Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
secure-cdk
Advanced tools
secure-cdk - npm Package Compare versions
Comparing version 0.1.9 to 0.1.10-alpha.0
@@ -13,3 +13,3 @@ "use strict"; | ||
| constructor(scope, id, props) { | ||
| utils_1.warnIfNotEquals(props === null || props === void 0 ? void 0 : props.minimumProtocolVersion, aws_cloudfront_1.SecurityPolicyProtocol.TLS_V1_2_2021, DistributionSecurityWarning.ProtocolVersionIsOutdated); | ||
| (0, utils_1.warnIfNotEquals)(props === null || props === void 0 ? void 0 : props.minimumProtocolVersion, aws_cloudfront_1.SecurityPolicyProtocol.TLS_V1_2_2021, DistributionSecurityWarning.ProtocolVersionIsOutdated); | ||
| super(scope, id, { | ||
@@ -23,3 +23,3 @@ minimumProtocolVersion: aws_cloudfront_1.SecurityPolicyProtocol.TLS_V1_2_2021, | ||
| const createSecureBehavior = (behaviorOptions) => { | ||
| utils_1.warnIfEquals(behaviorOptions.viewerProtocolPolicy, aws_cloudfront_1.ViewerProtocolPolicy.ALLOW_ALL, DistributionSecurityWarning.HttpTrafficAllowed); | ||
| (0, utils_1.warnIfEquals)(behaviorOptions.viewerProtocolPolicy, aws_cloudfront_1.ViewerProtocolPolicy.ALLOW_ALL, DistributionSecurityWarning.HttpTrafficAllowed); | ||
| return { | ||
@@ -31,2 +31,2 @@ viewerProtocolPolicy: aws_cloudfront_1.ViewerProtocolPolicy.HTTPS_ONLY, | ||
| exports.createSecureBehavior = createSecureBehavior; | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xvdWRmcm9udC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbImNsb3VkZnJvbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNERBQXlJO0FBR3pJLHNDQUEyRDtBQUUzRCxJQUFLLDJCQUdKO0FBSEQsV0FBSywyQkFBMkI7SUFDOUIsb0hBQXFGLENBQUE7SUFDckYsK0dBQWdGLENBQUE7QUFDbEYsQ0FBQyxFQUhJLDJCQUEyQixLQUEzQiwyQkFBMkIsUUFHL0I7QUFFRCxNQUFhLGtCQUFtQixTQUFRLDZCQUFZO0lBQ2xELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBeUI7UUFDakUsdUJBQWUsQ0FBQyxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsc0JBQXNCLEVBQUUsdUNBQXNCLENBQUMsYUFBYSxFQUFFLDJCQUEyQixDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFFNUksS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUU7WUFDZixzQkFBc0IsRUFBRSx1Q0FBc0IsQ0FBQyxhQUFhO1lBQzVELEdBQUcsS0FBSztTQUNZLENBQUMsQ0FBQztJQUMxQixDQUFDO0NBQ0Y7QUFURCxnREFTQztBQUVNLE1BQU0sb0JBQW9CLEdBQUcsQ0FBQyxlQUFnQyxFQUFtQixFQUFFO0lBQ3hGLG9CQUFZLENBQUMsZUFBZSxDQUFDLG9CQUFvQixFQUFFLHFDQUFvQixDQUFDLFNBQVMsRUFBRSwyQkFBMkIsQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO0lBRW5JLE9BQU87UUFDTCxvQkFBb0IsRUFBRSxxQ0FBb0IsQ0FBQyxVQUFVO1FBQ3JELEdBQUcsZUFBZTtLQUNuQixDQUFBO0FBQ0gsQ0FBQyxDQUFDO0FBUFcsUUFBQSxvQkFBb0Isd0JBTy9CIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgRGlzdHJpYnV0aW9uLCBEaXN0cmlidXRpb25Qcm9wcywgU2VjdXJpdHlQb2xpY3lQcm90b2NvbCwgQmVoYXZpb3JPcHRpb25zLCBWaWV3ZXJQcm90b2NvbFBvbGljeSB9IGZyb20gJ0Bhd3MtY2RrL2F3cy1jbG91ZGZyb250JztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ0Bhd3MtY2RrL2NvcmUnO1xuXG5pbXBvcnQgeyB3YXJuSWZOb3RFcXVhbHMsIHdhcm5JZkVxdWFscyB9IGZyb20gJy4vLi4vdXRpbHMnO1xuXG5lbnVtIERpc3RyaWJ1dGlvblNlY3VyaXR5V2FybmluZyB7XG4gIFByb3RvY29sVmVyc2lvbklzT3V0ZGF0ZWQgPSAnVExTIFZlcnNpb24gb2YgdGhlIENsb3VkRnJvbnQgRGlzdHJpYnV0aW9uIGlzIG91dGRhdGVkLicsXG4gIEh0dHBUcmFmZmljQWxsb3dlZCA9ICdIVFRQIHRyYWZmaWMgYWxsb3dlZCBpbiBDbG91ZEZyb250IERpc3RyaWJ1dGlvbiBiZWhhdmlvci4nXG59XG5cbmV4cG9ydCBjbGFzcyBTZWN1cmVEaXN0cmlidXRpb24gZXh0ZW5kcyBEaXN0cmlidXRpb24ge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IERpc3RyaWJ1dGlvblByb3BzKSB7XG4gICAgd2FybklmTm90RXF1YWxzKHByb3BzPy5taW5pbXVtUHJvdG9jb2xWZXJzaW9uLCBTZWN1cml0eVBvbGljeVByb3RvY29sLlRMU19WMV8yXzIwMjEsIERpc3RyaWJ1dGlvblNlY3VyaXR5V2FybmluZy5Qcm90b2NvbFZlcnNpb25Jc091dGRhdGVkKTtcblxuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgbWluaW11bVByb3RvY29sVmVyc2lvbjogU2VjdXJpdHlQb2xpY3lQcm90b2NvbC5UTFNfVjFfMl8yMDIxLFxuICAgICAgLi4ucHJvcHNcbiAgICB9IGFzIERpc3RyaWJ1dGlvblByb3BzKTtcbiAgfVxufVxuXG5leHBvcnQgY29uc3QgY3JlYXRlU2VjdXJlQmVoYXZpb3IgPSAoYmVoYXZpb3JPcHRpb25zOiBCZWhhdmlvck9wdGlvbnMpOiBCZWhhdmlvck9wdGlvbnMgPT4ge1xuICB3YXJuSWZFcXVhbHMoYmVoYXZpb3JPcHRpb25zLnZpZXdlclByb3RvY29sUG9saWN5LCBWaWV3ZXJQcm90b2NvbFBvbGljeS5BTExPV19BTEwsIERpc3RyaWJ1dGlvblNlY3VyaXR5V2FybmluZy5IdHRwVHJhZmZpY0FsbG93ZWQpO1xuXG4gIHJldHVybiB7XG4gICAgdmlld2VyUHJvdG9jb2xQb2xpY3k6IFZpZXdlclByb3RvY29sUG9saWN5LkhUVFBTX09OTFksXG4gICAgLi4uYmVoYXZpb3JPcHRpb25zXG4gIH1cbn07XG4iXX0= | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xvdWRmcm9udC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbImNsb3VkZnJvbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNERBQXlJO0FBR3pJLHNDQUEyRDtBQUUzRCxJQUFLLDJCQUdKO0FBSEQsV0FBSywyQkFBMkI7SUFDOUIsb0hBQXFGLENBQUE7SUFDckYsK0dBQWdGLENBQUE7QUFDbEYsQ0FBQyxFQUhJLDJCQUEyQixLQUEzQiwyQkFBMkIsUUFHL0I7QUFFRCxNQUFhLGtCQUFtQixTQUFRLDZCQUFZO0lBQ2xELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBeUI7UUFDakUsSUFBQSx1QkFBZSxFQUFDLEtBQUssYUFBTCxLQUFLLHVCQUFMLEtBQUssQ0FBRSxzQkFBc0IsRUFBRSx1Q0FBc0IsQ0FBQyxhQUFhLEVBQUUsMkJBQTJCLENBQUMseUJBQXlCLENBQUMsQ0FBQztRQUU1SSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLHNCQUFzQixFQUFFLHVDQUFzQixDQUFDLGFBQWE7WUFDNUQsR0FBRyxLQUFLO1NBQ1ksQ0FBQyxDQUFDO0lBQzFCLENBQUM7Q0FDRjtBQVRELGdEQVNDO0FBRU0sTUFBTSxvQkFBb0IsR0FBRyxDQUFDLGVBQWdDLEVBQW1CLEVBQUU7SUFDeEYsSUFBQSxvQkFBWSxFQUFDLGVBQWUsQ0FBQyxvQkFBb0IsRUFBRSxxQ0FBb0IsQ0FBQyxTQUFTLEVBQUUsMkJBQTJCLENBQUMsa0JBQWtCLENBQUMsQ0FBQztJQUVuSSxPQUFPO1FBQ0wsb0JBQW9CLEVBQUUscUNBQW9CLENBQUMsVUFBVTtRQUNyRCxHQUFHLGVBQWU7S0FDbkIsQ0FBQTtBQUNILENBQUMsQ0FBQztBQVBXLFFBQUEsb0JBQW9CLHdCQU8vQiIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IERpc3RyaWJ1dGlvbiwgRGlzdHJpYnV0aW9uUHJvcHMsIFNlY3VyaXR5UG9saWN5UHJvdG9jb2wsIEJlaGF2aW9yT3B0aW9ucywgVmlld2VyUHJvdG9jb2xQb2xpY3kgfSBmcm9tICdAYXdzLWNkay9hd3MtY2xvdWRmcm9udCc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdAYXdzLWNkay9jb3JlJztcblxuaW1wb3J0IHsgd2FybklmTm90RXF1YWxzLCB3YXJuSWZFcXVhbHMgfSBmcm9tICcuLy4uL3V0aWxzJztcblxuZW51bSBEaXN0cmlidXRpb25TZWN1cml0eVdhcm5pbmcge1xuICBQcm90b2NvbFZlcnNpb25Jc091dGRhdGVkID0gJ1RMUyBWZXJzaW9uIG9mIHRoZSBDbG91ZEZyb250IERpc3RyaWJ1dGlvbiBpcyBvdXRkYXRlZC4nLFxuICBIdHRwVHJhZmZpY0FsbG93ZWQgPSAnSFRUUCB0cmFmZmljIGFsbG93ZWQgaW4gQ2xvdWRGcm9udCBEaXN0cmlidXRpb24gYmVoYXZpb3IuJ1xufVxuXG5leHBvcnQgY2xhc3MgU2VjdXJlRGlzdHJpYnV0aW9uIGV4dGVuZHMgRGlzdHJpYnV0aW9uIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBEaXN0cmlidXRpb25Qcm9wcykge1xuICAgIHdhcm5JZk5vdEVxdWFscyhwcm9wcz8ubWluaW11bVByb3RvY29sVmVyc2lvbiwgU2VjdXJpdHlQb2xpY3lQcm90b2NvbC5UTFNfVjFfMl8yMDIxLCBEaXN0cmlidXRpb25TZWN1cml0eVdhcm5pbmcuUHJvdG9jb2xWZXJzaW9uSXNPdXRkYXRlZCk7XG5cbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIG1pbmltdW1Qcm90b2NvbFZlcnNpb246IFNlY3VyaXR5UG9saWN5UHJvdG9jb2wuVExTX1YxXzJfMjAyMSxcbiAgICAgIC4uLnByb3BzXG4gICAgfSBhcyBEaXN0cmlidXRpb25Qcm9wcyk7XG4gIH1cbn1cblxuZXhwb3J0IGNvbnN0IGNyZWF0ZVNlY3VyZUJlaGF2aW9yID0gKGJlaGF2aW9yT3B0aW9uczogQmVoYXZpb3JPcHRpb25zKTogQmVoYXZpb3JPcHRpb25zID0+IHtcbiAgd2FybklmRXF1YWxzKGJlaGF2aW9yT3B0aW9ucy52aWV3ZXJQcm90b2NvbFBvbGljeSwgVmlld2VyUHJvdG9jb2xQb2xpY3kuQUxMT1dfQUxMLCBEaXN0cmlidXRpb25TZWN1cml0eVdhcm5pbmcuSHR0cFRyYWZmaWNBbGxvd2VkKTtcblxuICByZXR1cm4ge1xuICAgIHZpZXdlclByb3RvY29sUG9saWN5OiBWaWV3ZXJQcm90b2NvbFBvbGljeS5IVFRQU19PTkxZLFxuICAgIC4uLmJlaGF2aW9yT3B0aW9uc1xuICB9XG59O1xuIl19 |
| export * from './s3'; | ||
| export * from './cloudfront'; | ||
| export * from './iam'; |
@@ -15,2 +15,3 @@ "use strict"; | ||
| __exportStar(require("./cloudfront"), exports); | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7QUFBQSx1Q0FBcUI7QUFDckIsK0NBQTZCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSAnLi9zMyc7XG5leHBvcnQgKiBmcm9tICcuL2Nsb3VkZnJvbnQnO1xuIl19 | ||
| __exportStar(require("./iam"), exports); | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJpbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7QUFBQSx1Q0FBcUI7QUFDckIsK0NBQTZCO0FBQzdCLHdDQUFzQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gJy4vczMnO1xuZXhwb3J0ICogZnJvbSAnLi9jbG91ZGZyb250JztcbmV4cG9ydCAqIGZyb20gJy4vaWFtJztcbiJdfQ== |
@@ -14,5 +14,5 @@ "use strict"; | ||
| constructor(scope, id, props) { | ||
| utils_1.warnIfEquals(props === null || props === void 0 ? void 0 : props.enforceSSL, false, BucketSecurityWarning.SSLIsNotEnforced); | ||
| utils_1.warnIfEquals(props === null || props === void 0 ? void 0 : props.publicReadAccess, true, BucketSecurityWarning.PublicReadAccessEnabled); | ||
| utils_1.warnIfEquals(props === null || props === void 0 ? void 0 : props.encryption, aws_s3_1.BucketEncryption.UNENCRYPTED, BucketSecurityWarning.BucketIsNotEncrypted); | ||
| (0, utils_1.warnIfEquals)(props === null || props === void 0 ? void 0 : props.enforceSSL, false, BucketSecurityWarning.SSLIsNotEnforced); | ||
| (0, utils_1.warnIfEquals)(props === null || props === void 0 ? void 0 : props.publicReadAccess, true, BucketSecurityWarning.PublicReadAccessEnabled); | ||
| (0, utils_1.warnIfEquals)(props === null || props === void 0 ? void 0 : props.encryption, aws_s3_1.BucketEncryption.UNENCRYPTED, BucketSecurityWarning.BucketIsNotEncrypted); | ||
| super(scope, id, { | ||
@@ -27,2 +27,2 @@ enforceSSL: true, | ||
| exports.SecureBucket = SecureBucket; | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiczMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJzMy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw0Q0FBd0U7QUFHeEUsc0NBQTBDO0FBRTFDLElBQUsscUJBSUo7QUFKRCxXQUFLLHFCQUFxQjtJQUN4QiwrRUFBc0QsQ0FBQTtJQUN0RCx1R0FBOEUsQ0FBQTtJQUM5RSw2RUFBb0QsQ0FBQTtBQUN0RCxDQUFDLEVBSkkscUJBQXFCLEtBQXJCLHFCQUFxQixRQUl6QjtBQUVELE1BQWEsWUFBYSxTQUFRLGVBQU07SUFDdEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFtQjtRQUMzRCxvQkFBWSxDQUFDLEtBQUssYUFBTCxLQUFLLHVCQUFMLEtBQUssQ0FBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLHFCQUFxQixDQUFDLGdCQUFnQixDQUFDLENBQUM7UUFDL0Usb0JBQVksQ0FBQyxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsZ0JBQWdCLEVBQUUsSUFBSSxFQUFFLHFCQUFxQixDQUFDLHVCQUF1QixDQUFDLENBQUM7UUFDM0Ysb0JBQVksQ0FBQyxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsVUFBVSxFQUFFLHlCQUFnQixDQUFDLFdBQVcsRUFBRSxxQkFBcUIsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBRTFHLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsVUFBVSxFQUFFLElBQUk7WUFDaEIsZ0JBQWdCLEVBQUUsS0FBSztZQUN2QixVQUFVLEVBQUUseUJBQWdCLENBQUMsVUFBVTtZQUN2QyxHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFiRCxvQ0FhQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJ1Y2tldCwgQnVja2V0UHJvcHMsIEJ1Y2tldEVuY3J5cHRpb24gfSBmcm9tICdAYXdzLWNkay9hd3MtczMnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnQGF3cy1jZGsvY29yZSc7XG5cbmltcG9ydCB7IHdhcm5JZkVxdWFscyB9IGZyb20gJy4vLi4vdXRpbHMnO1xuXG5lbnVtIEJ1Y2tldFNlY3VyaXR5V2FybmluZyB7XG4gIFNTTElzTm90RW5mb3JjZWQgPSAnU1NMIGluIFMzIEJ1Y2tldCBpcyBub3QgZW5mb3JjZWQuJyxcbiAgUHVibGljUmVhZEFjY2Vzc0VuYWJsZWQgPSAnQ29udGVudHMgb2YgdGhlIFMzIEJ1Y2tldCBhcmUgcHVibGljbHkgYWNjZXNzaWJsZS4nLFxuICBCdWNrZXRJc05vdEVuY3J5cHRlZCA9ICdTMyBCdWNrZXQgaXMgbm90IGVuY3J5cHRlZC4nXG59XG5cbmV4cG9ydCBjbGFzcyBTZWN1cmVCdWNrZXQgZXh0ZW5kcyBCdWNrZXQge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IEJ1Y2tldFByb3BzKSB7XG4gICAgd2FybklmRXF1YWxzKHByb3BzPy5lbmZvcmNlU1NMLCBmYWxzZSwgQnVja2V0U2VjdXJpdHlXYXJuaW5nLlNTTElzTm90RW5mb3JjZWQpO1xuICAgIHdhcm5JZkVxdWFscyhwcm9wcz8ucHVibGljUmVhZEFjY2VzcywgdHJ1ZSwgQnVja2V0U2VjdXJpdHlXYXJuaW5nLlB1YmxpY1JlYWRBY2Nlc3NFbmFibGVkKTtcbiAgICB3YXJuSWZFcXVhbHMocHJvcHM/LmVuY3J5cHRpb24sIEJ1Y2tldEVuY3J5cHRpb24uVU5FTkNSWVBURUQsIEJ1Y2tldFNlY3VyaXR5V2FybmluZy5CdWNrZXRJc05vdEVuY3J5cHRlZCk7XG5cbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIGVuZm9yY2VTU0w6IHRydWUsXG4gICAgICBwdWJsaWNSZWFkQWNjZXNzOiBmYWxzZSxcbiAgICAgIGVuY3J5cHRpb246IEJ1Y2tldEVuY3J5cHRpb24uUzNfTUFOQUdFRCxcbiAgICAgIC4uLnByb3BzXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ== | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiczMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJzMy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw0Q0FBd0U7QUFHeEUsc0NBQTBDO0FBRTFDLElBQUsscUJBSUo7QUFKRCxXQUFLLHFCQUFxQjtJQUN4QiwrRUFBc0QsQ0FBQTtJQUN0RCx1R0FBOEUsQ0FBQTtJQUM5RSw2RUFBb0QsQ0FBQTtBQUN0RCxDQUFDLEVBSkkscUJBQXFCLEtBQXJCLHFCQUFxQixRQUl6QjtBQUVELE1BQWEsWUFBYSxTQUFRLGVBQU07SUFDdEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFtQjtRQUMzRCxJQUFBLG9CQUFZLEVBQUMsS0FBSyxhQUFMLEtBQUssdUJBQUwsS0FBSyxDQUFFLFVBQVUsRUFBRSxLQUFLLEVBQUUscUJBQXFCLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUMvRSxJQUFBLG9CQUFZLEVBQUMsS0FBSyxhQUFMLEtBQUssdUJBQUwsS0FBSyxDQUFFLGdCQUFnQixFQUFFLElBQUksRUFBRSxxQkFBcUIsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDO1FBQzNGLElBQUEsb0JBQVksRUFBQyxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsVUFBVSxFQUFFLHlCQUFnQixDQUFDLFdBQVcsRUFBRSxxQkFBcUIsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBRTFHLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsVUFBVSxFQUFFLElBQUk7WUFDaEIsZ0JBQWdCLEVBQUUsS0FBSztZQUN2QixVQUFVLEVBQUUseUJBQWdCLENBQUMsVUFBVTtZQUN2QyxHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFiRCxvQ0FhQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJ1Y2tldCwgQnVja2V0UHJvcHMsIEJ1Y2tldEVuY3J5cHRpb24gfSBmcm9tICdAYXdzLWNkay9hd3MtczMnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnQGF3cy1jZGsvY29yZSc7XG5cbmltcG9ydCB7IHdhcm5JZkVxdWFscyB9IGZyb20gJy4vLi4vdXRpbHMnO1xuXG5lbnVtIEJ1Y2tldFNlY3VyaXR5V2FybmluZyB7XG4gIFNTTElzTm90RW5mb3JjZWQgPSAnU1NMIGluIFMzIEJ1Y2tldCBpcyBub3QgZW5mb3JjZWQuJyxcbiAgUHVibGljUmVhZEFjY2Vzc0VuYWJsZWQgPSAnQ29udGVudHMgb2YgdGhlIFMzIEJ1Y2tldCBhcmUgcHVibGljbHkgYWNjZXNzaWJsZS4nLFxuICBCdWNrZXRJc05vdEVuY3J5cHRlZCA9ICdTMyBCdWNrZXQgaXMgbm90IGVuY3J5cHRlZC4nXG59XG5cbmV4cG9ydCBjbGFzcyBTZWN1cmVCdWNrZXQgZXh0ZW5kcyBCdWNrZXQge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IEJ1Y2tldFByb3BzKSB7XG4gICAgd2FybklmRXF1YWxzKHByb3BzPy5lbmZvcmNlU1NMLCBmYWxzZSwgQnVja2V0U2VjdXJpdHlXYXJuaW5nLlNTTElzTm90RW5mb3JjZWQpO1xuICAgIHdhcm5JZkVxdWFscyhwcm9wcz8ucHVibGljUmVhZEFjY2VzcywgdHJ1ZSwgQnVja2V0U2VjdXJpdHlXYXJuaW5nLlB1YmxpY1JlYWRBY2Nlc3NFbmFibGVkKTtcbiAgICB3YXJuSWZFcXVhbHMocHJvcHM/LmVuY3J5cHRpb24sIEJ1Y2tldEVuY3J5cHRpb24uVU5FTkNSWVBURUQsIEJ1Y2tldFNlY3VyaXR5V2FybmluZy5CdWNrZXRJc05vdEVuY3J5cHRlZCk7XG5cbiAgICBzdXBlcihzY29wZSwgaWQsIHtcbiAgICAgIGVuZm9yY2VTU0w6IHRydWUsXG4gICAgICBwdWJsaWNSZWFkQWNjZXNzOiBmYWxzZSxcbiAgICAgIGVuY3J5cHRpb246IEJ1Y2tldEVuY3J5cHRpb24uUzNfTUFOQUdFRCxcbiAgICAgIC4uLnByb3BzXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ== |
