advanced-cdk-constructs
Version:
[](https://codecov.io/gh/spensireli/advanced-cdk-constructs)
53 lines • 6.23 kB
JavaScript
;
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.ServiceControlPolicy = void 0;
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
const aws_cdk_lib_1 = require("aws-cdk-lib");
const constructs_1 = require("constructs");
/**
* Defines an AWS Organizations Service Control Policy (SCP) and attaches it to the specified targets.
*
* Example:
* ```ts
* new ServiceControlPolicy(this, 'MySCP', {
* targetIds: ['ou-xxxx-xxxxxxxx', '123456789012'],
* name: 'DenyEC2',
* statements: [
* {
* Effect: 'Deny',
* Action: 'ec2:*',
* Resource: '*',
* },
* ],
* description: 'Denies all EC2 actions',
* });
* ```
*/
class ServiceControlPolicy extends constructs_1.Construct {
/**
* Creates a new Service Control Policy and attaches it to the specified targets.
* @param scope The parent construct.
* @param id The construct ID.
* @param props The Service Control Policy properties.
*/
constructor(scope, id, props) {
super(scope, id);
const resourceControlPolicy = {
Version: '2012-10-17',
Statement: props.statements,
};
const applyServiceControlPolicy = new aws_cdk_lib_1.aws_organizations.CfnPolicy(this, `ServiceControlPolicy-${this.node.id}`, {
content: resourceControlPolicy,
name: props.name ?? `ServiceControlPolicy-${this.node.id}`,
type: 'SERVICE_CONTROL_POLICY',
description: props.description ?? 'Service Control Policy from Advanced CDK Constructs',
targetIds: props.targetIds,
});
this.serviceControlPolicyArn = applyServiceControlPolicy.attrArn;
}
}
exports.ServiceControlPolicy = ServiceControlPolicy;
_a = JSII_RTTI_SYMBOL_1;
ServiceControlPolicy[_a] = { fqn: "advanced-cdk-constructs.ServiceControlPolicy", version: "0.0.14" };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VydmljZS1jb250cm9sLXBvbGljaWVzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3NlcnZpY2UtY29udHJvbC1wb2xpY2llcy9zZXJ2aWNlLWNvbnRyb2wtcG9saWNpZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw2Q0FBaUU7QUFDakUsMkNBQXVDO0FBMEJ2Qzs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBa0JHO0FBQ0gsTUFBYSxvQkFBcUIsU0FBUSxzQkFBUztJQU1qRDs7Ozs7T0FLRztJQUNILFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBZ0M7UUFDeEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUNqQixNQUFNLHFCQUFxQixHQUFHO1lBQzVCLE9BQU8sRUFBRSxZQUFZO1lBQ3JCLFNBQVMsRUFBRSxLQUFLLENBQUMsVUFBVTtTQUM1QixDQUFDO1FBQ0YsTUFBTSx5QkFBeUIsR0FBRyxJQUFJLCtCQUFhLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRSx3QkFBd0IsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLEVBQUUsRUFBRTtZQUMxRyxPQUFPLEVBQUUscUJBQXFCO1lBQzlCLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSSxJQUFJLHdCQUF3QixJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsRUFBRTtZQUMxRCxJQUFJLEVBQUUsd0JBQXdCO1lBQzlCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVyxJQUFJLHFEQUFxRDtZQUN2RixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7U0FDM0IsQ0FBQyxDQUFDO1FBQ0gsSUFBSSxDQUFDLHVCQUF1QixHQUFHLHlCQUF5QixDQUFDLE9BQU8sQ0FBQztJQUVuRSxDQUFDOztBQTNCSCxvREE0QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBhd3Nfb3JnYW5pemF0aW9ucyBhcyBvcmdhbml6YXRpb25zIH0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5cbi8qKlxuICogUHJvcGVydGllcyBmb3IgZGVmaW5pbmcgYSBTZXJ2aWNlIENvbnRyb2wgUG9saWN5LlxuICovXG5leHBvcnQgaW50ZXJmYWNlIFNlcnZpY2VDb250cm9sUG9saWN5UHJvcHMge1xuICAvKipcbiAgICogVGhlIGxpc3Qgb2YgdGFyZ2V0IElEcyAoYWNjb3VudHMgb3Igb3JnYW5pemF0aW9uYWwgdW5pdHMpIHRvIHdoaWNoIHRoZSBwb2xpY3kgd2lsbCBiZSBhdHRhY2hlZC5cbiAgICovXG4gIHJlYWRvbmx5IHRhcmdldElkczogc3RyaW5nW107XG4gIC8qKlxuICAgKiBUaGUgbmFtZSBvZiB0aGUgU2VydmljZSBDb250cm9sIFBvbGljeS5cbiAgICogQGRlZmF1bHQgLSBBIG5hbWUgYmFzZWQgb24gdGhlIGNvbnN0cnVjdCBJRCB3aWxsIGJlIHVzZWQuXG4gICAqL1xuICByZWFkb25seSBuYW1lPzogc3RyaW5nO1xuICAvKipcbiAgICogVGhlIHBvbGljeSBzdGF0ZW1lbnRzIHRvIGluY2x1ZGUgaW4gdGhlIFNlcnZpY2UgQ29udHJvbCBQb2xpY3kuXG4gICAqL1xuICByZWFkb25seSBzdGF0ZW1lbnRzOiBhbnlbXTtcbiAgLyoqXG4gICAqIFRoZSBkZXNjcmlwdGlvbiBvZiB0aGUgU2VydmljZSBDb250cm9sIFBvbGljeS5cbiAgICogQGRlZmF1bHQgLSAnU2VydmljZSBDb250cm9sIFBvbGljeSBmcm9tIEFkdmFuY2VkIENESyBDb25zdHJ1Y3RzJ1xuICAgKi9cbiAgcmVhZG9ubHkgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG59XG5cbi8qKlxuICogRGVmaW5lcyBhbiBBV1MgT3JnYW5pemF0aW9ucyBTZXJ2aWNlIENvbnRyb2wgUG9saWN5IChTQ1ApIGFuZCBhdHRhY2hlcyBpdCB0byB0aGUgc3BlY2lmaWVkIHRhcmdldHMuXG4gKlxuICogRXhhbXBsZTpcbiAqIGBgYHRzXG4gKiBuZXcgU2VydmljZUNvbnRyb2xQb2xpY3kodGhpcywgJ015U0NQJywge1xuICogICB0YXJnZXRJZHM6IFsnb3UteHh4eC14eHh4eHh4eCcsICcxMjM0NTY3ODkwMTInXSxcbiAqICAgbmFtZTogJ0RlbnlFQzInLFxuICogICBzdGF0ZW1lbnRzOiBbXG4gKiAgICAge1xuICogICAgICAgRWZmZWN0OiAnRGVueScsXG4gKiAgICAgICBBY3Rpb246ICdlYzI6KicsXG4gKiAgICAgICBSZXNvdXJjZTogJyonLFxuICogICAgIH0sXG4gKiAgIF0sXG4gKiAgIGRlc2NyaXB0aW9uOiAnRGVuaWVzIGFsbCBFQzIgYWN0aW9ucycsXG4gKiB9KTtcbiAqIGBgYFxuICovXG5leHBvcnQgY2xhc3MgU2VydmljZUNvbnRyb2xQb2xpY3kgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICAvKipcbiAgICogVGhlIEFSTiBvZiB0aGUgY3JlYXRlZCBTZXJ2aWNlIENvbnRyb2wgUG9saWN5LlxuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IHNlcnZpY2VDb250cm9sUG9saWN5QXJuITogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBDcmVhdGVzIGEgbmV3IFNlcnZpY2UgQ29udHJvbCBQb2xpY3kgYW5kIGF0dGFjaGVzIGl0IHRvIHRoZSBzcGVjaWZpZWQgdGFyZ2V0cy5cbiAgICogQHBhcmFtIHNjb3BlIFRoZSBwYXJlbnQgY29uc3RydWN0LlxuICAgKiBAcGFyYW0gaWQgVGhlIGNvbnN0cnVjdCBJRC5cbiAgICogQHBhcmFtIHByb3BzIFRoZSBTZXJ2aWNlIENvbnRyb2wgUG9saWN5IHByb3BlcnRpZXMuXG4gICAqL1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogU2VydmljZUNvbnRyb2xQb2xpY3lQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG4gICAgY29uc3QgcmVzb3VyY2VDb250cm9sUG9saWN5ID0ge1xuICAgICAgVmVyc2lvbjogJzIwMTItMTAtMTcnLFxuICAgICAgU3RhdGVtZW50OiBwcm9wcy5zdGF0ZW1lbnRzLFxuICAgIH07XG4gICAgY29uc3QgYXBwbHlTZXJ2aWNlQ29udHJvbFBvbGljeSA9IG5ldyBvcmdhbml6YXRpb25zLkNmblBvbGljeSh0aGlzLCBgU2VydmljZUNvbnRyb2xQb2xpY3ktJHt0aGlzLm5vZGUuaWR9YCwge1xuICAgICAgY29udGVudDogcmVzb3VyY2VDb250cm9sUG9saWN5LFxuICAgICAgbmFtZTogcHJvcHMubmFtZSA/PyBgU2VydmljZUNvbnRyb2xQb2xpY3ktJHt0aGlzLm5vZGUuaWR9YCxcbiAgICAgIHR5cGU6ICdTRVJWSUNFX0NPTlRST0xfUE9MSUNZJyxcbiAgICAgIGRlc2NyaXB0aW9uOiBwcm9wcy5kZXNjcmlwdGlvbiA/PyAnU2VydmljZSBDb250cm9sIFBvbGljeSBmcm9tIEFkdmFuY2VkIENESyBDb25zdHJ1Y3RzJyxcbiAgICAgIHRhcmdldElkczogcHJvcHMudGFyZ2V0SWRzLFxuICAgIH0pO1xuICAgIHRoaXMuc2VydmljZUNvbnRyb2xQb2xpY3lBcm4gPSBhcHBseVNlcnZpY2VDb250cm9sUG9saWN5LmF0dHJBcm47XG5cbiAgfVxufSJdfQ==