UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

88 lines (87 loc) 3.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
import { Construct } from 'constructs'; import { ManagedRule, RuleProps } from './rule'; import * as iam from '../../aws-iam'; import * as sns from '../../aws-sns'; import { Duration } from '../../core'; /** * Construction properties for a AccessKeysRotated */ export interface AccessKeysRotatedProps extends RuleProps { /** * The maximum number of days within which the access keys must be rotated. * * @default Duration.days(90) */ readonly maxAge?: Duration; } /** * Checks whether the active access keys are rotated within the number of days * specified in `maxAge`. * * @see https://docs.aws.amazon.com/config/latest/developerguide/access-keys-rotated.html * * @resource AWS::Config::ConfigRule */ export declare class AccessKeysRotated extends ManagedRule { /** Uniquely identifies this class. */ static readonly PROPERTY_INJECTION_ID: string; constructor(scope: Construct, id: string, props?: AccessKeysRotatedProps); } /** * Construction properties for a CloudFormationStackDriftDetectionCheck */ export interface CloudFormationStackDriftDetectionCheckProps extends RuleProps { /** * Whether to check only the stack where this rule is deployed. * * @default false */ readonly ownStackOnly?: boolean; /** * The IAM role to use for this rule. It must have permissions to detect drift * for AWS CloudFormation stacks. Ensure to attach `config.amazonaws.com` trusted * permissions and `ReadOnlyAccess` policy permissions. For specific policy permissions, * refer to https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html. * * @default - A role will be created */ readonly role?: iam.IRole; } /** * Checks whether your CloudFormation stacks' actual configuration differs, or * has drifted, from its expected configuration. * * @see https://docs.aws.amazon.com/config/latest/developerguide/cloudformation-stack-drift-detection-check.html * * @resource AWS::Config::ConfigRule */ export declare class CloudFormationStackDriftDetectionCheck extends ManagedRule { /** Uniquely identifies this class. */ static readonly PROPERTY_INJECTION_ID: string; private readonly role; constructor(scope: Construct, id: string, props?: CloudFormationStackDriftDetectionCheckProps); } /** * Construction properties for a CloudFormationStackNotificationCheck. */ export interface CloudFormationStackNotificationCheckProps extends RuleProps { /** * A list of allowed topics. At most 5 topics. * * @default - No topics. */ readonly topics?: sns.ITopic[]; } /** * Checks whether your CloudFormation stacks are sending event notifications to * a SNS topic. Optionally checks whether specified SNS topics are used. * * @see https://docs.aws.amazon.com/config/latest/developerguide/cloudformation-stack-notification-check.html * * @resource AWS::Config::ConfigRule */ export declare class CloudFormationStackNotificationCheck extends ManagedRule { /** Uniquely identifies this class. */ static readonly PROPERTY_INJECTION_ID: string; constructor(scope: Construct, id: string, props?: CloudFormationStackNotificationCheckProps); }