npm - @sureshgururajan/aws-console-private-access-validator - Versions diffs - 1.0.3 → 1.0.5 - Mend

@sureshgururajan/aws-console-private-access-validator 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/src/index.ts CHANGED Viewed

@@ -1,110 +1,111 @@
-import { Server } from '@modelcontextprotocol/sdk/server/index.js';
-import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
-import {
-  CallToolRequestSchema,
-  ListToolsRequestSchema,
-  Tool,
-} from '@modelcontextprotocol/sdk/types.js';
-import { ConsolePrivateAccessValidator } from './validator.js';
-import { CloudFormationTemplate } from './types.js';
-const server = new Server(
-  {
-    name: 'aws-console-private-access-validator',
-    version: '1.0.0',
-  },
-  {
-    capabilities: {
-      tools: {},
-    },
-  }
-);
-const tools: Tool[] = [
-  {
-    name: 'validate-cloudformation',
-    description:
-      'Validates a CloudFormation template for AWS Console Private Access requirements',
-    inputSchema: {
-      type: 'object' as const,
-      properties: {
-        template: {
-          type: 'string',
-          description: 'CloudFormation template as JSON string',
-        },
-        region: {
-          type: 'string',
-          description: 'AWS region (default: us-east-1)',
-          default: 'us-east-1',
-        },
-      },
-      required: ['template'],
-    },
-  },
-];
-server.setRequestHandler(ListToolsRequestSchema, async () => ({
-  tools,
-}));
-server.setRequestHandler(CallToolRequestSchema, async (request) => {
-  if (request.params.name === 'validate-cloudformation') {
-    const { template, region = 'us-east-1' } = request.params.arguments as {
-      template: string;
-      region?: string;
-    };
-    try {
-      const parsedTemplate: CloudFormationTemplate = JSON.parse(template);
-      const validator = new ConsolePrivateAccessValidator(parsedTemplate, region);
-      const result = validator.validate();
-      return {
-        content: [
-          {
-            type: 'text',
-            text: JSON.stringify(result, null, 2),
-          },
-        ],
-      };
-    } catch (error) {
-      const errorMessage = error instanceof Error ? error.message : String(error);
-      return {
-        content: [
-          {
-            type: 'text',
-            text: JSON.stringify(
-              {
-                valid: false,
-                checks: [],
-                summary: `Error parsing template: ${errorMessage}`,
-              },
-              null,
-              2
-            ),
-          },
-        ],
-        isError: true,
-      };
-    }
-  }
-  return {
-    content: [
-      {
-        type: 'text',
-        text: `Unknown tool: ${request.params.name}`,
-      },
-    ],
-    isError: true,
-  };
-});
-async function main() {
-  const transport = new StdioServerTransport();
-  await server.connect(transport);
-}
-main().catch((error) => {
-  process.exit(1);
-});
+#!/usr/bin/env node
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import {
+  CallToolRequestSchema,
+  ListToolsRequestSchema,
+  Tool,
+} from '@modelcontextprotocol/sdk/types.js';
+import { ConsolePrivateAccessValidator } from './validator.js';
+import { CloudFormationTemplate } from './types.js';
+const server = new Server(
+  {
+    name: 'aws-console-private-access-validator',
+    version: '1.0.0',
+  },
+  {
+    capabilities: {
+      tools: {},
+    },
+  }
+);
+const tools: Tool[] = [
+  {
+    name: 'validate-cloudformation',
+    description:
+      'Validates a CloudFormation template for AWS Console Private Access requirements',
+    inputSchema: {
+      type: 'object' as const,
+      properties: {
+        template: {
+          type: 'string',
+          description: 'CloudFormation template as JSON string',
+        },
+        region: {
+          type: 'string',
+          description: 'AWS region (default: us-east-1)',
+          default: 'us-east-1',
+        },
+      },
+      required: ['template'],
+    },
+  },
+];
+server.setRequestHandler(ListToolsRequestSchema, async () => ({
+  tools,
+}));
+server.setRequestHandler(CallToolRequestSchema, async (request) => {
+  if (request.params.name === 'validate-cloudformation') {
+    const { template, region = 'us-east-1' } = request.params.arguments as {
+      template: string;
+      region?: string;
+    };
+    try {
+      const parsedTemplate: CloudFormationTemplate = JSON.parse(template);
+      const validator = new ConsolePrivateAccessValidator(parsedTemplate, region);
+      const result = validator.validate();
+      return {
+        content: [
+          {
+            type: 'text',
+            text: JSON.stringify(result, null, 2),
+          },
+        ],
+      };
+    } catch (error) {
+      const errorMessage = error instanceof Error ? error.message : String(error);
+      return {
+        content: [
+          {
+            type: 'text',
+            text: JSON.stringify(
+              {
+                valid: false,
+                checks: [],
+                summary: `Error parsing template: ${errorMessage}`,
+              },
+              null,
+              2
+            ),
+          },
+        ],
+        isError: true,
+      };
+    }
+  }
+  return {
+    content: [
+      {
+        type: 'text',
+        text: `Unknown tool: ${request.params.name}`,
+      },
+    ],
+    isError: true,
+  };
+});
+async function main() {
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+}
+main().catch((error) => {
+  process.exit(1);
+});

