UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

215 lines (214 loc) 9.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
import { Construct } from 'constructs'; import { ILogGroup } from './log-group'; import { IBucket } from '../../aws-s3'; /** * Creates a data protection policy for CloudWatch Logs log groups. */ export declare class DataProtectionPolicy { private readonly dataProtectionPolicyProps; constructor(props: DataProtectionPolicyProps); /** * @internal */ _bind(_scope: Construct): DataProtectionPolicyConfig; } /** * Interface representing a data protection policy */ interface DataProtectionPolicyConfig { /** * Name of the data protection policy * * @default - 'data-protection-policy-cdk' */ readonly name: string; /** * Description of the data protection policy * * @default - 'cdk generated data protection policy' */ readonly description: string; /** * Version of the data protection policy */ readonly version: string; /** * Configuration of the data protection policy. Currently supports custom data identifiers */ readonly configuration: any; /** * Statements within the data protection policy. Must contain one Audit and one Redact statement */ readonly statement: any; } /** * Properties for creating a data protection policy */ export interface DataProtectionPolicyProps { /** * Name of the data protection policy * * @default - 'data-protection-policy-cdk' */ readonly name?: string; /** * Description of the data protection policy * * @default - 'cdk generated data protection policy' */ readonly description?: string; /** * List of data protection identifiers. * * Managed data identifiers must be in the following list: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL-managed-data-identifiers.html * Custom data identifiers must have a valid regex defined: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL-custom-data-identifiers.html#custom-data-identifiers-constraints */ readonly identifiers: DataIdentifier[]; /** * CloudWatch Logs log group to send audit findings to. The log group must already exist prior to creating the data protection policy. * * @default - no CloudWatch Logs audit destination */ readonly logGroupAuditDestination?: ILogGroup; /** * S3 bucket to send audit findings to. The bucket must already exist. * * @default - no S3 bucket audit destination */ readonly s3BucketAuditDestination?: IBucket; /** * Amazon Data Firehose delivery stream to send audit findings to. The delivery stream must already exist. * * @default - no firehose delivery stream audit destination */ readonly deliveryStreamNameAuditDestination?: string; } /** * A data protection identifier. If an identifier is supported but not in this class, it can be passed in the constructor instead. */ export declare class DataIdentifier { readonly name: string; static readonly ADDRESS: DataIdentifier; static readonly AWSSECRETKEY: DataIdentifier; static readonly BANKACCOUNTNUMBER_DE: DataIdentifier; static readonly BANKACCOUNTNUMBER_ES: DataIdentifier; static readonly BANKACCOUNTNUMBER_FR: DataIdentifier; static readonly BANKACCOUNTNUMBER_GB: DataIdentifier; static readonly BANKACCOUNTNUMBER_IT: DataIdentifier; static readonly BANKACCOUNTNUMBER_US: DataIdentifier; static readonly CEPCODE_BR: DataIdentifier; static readonly CNPJ_BR: DataIdentifier; static readonly CPFCODE_BR: DataIdentifier; static readonly CREDITCARDEXPIRATION: DataIdentifier; static readonly CREDITCARDNUMBER: DataIdentifier; static readonly CREDITCARDSECURITYCODE: DataIdentifier; static readonly DRIVERSLICENSE_AT: DataIdentifier; static readonly DRIVERSLICENSE_AU: DataIdentifier; static readonly DRIVERSLICENSE_BE: DataIdentifier; static readonly DRIVERSLICENSE_BG: DataIdentifier; static readonly DRIVERSLICENSE_CA: DataIdentifier; static readonly DRIVERSLICENSE_CY: DataIdentifier; static readonly DRIVERSLICENSE_CZ: DataIdentifier; static readonly DRIVERSLICENSE_DE: DataIdentifier; static readonly DRIVERSLICENSE_DK: DataIdentifier; static readonly DRIVERSLICENSE_EE: DataIdentifier; static readonly DRIVERSLICENSE_ES: DataIdentifier; static readonly DRIVERSLICENSE_FI: DataIdentifier; static readonly DRIVERSLICENSE_FR: DataIdentifier; static readonly DRIVERSLICENSE_GB: DataIdentifier; static readonly DRIVERSLICENSE_GR: DataIdentifier; static readonly DRIVERSLICENSE_HR: DataIdentifier; static readonly DRIVERSLICENSE_HU: DataIdentifier; static readonly