UNPKG

@aws-solutions-constructs/core

Version:

Core CDK Construct for patterns library

github.com/awslabs/aws-solutions-constructs

awslabs/aws-solutions-constructs

70 lines 7.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
"use strict"; /** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance * with the License. A copy of the License is located at * * http://www.apache.org/licenses/LICENSE-2.0 * * or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES * OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions * and limitations under the License. */ Object.defineProperty(exports, "__esModule", { value: true }); exports.DefaultWafRules = DefaultWafRules; exports.wrapManagedRuleSet = wrapManagedRuleSet; exports.DefaultWafwebaclProps = DefaultWafwebaclProps; /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function DefaultWafRules() { return [ wrapManagedRuleSet("AWSManagedRulesBotControlRuleSet", "AWS", 0), wrapManagedRuleSet("AWSManagedRulesKnownBadInputsRuleSet", "AWS", 1), wrapManagedRuleSet("AWSManagedRulesCommonRuleSet", "AWS", 2), wrapManagedRuleSet("AWSManagedRulesAnonymousIpList", "AWS", 3), wrapManagedRuleSet("AWSManagedRulesAmazonIpReputationList", "AWS", 4), wrapManagedRuleSet("AWSManagedRulesAdminProtectionRuleSet", "AWS", 5), wrapManagedRuleSet("AWSManagedRulesSQLiRuleSet", "AWS", 6) ]; } /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function wrapManagedRuleSet(managedGroupName, vendorName, priority) { return { name: `${vendorName}-${managedGroupName}`, priority, overrideAction: { none: {} }, statement: { managedRuleGroupStatement: { name: managedGroupName, vendorName, } }, visibilityConfig: { cloudWatchMetricsEnabled: true, metricName: managedGroupName, sampledRequestsEnabled: true } }; } /** * @internal This is an internal core function and should not be called directly by Solutions Constructs clients. */ function DefaultWafwebaclProps(webaclScope) { return { defaultAction: { allow: {} }, scope: webaclScope, visibilityConfig: { cloudWatchMetricsEnabled: true, metricName: 'webACL', sampledRequestsEnabled: true }, rules: DefaultWafRules() }; } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2FmLWRlZmF1bHRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsid2FmLWRlZmF1bHRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7Ozs7Ozs7R0FXRzs7QUFZSCwwQ0FVQztBQUtELGdEQWlCQztBQUtELHNEQWFDO0FBckREOztHQUVHO0FBQ0gsU0FBZ0IsZUFBZTtJQUM3QixPQUFPO1FBQ0wsa0JBQWtCLENBQUMsa0NBQWtDLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUNoRSxrQkFBa0IsQ0FBQyxzQ0FBc0MsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO1FBQ3BFLGtCQUFrQixDQUFDLDhCQUE4QixFQUFFLEtBQUssRUFBRSxDQUFDLENBQUM7UUFDNUQsa0JBQWtCLENBQUMsZ0NBQWdDLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztRQUM5RCxrQkFBa0IsQ0FBQyx1Q0FBdUMsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO1FBQ3JFLGtCQUFrQixDQUFDLHVDQUF1QyxFQUFFLEtBQUssRUFBRSxDQUFDLENBQUM7UUFDckUsa0JBQWtCLENBQUMsNEJBQTRCLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztLQUMzQixDQUFDO0FBQ3BDLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLGtCQUFrQixDQUFDLGdCQUF3QixFQUFFLFVBQWtCLEVBQUUsUUFBZ0I7SUFDL0YsT0FBTztRQUNMLElBQUksRUFBRSxHQUFHLFVBQVUsSUFBSSxnQkFBZ0IsRUFBRTtRQUN6QyxRQUFRO1FBQ1IsY0FBYyxFQUFFLEVBQUUsSUFBSSxFQUFFLEVBQUUsRUFBRTtRQUM1QixTQUFTLEVBQUU7WUFDVCx5QkFBeUIsRUFBRTtnQkFDekIsSUFBSSxFQUFFLGdCQUFnQjtnQkFDdEIsVUFBVTthQUNYO1NBQ0Y7UUFDRCxnQkFBZ0IsRUFBRTtZQUNoQix3QkFBd0IsRUFBRSxJQUFJO1lBQzlCLFVBQVUsRUFBRSxnQkFBZ0I7WUFDNUIsc0JBQXNCLEVBQUUsSUFBSTtTQUM3QjtLQUMrQixDQUFDO0FBQ3JDLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLHFCQUFxQixDQUFDLFdBQW1CO0lBQ3ZELE9BQU87UUFDTCxhQUFhLEVBQUU7WUFDYixLQUFLLEVBQUUsRUFBRTtTQUNWO1FBQ0QsS0FBSyxFQUFFLFdBQVc7UUFDbEIsZ0JBQWdCLEVBQUU7WUFDaEIsd0JBQXdCLEVBQUUsSUFBSTtZQUM5QixVQUFVLEVBQUUsUUFBUTtZQUNwQixzQkFBc0IsRUFBRSxJQUFJO1NBQzdCO1FBQ0QsS0FBSyxFQUFFLGVBQWUsRUFBRTtLQUN6QixDQUFDO0FBQ0osQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogIENvcHlyaWdodCBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8qXG4gKiAgVGhlIGZ1bmN0aW9ucyBmb3VuZCBoZXJlIGluIHRoZSBjb3JlIGxpYnJhcnkgYXJlIGZvciBpbnRlcm5hbCB1c2UgYW5kIGNhbiBiZSBjaGFuZ2VkXG4gKiAgb3IgcmVtb3ZlZCBvdXRzaWRlIG9mIGEgbWFqb3IgcmVsZWFzZS4gV2UgcmVjb21tZW5kIGFnYWluc3QgY2FsbGluZyB0aGVtIGRpcmVjdGx5IGZyb20gY2xpZW50IGNvZGUuXG4gKi9cblxuaW1wb3J0ICogYXMgd2FmIGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtd2FmdjJcIjtcblxuLyoqXG4gKiBAaW50ZXJuYWwgVGhpcyBpcyBhbiBpbnRlcm5hbCBjb3JlIGZ1bmN0aW9uIGFuZCBzaG91bGQgbm90IGJlIGNhbGxlZCBkaXJlY3RseSBieSBTb2x1dGlvbnMgQ29uc3RydWN0cyBjbGllbnRzLlxuICovXG5leHBvcnQgZnVuY3Rpb24gRGVmYXVsdFdhZlJ1bGVzKCk6IHdhZi5DZm5SdWxlR3JvdXAuUnVsZVByb3BlcnR5W10ge1xuICByZXR1cm4gW1xuICAgIHdyYXBNYW5hZ2VkUnVsZVNldChcIkFXU01hbmFnZWRSdWxlc0JvdENvbnRyb2xSdWxlU2V0XCIsIFwiQVdTXCIsIDApLFxuICAgIHdyYXBNYW5hZ2VkUnVsZVNldChcIkFXU01hbmFnZWRSdWxlc0tub3duQmFkSW5wdXRzUnVsZVNldFwiLCBcIkFXU1wiLCAxKSxcbiAgICB3cmFwTWFuYWdlZFJ1bGVTZXQoXCJBV1NNYW5hZ2VkUnVsZXNDb21tb25SdWxlU2V0XCIsIFwiQVdTXCIsIDIpLFxuICAgIHdyYXBNYW5hZ2VkUnVsZVNldChcIkFXU01hbmFnZWRSdWxlc0Fub255bW91c0lwTGlzdFwiLCBcIkFXU1wiLCAzKSxcbiAgICB3cmFwTWFuYWdlZFJ1bGVTZXQoXCJBV1NNYW5hZ2VkUnVsZXNBbWF6b25JcFJlcHV0YXRpb25MaXN0XCIsIFwiQVdTXCIsIDQpLFxuICAgIHdyYXBNYW5hZ2VkUnVsZVNldChcIkFXU01hbmFnZWRSdWxlc0FkbWluUHJvdGVjdGlvblJ1bGVTZXRcIiwgXCJBV1NcIiwgNSksXG4gICAgd3JhcE1hbmFnZWRSdWxlU2V0KFwiQVdTTWFuYWdlZFJ1bGVzU1FMaVJ1bGVTZXRcIiwgXCJBV1NcIiwgNilcbiAgXSBhcyB3YWYuQ2ZuV2ViQUNMLlJ1bGVQcm9wZXJ0eVtdO1xufVxuXG4vKipcbiAqIEBpbnRlcm5hbCBUaGlzIGlzIGFuIGludGVybmFsIGNvcmUgZnVuY3Rpb24gYW5kIHNob3VsZCBub3QgYmUgY2FsbGVkIGRpcmVjdGx5IGJ5IFNvbHV0aW9ucyBDb25zdHJ1Y3RzIGNsaWVudHMuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiB3cmFwTWFuYWdlZFJ1bGVTZXQobWFuYWdlZEdyb3VwTmFtZTogc3RyaW5nLCB2ZW5kb3JOYW1lOiBzdHJpbmcsIHByaW9yaXR5OiBudW1iZXIpIHtcbiAgcmV0dXJuIHtcbiAgICBuYW1lOiBgJHt2ZW5kb3JOYW1lfS0ke21hbmFnZWRHcm91cE5hbWV9YCxcbiAgICBwcmlvcml0eSxcbiAgICBvdmVycmlkZUFjdGlvbjogeyBub25lOiB7fSB9LFxuICAgIHN0YXRlbWVudDoge1xuICAgICAgbWFuYWdlZFJ1bGVHcm91cFN0YXRlbWVudDoge1xuICAgICAgICBuYW1lOiBtYW5hZ2VkR3JvdXBOYW1lLFxuICAgICAgICB2ZW5kb3JOYW1lLFxuICAgICAgfVxuICAgIH0sXG4gICAgdmlzaWJpbGl0eUNvbmZpZzoge1xuICAgICAgY2xvdWRXYXRjaE1ldHJpY3NFbmFibGVkOiB0cnVlLFxuICAgICAgbWV0cmljTmFtZTogbWFuYWdlZEdyb3VwTmFtZSxcbiAgICAgIHNhbXBsZWRSZXF1ZXN0c0VuYWJsZWQ6IHRydWVcbiAgICB9XG4gIH0gYXMgd2FmLkNmblJ1bGVHcm91cC5SdWxlUHJvcGVydHk7XG59XG5cbi8qKlxuICogQGludGVybmFsIFRoaXMgaXMgYW4gaW50ZXJuYWwgY29yZSBmdW5jdGlvbiBhbmQgc2hvdWxkIG5vdCBiZSBjYWxsZWQgZGlyZWN0bHkgYnkgU29sdXRpb25zIENvbnN0cnVjdHMgY2xpZW50cy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIERlZmF1bHRXYWZ3ZWJhY2xQcm9wcyh3ZWJhY2xTY29wZTogc3RyaW5nKSB7XG4gIHJldHVybiB7XG4gICAgZGVmYXVsdEFjdGlvbjoge1xuICAgICAgYWxsb3c6IHt9XG4gICAgfSxcbiAgICBzY29wZTogd2ViYWNsU2NvcGUsXG4gICAgdmlzaWJpbGl0eUNvbmZpZzoge1xuICAgICAgY2xvdWRXYXRjaE1ldHJpY3NFbmFibGVkOiB0cnVlLFxuICAgICAgbWV0cmljTmFtZTogJ3dlYkFDTCcsXG4gICAgICBzYW1wbGVkUmVxdWVzdHNFbmFibGVkOiB0cnVlXG4gICAgfSxcbiAgICBydWxlczogRGVmYXVsdFdhZlJ1bGVzKClcbiAgfTtcbn0iXX0=