Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@aws-cdk/region-info
Advanced tools
@aws-cdk/region-info is an AWS CDK library that provides information about AWS regions and services. It allows developers to programmatically access details about AWS regions, such as the services available in each region, region names, and partition information.
Get Region Information
This feature allows you to get information about a specific AWS region. In this example, it retrieves the name of the 'us-east-1' region.
const regionInfo = require('@aws-cdk/region-info');
const region = regionInfo.RegionInfo.get('us-east-1');
console.log(region.name); // Output: US East (N. Virginia)
Check if a Service is Available in a Region
This feature allows you to check if a specific AWS service is available in a given region. In this example, it checks if the S3 service is available in the 'us-east-1' region.
const regionInfo = require('@aws-cdk/region-info');
const region = regionInfo.RegionInfo.get('us-east-1');
const isAvailable = region.servicePrincipal('s3') !== undefined;
console.log(isAvailable); // Output: true
Get Partition Information
This feature allows you to get the partition information for a specific region. In this example, it retrieves the partition for the 'us-east-1' region, which is 'aws'.
const regionInfo = require('@aws-cdk/region-info');
const partition = regionInfo.RegionInfo.get('us-east-1').partition;
console.log(partition); // Output: aws
The aws-sdk package is the official AWS SDK for JavaScript. It provides a comprehensive set of tools for interacting with AWS services, including region and service information. However, it is more general-purpose and not as focused on region-specific information as @aws-cdk/region-info.
The aws-regions package provides a list of AWS regions and their associated information. It is similar to @aws-cdk/region-info but is more lightweight and does not integrate with the AWS CDK.
Some information used in CDK Applications differs from one AWS region to another, such as service principals used in IAM policies, S3 static website endpoints, ...
RegionInfo
classThe library offers a simple interface to obtain region specific information in
the form of the RegionInfo
class. This is the preferred way to interact with
the regional information database:
// Get the information for "eu-west-1":
const region = regionInfo.RegionInfo.get('eu-west-1');
// Access attributes:
region.s3StaticWebsiteEndpoint; // s3-website-eu-west-1.amazonaws.com
The RegionInfo
layer is built on top of the Low-Level API, which is described
below and can be used to register additional data, including user-defined facts
that are not available through the RegionInfo
interface.
This library offers a primitive database of such information so that CDK
constructs can easily access regional information. The FactName
class provides
a list of known fact names, which can then be used with the RegionInfo
to
retrieve a particular value:
const staticWebsite = regionInfo.Fact.find(
'ap-northeast-1',
regionInfo.FactName.S3_STATIC_WEBSITE_ENDPOINT
);
// => s3-website-ap-northeast-1.amazonaws.com
As new regions are released, it might happen that a particular fact you need is
missing from the library. In such cases, the Fact.register
method can be used
to inject FactName into the database:
class MyFact implements regionInfo.IFact {
public readonly region = 'bermuda-triangle-1';
public readonly name = regionInfo.FactName.S3_STATIC_WEBSITE_ENDPOINT;
public readonly value = 's3-website.bermuda-triangle-1.nowhere.com';
}
regionInfo.Fact.register(new MyFact());
In the event information provided by the library is incorrect, it can be
overridden using the same Fact.register
method demonstrated above, simply
adding an extra boolean argument:
class MyFact implements regionInfo.IFact {
public readonly region = 'us-east-1';
public readonly name = regionInfo.FactName.S3_STATIC_WEBSITE_ENDPOINT;
public readonly value = 'the-correct-endpoint.amazonaws.com';
}
regionInfo.Fact.register(new MyFact(), true /* Allow overriding information */);
If you happen to have stumbled upon incorrect data built into this library, it is always a good idea to report your findings in a GitHub issue, so we can fix it for everyone else!
This module is part of the AWS Cloud Development Kit project.
FAQs
AWS region information, such as service principal names
The npm package @aws-cdk/region-info receives a total of 245,980 weekly downloads. As such, @aws-cdk/region-info popularity was classified as popular.
We found that @aws-cdk/region-info demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.