🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@aws-c2a/models

Package Overview
Dependencies
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@aws-c2a/models

The models package for CDK Change Analyzer: a tool that enables detecting dangerous changes within CDK projects.

0.7.3
latest
Source
npm
Version published
Weekly downloads
13
550%
Maintainers
1
Weekly downloads
 
Created
Source

AWS CDK Change Analyzer (C2A) - Models

@aws-c2a/models is a package that contains the class definitions and serialization for the aws-c2a engine.

Concepts

The models package defines class definitions that are integral to the usage of AWS C2A. These conceps are what allow C2A to analyze the differences between two infrastructure states, and also construct a graph to describe that diff.

InfraModel

InfraModel is used to represent a state of the infrastructure, corresponding to a CloudFormation template.

infra-model

Its main entities are:

  • Components - Represent any relevant entity of the infrastructure definition, such as CloudFormation resources, parameters and outputs, or CDK Constructs. Their main fields are:
    • type - The type of component. Some examples are "Resource", "Parameter", "CDK-Construct".
    • subtype - The subtype of the component. In the case of resources, this is the type of resource (e.g. "AWS::CloudFront::Distribution", "AWS::Lambda::Function").
    • name - An identifier for the Component. For CloudFormation Components, it corresponds to the logical ID. It is not assumed to be unique.
  • Relationships - Represent semantic relationships between Components. There are two types of relationships:
    • Dependency Relationships - Connects Components that depend on each other. In CloudFormation, these are generated from intrinsic function references and the DependsOn field.
    • Structural Relationships - Connects Components in a hierarchical structure. In CDK, these is generated from the construct tree.
  • Property Values - Hold property values for Components. They can be primitive values, or collections of other Property Values. The componentUpdateType field indicated the behavior of the component once this property has changed (e.g. "NONE", "REPLACEMENT", "POSSIBLE_REPLACEMENT").

InfraModelDiff

In addition to InfraModel, InfraModelDiff has a few extra concepts:

  • Operation - Describes a detected change/operation that occured between two versions of a Component or Property Value.
  • Transition - Contains the two versions (before and after) of any entity, after two InfraModels have been matched.

This is then represented in a graph, according to the following class diagram:

graph

FAQs

Package last updated on 06 Dec 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and More

Security News

ECMAScript 2025 Finalized with Iterator Helpers, Set Methods, RegExp.escape, and More

ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.

By Sarah Gooding  -  Jun 26, 2025