnParts = ((_a = callerIdentity.Arn) === null || _a === void 0 ? void 0 : _a.split('/')) || [];
    const usernameWithDomain = arnParts[arnParts.length - 1];
    if (!usernameWithDomain) {
        console.error('Unable to extract username from ARN.');
        process.exit(1);
    }
    if (!usernameWithDomain.endsWith('@tezda.com') || !usernameWithDomain.endsWith('@ozb.com')) {
        console.error('Error: Username must end with @tezda.com or @ozb.com');
        process.exit(1);
    }
    const [userPrefix] = usernameWithDomain.split('@');
    if (!userPrefix) {
        console.error('Error extracting username prefix.');
        process.exit(1);
    }
    const constructedHostname = `${userPrefix}-tezda.ddns.net`;
    console.log(`Constructed hostname: ${constructedHostname}`);
    let ipAddress;
    try {
        const addresses = await (0, promises_1.resolve)(constructedHostname);
        if (addresses.length === 0) {
            throw new Error(`No IP addresses found for hostname: ${constructedHostname}`);
        }
        ipAddress = addresses[0];
        console.log(`Resolved IP address for ${constructedHostname}: ${ipAddress}`);
    }
    catch (error) {
        console.error('Error resolving hostname:', error.message || error);
        process.exit(1);
    }
    const payload = {
        ipAddress,
        tag: usernameWithDomain,
    };
    const lambdaFunctionName = 'tezda-ip-whitelist-cli-dev-updateIp';
    try {
        await (0, invoke_1.invokeLambda)(lambdaClient, lambdaFunctionName, payload);
    }
    catch (error) {
        console.error('Failed to invoke Lambda function:', error.message || error);
        process.exit(1);
    }
};
main();