Skip to content

Latest commit

 

History

History
185 lines (91 loc) · 4.04 KB

API.md

File metadata and controls

185 lines (91 loc) · 4.04 KB

API Reference

Classes

Name Description
AwsSolutionsChecks Check Best practices based on AWS Solutions Security Matrix.
NIST80053Checks Check for NIST 800-53 compliance.
NagPack Base class for all rule sets.

Structs

Name Description
NagPackProps Interface for creating a Nag rule set.

class AwsSolutionsChecks

Check Best practices based on AWS Solutions Security Matrix.

Implements: IAspect Extends: NagPack

Initializer

new AwsSolutionsChecks(props?: NagPackProps)
  • props (NagPackProps) No description
    • verbose (boolean) Whether or not to enable extended explanatory descriptions on warning and error messages. Optional

Methods

visit(node)

All aspects can visit an IConstruct.

visit(node: IConstruct): void

class NIST80053Checks

Check for NIST 800-53 compliance.

Based on the NIST 800-53 AWS operational best practices: https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-nist-800-53_rev_4.html

Implements: IAspect Extends: NagPack

Initializer

new NIST80053Checks(props?: NagPackProps)
  • props (NagPackProps) No description
    • verbose (boolean) Whether or not to enable extended explanatory descriptions on warning and error messages. Optional

Methods

visit(node)

All aspects can visit an IConstruct.

visit(node: IConstruct): void

class NagPack

Base class for all rule sets.

Implements: IAspect Implemented by: AwsSolutionsChecks, NIST80053Checks

Initializer

new NagPack(props?: NagPackProps)
  • props (NagPackProps) No description
    • verbose (boolean) Whether or not to enable extended explanatory descriptions on warning and error messages. Optional

Properties

Name Type Description
verbose boolean

Methods

createMessage(ruleId, info, explanation)

The message to output to the console when a rule is triggered.

createMessage(ruleId: string, info: string, explanation: string): string
  • ruleId (string) the id of the rule.
  • info (string) why the rule was triggered.
  • explanation (string) why the rule exists.

Returns:

  • string

ignoreRule(ignores, ruleId)

Check whether a specific rule should be ignored.

ignoreRule(ignores: any, ruleId: string): boolean
  • ignores (any) ignores listed in cdkNag metadata.
  • ruleId (string) the id of the rule to ignore.

Returns:

  • boolean

visit(node)

All aspects can visit an IConstruct.

visit(node: IConstruct): void

struct NagPackProps

Interface for creating a Nag rule set.

Name Type Description
verbose? boolean Whether or not to enable extended explanatory descriptions on warning and error messages.
Optional