package/src/test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/src/test.js ADDED Viewed

@@ -0,0 +1,26 @@
+import fs from 'fs';
+import { ConsolePrivateAccessValidator } from './validator.js';
+// Read the CloudFormation template
+const templatePath = process.argv[2] || '/tmp/template.json';
+const templateContent = fs.readFileSync(templatePath, 'utf-8');
+const template = JSON.parse(templateContent);
+// Run validation
+const validator = new ConsolePrivateAccessValidator(template, 'us-east-1');
+const result = validator.validate();
+// Print results
+console.log('\n=== AWS Console Private Access Validation Results ===\n');
+console.log(`Valid: ${result.valid ? '✓ YES' : '✗ NO'}\n`);
+console.log('Checks:');
+result.checks.forEach((check) => {
+    const icon = check.status === 'pass' ? '✓' : check.status === 'fail' ? '✗' : '⚠';
+    console.log(`  ${icon} ${check.name}`);
+    console.log(`    Status: ${check.status}`);
+    console.log(`    Message: ${check.message}`);
+    if (check.details) {
+        console.log(`    Details: ${check.details}`);
+    }
+});
+console.log(`\nSummary: ${result.summary}\n`);
+// Exit with appropriate code
+process.exit(result.valid ? 0 : 1);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBQ3BCLE9BQU8sRUFBRSw2QkFBNkIsRUFBRSxNQUFNLGdCQUFnQixDQUFDO0FBRS9ELG1DQUFtQztBQUNuQyxNQUFNLFlBQVksR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxJQUFJLG9CQUFvQixDQUFDO0FBQzdELE1BQU0sZUFBZSxHQUFHLEVBQUUsQ0FBQyxZQUFZLENBQUMsWUFBWSxFQUFFLE9BQU8sQ0FBQyxDQUFDO0FBQy9ELE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLENBQUM7QUFFN0MsaUJBQWlCO0FBQ2pCLE1BQU0sU0FBUyxHQUFHLElBQUksNkJBQTZCLENBQUMsUUFBUSxFQUFFLFdBQVcsQ0FBQyxDQUFDO0FBQzNFLE1BQU0sTUFBTSxHQUFHLFNBQVMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztBQUVwQyxnQkFBZ0I7QUFDaEIsT0FBTyxDQUFDLEdBQUcsQ0FBQywyREFBMkQsQ0FBQyxDQUFDO0FBQ3pFLE9BQU8sQ0FBQyxHQUFHLENBQUMsVUFBVSxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE1BQU0sSUFBSSxDQUFDLENBQUM7QUFFM0QsT0FBTyxDQUFDLEdBQUcsQ0FBQyxTQUFTLENBQUMsQ0FBQztBQUN2QixNQUFNLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO0lBQzlCLE1BQU0sSUFBSSxHQUFHLEtBQUssQ0FBQyxNQUFNLEtBQUssTUFBTSxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxNQUFNLEtBQUssTUFBTSxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQztJQUNqRixPQUFPLENBQUMsR0FBRyxDQUFDLEtBQUssSUFBSSxJQUFJLEtBQUssQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQ3ZDLE9BQU8sQ0FBQyxHQUFHLENBQUMsZUFBZSxLQUFLLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztJQUMzQyxPQUFPLENBQUMsR0FBRyxDQUFDLGdCQUFnQixLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztJQUM3QyxJQUFJLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUNsQixPQUFPLENBQUMsR0FBRyxDQUFDLGdCQUFnQixLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztJQUMvQyxDQUFDO0FBQ0gsQ0FBQyxDQUFDLENBQUM7QUFFSCxPQUFPLENBQUMsR0FBRyxDQUFDLGNBQWMsTUFBTSxDQUFDLE9BQU8sSUFBSSxDQUFDLENBQUM7QUFFOUMsNkJBQTZCO0FBQzdCLE9BQU8sQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCBmcyBmcm9tICdmcyc7XG5pbXBvcnQgeyBDb25zb2xlUHJpdmF0ZUFjY2Vzc1ZhbGlkYXRvciB9IGZyb20gJy4vdmFsaWRhdG9yLmpzJztcblxuLy8gUmVhZCB0aGUgQ2xvdWRGb3JtYXRpb24gdGVtcGxhdGVcbmNvbnN0IHRlbXBsYXRlUGF0aCA9IHByb2Nlc3MuYXJndlsyXSB8fCAnL3RtcC90ZW1wbGF0ZS5qc29uJztcbmNvbnN0IHRlbXBsYXRlQ29udGVudCA9IGZzLnJlYWRGaWxlU3luYyh0ZW1wbGF0ZVBhdGgsICd1dGYtOCcpO1xuY29uc3QgdGVtcGxhdGUgPSBKU09OLnBhcnNlKHRlbXBsYXRlQ29udGVudCk7XG5cbi8vIFJ1biB2YWxpZGF0aW9uXG5jb25zdCB2YWxpZGF0b3IgPSBuZXcgQ29uc29sZVByaXZhdGVBY2Nlc3NWYWxpZGF0b3IodGVtcGxhdGUsICd1cy1lYXN0LTEnKTtcbmNvbnN0IHJlc3VsdCA9IHZhbGlkYXRvci52YWxpZGF0ZSgpO1xuXG4vLyBQcmludCByZXN1bHRzXG5jb25zb2xlLmxvZygnXFxuPT09IEFXUyBDb25zb2xlIFByaXZhdGUgQWNjZXNzIFZhbGlkYXRpb24gUmVzdWx0cyA9PT1cXG4nKTtcbmNvbnNvbGUubG9nKGBWYWxpZDogJHtyZXN1bHQudmFsaWQgPyAn4pyTIFlFUycgOiAn4pyXIE5PJ31cXG5gKTtcblxuY29uc29sZS5sb2coJ0NoZWNrczonKTtcbnJlc3VsdC5jaGVja3MuZm9yRWFjaCgoY2hlY2spID0+IHtcbiAgY29uc3QgaWNvbiA9IGNoZWNrLnN0YXR1cyA9PT0gJ3Bhc3MnID8gJ+KckycgOiBjaGVjay5zdGF0dXMgPT09ICdmYWlsJyA/ICfinJcnIDogJ+KaoCc7XG4gIGNvbnNvbGUubG9nKGAgICR7aWNvbn0gJHtjaGVjay5uYW1lfWApO1xuICBjb25zb2xlLmxvZyhgICAgIFN0YXR1czogJHtjaGVjay5zdGF0dXN9YCk7XG4gIGNvbnNvbGUubG9nKGAgICAgTWVzc2FnZTogJHtjaGVjay5tZXNzYWdlfWApO1xuICBpZiAoY2hlY2suZGV0YWlscykge1xuICAgIGNvbnNvbGUubG9nKGAgICAgRGV0YWlsczogJHtjaGVjay5kZXRhaWxzfWApO1xuICB9XG59KTtcblxuY29uc29sZS5sb2coYFxcblN1bW1hcnk6ICR7cmVzdWx0LnN1bW1hcnl9XFxuYCk7XG5cbi8vIEV4aXQgd2l0aCBhcHByb3ByaWF0ZSBjb2RlXG5wcm9jZXNzLmV4aXQocmVzdWx0LnZhbGlkID8gMCA6IDEpO1xuIl19

