trivir · dallinjsevy · Jun 4, 2026
diff --git a/src/cli/config/config-export.ts b/src/cli/config/config-export.ts
@@ -176,7 +176,7 @@ export default function setup() {
               includeReadOnly: options.readOnly,
               onlyRealm: options.realmOnly,
               onlyGlobal: options.globalOnly,
-              onlyCustom: options.onlyCustom
+              onlyCustom: options.onlyCustom,
             }
           );
           if (!outcome) process.exitCode = 1;
@@ -209,7 +209,7 @@ export default function setup() {
               includeReadOnly: options.readOnly,
               onlyRealm: options.realmOnly,
               onlyGlobal: options.globalOnly,
-              onlyCustom: options.onlyCustom
+              onlyCustom: options.onlyCustom,
             }
           );
           if (!outcome) process.exitCode = 1;

diff --git a/src/cli/config/config-import.ts b/src/cli/config/config-import.ts
@@ -135,7 +135,7 @@ export default function setup() {
             includeDefault: options.default,
             includeActiveValues: options.includeActiveValues,
             source: options.source,
-            onlyCustom: options.onlyCustom
+            onlyCustom: options.onlyCustom,
           });
           if (!outcome) process.exitCode = 1;
         }
@@ -159,7 +159,7 @@ export default function setup() {
             includeDefault: options.default,
             includeActiveValues: options.includeActiveValues,
             source: options.source,
-            onlyCustom: options.onlyCustom
+            onlyCustom: options.onlyCustom,
           });
           if (!outcome) process.exitCode = 1;
         }
@@ -177,7 +177,7 @@ export default function setup() {
               includeDefault: options.default,
               includeActiveValues: options.includeActiveValues,
               source: options.source,
-              onlyCustom: options.onlyCustom
+              onlyCustom: options.onlyCustom,
             }
           );
           if (!outcome) process.exitCode = 1;

diff --git a/src/cli/iga/iga.ts b/src/cli/iga/iga.ts
@@ -1,4 +1,6 @@
 import { FrodoStubCommand } from '../FrodoCommand';
+import SodPolicyCmd from './sod-policy/iga-policy';
+import SodPolicyRulesCmd from './sod-policy-rule/iga-policy';
 import WorkflowCmd from './workflow/iga-workflow';
 
 export default function setup() {
@@ -7,6 +9,8 @@ export default function setup() {
   );
 
   program.addCommand(WorkflowCmd().name('workflow').showHelpAfterError());
+  program.addCommand(SodPolicyCmd().name('policy').showHelpAfterError());
+  program.addCommand(SodPolicyRulesCmd().name('policy-rule'));
 
   program.showHelpAfterError();
   return program;