DRIVERSLICENSE_IE: DataIdentifier; static readonly DRIVERSLICENSE_IT: DataIdentifier; static readonly DRIVERSLICENSE_LT: DataIdentifier; static readonly DRIVERSLICENSE_LU: DataIdentifier; static readonly DRIVERSLICENSE_LV: DataIdentifier; static readonly DRIVERSLICENSE_MT: DataIdentifier; static readonly DRIVERSLICENSE_NL: DataIdentifier; static readonly DRIVERSLICENSE_PL: DataIdentifier; static readonly DRIVERSLICENSE_PT: DataIdentifier; static readonly DRIVERSLICENSE_RO: DataIdentifier; static readonly DRIVERSLICENSE_SE: DataIdentifier; static readonly DRIVERSLICENSE_SI: DataIdentifier; static readonly DRIVERSLICENSE_SK: DataIdentifier; static readonly DRIVERSLICENSE_US: DataIdentifier; static readonly DRUGENFORCEMENTAGENCYNUMBER_US: DataIdentifier; static readonly ELECTORALROLLNUMBER_GB: DataIdentifier; static readonly EMAILADDRESS: DataIdentifier; static readonly HEALTHINSURANCECARDNUMBER_EU: DataIdentifier; static readonly HEALTHINSURANCECLAIMNUMBER_US: DataIdentifier; static readonly HEALTHINSURANCENUMBER_FR: DataIdentifier; static readonly HEALTHCAREPROCEDURECODE_US: DataIdentifier; static readonly INDIVIDUALTAXIDENTIFICATIONNUMBER_US: DataIdentifier; static readonly INSEECODE_FR: DataIdentifier; static readonly IPADDRESS: DataIdentifier; static readonly LATLONG: DataIdentifier; static readonly MEDICAREBENEFICIARYNUMBER_US: DataIdentifier; static readonly NAME: DataIdentifier; static readonly NATIONALDRUGCODE_US: DataIdentifier; static readonly NATIONALIDENTIFICATIONNUMBER_DE: DataIdentifier; static readonly NATIONALIDENTIFICATIONNUMBER_ES: DataIdentifier; static readonly NATIONALIDENTIFICATIONNUMBER_IT: DataIdentifier; static readonly NATIONALINSURANCENUMBER_GB: DataIdentifier; static readonly NATIONALPROVIDERID_US: DataIdentifier; static readonly NHSNUMBER_GB: DataIdentifier; static readonly NIENUMBER_ES: DataIdentifier; static readonly NIFNUMBER_ES: DataIdentifier; static readonly OPENSSHPRIVATEKEY: DataIdentifier; static readonly PASSPORTNUMBER_CA: DataIdentifier; static readonly PASSPORTNUMBER_DE: DataIdentifier; static readonly PASSPORTNUMBER_ES: DataIdentifier; static readonly PASSPORTNUMBER_FR: DataIdentifier; static readonly PASSPORTNUMBER_GB: DataIdentifier; static readonly PASSPORTNUMBER_IT: DataIdentifier; static readonly PASSPORTNUMBER_US: DataIdentifier; static readonly PERMANENTRESIDENCENUMBER_CA: DataIdentifier; static readonly PERSONALHEALTHNUMBER_CA: DataIdentifier; static readonly PGPPRIVATEKEY: DataIdentifier; static readonly PHONENUMBER_BR: DataIdentifier; static readonly PHONENUMBER_DE: DataIdentifier; static readonly PHONENUMBER_ES: DataIdentifier; static readonly PHONENUMBER_FR: DataIdentifier; static readonly PHONENUMBER_GB: DataIdentifier; static readonly PHONENUMBER_IT: DataIdentifier; static readonly PHONENUMBER_US: DataIdentifier; static readonly PKCSPRIVATEKEY: DataIdentifier; static readonly POSTALCODE_CA: DataIdentifier; static readonly PUTTYPRIVATEKEY: DataIdentifier; static readonly RGNUMBER_BR: DataIdentifier; static readonly SOCIALINSURANCENUMBER_CA: DataIdentifier; static readonly SSN_ES: DataIdentifier; static readonly SSN_US: DataIdentifier; static readonly TAXID_DE: DataIdentifier; static readonly TAXID_ES: DataIdentifier; static readonly TAXID_FR: DataIdentifier; static readonly TAXID_GB: DataIdentifier; static readonly VEHICLEIDENTIFICATIONNUMBER: DataIdentifier; static readonly ZIPCODE_US: DataIdentifier; /** * Create a managed data identifier not in the list of static members. This is used to maintain forward compatibility, in case a new managed identifier is supported but not updated in CDK yet. * @param name - name of the identifier. */ constructor(name: string); toString(): string; } /** * A custom data identifier. Include a custom data identifier name and regular expression in the JSON policy used to define the data protection policy. */ export declare class CustomDataIdentifier extends DataIdentifier { readonly name: string; readonly regex: string; /** * Create a custom data identifier. * @param name - the name of the custom data identifier. This cannot share the same name as a managed data identifier. * @param regex - the regular expression to detect and mask log events for. */ constructor(name: string, regex: string); /** * String representation of a CustomDataIdentifier * @returns the name and RegEx of the custom data identifier */ toString(): string; } export {};