![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@aws-cdk/cx-api
Advanced tools
Package description
@aws-cdk/cx-api is a part of the AWS Cloud Development Kit (CDK) that provides a set of APIs for interacting with the Cloud Assembly, which is the output of the CDK synthesis process. It allows developers to programmatically access and manipulate the synthesized cloud infrastructure stacks, assets, and metadata.
Accessing Cloud Assembly
This feature allows you to load and interact with a Cloud Assembly, which is the output directory of a CDK app synthesis. The code sample demonstrates how to load a Cloud Assembly from a specified path and log the stacks it contains.
const cxapi = require('@aws-cdk/cx-api');
const assembly = new cxapi.CloudAssembly('/path/to/cloud-assembly');
console.log(assembly.stacks);
Reading Stack Metadata
This feature allows you to read metadata from a specific stack within the Cloud Assembly. The code sample shows how to get a stack by its name and log its metadata.
const cxapi = require('@aws-cdk/cx-api');
const assembly = new cxapi.CloudAssembly('/path/to/cloud-assembly');
const stack = assembly.getStackByName('MyStack');
console.log(stack.metadata);
Listing Assets
This feature allows you to list all the assets included in the Cloud Assembly. The code sample demonstrates how to log all the assets in the Cloud Assembly.
const cxapi = require('@aws-cdk/cx-api');
const assembly = new cxapi.CloudAssembly('/path/to/cloud-assembly');
console.log(assembly.assets);
The AWS SDK for JavaScript provides a comprehensive set of APIs for interacting with AWS services. While it does not specifically focus on the Cloud Assembly or CDK synthesis output, it allows for a wide range of AWS service interactions, including managing infrastructure, which can complement the use of @aws-cdk/cx-api.
The Serverless Framework is a popular open-source framework for building and deploying serverless applications. It provides functionalities for defining and deploying cloud infrastructure, similar to the CDK, but focuses on serverless architectures. It does not provide direct access to a Cloud Assembly like @aws-cdk/cx-api.
Terraform by HashiCorp is an open-source infrastructure as code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. It allows for the definition, preview, and deployment of cloud infrastructure. While it serves a similar purpose to the CDK, it does not have a direct equivalent to the Cloud Assembly or @aws-cdk/cx-api.
Changelog
0.32.0 (2019-05-24)
@aws-cdk/aws-route53-targets
package.IBucket.arnForObject
method no longer
concatenates path fragments on your behalf. Pass the /
-concatenated
key pattern instead.export
methods from all AWS resources have been removed. CloudFormation Exports are now automatically created when attributes are referenced across stacks within the same app. To export resources manually, you can explicitly define a CfnOutput
.kms.EncryptionKey
renamed to kms.Key
ec2.VpcNetwork
renamed to ec2.Vpc
ec2.VpcSubnet
renamed to ec2.Subnet
cloudtrail.CloudTrail
renamed to
cloudtrail.Trail`XxxAttribute
and XxxImportProps
interfaces which were no longer in used after their corresponding export
method was deleted and there was no use for them in imports.ecs.ClusterAttributes
now accepts IVpc
and ISecurityGroup
instead of attributes. You can use their
corresponding fromXxx
methods to import them as needed.servicediscovery.CnameInstance.instanceCname
renamed to cname
.glue.IDatabase.locationUrl
is now only in glue.Database
(not on the interface)ec2.TcpPortFromAttribute
and UdpPortFromAttribute
removed. Use TcpPort
and UdpPort
with new Token(x).toNumber
instead.ec2.VpcNetwork.importFromContext
renamed to ec2.Vpc.fromLookup
iam.IRole.roleId
has been removed from the interface, but Role.roleId
is still available for owned resources.loadBalancer
property in ServerDeploymentGroupProps has been changed.apigateway.ResourceBase.trackChild
is now internal.cloudfront.S3OriginConfig.originAccessIdentity
is now originAccessIdentityId
codedeploy.LambdaDeploymentGroup.alarms
is now cloudwatch.IAlarm[]
(previously cloudwatch.Alarm[]
)codepipeline.crossRegionScaffoldingStacks
renamed to crossRegionScaffolding
codepipeline.CrossRegionScaffoldingStack
renamed to codepipeline.CrossRegionScaffolding
and cannot be instantiated (abstract)ec2.VpcSubnet.addDefaultRouteToNAT
renamed to addDefaultNatRoute
and made publicec2.VpcSubnet.addDefaultRouteToIGW
renamed to addDefaultInternetRoute
, made public and first argument is the gateway ID (string) and not the CFN L1 classecs.Ec2EventRuleTarget.taskDefinition
is now ITaskDefinition
(previously TaskDefinition
)lambda.IEventSource.bind
now accepts IFunction
instead of FunctionBase
. Use IFunction.addEventSourceMapping
to add an event source mapping under the function.lambda.Layer.grantUsage
renamed to lambda.layer.addPermission
and returns voidstepfunctions.StateMachine.role
is now iam.IRole
(previously iam.Role
)onXxx()
CloudWatch Event methods now have the signature:
resource.onEvent('SomeId', {
target: new SomeTarget(...),
// options
});
onAlarm
was renamed to addAlarmAction
onOk
was renamed to addOkAction
onInsufficientData
was renamed to addInsufficientDataAction
onLifecycleTransition
was renamed to addLifecycleHook
onPreHook
was renamed to addPreHook
onPostHook
was renamed to addPostHook
onXxx
were renamed to addXxxTrigger
onImagePushed
was renamed to onCloudTrailImagePushed
onEvent
was renamed to addEventNotification
onObjectCreated
was renamed to addObjectCreatedNotification
onObjectRemoved
was renamed to addObjectRemovedNotification
onPutObject
was renamed to onCloudTrailPutObject
Readme
This module is part of the AWS Cloud Development Kit project.
FAQs
Unknown package
The npm package @aws-cdk/cx-api receives a total of 693,782 weekly downloads. As such, @aws-cdk/cx-api popularity was classified as popular.
We found that @aws-cdk/cx-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.