Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
@aws-solutions-constructs/core
Advanced tools
All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
Reference Documentation: | https://docs.aws.amazon.com/solutions/latest/constructs/ |
---|
The core library includes the basic building blocks of the AWS Solutions Constructs Library. It defines the core classes that are used in the rest of the AWS Solutions Constructs Library.
Core library sets the default properties for the AWS CDK Constructs used by the AWS Solutions Constructs Library constructs.
For example, the following is the snippet of default properties for S3 Bucket construct created by AWS Solutions Constructs. By default, it will turn on the server-side encryption, bucket versioning, block all public access and setup the S3 access logging.
{
encryption: s3.BucketEncryption.S3_MANAGED,
versioned: true,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
removalPolicy: RemovalPolicy.RETAIN,
serverAccessLogsBucket: loggingBucket
}
The default properties set by the Core library can be overridden by user provided properties. For example, the user can override the Amazon S3 Block Public Access property to meet specific requirements.
const stack = new cdk.Stack();
const props: CloudFrontToS3Props = {
bucketProps: {
blockPublicAccess: {
blockPublicAcls: false,
blockPublicPolicy: true,
ignorePublicAcls: false,
restrictPublicBuckets: true
}
}
};
new CloudFrontToS3(stack, 'test-cloudfront-s3', props);
expect(stack).toHaveResource("AWS::S3::Bucket", {
PublicAccessBlockConfiguration: {
BlockPublicAcls: false,
BlockPublicPolicy: true,
IgnorePublicAcls: false,
RestrictPublicBuckets: true
},
});
When a default property from the Core library is overridden by a user-provided property, Constructs will emit one or more warning messages to the console highlighting the change(s). These messages are intended to provide situational awareness to the user and prevent unintentional overrides that could create security risks. These messages will appear whenever deployment/build-related commands are executed, including cdk deploy
, cdk synth
, npm test
, etc.
Example message:
AWS_CONSTRUCTS_WARNING: An override has been provided for the property: BillingMode. Default value: 'PAY_PER_REQUEST'. You provided: 'PROVISIONED'.
Override warning messages are enabled by default, but can be explicitly turned on/off using the overrideWarningsEnabled
shell variable.
export overrideWarningsEnabled=false
.export overrideWarningsEnabled=true
.unset overrideWarningsEnabled
.FAQs
Core CDK Construct for patterns library
The npm package @aws-solutions-constructs/core receives a total of 53,560 weekly downloads. As such, @aws-solutions-constructs/core popularity was classified as popular.
We found that @aws-solutions-constructs/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.