Command line parameters, AWS credentials

package.json

@@ -27,11 +27,13 @@
     "@aws-sdk/client-iot-data-plane": "^3.523.0",
     "@aws-sdk/client-lambda": "^3.518.0",
     "@aws-sdk/client-s3": "^3.515.0",
+    "@aws-sdk/credential-providers": "^3.515.0",
     "chokidar": "^3.6.0",
     "esbuild": "^0.20.1",
     "@types/aws-iot-device-sdk": "^2.2.8",
     "aws-iot-device-sdk": "^2.2.13",
-    "node-machine-id": "^1.1.12"
+    "node-machine-id": "^1.1.12",
+    "commander": "^12.0.0"
   },
   "peerDependencies": {
     "aws-cdk": "^2",

src/awsCredentials.ts

@@ -0,0 +1,12 @@
+export * as AwsCredentials from "./awsCredentials.js";
+import { fromNodeProviderChain } from "@aws-sdk/credential-providers";
+import * as LlDebugger from "./lldebugger.js";
+import type { AwsCredentialIdentityProvider } from "@smithy/types";
+
+export function getCredentialsProvider(): AwsCredentialIdentityProvider {
+  return fromNodeProviderChain({
+    clientConfig: { region: LlDebugger.argOptions.region },
+    profile: LlDebugger.argOptions.profile,
+    roleArn: LlDebugger.argOptions.role,
+  });
+}

src/cdkResourcesDiscovery.ts

@@ -8,6 +8,7 @@ import { outputFolder } from "./constants.js";
 import type { BundlingOptions } from "aws-cdk-lib/aws-lambda-nodejs";
 import { BundlingType } from "./functionProps.js";
 import { findAboveFolderWithAFile } from "./findAboveFolderWithAFile.js";
+import { LlDebugger } from "./lldebugger.js";
 
 // this is global variable to store the data from the CDK code once it is executed
 declare global {
@@ -342,18 +343,21 @@ async function getLambdasDataFromCdkByCompilingAndRunning(
 async function getCdkContext(cdkConfigPath: string) {
   // get CDK context from the command line
   // get all "-c" and "--context" arguments from the command line
+
   const contextArgs = process.argv.filter(
     (arg) => arg.startsWith("-c") ?? arg.startsWith("--context")
   );
 
+  //const contextArgs = LlDebugger.argOptions.context;
+
   //parameter can be like:
   // -c key=value
   // -c=key=value
   // --context key=value
   // --context=key=value
   // extract the key and value from the parameter
   // take into account that first seperator can be "=" or " "
-  const contextFromCli = contextArgs.reduce((acc, arg) => {
+  const contextFromCli = contextArgs?.reduce((acc, arg) => {
     const [key, value] = arg.split(/=| /).slice(1);
     (acc as any)[key] = value;
     return acc;

src/infraDeploy.ts

@@ -17,9 +17,27 @@ import { getDebuggerId, getVersion, moduleDirname } from "./lldebugger.js";
 import * as Functions from "./functions.js";
 import fs from "fs/promises";
 import * as path from "path";
+import * as AwsCredentials from "./awsCredentials.js";
 
-const lambdaClient = new LambdaClient({});
-const iamClient = new IAMClient({});
+let lambdaClient: LambdaClient | undefined;
+function getLambdaClient(): LambdaClient {
+  if (!lambdaClient) {
+    lambdaClient = new LambdaClient({
+      credentials: AwsCredentials.getCredentialsProvider(),
+    });
+  }
+  return lambdaClient;
+}
+
+let iamClient: IAMClient | undefined;
+function getIAMClient(): IAMClient {
+  if (!iamClient) {
+    iamClient = new IAMClient({
+      credentials: AwsCredentials.getCredentialsProvider(),
+    });
+  }
+  return iamClient;
+}
 
 const inlinePolicyName = "LambdaLiveDebuggerPolicy";
 const layerName = "LambdaLiveDebugger"; // Replace with your layer name
@@ -39,7 +57,7 @@ async function findExistingLayer(layerName: string) {
     LayerName: layerName,
   });
 
