Skip to content

Commit

Permalink
formatting and tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@snowiow
snowiow committed Jan 15, 2024
1 parent 975d150 commit 866eb00
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 17 deletions.
2 changes: 1 addition & 1 deletion lib/bastion-host-forward.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
limitations under the License.
*/

import { Fn} from 'aws-cdk-lib';
import { Fn } from 'aws-cdk-lib';
import {
AmazonLinuxCpuType,
AmazonLinuxGeneration,
Expand Down
4 changes: 2 additions & 2 deletions test/aurora-serverless.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ test('Bastion Host created for normal username/password access', () => {
'Fn::Join': [
'',
[
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
{
'Fn::GetAtt': ['TestAurora252434E9', 'Endpoint.Port'],
},
Expand Down Expand Up @@ -97,7 +97,7 @@ test('Bastion Host created with extended Role for IAM Connection', () => {
'Fn::Join': [
'',
[
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
{
'Fn::GetAtt': ['TestAurora252434E9', 'Endpoint.Port'],
},
Expand Down
29 changes: 28 additions & 1 deletion test/generic-bastion-host-forward.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ test('Bastion Host created for normal access', () => {
template.hasResourceProperties('AWS::EC2::Instance', {
UserData: {
'Fn::Base64':
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:6379\n timeout connect 10s\n timeout client 20m\n timeout server 50m\n mode tcp\n server service 127.0.0.1:6379\n" > /etc/haproxy/haproxy.cfg\nservice haproxy restart\n--//',
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:6379\n timeout connect 10s\n timeout client 20m\n timeout server 50m\n mode tcp\n server service 127.0.0.1:6379\n" > /etc/haproxy/haproxy.cfg\nservice haproxy restart\n--//',
},
Tags: [
{
Expand Down Expand Up @@ -72,3 +72,30 @@ test('Bastion Host with own securityGroup', () => {
assert.equal(securityGroup.securityGroupId, bastionHostSecurityGroup.securityGroupId);
assert.equal(securityGroup.allowAllOutbound, bastionHostSecurityGroup.allowAllOutbound);
});

test('Bastion Host has encrypted EBS', () => {
const app = new App();
const stack = new Stack(app, 'TestStack');
const testVpc = new Vpc(stack, 'TestVpc');

// WHEN
new GenericBastionHostForward(stack, 'MyTestConstruct', {
vpc: testVpc,
address: '127.0.0.1',
port: '6379',
});

const template = Template.fromStack(stack);

// THEN
template.hasResourceProperties('AWS::EC2::Instance', {
BlockDeviceMappings: [
{
DeviceName: '/dev/xvda',
Ebs: {
Encrypted: true,
},
},
],
});
});
4 changes: 2 additions & 2 deletions test/rds.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ test('Bastion Host created for normal username/password access', () => {
'Fn::Join': [
'',
[
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
{
'Fn::GetAtt': ['TestRDSDF309CB7', 'Endpoint.Port'],
},
Expand Down Expand Up @@ -99,7 +99,7 @@ test('Bastion Host created with extended Role for IAM RDS Connection', () => {
'Fn::Join': [
'',
[
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
'Content-Type: multipart/mixed; boundary="//"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="cloud-config.txt"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset="us-ascii"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename="userdata.txt"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho "listen database\n bind 0.0.0.0:',
{
'Fn::GetAtt': ['TestRDSDF309CB7', 'Endpoint.Port'],
},
Expand Down
15 changes: 4 additions & 11 deletions tsconfig.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,7 @@
"declaration": true,
"experimentalDecorators": true,
"incremental": true,
"lib": [
"es2020"
],
"lib": ["es2020"],
"module": "CommonJS",
"noEmitOnError": true,
"noFallthroughCasesInSwitch": true,
Expand All @@ -28,12 +26,7 @@
"composite": false,
"tsBuildInfoFile": "tsconfig.tsbuildinfo"
},
"include": [
"**/*.ts"
],
"exclude": [
"node_modules",
".types-compat"
],
"include": ["**/*.ts"],
"exclude": ["node_modules", ".types-compat"],
"_generated_by_jsii_": "Generated by jsii - safe to delete, and ideally should be in .gitignore"
}
}

0 comments on commit 866eb00

Please sign in to comment.