| export declare const warnIfEquals: (property: any, value: any, message: string) => void; | ||
| export declare const warnIfNotEquals: (property: any, value: any, message: string) => void; | ||
| export declare const warn: (message: string) => void; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.warnIfNotEquals = exports.warnIfEquals = void 0; | ||
| exports.warn = exports.warnIfNotEquals = exports.warnIfEquals = void 0; | ||
| const CONSOLE_WARNING_COLOR = '\x1b[33m%s\x1b[0m'; | ||
| const warnIfEquals = (property, value, message) => { | ||
| if (property === value) { | ||
| warn(message); | ||
| (0, exports.warn)(message); | ||
| } | ||
@@ -13,3 +13,3 @@ }; | ||
| if (property && property !== value) { | ||
| warn(message); | ||
| (0, exports.warn)(message); | ||
| } | ||
@@ -21,2 +21,3 @@ }; | ||
| }; | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2FybmluZy51dGlscy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIndhcm5pbmcudXRpbHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsTUFBTSxxQkFBcUIsR0FBRyxtQkFBbUIsQ0FBQztBQUUzQyxNQUFNLFlBQVksR0FBRyxDQUFDLFFBQWEsRUFBRSxLQUFVLEVBQUUsT0FBZSxFQUFRLEVBQUU7SUFDL0UsSUFBSSxRQUFRLEtBQUssS0FBSyxFQUFFO1FBQ3RCLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztLQUNmO0FBQ0gsQ0FBQyxDQUFDO0FBSlcsUUFBQSxZQUFZLGdCQUl2QjtBQUVLLE1BQU0sZUFBZSxHQUFHLENBQUMsUUFBYSxFQUFFLEtBQVUsRUFBRSxPQUFlLEVBQVEsRUFBRTtJQUNsRixJQUFJLFFBQVEsSUFBSSxRQUFRLEtBQUssS0FBSyxFQUFFO1FBQ2xDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztLQUNmO0FBQ0gsQ0FBQyxDQUFDO0FBSlcsUUFBQSxlQUFlLG1CQUkxQjtBQUVGLE1BQU0sSUFBSSxHQUFHLENBQUMsT0FBZSxFQUFRLEVBQUU7SUFDckMsT0FBTyxDQUFDLElBQUksQ0FBQyxxQkFBcUIsRUFBRSxPQUFPLE9BQU8sRUFBRSxDQUFDLENBQUM7QUFDeEQsQ0FBQyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiY29uc3QgQ09OU09MRV9XQVJOSU5HX0NPTE9SID0gJ1xceDFiWzMzbSVzXFx4MWJbMG0nO1xuXG5leHBvcnQgY29uc3Qgd2FybklmRXF1YWxzID0gKHByb3BlcnR5OiBhbnksIHZhbHVlOiBhbnksIG1lc3NhZ2U6IHN0cmluZyk6IHZvaWQgPT4ge1xuICBpZiAocHJvcGVydHkgPT09IHZhbHVlKSB7XG4gICAgd2FybihtZXNzYWdlKTtcbiAgfVxufTtcblxuZXhwb3J0IGNvbnN0IHdhcm5JZk5vdEVxdWFscyA9IChwcm9wZXJ0eTogYW55LCB2YWx1ZTogYW55LCBtZXNzYWdlOiBzdHJpbmcpOiB2b2lkID0+IHtcbiAgaWYgKHByb3BlcnR5ICYmIHByb3BlcnR5ICE9PSB2YWx1ZSkge1xuICAgIHdhcm4obWVzc2FnZSk7XG4gIH1cbn07XG5cbmNvbnN0IHdhcm4gPSAobWVzc2FnZTogc3RyaW5nKTogdm9pZCA9PiB7XG4gIGNvbnNvbGUud2FybihDT05TT0xFX1dBUk5JTkdfQ09MT1IsIGAjIyMgJHttZXNzYWdlfWApO1xufTtcbiJdfQ== | ||
| exports.warn = warn; | ||
