feat(iam): add key rotation and enhances policy management#81
feat(iam): add key rotation and enhances policy management#81designcode merged 5 commits intomainfrom
Conversation
Greptile SummaryThis PR adds Two P1 concerns need attention before merging:
Confidence Score: 4/5Mergeable after addressing the Two P1 findings are present: the misleading parameter name that will cause runtime failures for callers of
|
| Filename | Overview |
|---|---|
| packages/iam/src/lib/access-key/policy.ts | New file implementing attach/detach/list policy operations; accessKeyId parameter is sent as UserName to the IAM API, which likely requires the key's username (name), not its UUID id — callers following the parameter name will pass the wrong value. |
| packages/iam/src/lib/access-key/rotate.ts | New file implementing key rotation; unsafe access on rotate_access_key_result without optional chaining could throw TypeError if server omits the field on a success response. |
| packages/iam/src/lib/http-client.ts | Adds three new IAM endpoint constants for attach/detach policy and list policies for access key; changes are straightforward and consistent with existing entries. |
| packages/iam/src/lib/policy/get.ts | Fixes GetPolicyResponse.users from string[] to { id: string; name: string; }[] to match actual API shape; mapping and null-safety look correct. |
| packages/iam/src/lib/access-key/list.ts | Fixes pagination marker by only appending Marker when a paginationToken is provided, avoiding the erroneous '0' default. |
| packages/iam/src/lib/policy/list.ts | Same pagination marker fix as list.ts for access keys; change is correct and consistent. |
| packages/iam/src/index.ts | Exports the three new policy management functions and the rotate function; exports look correct and complete. |
Reviews (1): Last reviewed commit: "fix(iam): getPolicy user output" | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit e1979aa. Configure here.
Assisted-by: Claude Opus 4.6 via Claude Code
|
🎉 This PR is included in version 2.1.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 3.1.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
2 participants
Summary
rotateAccessKeyfor rotating IAM access keysattachKeyPolicy,detachKeyPolicy, andlistKeyPoliciesmethods for managing access key policy associationsgetPolicyuser outputTest plan
npm testand confirm all tests pass🤖 Generated with Claude Code
Note
Medium Risk
Adds new IAM client operations for rotating access keys and attaching/detaching/listing policies, and changes pagination marker behavior; these touch credential/policy management flows and could affect permissions if the new endpoints or response parsing are incorrect.
Overview
Adds new IAM SDK surface for access key rotation via
rotateAccessKey, returning the rotated key id and newly-issued secret.Introduces access-key policy association helpers (
attachPolicyToAccessKey,detachPolicyFromAccessKey,listPoliciesForAccessKey) and wires new IAM endpoints for these operations.Fixes pagination handling in
listAccessKeysandlistPoliciesby only sendingMarkerwhen a token is provided (instead of defaulting to'0'), and adjustsgetPolicyto return attached users as{id, name}objects rather than raw strings.Reviewed by Cursor Bugbot for commit aba9131. Bugbot is set up for automated code reviews on this repo. Configure here.