diff --git a/src/cli/iga/sod-policy-rule/iga-policy-rule-delete.ts b/src/cli/iga/sod-policy-rule/iga-policy-rule-delete.ts
@@ -0,0 +1,61 @@
+import { frodo, state } from '@rockcarver/frodo-lib';
+import { Option } from 'commander';
+
+import { getTokens } from '../../../ops/AuthenticateOps';
+import { deletePolicyRuleByName } from '../../../ops/cloud/iga/IgaSodPolicyRuleOps';
+import { printMessage, verboseMessage } from '../../../utils/Console.js';
+import { FrodoCommand } from '../../FrodoCommand';
+
+const { CLOUD_DEPLOYMENT_TYPE_KEY } = frodo.utils.constants;
+
+const deploymentTypes = [CLOUD_DEPLOYMENT_TYPE_KEY];
+
+export default function setup() {
+  const program = new FrodoCommand('frodo iga policy-rule delete');
+
+  program
+    .description('Delete a SoD policy rule.')
+    .addOption(new Option('-n, --rule-name <policy-name>', 'Rule name.'))
+    .action(async (host, realm, user, password, options, command) => {
+      command.handleDefaultArgsAndOpts(
+        host,
+        realm,
+        user,
+        password,
+        options,
+        command
+      );
+      if (!options.ruleName) {
+        printMessage(
+          'Unrecognized combination of options or no options...',
+          'error'
+        );
+        program.help();
+        process.exitCode = 1;
+        return;
+      }
+      const getTokensIsSuccessful = await getTokens(
+        false,
+        true,
+        deploymentTypes
+      );
+      if (!getTokensIsSuccessful) {
+        printMessage('Error getting tokens', 'error');
+        process.exitCode = 1;
+        return;
+      }
+      if (!state.getIsIGA()) {
+        printMessage(
+          'Command not supported for non-IGA cloud tenants',
+          'error'
+        );
+        process.exitCode = 1;
+        return;
+      }
+      verboseMessage('Deleting policy...');
+      const outcome = await deletePolicyRuleByName(options.ruleName);
+      if (!outcome) process.exitCode = 1;
+    });
+
+  return program;
+}
diff --git a/src/cli/iga/sod-policy-rule/iga-policy-rule-describe.ts b/src/cli/iga/sod-policy-rule/iga-policy-rule-describe.ts
@@ -0,0 +1,72 @@
+import { frodo, state } from '@rockcarver/frodo-lib';
+import { Option } from 'commander';
+
+import { getTokens } from '../../../ops/AuthenticateOps';
+import { describePolicyRule } from '../../../ops/cloud/iga/IgaSodPolicyRuleOps';
+import { printMessage, verboseMessage } from '../../../utils/Console';
+import { FrodoCommand } from '../../FrodoCommand';
+
+const { CLOUD_DEPLOYMENT_TYPE_KEY } = frodo.utils.constants;
+
+const deploymentTypes = [CLOUD_DEPLOYMENT_TYPE_KEY];
+
+export default function setup() {
+  const program = new FrodoCommand('frodo iga policy-rule describe');
+
+  program
+    .description('Describe Policy Rule.')
+    .addOption(
+      new Option(
+        '-n, --rule-name <policy-name>',
+        'Rule name. If not specified, will describe first rule in the provided export file.'
+      )
+    )
+    .addOption(
+      new Option(
+        '-f, --file <file>',
+        'Name of the policy export file to describe. If not specified, will automatically pull the policy export data of the provided id from the tenant.'
+      )
+    )
+    .action(async (host, realm, user, password, options, command) => {
+      command.handleDefaultArgsAndOpts(
+        host,
+        realm,
+        user,
+        password,
+        options,
+        command
+      );
+      if (!options.ruleName && !options.file) {
+        printMessage(
+          'Unrecognized combination of options or no options...',
+          'error'
+        );
+        program.help();
+        process.exitCode = 1;
+        return;
+      }
+      const getTokensIsSuccessful = await getTokens(
+        false,
+        true,
+        deploymentTypes
+      );
+      if (!getTokensIsSuccessful) {
+        printMessage('Error getting tokens', 'error');
+        process.exitCode = 1;
+        return;
+      }
+      if (!state.getIsIGA()) {
+        printMessage(
+          'Command not supported for non-IGA cloud tenants',
+          'error'
+        );
+        process.exitCode = 1;
+        return;
+      }
+      verboseMessage(`Describing policy ${options.ruleName}...`);
+      const outcome = await describePolicyRule(options.ruleName, options.file);
+      if (!outcome) process.exitCode = 1;
+    });
+
+  return program;
+}
diff --git a/src/cli/iga/sod-policy-rule/iga-policy-rule-export.ts b/src/cli/iga/sod-policy-rule/iga-policy-rule-export.ts
@@ -0,0 +1,131 @@
+import { frodo, state } from '@rockcarver/frodo-lib';
+import { Option } from 'commander';
+
+import { getTokens } from '../../../ops/AuthenticateOps';
+import {
+  exportPolicyRulesToFile,
+  exportPolicyRulesToFiles,
+  exportPolicyRuleToFile,
+} from '../../../ops/cloud/iga/IgaSodPolicyRuleOps';
+import { printMessage, verboseMessage } from '../../../utils/Console.js';
+import { FrodoCommand } from '../../FrodoCommand';
+
+const { CLOUD_DEPLOYMENT_TYPE_KEY } = frodo.utils.constants;
+
+const deploymentTypes = [CLOUD_DEPLOYMENT_TYPE_KEY];
+
+export default function setup() {
+  const program = new FrodoCommand(
+    'frodo iga policy-rule export',
+    [],
+    deploymentTypes
+  );
+
+  program
+    .description('Export policy rules.')
+    .addOption(
+      new Option(
+        '-n, --rule-name <rule-name>',
+        'Rule name. If specified, -a and -A are ignored.'
+      )
+    )
+    .addOption(
+      new Option(
+        '-f, --file [file]',
+        'Name of the export file. Ignored with -A. Defaults to <rule-name>.rule.json.'
+      )
+    )
+    .addOption(
+      new Option(
+        '-a, --all',
+        'Export all policies to a single file. Ignored with -n.'
+      )
+    )
+    .addOption(
+      new Option(
+        '-A, --all-separate',
+        'Export all policies as separate files <name>.rule.json. Ignored with -n and -a.'
+      )
+    )
+    .addOption(
+      new Option(
+        '-N, --no-metadata',
+        'Do not include metadata in the export file.'
+      )
+    )
+    .addOption(
+      new Option(
+        '-M, --modified-properties',
+        'Include modified properties in export (e.g. lastModifiedDate, lastModifiedBy, createdBy, creationDate, etc.)'
+      ).default(false, 'false')
+    )
+    .action(async (host, realm, user, password, options, command) => {
+      command.handleDefaultArgsAndOpts(
+        host,
+        realm,
+        user,
+        password,
+        options,
+        command
+      );
+      if (!options.ruleName && !options.all && !options.allSeparate) {
+        printMessage(
+          'Unrecognized combination of options or no options...',
+          'error'
+        );
+        program.help();
+        process.exitCode = 1;
+        return;
+      }
+      const getTokensIsSuccessful = await getTokens(
+        false,
+        true,
+        deploymentTypes
+      );
+      if (!getTokensIsSuccessful) {
+        printMessage('Error getting tokens', 'error');
+        process.exitCode = 1;
+        return;
+      }
+      if (!state.getIsIGA()) {
+        printMessage(
+          'Command not supported for non-IGA cloud tenants',
+          'error'
+        );
+        process.exitCode = 1;
+        return;
+      }
+      // --policy-name -n
+      if (options.ruleName) {
+        verboseMessage(`Exporting policy "${options.ruleName}"...`);
+        const outcome = await exportPolicyRuleToFile(
+          options.ruleName,
+          options.file,
+          options.metadata,
+          options.modifiedProperties
+        );
+        if (!outcome) process.exitCode = 1;
+      }
+      // --all -a
+      else if (options.all) {
+        verboseMessage('Exporting all policies to a single file...');
+        const outcome = await exportPolicyRulesToFile(
+          options.file,
+          options.metadata,
+          options.modifiedProperties
+        );
+        if (!outcome) process.exitCode = 1;
+      }
+      // --all-separate -A
+      else if (options.allSeparate) {
+        verboseMessage('Exporting all policies to separate files...');
+        const outcome = await exportPolicyRulesToFiles(
+          options.metadata,
+          options.modifiedProperties
+        );
+        if (!outcome) process.exitCode = 1;
+      }
+    });
+
+  return program;
+}