| //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2FybmluZy51dGlscy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIndhcm5pbmcudXRpbHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsTUFBTSxxQkFBcUIsR0FBRyxtQkFBbUIsQ0FBQztBQUUzQyxNQUFNLFlBQVksR0FBRyxDQUFDLFFBQWEsRUFBRSxLQUFVLEVBQUUsT0FBZSxFQUFRLEVBQUU7SUFDL0UsSUFBSSxRQUFRLEtBQUssS0FBSyxFQUFFO1FBQ3RCLElBQUEsWUFBSSxFQUFDLE9BQU8sQ0FBQyxDQUFDO0tBQ2Y7QUFDSCxDQUFDLENBQUM7QUFKVyxRQUFBLFlBQVksZ0JBSXZCO0FBRUssTUFBTSxlQUFlLEdBQUcsQ0FBQyxRQUFhLEVBQUUsS0FBVSxFQUFFLE9BQWUsRUFBUSxFQUFFO0lBQ2xGLElBQUksUUFBUSxJQUFJLFFBQVEsS0FBSyxLQUFLLEVBQUU7UUFDbEMsSUFBQSxZQUFJLEVBQUMsT0FBTyxDQUFDLENBQUM7S0FDZjtBQUNILENBQUMsQ0FBQztBQUpXLFFBQUEsZUFBZSxtQkFJMUI7QUFFSyxNQUFNLElBQUksR0FBRyxDQUFDLE9BQWUsRUFBUSxFQUFFO0lBQzVDLE9BQU8sQ0FBQyxJQUFJLENBQUMscUJBQXFCLEVBQUUsT0FBTyxPQUFPLEVBQUUsQ0FBQyxDQUFDO0FBQ3hELENBQUMsQ0FBQztBQUZXLFFBQUEsSUFBSSxRQUVmIiwic291cmNlc0NvbnRlbnQiOlsiY29uc3QgQ09OU09MRV9XQVJOSU5HX0NPTE9SID0gJ1xceDFiWzMzbSVzXFx4MWJbMG0nO1xuXG5leHBvcnQgY29uc3Qgd2FybklmRXF1YWxzID0gKHByb3BlcnR5OiBhbnksIHZhbHVlOiBhbnksIG1lc3NhZ2U6IHN0cmluZyk6IHZvaWQgPT4ge1xuICBpZiAocHJvcGVydHkgPT09IHZhbHVlKSB7XG4gICAgd2FybihtZXNzYWdlKTtcbiAgfVxufTtcblxuZXhwb3J0IGNvbnN0IHdhcm5JZk5vdEVxdWFscyA9IChwcm9wZXJ0eTogYW55LCB2YWx1ZTogYW55LCBtZXNzYWdlOiBzdHJpbmcpOiB2b2lkID0+IHtcbiAgaWYgKHByb3BlcnR5ICYmIHByb3BlcnR5ICE9PSB2YWx1ZSkge1xuICAgIHdhcm4obWVzc2FnZSk7XG4gIH1cbn07XG5cbmV4cG9ydCBjb25zdCB3YXJuID0gKG1lc3NhZ2U6IHN0cmluZyk6IHZvaWQgPT4ge1xuICBjb25zb2xlLndhcm4oQ09OU09MRV9XQVJOSU5HX0NPTE9SLCBgIyMjICR7bWVzc2FnZX1gKTtcbn07XG4iXX0= |
| { | ||
| "name": "secure-cdk", | ||
| "version": "0.1.9", | ||
| "version": "0.1.10-alpha.0", | ||
| "description": "Security abstraction for AWS CDK library. Create AWS resources with best security practices applied for you.", | ||
@@ -10,3 +10,4 @@ "keywords": [ | ||
| "CloudFront", | ||
| "Security" | ||
| "Security", | ||
| "IAM" | ||
| ], | ||
@@ -25,9 +26,2 @@ "author": { | ||
| "license": "MIT", | ||
| "devDependencies": { | ||
| "@types/node": "^16.4.12", | ||
| "commitizen": "^4.2.4", | ||
| "cz-conventional-changelog": "^3.3.0", | ||
| "standard-version": "^9.3.1", | ||
| "typescript": "^4.3.5" | ||
| }, | ||
| "main": "./lib/services/index.js", | ||
@@ -46,6 +40,18 @@ "files": [ | ||
| "peerDependencies": { | ||
| "@aws-cdk/aws-s3": "^1.117.0", | ||
| "@aws-cdk/aws-cloudfront": "^1.117.0", | ||
| "@aws-cdk/core": "^1.117.0" | ||
| "@aws-cdk/aws-s3": "^1.119.0", | ||
| "@aws-cdk/aws-cloudfront": "^1.119.0", | ||
| "@aws-cdk/aws-iam": "^1.119.0", | ||
| "@aws-cdk/core": "^1.119.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@aws-cdk/aws-s3": "1.119.0", | ||
| "@aws-cdk/aws-cloudfront": "1.119.0", | ||
| "@aws-cdk/aws-iam": "1.119.0", | ||
| "@aws-cdk/core": "1.119.0", | ||
| "@types/node": "^16.4.12", | ||
| "commitizen": "^4.2.4", | ||
| "cz-conventional-changelog": "^3.3.0", | ||
| "standard-version": "^9.3.1", | ||