package/src/test.ts CHANGED Viewed

@@ -1,31 +1,31 @@
-import fs from 'fs';
-import { ConsolePrivateAccessValidator } from './validator.js';
-// Read the CloudFormation template
-const templatePath = process.argv[2] || '/tmp/template.json';
-const templateContent = fs.readFileSync(templatePath, 'utf-8');
-const template = JSON.parse(templateContent);
-// Run validation
-const validator = new ConsolePrivateAccessValidator(template, 'us-east-1');
-const result = validator.validate();
-// Print results
-console.log('\n=== AWS Console Private Access Validation Results ===\n');
-console.log(`Valid: ${result.valid ? '✓ YES' : '✗ NO'}\n`);
-console.log('Checks:');
-result.checks.forEach((check) => {
-  const icon = check.status === 'pass' ? '✓' : check.status === 'fail' ? '✗' : '⚠';
-  console.log(`  ${icon} ${check.name}`);
-  console.log(`    Status: ${check.status}`);
-  console.log(`    Message: ${check.message}`);
-  if (check.details) {
-    console.log(`    Details: ${check.details}`);
-  }
-});
-console.log(`\nSummary: ${result.summary}\n`);
-// Exit with appropriate code
-process.exit(result.valid ? 0 : 1);
+import fs from 'fs';
+import { ConsolePrivateAccessValidator } from './validator.js';
+// Read the CloudFormation template
+const templatePath = process.argv[2] || '/tmp/template.json';
+const templateContent = fs.readFileSync(templatePath, 'utf-8');
+const template = JSON.parse(templateContent);
+// Run validation
+const validator = new ConsolePrivateAccessValidator(template, 'us-east-1');
+const result = validator.validate();
+// Print results
+console.log('\n=== AWS Console Private Access Validation Results ===\n');
+console.log(`Valid: ${result.valid ? '✓ YES' : '✗ NO'}\n`);
+console.log('Checks:');
+result.checks.forEach((check) => {
+  const icon = check.status === 'pass' ? '✓' : check.status === 'fail' ? '✗' : '⚠';
+  console.log(`  ${icon} ${check.name}`);
+  console.log(`    Status: ${check.status}`);
+  console.log(`    Message: ${check.message}`);
+  if (check.details) {
+    console.log(`    Details: ${check.details}`);
+  }
+});
+console.log(`\nSummary: ${result.summary}\n`);
+// Exit with appropriate code
+process.exit(result.valid ? 0 : 1);

package/src/types.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+export interface ValidationCheck {
+    name: string;
+    status: 'pass' | 'fail' | 'warning';
+    message: string;
+    details?: string;
+}
+export interface ValidationResult {
+    valid: boolean;
+    checks: ValidationCheck[];
+    summary: string;
+}
+export interface CloudFormationTemplate {
+    Resources?: Record<string, any>;
+    Outputs?: Record<string, any>;
+    Parameters?: Record<string, any>;
+}

package/src/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJ0eXBlcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGludGVyZmFjZSBWYWxpZGF0aW9uQ2hlY2sge1xuICBuYW1lOiBzdHJpbmc7XG4gIHN0YXR1czogJ3Bhc3MnIHwgJ2ZhaWwnIHwgJ3dhcm5pbmcnO1xuICBtZXNzYWdlOiBzdHJpbmc7XG4gIGRldGFpbHM/OiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgVmFsaWRhdGlvblJlc3VsdCB7XG4gIHZhbGlkOiBib29sZWFuO1xuICBjaGVja3M6IFZhbGlkYXRpb25DaGVja1tdO1xuICBzdW1tYXJ5OiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2xvdWRGb3JtYXRpb25UZW1wbGF0ZSB7XG4gIFJlc291cmNlcz86IFJlY29yZDxzdHJpbmcsIGFueT47XG4gIE91dHB1dHM/OiBSZWNvcmQ8c3RyaW5nLCBhbnk+O1xuICBQYXJhbWV0ZXJzPzogUmVjb3JkPHN0cmluZywgYW55Pjtcbn1cbiJdfQ==

package/src/types.ts CHANGED Viewed

@@ -1,18 +1,18 @@
-export interface ValidationCheck {
-  name: string;
-  status: 'pass' | 'fail' | 'warning';
-  message: string;
-  details?: string;
-}
-export interface ValidationResult {
-  valid: boolean;
-  checks: ValidationCheck[];
-  summary: string;
-}
-export interface CloudFormationTemplate {
-  Resources?: Record<string, any>;
-  Outputs?: Record<string, any>;
-  Parameters?: Record<string, any>;
-}
+export interface ValidationCheck {
+  name: string;
+  status: 'pass' | 'fail' | 'warning';
+  message: string;
+  details?: string;
+}
+export interface ValidationResult {
+  valid: boolean;
+  checks: ValidationCheck[];
+  summary: string;
+}
+export interface CloudFormationTemplate {
+  Resources?: Record<string, any>;
+  Outputs?: Record<string, any>;
+  Parameters?: Record<string, any>;
+}

package/src/validator.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { ValidationResult, CloudFormationTemplate } from './types';
+export declare class ConsolePrivateAccessValidator {
+    private template;
+    private region;
+    private checks;
+    constructor(template: CloudFormationTemplate, region?: string);
+    validate(): ValidationResult;
+    private getServiceName;
+    private checkVpcEndpoints;
+    private checkEndpointPolicies;
+    private validatePolicyContent;
+    private checkRoute53HostedZones;
+    private checkSecurityGroups;
+    private checkEc2Instance;
+    private checkNatGateway;
+    private checkNetworkConfiguration;
+    private generateSummary;
+}