UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

165 lines (164 loc) 5.28 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
import type { ConstructTree, ConstructTrace } from './construct-tree'; import * as report from '../report'; /** * Validation produced by the validation plugin, in construct terms. */ export interface PolicyViolationConstructAware extends report.PolicyViolation { /** * The constructs violating this rule. */ readonly violatingConstructs: ValidationViolatingConstruct[]; } /** * Construct violating a specific rule. */ export interface ValidationViolatingConstruct extends report.PolicyViolatingResource { /** * The construct path as defined in the application. * * @default - construct path will be empty if the cli is not run with `--debug` */ readonly constructPath?: string; /** * A stack of constructs that lead to the violation. * * @default - stack will be empty if the cli is not run with `--debug` */ readonly constructStack?: ConstructTrace; } /** * JSON representation of the report. */ export interface LegacyPolicyValidationReportJson { /** * Report title. */ readonly title: string; /** * Reports for all of the validation plugins registered * in the app */ readonly pluginReports: LegacyPluginReportJson[]; } /** * A report from a single plugin */ export interface LegacyPluginReportJson { /** * List of violations in the report. */ readonly violations: PolicyViolationConstructAware[]; /** * Report summary. */ readonly summary: LegacyPolicyValidationReportSummary; /** * Plugin version. */ readonly version?: string; } /** * Summary of the report. */ export interface LegacyPolicyValidationReportSummary { /** * The final status of the validation (pass/fail) */ readonly status: report.PolicyValidationReportStatus; /** * The name of the plugin that created the report */ readonly pluginName: string; /** * Additional metadata about the report. This property is intended * to be used by plugins to add additional information. * * @default - no metadata */ readonly metadata?: { readonly [key: string]: string; }; } /** * The report containing the name of the plugin that created it. */ export interface NamedValidationPluginReport extends report.PolicyValidationPluginReport { /** * The name of the plugin that created the report */ readonly pluginName: string; } /** * JSON representation of the validation report, matching cloud-assembly-schema. */ export interface PolicyValidationReportJson { readonly version: string; readonly title?: string; readonly pluginReports: PluginReportJson[]; } export interface PluginReportJson { readonly pluginName: string; readonly pluginVersion?: string; readonly conclusion: PolicyValidationReportConclusion; readonly metadata?: { readonly [key: string]: string; }; readonly violations: PolicyViolationJson[]; readonly suppressedViolations?: SuppressedViolationJson[]; } export type PolicyValidationReportConclusion = 'success' | 'failure'; export interface PolicyViolationJson { readonly ruleName: string; readonly description: string; readonly suggestedFix?: string; readonly severity: PolicyViolationSeverity; readonly customSeverity?: string; readonly ruleMetadata?: { readonly [key: string]: string; }; readonly violatingConstructs: ViolatingConstructJson[]; } export type PolicyViolationSeverity = 'fatal' | 'error' | 'warning' | 'info' | 'custom'; export interface ViolatingConstructJson { readonly constructPath: string; readonly constructFqn?: string; readonly libraryVersion?: string; readonly cloudFormationResource?: CloudFormationResourceJson; readonly stackTraces?: string[]; } export interface CloudFormationResourceJson { readonly templatePath: string; readonly logicalId: string; readonly propertyPaths?: string[]; } export interface SuppressedViolationJson extends PolicyViolationJson { readonly acknowledgedId: string; readonly reason?: string; readonly acknowledgedAt?: string; readonly acknowledgedStackTrace?: string; } /** * A violation that was suppressed, carrying acknowledgement metadata. * Used internally to pass suppressed violations from synthesis to the formatter. */ export interface SuppressedViolation extends report.PolicyViolation { readonly acknowledgedId: string; readonly reason?: string; readonly acknowledgedAt?: string; readonly acknowledgedStackTrace?: string; } /** * The report emitted by the plugin after evaluation. */ export declare class PolicyValidationReportFormatter { private readonly tree; private readonly reportTrace; constructor(tree: ConstructTree); formatPrettyPrinted(reps: NamedValidationPluginReport[]): string; formatLegacyJson(reps: NamedValidationPluginReport[]): LegacyPolicyValidationReportJson; formatJson(reps: NamedValidationPluginReport[], schemaVersion: string, suppressedByReport?: Map<number, SuppressedViolation[]>): PolicyValidationReportJson; private formatViolationJson; private formatSuppressedViolationJson; private buildPluginReports; private formatStackTraces; }