UNPKG

raindancers-network

Version:

Extensions to the ec2.Vpc Constructs

github.com/raindancers/raindancers-network.raindancers-cdk

raindancers/raindancers-network.raindancers-cdk

61 lines 9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.NetworkFirewall = void 0; const cdk = require("aws-cdk-lib"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const constructs = require("constructs"); /** * Creates Network Firewalls */ class NetworkFirewall extends constructs.Construct { /** * * @param scope Scope * @param id id * @param props props */ constructor(scope, id, props) { super(scope, id); let firewallSubnetList = []; firewallSubnetList = props.vpc.selectSubnets({ subnetGroupName: 'firewall' }).subnets.map(subnet => ({ subnetId: subnet.subnetId })); const fw = new aws_cdk_lib_1.aws_networkfirewall.CfnFirewall(this, 'KatieFW', { firewallName: props.firewallName, firewallPolicyArn: props.firewallPolicy.attrFirewallPolicyArn, subnetMappings: firewallSubnetList, vpcId: props.vpc.vpcId, }); // CloudWatch Logs group to store Network Firewall flow logs const fwFlowLogsGroup = new aws_cdk_lib_1.aws_logs.LogGroup(this, 'FWFlowLogsGroup', { logGroupName: `${props.firewallName}FlowLogs`, removalPolicy: cdk.RemovalPolicy.DESTROY, }); // CloudWatch Logs group to store Network Firewall alert logs const fwAlertLogsGroup = new aws_cdk_lib_1.aws_logs.LogGroup(this, 'FWAlertLogsGroup', { logGroupName: `${props.firewallName}AlertLogs`, removalPolicy: cdk.RemovalPolicy.DESTROY, }); // Firewall logging configuration to enable both flow and alert logs new aws_cdk_lib_1.aws_networkfirewall.CfnLoggingConfiguration(this, 'FirewallLogConf', { firewallArn: fw.ref, loggingConfiguration: { logDestinationConfigs: [ { logDestination: { logGroup: fwFlowLogsGroup.logGroupName }, logDestinationType: 'CloudWatchLogs', logType: 'FLOW', }, { logDestination: { logGroup: fwAlertLogsGroup.logGroupName }, logDestinationType: 'CloudWatchLogs', logType: 'ALERT', }, ], }, }); this.firewallArn = fw.attrFirewallArn; this.firewallId = fw.attrFirewallId; this.endPointIds = fw.attrEndpointIds; } // endof connectToCloudWan } // end of class exports.NetworkFirewall = NetworkFirewall; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZmlyZXdhbGwuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbndmaXJld2FsbC9maXJld2FsbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxtQ0FBbUM7QUFDbkMsNkNBS3FCO0FBQ3JCLHlDQUF5QztBQXlCekM7O0dBRUc7QUFDSCxNQUFhLGVBQWdCLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFldkQ7Ozs7O09BS0c7SUFDSCxZQUFZLEtBQTJCLEVBQUUsRUFBVSxFQUFFLEtBQTJCO1FBQzlFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxrQkFBa0IsR0FBaUQsRUFBRSxDQUFDO1FBQ3pFLGtCQUFrQixHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsYUFBYSxDQUFDLEVBQUUsZUFBZSxFQUFFLFVBQVUsRUFBRSxDQUFDLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUNqRyxDQUFDLEVBQUUsUUFBUSxFQUFFLE1BQU0sQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUNoQyxDQUFDO1FBRUgsTUFBTSxFQUFFLEdBQUcsSUFBSSxpQ0FBUSxDQUFDLFdBQVcsQ0FBQyxJQUFJLEVBQUUsU0FBUyxFQUFFO1lBQ25ELFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWTtZQUNoQyxpQkFBaUIsRUFBRSxLQUFLLENBQUMsY0FBYyxDQUFDLHFCQUFxQjtZQUM3RCxjQUFjLEVBQUUsa0JBQWtCO1lBQ2xDLEtBQUssRUFBRSxLQUFLLENBQUMsR0FBRyxDQUFDLEtBQUs7U0FDdkIsQ0FBQyxDQUFDO1FBRUgsNERBQTREO1FBQzVELE1BQU0sZUFBZSxHQUFHLElBQUksc0JBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFO1lBQ2pFLFlBQVksRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLFVBQVU7WUFDN0MsYUFBYSxFQUFFLEdBQUcsQ0FBQyxhQUFhLENBQUMsT0FBTztTQUN6QyxDQUFDLENBQUM7UUFFSCw2REFBNkQ7UUFDN0QsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLHNCQUFJLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxrQkFBa0IsRUFBRTtZQUNuRSxZQUFZLEVBQUUsR0FBRyxLQUFLLENBQUMsWUFBWSxXQUFXO1lBQzlDLGFBQWEsRUFBRSxHQUFHLENBQUMsYUFBYSxDQUFDLE9BQU87U0FDekMsQ0FBQyxDQUFDO1FBRUgsb0VBQW9FO1FBQ3BFLElBQUksaUNBQVEsQ0FBQyx1QkFBdUIsQ0FBQyxJQUFJLEVBQUUsaUJBQWlCLEVBQUU7WUFDNUQsV0FBVyxFQUFFLEVBQUUsQ0FBQyxHQUFHO1lBQ25CLG9CQUFvQixFQUFFO2dCQUNwQixxQkFBcUIsRUFBRTtvQkFDckI7d0JBQ0UsY0FBYyxFQUFFLEVBQUUsUUFBUSxFQUFFLGVBQWUsQ0FBQyxZQUFZLEVBQUU7d0JBQzFELGtCQUFrQixFQUFFLGdCQUFnQjt3QkFDcEMsT0FBTyxFQUFFLE1BQU07cUJBQ2hCO29CQUNEO3dCQUNFLGNBQWMsRUFBRSxFQUFFLFFBQVEsRUFBRSxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUU7d0JBQzNELGtCQUFrQixFQUFFLGdCQUFnQjt3QkFDcEMsT0FBTyxFQUFFLE9BQU87cUJBQ2pCO2lCQUNGO2FBQ0Y7U0FDRixDQUFDLENBQUM7UUFHSCxJQUFJLENBQUMsV0FBVyxHQUFHLEVBQUUsQ0FBQyxlQUFlLENBQUM7UUFDdEMsSUFBSSxDQUFDLFVBQVUsR0FBRyxFQUFFLENBQUMsY0FBYyxDQUFDO1FBQ3BDLElBQUksQ0FBQyxXQUFXLEdBQUcsRUFBRSxDQUFDLGVBQWUsQ0FBQztJQUV4QyxDQUFDLENBQUMsMEJBQTBCO0NBQzdCLENBQUEsZUFBZTtBQXpFaEIsMENBeUVDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCB7XG4gIGF3c19lYzIgYXMgZWMyLFxuICBhd3NfbmV0d29ya2ZpcmV3YWxsIGFzIGZpcmV3YWxsLFxuICBhd3NfbG9ncyBhcyBsb2dzLFxufVxuICBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gJ2NvbnN0cnVjdHMnO1xuXG5cbi8qKlxuICogUHJvcGVydHlzIG9mIGEgTmV0d29yayBGaXJld2FsbFxuICovXG5leHBvcnQgaW50ZXJmYWNlIE5ldHdvcmtGaXJld2FsbFByb3BzIHtcbiAgLyoqXG4gICAqIHRoZSB0aGUgdnBjIHdoZXJlIHRoZSBOZXR3b3JrIGZpcmV3YWxsIGlzIHBsYWNlZFxuICAgKi9cbiAgcmVhZG9ubHkgdnBjOiBlYzIuVnBjIHwgZWMyLklWcGM7XG4gIC8qKlxuICAgKiB0aGUgc3VibmV0R3JvdXAgd2hlcmUgdGhlIGZpcmV3YWxsIHdpbGwgYmUgY3JlYXRlZC5cbiAgICovXG4gIHJlYWRvbmx5IHN1Ym5ldEdyb3VwOiBzdHJpbmc7XG4gIC8qKlxuICAgKiB0aGUgbmFtZSB0aGF0IHdpbGwgYmUgZ2l2ZW4gdG8gdGhlIGZpcmV3YWxsXG4gICAqL1xuICByZWFkb25seSBmaXJld2FsbE5hbWU6IHN0cmluZztcbiAgLyoqXG4gICAqIHRoZSBmaXJld2FsbHMgcG9saWN5XG4gICAqL1xuICByZWFkb25seSBmaXJld2FsbFBvbGljeTogZmlyZXdhbGwuQ2ZuRmlyZXdhbGxQb2xpY3k7XG59XG5cbi8qKlxuICogQ3JlYXRlcyBOZXR3b3JrIEZpcmV3YWxsc1xuICovXG5leHBvcnQgY2xhc3MgTmV0d29ya0ZpcmV3YWxsIGV4dGVuZHMgY29uc3RydWN0cy5Db25zdHJ1Y3Qge1xuXG4gIC8qKlxuICAgKiBHYXRld2F5IEVuZHBvaW50cyBmb3IgdGhlIEZpcmV3YWxsc1xuICAgKi9cbiAgcHVibGljIHJlYWRvbmx5IGVuZFBvaW50SWRzOiBzdHJpbmdbXTtcbiAgLyoqXG4gICAqIEFybiBvZiB0aGUgZmlyZXdhbGxcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBmaXJld2FsbEFybjogc3RyaW5nO1xuICAvKipcbiAgICogRmlyZXdhbGwgSURcbiAgICovXG4gIHB1YmxpYyByZWFkb25seSBmaXJld2FsbElkOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqXG4gICAqIEBwYXJhbSBzY29wZSBTY29wZVxuICAgKiBAcGFyYW0gaWQgaWRcbiAgICogQHBhcmFtIHByb3BzIHByb3BzXG4gICAqL1xuICBjb25zdHJ1Y3RvcihzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBOZXR3b3JrRmlyZXdhbGxQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBsZXQgZmlyZXdhbGxTdWJuZXRMaXN0OiBmaXJld2FsbC5DZm5GaXJld2FsbC5TdWJuZXRNYXBwaW5nUHJvcGVydHlbXSA9IFtdO1xuICAgIFx0ZmlyZXdhbGxTdWJuZXRMaXN0ID0gcHJvcHMudnBjLnNlbGVjdFN1Ym5ldHMoeyBzdWJuZXRHcm91cE5hbWU6ICdmaXJld2FsbCcgfSkuc3VibmV0cy5tYXAoc3VibmV0ID0+XG4gICAgICBcdCh7IHN1Ym5ldElkOiBzdWJuZXQuc3VibmV0SWQgfSksXG4gICAgXHQpO1xuXG4gICAgY29uc3QgZncgPSBuZXcgZmlyZXdhbGwuQ2ZuRmlyZXdhbGwodGhpcywgJ0thdGllRlcnLCB7XG4gICAgICBmaXJld2FsbE5hbWU6IHByb3BzLmZpcmV3YWxsTmFtZSxcbiAgICAgIGZpcmV3YWxsUG9saWN5QXJuOiBwcm9wcy5maXJld2FsbFBvbGljeS5hdHRyRmlyZXdhbGxQb2xpY3lBcm4sXG4gICAgICBzdWJuZXRNYXBwaW5nczogZmlyZXdhbGxTdWJuZXRMaXN0LFxuICAgICAgdnBjSWQ6IHByb3BzLnZwYy52cGNJZCxcbiAgICB9KTtcblxuICAgIC8vIENsb3VkV2F0Y2ggTG9ncyBncm91cCB0byBzdG9yZSBOZXR3b3JrIEZpcmV3YWxsIGZsb3cgbG9nc1xuICAgIGNvbnN0IGZ3Rmxvd0xvZ3NHcm91cCA9IG5ldyBsb2dzLkxvZ0dyb3VwKHRoaXMsICdGV0Zsb3dMb2dzR3JvdXAnLCB7XG4gICAgICBsb2dHcm91cE5hbWU6IGAke3Byb3BzLmZpcmV3YWxsTmFtZX1GbG93TG9nc2AsXG4gICAgICByZW1vdmFsUG9saWN5OiBjZGsuUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuXHRcdCAgfSk7XG5cbiAgICAvLyBDbG91ZFdhdGNoIExvZ3MgZ3JvdXAgdG8gc3RvcmUgTmV0d29yayBGaXJld2FsbCBhbGVydCBsb2dzXG4gICAgY29uc3QgZndBbGVydExvZ3NHcm91cCA9IG5ldyBsb2dzLkxvZ0dyb3VwKHRoaXMsICdGV0FsZXJ0TG9nc0dyb3VwJywge1xuICAgICAgbG9nR3JvdXBOYW1lOiBgJHtwcm9wcy5maXJld2FsbE5hbWV9QWxlcnRMb2dzYCxcbiAgICAgIHJlbW92YWxQb2xpY3k6IGNkay5SZW1vdmFsUG9saWN5LkRFU1RST1ksXG5cdFx0ICB9KTtcblxuICAgIC8vIEZpcmV3YWxsIGxvZ2dpbmcgY29uZmlndXJhdGlvbiB0byBlbmFibGUgYm90aCBmbG93IGFuZCBhbGVydCBsb2dzXG4gICAgbmV3IGZpcmV3YWxsLkNmbkxvZ2dpbmdDb25maWd1cmF0aW9uKHRoaXMsICdGaXJld2FsbExvZ0NvbmYnLCB7XG4gICAgICBmaXJld2FsbEFybjogZncucmVmLFxuICAgICAgbG9nZ2luZ0NvbmZpZ3VyYXRpb246IHtcbiAgICAgICAgbG9nRGVzdGluYXRpb25Db25maWdzOiBbXG4gICAgICAgICAge1xuICAgICAgICAgICAgbG9nRGVzdGluYXRpb246IHsgbG9nR3JvdXA6IGZ3Rmxvd0xvZ3NHcm91cC5sb2dHcm91cE5hbWUgfSxcbiAgICAgICAgICAgIGxvZ0Rlc3RpbmF0aW9uVHlwZTogJ0Nsb3VkV2F0Y2hMb2dzJyxcbiAgICAgICAgICAgIGxvZ1R5cGU6ICdGTE9XJyxcbiAgICAgICAgICB9LFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIGxvZ0Rlc3RpbmF0aW9uOiB7IGxvZ0dyb3VwOiBmd0FsZXJ0TG9nc0dyb3VwLmxvZ0dyb3VwTmFtZSB9LFxuICAgICAgICAgICAgbG9nRGVzdGluYXRpb25UeXBlOiAnQ2xvdWRXYXRjaExvZ3MnLFxuICAgICAgICAgICAgbG9nVHlwZTogJ0FMRVJUJyxcbiAgICAgICAgICB9LFxuICAgICAgICBdLFxuICAgICAgfSxcbiAgICB9KTtcblxuXG4gICAgdGhpcy5maXJld2FsbEFybiA9IGZ3LmF0dHJGaXJld2FsbEFybjtcbiAgICB0aGlzLmZpcmV3YWxsSWQgPSBmdy5hdHRyRmlyZXdhbGxJZDtcbiAgICB0aGlzLmVuZFBvaW50SWRzID0gZncuYXR0ckVuZHBvaW50SWRzO1xuXG4gIH0gLy8gZW5kb2YgY29ubmVjdFRvQ2xvdWRXYW5cbn0vLyBlbmQgb2YgY2xhc3NcblxuIl19