UNPKG

raindancers-network

Version:

Extensions to the ec2.Vpc Constructs

github.com/raindancers/raindancers-network.raindancers-cdk

raindancers/raindancers-network.raindancers-cdk

53 lines 5.83 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.EnforceImdsv2 = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const constructs = require("constructs"); /** * Enforces the use of IMDSv2, without causing replacement of the Instance. */ class EnforceImdsv2 extends constructs.Construct { constructor(scope, id, props) { super(scope, id); // make an array if needed let instances = []; if (props.instances instanceof aws_cdk_lib_1.aws_ec2.Instance) { instances = [props.instances]; } else { instances = props.instances; } instances.forEach((instance) => { new aws_cdk_lib_1.custom_resources.AwsCustomResource(this, `${instance.instanceId}Imdvs2enforcer`, { resourceType: 'Custom::EnforceImdsV2', onCreate: { service: 'EC2', action: 'modifyInstanceMetadataOptions', parameters: { InstanceId: instance.instanceId, HttpTokens: 'required', InstanceMetadataTags: 'enabled', }, }, onDelete: { service: 'EC2', action: 'modifyInstanceMetadataOptions', parameters: { InstanceId: instance.instanceId, HttpTokens: 'required', InstanceMetadataTags: 'disaabled', }, }, policy: aws_cdk_lib_1.custom_resources.AwsCustomResourcePolicy.fromSdkCalls({ resources: aws_cdk_lib_1.custom_resources.AwsCustomResourcePolicy.ANY_RESOURCE, }), }); }); } } exports.EnforceImdsv2 = EnforceImdsv2; _a = JSII_RTTI_SYMBOL_1; EnforceImdsv2[_a] = { fqn: "raindancers-network.ec2.EnforceImdsv2", version: "1.29.3" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW1kdnMyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2VjMi9pbWR2czIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQSw2Q0FJcUI7QUFFckIseUNBQXlDO0FBU3pDOztHQUVHO0FBQ0gsTUFBYSxhQUFjLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFFckQsWUFBWSxLQUEyQixFQUFFLEVBQVUsRUFBRSxLQUF5QjtRQUM1RSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLDBCQUEwQjtRQUMxQixJQUFJLFNBQVMsR0FBRyxFQUFFLENBQUM7UUFDbkIsSUFBSSxLQUFLLENBQUMsU0FBUyxZQUFZLHFCQUFHLENBQUMsUUFBUSxFQUFFO1lBQzNDLFNBQVMsR0FBRyxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQztTQUMvQjthQUFNO1lBQ0wsU0FBUyxHQUFHLEtBQUssQ0FBQyxTQUFTLENBQUM7U0FDN0I7UUFFRCxTQUFTLENBQUMsT0FBTyxDQUFDLENBQUMsUUFBUSxFQUFFLEVBQUU7WUFDN0IsSUFBSSw4QkFBRSxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxHQUFHLFFBQVEsQ0FBQyxVQUFVLGdCQUFnQixFQUFFO2dCQUNyRSxZQUFZLEVBQUUsdUJBQXVCO2dCQUNyQyxRQUFRLEVBQUU7b0JBQ1IsT0FBTyxFQUFFLEtBQUs7b0JBQ2QsTUFBTSxFQUFFLCtCQUErQjtvQkFDdkMsVUFBVSxFQUFFO3dCQUNWLFVBQVUsRUFBRSxRQUFRLENBQUMsVUFBVTt3QkFDdEIsVUFBVSxFQUFFLFVBQVU7d0JBQ3RCLG9CQUFvQixFQUFFLFNBQVM7cUJBQ3pDO2lCQUNGO2dCQUNELFFBQVEsRUFBRTtvQkFDUixPQUFPLEVBQUUsS0FBSztvQkFDZCxNQUFNLEVBQUUsK0JBQStCO29CQUN2QyxVQUFVLEVBQUU7d0JBQ1YsVUFBVSxFQUFFLFFBQVEsQ0FBQyxVQUFVO3dCQUN0QixVQUFVLEVBQUUsVUFBVTt3QkFDdEIsb0JBQW9CLEVBQUUsV0FBVztxQkFDM0M7aUJBQ0Y7Z0JBQ0QsTUFBTSxFQUFFLDhCQUFFLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO29CQUM5QyxTQUFTLEVBQUUsOEJBQUUsQ0FBQyx1QkFBdUIsQ0FBQyxZQUFZO2lCQUNuRCxDQUFDO2FBQ0gsQ0FBQyxDQUFDO1FBQ0wsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDOztBQXZDSCxzQ0F3Q0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge1xuICBjdXN0b21fcmVzb3VyY2VzIGFzIGNyLFxuICBhd3NfZWMyIGFzIGVjMixcbn1cbiAgZnJvbSAnYXdzLWNkay1saWInO1xuXG5pbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gJ2NvbnN0cnVjdHMnO1xuXG5cbmV4cG9ydCBpbnRlcmZhY2UgRW5mb3JjZUltZHN2MlByb3Bze1xuICAvKipcblx0ICogZWMyIEluc3RhbmNlIG9yIEluc3RhbmNlc1xuXHQgKi9cbiAgXHRyZWFkb25seSBpbnN0YW5jZXM6IGVjMi5JbnN0YW5jZVtdIHwgZWMyLkluc3RhbmNlO1xufVxuLyoqXG4gKiBFbmZvcmNlcyB0aGUgdXNlIG9mIElNRFN2Miwgd2l0aG91dCBjYXVzaW5nIHJlcGxhY2VtZW50IG9mIHRoZSBJbnN0YW5jZS5cbiAqL1xuZXhwb3J0IGNsYXNzIEVuZm9yY2VJbWRzdjIgZXh0ZW5kcyBjb25zdHJ1Y3RzLkNvbnN0cnVjdCB7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IGNvbnN0cnVjdHMuQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogRW5mb3JjZUltZHN2MlByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIC8vIG1ha2UgYW4gYXJyYXkgaWYgbmVlZGVkXG4gICAgbGV0IGluc3RhbmNlcyA9IFtdO1xuICAgIGlmIChwcm9wcy5pbnN0YW5jZXMgaW5zdGFuY2VvZiBlYzIuSW5zdGFuY2UpIHtcbiAgICAgIGluc3RhbmNlcyA9IFtwcm9wcy5pbnN0YW5jZXNdO1xuICAgIH0gZWxzZSB7XG4gICAgICBpbnN0YW5jZXMgPSBwcm9wcy5pbnN0YW5jZXM7XG4gICAgfVxuXG4gICAgaW5zdGFuY2VzLmZvckVhY2goKGluc3RhbmNlKSA9PiB7XG4gICAgICBuZXcgY3IuQXdzQ3VzdG9tUmVzb3VyY2UodGhpcywgYCR7aW5zdGFuY2UuaW5zdGFuY2VJZH1JbWR2czJlbmZvcmNlcmAsIHtcbiAgICAgICAgcmVzb3VyY2VUeXBlOiAnQ3VzdG9tOjpFbmZvcmNlSW1kc1YyJyxcbiAgICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgICBzZXJ2aWNlOiAnRUMyJyxcbiAgICAgICAgICBhY3Rpb246ICdtb2RpZnlJbnN0YW5jZU1ldGFkYXRhT3B0aW9ucycsXG4gICAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgICAgSW5zdGFuY2VJZDogaW5zdGFuY2UuaW5zdGFuY2VJZCxcbiAgICAgICAgICAgICAgICAgICAgXHRIdHRwVG9rZW5zOiAncmVxdWlyZWQnLFxuICAgICAgICAgICAgICAgICAgICBcdEluc3RhbmNlTWV0YWRhdGFUYWdzOiAnZW5hYmxlZCcsXG4gICAgICAgICAgfSxcbiAgICAgICAgfSxcbiAgICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgICBzZXJ2aWNlOiAnRUMyJyxcbiAgICAgICAgICBhY3Rpb246ICdtb2RpZnlJbnN0YW5jZU1ldGFkYXRhT3B0aW9ucycsXG4gICAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgICAgSW5zdGFuY2VJZDogaW5zdGFuY2UuaW5zdGFuY2VJZCxcbiAgICAgICAgICAgICAgICAgICAgXHRIdHRwVG9rZW5zOiAncmVxdWlyZWQnLFxuICAgICAgICAgICAgICAgICAgICBcdEluc3RhbmNlTWV0YWRhdGFUYWdzOiAnZGlzYWFibGVkJyxcbiAgICAgICAgICB9LFxuICAgICAgICB9LFxuICAgICAgICBwb2xpY3k6IGNyLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TZGtDYWxscyh7XG4gICAgICAgICAgcmVzb3VyY2VzOiBjci5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5BTllfUkVTT1VSQ0UsXG4gICAgICAgIH0pLFxuICAgICAgfSk7XG4gICAgfSk7XG4gIH1cbn1cblxuIl19