| "typescript": "^4.3.5" | ||
| } | ||
| } |
@@ -8,5 +8,5 @@ # Security abstraction for AWS CDK library. Create AWS resources with best security practices applied for you. | ||
| The purpose of this package is to enforce best security practices for `AWS` services. It uses `AWS CDK` under the hood to create resources and won't without it. | ||
| The purpose of this package is to enforce best security practices for `AWS` services. It uses `AWS CDK` under the hood to create resources and won't work without it. | ||
| You may find that some of the rules are too strict for your use cases, but you always have a possibility be explicitly overriding them. If you do that, you will get a warning that will remind you about the security violations. | ||
| You may find that some of the rules are too strict for your use cases, but you always have a possibility of explicitly overriding them. If you do that, you will get a warning that will remind you about the security violations. | ||
@@ -36,3 +36,3 @@ ## Installation | ||
| const mySiteBucket = new SecureBucket(this, 'myBucket', { | ||
| const mySiteBucket = new SecureBucket(this, 'my-bucket', { | ||
| bucketName: 'my-bucket-name', | ||
@@ -62,3 +62,3 @@ websiteIndexDocument: 'index.html' | ||
| const mySiteBucket = new SecureDistribution(this, 'myDistribution', { | ||
| const distribution = new SecureDistribution(this, 'my-distribution', { | ||
| defaultBehavior: createSecureBehavior({ | ||
@@ -70,1 +70,29 @@ origin: new S3Origin(mySiteBucket) | ||
| ``` | ||
| ### IAM Role (PolicyStatement) | ||
| Security wrapper for `PolicyStatement` construct. Does not set default properties, however warns when: | ||
| - `*` passed in `actions` property; | ||
| - `<resource>:*` passed in `actions` property; | ||
| - `*` passed in `resources` property; | ||
| ```typescript | ||
| import { Effect } from '@aws-cdk/aws-iam'; | ||
| import { SecurePolicyStatement } from 'secure-cdk'; | ||
| const policyStatement = new SecurePolicyStatement(this, 'my-policy-statement', { | ||
| actions: [`cloudfront:*`], | ||
| resources: [`*`], | ||
| effect: Effect.ALLOW | ||
| }); | ||
| ``` | ||
| ## TODO | ||
| - [ ] Alternative automatic checker (extensions of a `Stack`); | ||
| - [ ] Centralized warning system to awoid warning duplication; | ||
| - [ ] Inclusion of resource identifier in warning; | ||
| - [ ] Handle `.addActions` for `SecurePolicyStatement`; |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by12.04%
25957
- Number of package files
- increased by6.67%
16
- Lines of code
- increased by36.43%
176
- Number of lines in readme file
- increased by41.79%
95
Worsened metrics
- Dependency count
- increased by33.33%
4
- Dev dependency count
- increased by80%
9
No dependency changes