		{
		"name": "secure-cdk",
		"version": "0.1.2-alpha.3",
		"version": "0.1.2-alpha.4",
		"description": "Security abstraction for AWS CDK library. Create AWS resources with best security practices applied for you.",
		@@ -19,3 +19,3 @@ "keywords": [
		"cz": "git cz",
		"prepublish": "yarn build",
		"prepublishOnly": "yarn build",
		"release:alpha": "standard-version -p alpha",
		@@ -27,2 +27,3 @@ "release": "standard-version",
		"devDependencies": {
		"@types/node": "^16.4.12",
		"commitizen": "^4.2.4",
		@@ -47,4 +48,5 @@ "cz-conventional-changelog": "^3.3.0",
		"@aws-cdk/aws-s3": "^1.116.0",
		"@aws-cdk/aws-cloudfront": "^1.116.0",
		"@aws-cdk/core": "^1.116.0"
		}
		}

README.md

		@@ -10,3 +10,3 @@ # Security abstraction for AWS CDK library. Create AWS resources with best security practices applied for you.

		You may find that some of the rules are too strict for your use cases, but you always have a possibility be explicitly overriding them.
		You may find that some of the rules are too strict for your use cases, but you always have a possibility be explicitly overriding them. If you do that, you will get a warning that will remind you about the security violations.

		@@ -25,8 +25,9 @@ ## Installation

		By using `createSecureS3Bucket` function to generate your S3 Bucket, you get the following properties set by default.
		By using `SecureBucket` class instead of the AWS's `Bucket` construct, you are getting the following properties set by default.

		\| Property \| Value \| Description \| AWS CDK Default \|
		\| --- \| --- \| --- \| --- \|
		\| enforceSSL \| true \| Enforces SSL for requests. \| false \|
		\| publicReadAccess \| false \| Grants public read access to all objects in the bucket. \| false \|
		\| Property \| Value \| Description \| AWS CDK Default \|
		\| --- \| --- \| --- \| --- \|
		\| enforceSSL \| true \| Enforces SSL for requests. \| false \|
		\| publicReadAccess \| false \| Grants public read access to all objects in the bucket. \| false \|
		\| encryption \| Encrypted (S3 managed) \| The kind of server-side encryption to apply to this bucket. \| Unencrypted \|

		@@ -33,0 +34,0 @@ ```typescript

src/services/s3.js

		@@ -5,7 +5,18 @@ "use strict";
		const aws_s3_1 = require("@aws-cdk/aws-s3");
		const utils_1 = require("./../utils");
		var BucketSecurityWarnings;
		(function (BucketSecurityWarnings) {
		BucketSecurityWarnings["SSLIsNotEnforced"] = "SSL in S3 Bucket is not enforced.";
		BucketSecurityWarnings["PublicReadAccessEnabled"] = "Contents of the S3 Bucket are publicly accessible.";
		BucketSecurityWarnings["BucketIsNotEncrypted"] = "S3 Bucket is not encrypted.";
		})(BucketSecurityWarnings \|\| (BucketSecurityWarnings = {}));
		class SecureBucket extends aws_s3_1.Bucket {
		constructor(scope, id, props) {
		utils_1.warnIfEquals(props === null \|\| props === void 0 ? void 0 : props.enforceSSL, false, BucketSecurityWarnings.SSLIsNotEnforced);
		utils_1.warnIfEquals(props === null \|\| props === void 0 ? void 0 : props.publicReadAccess, true, BucketSecurityWarnings.PublicReadAccessEnabled);
		utils_1.warnIfEquals(props === null \|\| props === void 0 ? void 0 : props.encryption, aws_s3_1.BucketEncryption.UNENCRYPTED, BucketSecurityWarnings.BucketIsNotEncrypted);
		super(scope, id, {
		enforceSSL: true,
		publicReadAccess: false,
		encryption: aws_s3_1.BucketEncryption.S3_MANAGED,
		...props
		@@ -16,2 +27,2 @@ });
		exports.SecureBucket = SecureBucket;
		//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiczMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJzMy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw0Q0FBc0Q7QUFHdEQsTUFBYSxZQUFhLFNBQVEsZUFBTTtJQUN0QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQW1CO1FBQzNELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsVUFBVSxFQUFFLElBQUk7WUFDaEIsZ0JBQWdCLEVBQUUsS0FBSztZQUN2QixHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFSRCxvQ0FRQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJ1Y2tldCwgQnVja2V0UHJvcHMgfSBmcm9tICdAYXdzLWNkay9hd3MtczMnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnQGF3cy1jZGsvY29yZSc7XG5cbmV4cG9ydCBjbGFzcyBTZWN1cmVCdWNrZXQgZXh0ZW5kcyBCdWNrZXQge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IEJ1Y2tldFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICBlbmZvcmNlU1NMOiB0cnVlLFxuICAgICAgcHVibGljUmVhZEFjY2VzczogZmFsc2UsXG4gICAgICAuLi5wcm9wc1xuICAgIH0pO1xuICB9XG59XG4iXX0=
		//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiczMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJzMy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw0Q0FBd0U7QUFHeEUsc0NBQTBDO0FBRTFDLElBQUssc0JBSUo7QUFKRCxXQUFLLHNCQUFzQjtJQUN6QixnRkFBc0QsQ0FBQTtJQUN0RCx3R0FBOEUsQ0FBQTtJQUM5RSw4RUFBb0QsQ0FBQTtBQUN0RCxDQUFDLEVBSkksc0JBQXNCLEtBQXRCLHNCQUFzQixRQUkxQjtBQUVELE1BQWEsWUFBYSxTQUFRLGVBQU07SUFDdEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFtQjtRQUMzRCxvQkFBWSxDQUFDLEtBQUssYUFBTCxLQUFLLHVCQUFMLEtBQUssQ0FBRSxVQUFVLEVBQUUsS0FBSyxFQUFFLHNCQUFzQixDQUFDLGdCQUFnQixDQUFDLENBQUM7UUFDaEYsb0JBQVksQ0FBQyxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsZ0JBQWdCLEVBQUUsSUFBSSxFQUFFLHNCQUFzQixDQUFDLHVCQUF1QixDQUFDLENBQUM7UUFDNUYsb0JBQVksQ0FBQyxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsVUFBVSxFQUFFLHlCQUFnQixDQUFDLFdBQVcsRUFBRSxzQkFBc0IsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1FBRTNHLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFO1lBQ2YsVUFBVSxFQUFFLElBQUk7WUFDaEIsZ0JBQWdCLEVBQUUsS0FBSztZQUN2QixVQUFVLEVBQUUseUJBQWdCLENBQUMsVUFBVTtZQUN2QyxHQUFHLEtBQUs7U0FDVCxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFiRCxvQ0FhQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJ1Y2tldCwgQnVja2V0UHJvcHMsIEJ1Y2tldEVuY3J5cHRpb24gfSBmcm9tICdAYXdzLWNkay9hd3MtczMnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnQGF3cy1jZGsvY29yZSc7XG5cbmltcG9ydCB7IHdhcm5JZkVxdWFscyB9IGZyb20gJy4vLi4vdXRpbHMnO1xuXG5lbnVtIEJ1Y2tldFNlY3VyaXR5V2FybmluZ3Mge1xuICBTU0xJc05vdEVuZm9yY2VkID0gJ1NTTCBpbiBTMyBCdWNrZXQgaXMgbm90IGVuZm9yY2VkLicsXG4gIFB1YmxpY1JlYWRBY2Nlc3NFbmFibGVkID0gJ0NvbnRlbnRzIG9mIHRoZSBTMyBCdWNrZXQgYXJlIHB1YmxpY2x5IGFjY2Vzc2libGUuJyxcbiAgQnVja2V0SXNOb3RFbmNyeXB0ZWQgPSAnUzMgQnVja2V0IGlzIG5vdCBlbmNyeXB0ZWQuJ1xufVxuXG5leHBvcnQgY2xhc3MgU2VjdXJlQnVja2V0IGV4dGVuZHMgQnVja2V0IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBCdWNrZXRQcm9wcykge1xuICAgIHdhcm5JZkVxdWFscyhwcm9wcz8uZW5mb3JjZVNTTCwgZmFsc2UsIEJ1Y2tldFNlY3VyaXR5V2FybmluZ3MuU1NMSXNOb3RFbmZvcmNlZCk7XG4gICAgd2FybklmRXF1YWxzKHByb3BzPy5wdWJsaWNSZWFkQWNjZXNzLCB0cnVlLCBCdWNrZXRTZWN1cml0eVdhcm5pbmdzLlB1YmxpY1JlYWRBY2Nlc3NFbmFibGVkKTtcbiAgICB3YXJuSWZFcXVhbHMocHJvcHM/LmVuY3J5cHRpb24sIEJ1Y2tldEVuY3J5cHRpb24uVU5FTkNSWVBURUQsIEJ1Y2tldFNlY3VyaXR5V2FybmluZ3MuQnVja2V0SXNOb3RFbmNyeXB0ZWQpO1xuXG4gICAgc3VwZXIoc2NvcGUsIGlkLCB7XG4gICAgICBlbmZvcmNlU1NMOiB0cnVlLFxuICAgICAgcHVibGljUmVhZEFjY2VzczogZmFsc2UsXG4gICAgICBlbmNyeXB0aW9uOiBCdWNrZXRFbmNyeXB0aW9uLlMzX01BTkFHRUQsXG4gICAgICAuLi5wcm9wc1xuICAgIH0pO1xuICB9XG59XG4iXX0=

CHANGELOG.md

		@@ -10,3 +10,3 @@ # Security abstraction for AWS CDK library. Create AWS resources with best security practices applied for you.

		You may find that some of the rules are too strict for your use cases, but you always have a possibility be explicitly overriding them.
		You may find that some of the rules are too strict for your use cases, but you always have a possibility be explicitly overriding them. If you do that, you will get a warning that will remind you about the security violations.

		@@ -25,8 +25,9 @@ ## Installation

		By using `createSecureS3Bucket` function to generate your S3 Bucket, you get the following properties set by default.
		By using `SecureBucket` class instead of the AWS's `Bucket` construct, you are getting the following properties set by default.

		\| Property \| Value \| Description \| AWS CDK Default \|
		\| --- \| --- \| --- \| --- \|
		\| enforceSSL \| true \| Enforces SSL for requests. \| false \|
		\| publicReadAccess \| false \| Grants public read access to all objects in the bucket. \| false \|
		\| Property \| Value \| Description \| AWS CDK Default \|
		\| --- \| --- \| --- \| --- \|
		\| enforceSSL \| true \| Enforces SSL for requests. \| false \|
		\| publicReadAccess \| false \| Grants public read access to all objects in the bucket. \| false \|
		\| encryption \| Encrypted (S3 managed) \| The kind of server-side encryption to apply to this bucket. \| Unencrypted \|

		@@ -33,0 +34,0 @@ ```typescript

secure-cdk - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics