Skip to content

Latest commit

 

History

History
173 lines (103 loc) · 6.44 KB

API.md

File metadata and controls

173 lines (103 loc) · 6.44 KB

API Reference

Structs

CfnGuardValidatorProps

Initializer 

import { CfnGuardValidatorProps } from '@cdklabs/cdk-validator-cfnguard'

const cfnGuardValidatorProps: CfnGuardValidatorProps = { ... }

Properties

Name Type Description
controlTowerRulesEnabled boolean Enable the default Control Tower Guard rules.
disabledRules string[] List of rule names to disable.
rules string[] Local file paths to either a directory containing guard rules, or to an individual guard rule file.
controlTowerRulesEnabledOptional 
public readonly controlTowerRulesEnabled: boolean;
  • Type: boolean
  • Default: true

Enable the default Control Tower Guard rules.

disabledRulesOptional 
public readonly disabledRules: string[];
  • Type: string[]
  • Default: no rules are disabled

List of rule names to disable.

rulesOptional 
public readonly rules: string[];
  • Type: string[]
  • Default: no local rules will be used

Local file paths to either a directory containing guard rules, or to an individual guard rule file.

If the path is to a directory then the directory must only contain guard rule and the plugin will use all the rules in the directory

Classes

CfnGuardValidator

  • Implements: aws-cdk-lib.IPolicyValidationPluginBeta1

A validation plugin using CFN Guard.

Initializers 

import { CfnGuardValidator } from '@cdklabs/cdk-validator-cfnguard'

new CfnGuardValidator(props?: CfnGuardValidatorProps)
Name Type Description
props CfnGuardValidatorProps No description.
propsOptional

Methods

Name Description
validate The method that will be called by the CDK framework to perform validations.
validate 
public validate(context: IPolicyValidationContextBeta1): PolicyValidationPluginReportBeta1

The method that will be called by the CDK framework to perform validations.

This is where the plugin will evaluate the CloudFormation templates for compliance and report and violations

contextRequired
  • Type: aws-cdk-lib.IPolicyValidationContextBeta1

Properties

Name Type Description
name string The name of the plugin that will be displayed in the validation report.
ruleIds string[] The list of rule IDs that the plugin will evaluate.
version string The version of the plugin, following the Semantic Versioning specification (see https://semver.org/). This version is used for analytics purposes, to measure the usage of different plugins and different versions. The value of this property should be kept in sync with the actual version of the software package. If the version is not provided or is not a valid semantic version, it will be reported as 0.0.0.
nameRequired 
public readonly name: string;
  • Type: string

The name of the plugin that will be displayed in the validation report.

ruleIdsOptional 
public readonly ruleIds: string[];
  • Type: string[]

The list of rule IDs that the plugin will evaluate.

Used for analytics purposes.

versionOptional 
public readonly version: string;
  • Type: string

The version of the plugin, following the Semantic Versioning specification (see https://semver.org/). This version is used for analytics purposes, to measure the usage of different plugins and different versions. The value of this property should be kept in sync with the actual version of the software package. If the version is not provided or is not a valid semantic version, it will be reported as 0.0.0.