Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@aws-cdk/cloud-assembly-schema
Advanced tools
@aws-cdk/cloud-assembly-schema is a package that defines the schema for AWS Cloud Development Kit (CDK) cloud assemblies. It provides a set of TypeScript interfaces and JSON schemas that describe the structure of the cloud assembly, which is the output of the CDK synthesis process. This package is essential for tools and libraries that need to interact with or manipulate CDK cloud assemblies.
Cloud Assembly Schema Definition
Defines the schema for a cloud assembly, including the version and artifacts. This schema is used to validate the structure of a cloud assembly JSON file.
{"type":"object","properties":{"version":{"type":"string"},"artifacts":{"type":"object","additionalProperties":{"$ref":"#/definitions/Artifact"}}},"required":["version","artifacts"],"definitions":{"Artifact":{"type":"object","properties":{"type":{"type":"string"},"properties":{"type":"object"}},"required":["type"]}}}
Artifact Type Definitions
Defines the schema for different types of artifacts, such as CloudFormation stacks and CDK assets. This schema is used to validate the structure of artifact definitions within a cloud assembly.
{"type":"object","properties":{"type":{"type":"string","enum":["aws:cloudformation:stack","aws:cdk:asset"]},"properties":{"type":"object","properties":{"templateFile":{"type":"string"},"parameters":{"type":"object","additionalProperties":{"type":"string"}}},"required":["templateFile"]}},"required":["type","properties"]}
The aws-cdk-lib package is the main library for the AWS Cloud Development Kit (CDK). It provides constructs for defining AWS infrastructure in code. While @aws-cdk/cloud-assembly-schema focuses on the schema of the cloud assembly, aws-cdk-lib provides the constructs and classes needed to define and synthesize the infrastructure itself.
cdk8s is a software development framework for defining Kubernetes applications and resources using familiar programming languages. Similar to how @aws-cdk/cloud-assembly-schema defines the schema for AWS CDK cloud assemblies, cdk8s provides schemas and constructs for defining Kubernetes manifests.
This module is part of the AWS Cloud Development Kit project.
The Cloud Assembly is the output of the synthesis operation. It is produced as part of the
cdk synth
command, or the app.synth()
method invocation.
Its essentially a set of files and directories, one of which is the manifest.json
file. It defines the set of instructions that are
needed in order to deploy the assembly directory.
For example, when
cdk deploy
is executed, the CLI reads this file and performs its instructions:
- Build container images.
- Upload assets.
- Deploy CloudFormation templates.
Therefore, the assembly is how the CDK class library and CDK CLI (or any other consumer) communicate. To ensure compatibility between the assembly and its consumers, we treat the manifest file as a well defined, versioned schema.
This module contains the typescript structs that comprise the manifest.json
file, as well as the
generated json-schema.
The schema version is specified my the major version of the package release. It follows semantic versioning, but with a small twist.
When we add instructions to the assembly, they are reflected in the manifest file and the json-schema accordingly. Every such instruction, is crucial for ensuring the correct deployment behavior. This means that to properly deploy a cloud assembly, consumers must be aware of every such instruction modification.
For this reason, every change to the schema, even though it might not strictly break validation of the json-schema format,
is considered major
version bump. All changes that do not impact the schema are considered a minor
version bump.
If you'd like to consume the schema file in order to do validations on manifest.json
files,
simply download it from this repo and run it against standard json-schema validators, such as jsonschema.
Consumers must take into account the major
version of the schema they are consuming. They should reject cloud assemblies
with a major
version that is higher than what they expect. While schema validation might pass on such assemblies, the deployment integrity
cannot be guaranteed because some instructions will be ignored.
For example, if your consumer was built when the schema version was 2.0.0, you should reject deploying cloud assemblies with a manifest version of 3.0.0.
FAQs
Cloud Assembly Schema
We found that @aws-cdk/cloud-assembly-schema demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.