-  const response = await lambdaClient.send(listLayerVersionsCommand);
+  const response = await getLambdaClient().send(listLayerVersionsCommand);
   if (response.LayerVersions && response.LayerVersions.length > 0) {
     return response.LayerVersions[0];
   }
@@ -84,7 +102,7 @@ async function deployLayer() {
       LayerName: layerName,
       VersionNumber: existingLayer.Version,
     });
-    await lambdaClient.send(deleteLayerVersionCommand);
+    await getLambdaClient().send(deleteLayerVersionCommand);
     // console.log("Layer already deployed.");
     // return existingLayer.LayerVersionArn;
   }
@@ -103,7 +121,7 @@ async function deployLayer() {
     CompatibleRuntimes: ["nodejs18.x", "nodejs20.x"],
   });
 
-  const response = await lambdaClient.send(publishLayerVersionCommand);
+  const response = await getLambdaClient().send(publishLayerVersionCommand);
 
   if (!response.LayerVersionArn) {
     throw new Error("Failed to retrieve the layer version ARN");
@@ -116,7 +134,7 @@ async function deployLayer() {
 async function deleteLayer() {
   let nextMarker: string | undefined;
   do {
-    const layers = await lambdaClient.send(
+    const layers = await getLambdaClient().send(
       new ListLayersCommand({
         Marker: nextMarker,
         MaxItems: 10,
@@ -138,7 +156,7 @@ async function deleteLayer() {
 async function deleteAllVersionsOfLayer(layerArn: string): Promise<void> {
   let nextMarker: string | undefined;
   do {
-    const versions = await lambdaClient.send(
+    const versions = await getLambdaClient().send(
       new ListLayerVersionsCommand({
         LayerName: layerArn,
         Marker: nextMarker,
@@ -159,7 +177,7 @@ async function deleteLayerVersion(
   versionNumber: number
 ): Promise<void> {
   try {
-    await lambdaClient.send(
+    await getLambdaClient().send(
       new DeleteLayerVersionCommand({
         LayerName: layerArn,
         VersionNumber: versionNumber,
@@ -217,7 +235,7 @@ async function removeLayerFromFunction(functionName: string) {
         Timeout: initialTimeout,
       });
 
-    lambdaClient.send(updateFunctionConfigurationCommand);
+    getLambdaClient().send(updateFunctionConfigurationCommand);
 
     console.log(`Function configuration cleared ${functionName}`);
   } else {
@@ -226,7 +244,7 @@ async function removeLayerFromFunction(functionName: string) {
 }
 
 async function getFunctionCongfiguration(functionName: string) {
-  const getFunctionResponse = await lambdaClient.send(
+  const getFunctionResponse = await getLambdaClient().send(
     new GetFunctionCommand({
       FunctionName: functionName,
     })
@@ -313,7 +331,7 @@ async function attachLayerToFunction(
         Timeout: 300, // Increase the timeout to 5 minutes
       });
 
-    lambdaClient.send(updateFunctionConfigurationCommand);
+    getLambdaClient().send(updateFunctionConfigurationCommand);
 
     console.log(`Function configuration updated for ${functionName}`);
   } else {
@@ -336,7 +354,7 @@ function getDdlEnvironmentVarables(
 
 async function addPolicyToLambdaRole(functionName: string) {
   // Retrieve the Lambda function's execution role ARN
-  const getFunctionResponse = await lambdaClient.send(
+  const getFunctionResponse = await getLambdaClient().send(
     new GetFunctionCommand({
       FunctionName: functionName,
     })
@@ -373,7 +391,7 @@ async function addPolicyToLambdaRole(functionName: string) {
 
   if (addPolicy) {
     // add inline policy to the role using PutRolePolicyCommand
-    await iamClient.send(
+    await getIAMClient().send(
       new PutRolePolicyCommand({
         RoleName: roleName,
         PolicyName: inlinePolicyName,
@@ -385,7 +403,7 @@ async function addPolicyToLambdaRole(functionName: string) {
 
 async function getPolicyDocument(roleName: string) {
   try {
-    const policy = await iamClient.send(
+    const policy = await getIAMClient().send(
       new GetRolePolicyCommand({
         RoleName: roleName,
         PolicyName: inlinePolicyName,

src/ioTService.ts

@@ -1,7 +1,11 @@
 export * as IoTService from "./ioTService.js";
 import * as iot from "aws-iot-device-sdk";
 import { splitMessageToChunks, MessageChunk } from "./splitIoTMessage.js";
-import { getIoTEndpoint } from "./getIoTEndpoint.js";
+import { IoTClient, DescribeEndpointCommand } from "@aws-sdk/client-iot";
+import type {
+  AwsCredentialIdentityProvider,
+  AwsCredentialIdentity,
+} from "@smithy/types";
 
 let device: iot.device;
 
