Socket
Socket
Sign inDemoInstall

@aws-c2a/models

Package Overview
Dependencies
6
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    @aws-c2a/models

The models package for CDK Change Analyzer: a tool that enables detecting dangerous changes within CDK projects.

Version published
Weekly downloads
1
decreased by-83.33%
Maintainers
1
Created
Weekly downloads
 

Readme

Source

AWS CDK Change Analyzer (C2A) - Models

@aws-c2a/models is a package that contains the class definitions and serialization for the aws-c2a engine.

Concepts

The models package defines class definitions that are integral to the usage of AWS C2A. These conceps are what allow C2A to analyze the differences between two infrastructure states, and also construct a graph to describe that diff.

InfraModel

InfraModel is used to represent a state of the infrastructure, corresponding to a CloudFormation template.

infra-model

Its main entities are:

  • Components - Represent any relevant entity of the infrastructure definition, such as CloudFormation resources, parameters and outputs, or CDK Constructs. Their main fields are:
    • type - The type of component. Some examples are "Resource", "Parameter", "CDK-Construct".
    • subtype - The subtype of the component. In the case of resources, this is the type of resource (e.g. "AWS::CloudFront::Distribution", "AWS::Lambda::Function").
    • name - An identifier for the Component. For CloudFormation Components, it corresponds to the logical ID. It is not assumed to be unique.
  • Relationships - Represent semantic relationships between Components. There are two types of relationships:
    • Dependency Relationships - Connects Components that depend on each other. In CloudFormation, these are generated from intrinsic function references and the DependsOn field.
    • Structural Relationships - Connects Components in a hierarchical structure. In CDK, these is generated from the construct tree.
  • Property Values - Hold property values for Components. They can be primitive values, or collections of other Property Values. The componentUpdateType field indicated the behavior of the component once this property has changed (e.g. "NONE", "REPLACEMENT", "POSSIBLE_REPLACEMENT").

InfraModelDiff

In addition to InfraModel, InfraModelDiff has a few extra concepts:

  • Operation - Describes a detected change/operation that occured between two versions of a Component or Property Value.
  • Transition - Contains the two versions (before and after) of any entity, after two InfraModels have been matched.

This is then represented in a graph, according to the following class diagram:

graph

FAQs

Last updated on 06 Dec 2021

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing SSO

Product

Introducing SSO

Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.

By Alex Morais  -  Apr 29, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc