@jaypie/constructs 1.2.39 → 1.2.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/cjs/JaypieDistribution.d.ts +11 -0
  2. package/dist/cjs/index.cjs +4 -1
  3. package/dist/cjs/index.cjs.map +1 -1
  4. package/dist/esm/JaypieDistribution.d.ts +11 -0
  5. package/dist/esm/index.js +4 -1
  6. package/dist/esm/index.js.map +1 -1
  7. package/package.json +1 -1
package/dist/esm/JaypieDistribution.d.ts CHANGED
@@ -22,6 +22,17 @@ export interface JaypieWafConfig {
22
22
  * @default true
23
23
  */
24
24
  logBucket?: boolean | s3.IBucket;
25
+ /**
26
+ * Override actions for specific rules within managed rule groups.
27
+ * Key is the managed rule group name; value is an array of rule action overrides.
28
+ * @example
29
+ * managedRuleOverrides: {
30
+ * AWSManagedRulesCommonRuleSet: [
31
+ * { name: "SizeRestrictions_BODY", actionToUse: { count: {} } },
32
+ * ],
33
+ * }
34
+ */
35
+ managedRuleOverrides?: Record<string, wafv2.CfnWebACL.RuleActionOverrideProperty[]>;
25
36
  /**
26
37
  * Managed rule group names to apply
27
38
  * @default ["AWSManagedRulesCommonRuleSet", "AWSManagedRulesKnownBadInputsRuleSet"]
package/dist/esm/index.js CHANGED
@@ -2612,11 +2612,12 @@ class JaypieDistribution extends Construct {
2612
2612
  }
2613
2613
  else {
2614
2614
  // Create new WebACL
2615
- const { managedRules = DEFAULT_MANAGED_RULES, rateLimitPerIp = DEFAULT_RATE_LIMIT, } = wafConfig;
2615
+ const { managedRuleOverrides, managedRules = DEFAULT_MANAGED_RULES, rateLimitPerIp = DEFAULT_RATE_LIMIT, } = wafConfig;
2616
2616
  let priority = 0;
2617
2617
  const rules = [];
2618
2618
  // Add managed rule groups
2619
2619
  for (const ruleName of managedRules) {
2620
+ const ruleActionOverrides = managedRuleOverrides?.[ruleName];
2620
2621
  rules.push({
2621
2622
  name: ruleName,
2622
2623
  priority: priority++,
@@ -2625,6 +2626,7 @@ class JaypieDistribution extends Construct {
2625
2626
  managedRuleGroupStatement: {
2626
2627
  name: ruleName,
2627
2628
  vendorName: "AWS",
2629
+ ...(ruleActionOverrides && { ruleActionOverrides }),
2628
2630
  },
2629
2631
  },
2630
2632
  visibilityConfig: {
@@ -3917,6 +3919,7 @@ class JaypieSsoPermissions extends Construct {
3917
3919
  "dynamodb:*",
3918
3920
  "ec2:*",
3919
3921
  "ecr:*",
3922
+ "ecs:*",
3920
3923
  "iam:Get*",
3921
3924
  "iam:List*",
3922
3925
  "iam:PassRole",