UNPKG

@vptech/aws-security-baseline

Version:

Auto-generate AWS security baselines, IAM policies, and security groups from TypeScript interfaces

github.com/vptech/aws-security-baseline

vptech/aws-security-baseline

179 lines 6.66 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
"use strict"; /** * AWS Security Baseline Generator * Auto-generate AWS security baselines, IAM policies, and security groups from TypeScript interfaces */ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __exportStar = (this && this.__exportStar) || function(m, exports) { for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.Compliance = exports.SecurityBaseline = exports.SecurityBaselineGenerator = void 0; exports.generateSecurityBaseline = generateSecurityBaseline; exports.analyzeTypeScriptSecurity = analyzeTypeScriptSecurity; exports.generateCDKSecurity = generateCDKSecurity; exports.createSecurityStack = createSecurityStack; exports.generateFromInterface = generateFromInterface; exports.createSecurityGenerator = createSecurityGenerator; exports.createSecurityAnalyzer = createSecurityAnalyzer; exports.createCDKIntegration = createCDKIntegration; exports.getAvailableComplianceFrameworks = getAvailableComplianceFrameworks; exports.generateMinimalBaseline = generateMinimalBaseline; exports.generateProductionBaseline = generateProductionBaseline; // Core types __exportStar(require("./types"), exports); // Generators var security_baseline_generator_1 = require("./generators/security-baseline-generator"); Object.defineProperty(exports, "SecurityBaselineGenerator", { enumerable: true, get: function () { return security_baseline_generator_1.SecurityBaselineGenerator; } }); // Analyzers __exportStar(require("./analyzers/typescript-analyzer"), exports); // Integrations __exportStar(require("./integrations/cdk-integration"), exports); // Main toolkit functions const security_baseline_generator_2 = require("./generators/security-baseline-generator"); const typescript_analyzer_1 = require("./analyzers/typescript-analyzer"); const cdk_integration_1 = require("./integrations/cdk-integration"); /** * Generate a complete AWS security baseline */ function generateSecurityBaseline(config) { const generator = new security_baseline_generator_2.SecurityBaselineGenerator(); return generator.generateBaseline(config); } /** * Analyze TypeScript interface for security requirements */ function analyzeTypeScriptSecurity(filePath, interfaceName) { const analyzer = new typescript_analyzer_1.TypeScriptSecurityAnalyzer(); return analyzer.analyzeInterface(filePath, interfaceName); } /** * Generate CDK constructs from security baseline */ function generateCDKSecurity(baseline) { const integration = new cdk_integration_1.CDKSecurityIntegration(); return integration.generateCDKConstructs(baseline); } /** * Create a complete security stack with CDK */ function createSecurityStack(baseline, stackName) { const integration = new cdk_integration_1.CDKSecurityIntegration(); return integration.createSecurityStack(baseline, stackName); } /** * Generate security baseline from TypeScript interface analysis */ function generateFromInterface(filePath, interfaceName, config) { const analyzer = new typescript_analyzer_1.TypeScriptSecurityAnalyzer(); const generator = new security_baseline_generator_2.SecurityBaselineGenerator(); const integration = new cdk_integration_1.CDKSecurityIntegration(); // Analyze the TypeScript interface const analysis = analyzer.analyzeInterface(filePath, interfaceName); // Create baseline configuration const baselineConfig = { complianceFrameworks: ['SOC2', 'ISO27001'], securityLevel: 'enhanced', organizationName: 'MyOrg', environmentType: 'production', enableCloudTrail: true, enableConfigRules: true, enableGuardDuty: true, enableSecurityHub: true, ...config }; // Generate security baseline const baseline = generator.generateBaseline(baselineConfig); // Generate CDK code const cdkCode = integration.generateCDKConstructs(baseline); return { analysis, baseline, cdkCode }; } /** * Create a security baseline generator instance */ function createSecurityGenerator() { return new security_baseline_generator_2.SecurityBaselineGenerator(); } /** * Create a TypeScript security analyzer instance */ function createSecurityAnalyzer() { return new typescript_analyzer_1.TypeScriptSecurityAnalyzer(); } /** * Create a CDK integration helper instance */ function createCDKIntegration() { return new cdk_integration_1.CDKSecurityIntegration(); } /** * Get available compliance frameworks */ function getAvailableComplianceFrameworks() { return ['SOC2', 'ISO27001', 'HIPAA', 'PCI-DSS', 'GDPR', 'CUSTOM']; } /** * Generate a minimal security baseline for quick start */ function generateMinimalBaseline(organizationName) { const config = { complianceFrameworks: ['SOC2'], securityLevel: 'basic', organizationName, environmentType: 'development', enableCloudTrail: true, enableConfigRules: false, enableGuardDuty: true, enableSecurityHub: false }; return generateSecurityBaseline(config); } /** * Generate a production-ready security baseline */ function generateProductionBaseline(organizationName, frameworks = ['SOC2', 'ISO27001']) { const config = { complianceFrameworks: frameworks, securityLevel: 'strict', organizationName, environmentType: 'production', enableCloudTrail: true, enableConfigRules: true, enableGuardDuty: true, enableSecurityHub: true }; return generateSecurityBaseline(config); } // Convenience exports exports.SecurityBaseline = { generate: generateSecurityBaseline, analyzeTypeScript: analyzeTypeScriptSecurity, generateCDK: generateCDKSecurity, createStack: createSecurityStack, fromInterface: generateFromInterface, minimal: generateMinimalBaseline, production: generateProductionBaseline }; exports.Compliance = { frameworks: getAvailableComplianceFrameworks(), SOC2: 'SOC2', ISO27001: 'ISO27001', HIPAA: 'HIPAA', PCI_DSS: 'PCI-DSS', GDPR: 'GDPR' }; //# sourceMappingURL=index.js.map