@@ -54,18 +58,45 @@ export type IoTMessage =
 
 export type IoTMessageTypes = IoTMessage["type"];
 
+export async function getIoTEndpoint({
+  credentials,
+}: {
+  credentials?: AwsCredentialIdentity;
+}) {
+  const iot = new IoTClient({ credentials });
+  const response = await iot.send(
+    new DescribeEndpointCommand({
+      endpointType: "iot:Data-ATS",
+    })
+  );
+
+  if (!response.endpointAddress)
+    throw new Error("IoT Endpoint address not found");
+
+  return response.endpointAddress;
+}
+
 export async function connect(props: {
   onMessage: (message: IoTMessage) => void;
   topic: string;
+  credentialsProvider?: AwsCredentialIdentityProvider;
 }): Promise<{
   publish: (payload: IoTMessage, topic: string) => Promise<void>;
 }> {
-  const endpoint = await getIoTEndpoint();
+  const credentials = props.credentialsProvider
+    ? await props.credentialsProvider()
+    : undefined;
+
+  const endpoint = await getIoTEndpoint({ credentials });
+
   device = new iot.device({
     protocol: "wss",
     host: endpoint,
     reconnectPeriod: 1,
     keepalive: 60,
+    accessKeyId: credentials?.accessKeyId,
+    secretKey: credentials?.secretAccessKey,
+    sessionToken: credentials?.sessionToken,
   });
 
   device.subscribe(props.topic, { qos: 1 });

src/lldebugger.ts

@@ -1,4 +1,5 @@
 // ******  support require in for CJS modules ******
+export * as LlDebugger from "./lldebugger.js";
 import { createRequire } from "module";
 // @ts-ignore
 const require = createRequire(import.meta.url);
@@ -17,17 +18,44 @@ import * as FileWatcher from "./fileWatcher.js";
 import * as fs from "fs";
 import { fileURLToPath } from "url";
 import * as path from "path";
+import { Command } from "commander";
+import * as AwsCredentials from "./awsCredentials.js";
 
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
 export let resources: ResourcesToDebug;
 let debuggerId: string;
 
+export let argOptions: {
+  destroy?: boolean;
+  verbose?: boolean;
+  context?: string;
+  profile?: string;
+  region?: string;
+  role?: string;
+};
+
 async function run() {
+  const version = await getVersion();
+  const program = new Command();
+
+  program.name("lld").description("Lambda Live Debugger").version(version);
+
+  program.option("-d, --destroy", "Destroy the infrastructure");
+  program.option("-v, --verbose", "Verbose logs");
+  program.option("-c, --context <context>", "AWS CDK context");
+  program.option("--profile <profile>", "AWS profile to use");
+  program.option("--region <region>", "AWS region to use");
+  program.option("--role <role>", "AWS role to use");
+
+  program.parse(process.argv);
+
+  argOptions = program.opts();
+
   debuggerId = await generateDebuggerId();
   console.log(
-    `Welcome to Lambda Live Debugger version: ${await getVersion()}! Starting the debugger (ID ${debuggerId})...`
+    `Welcome to Lambda Live Debugger version: ${version}! Starting the debugger (ID ${debuggerId})...`
   );
   resources = await CdkResourcesDiscovery.resourcesDiscovery();
 
@@ -44,9 +72,10 @@ async function run() {
       .join("\n - ")}`
   );
 
-  // await InfraDeploy.destroyInfrastructure();
-
-  // return;
+  if (argOptions.destroy) {
+    await InfraDeploy.destroyInfrastructure();
+    return;
+  }
   await InfraDeploy.deployInfrastructure();
 
   const topic = `${debuggerId}/events`;
@@ -104,6 +133,7 @@ async function run() {
       }
     },
     topic,
+    credentialsProvider: AwsCredentials.getCredentialsProvider(),
   });
   console.log("Debugger started!");
 }