cdk-insights 0.2.0-beta.8 → 0.4.0

package/README.md

@@ -1,57 +1,25 @@
 # CDK Insights 🔍
 
-> **AI-Powered Analysis Tool for AWS CDK Stacks**
+**AI-powered AWS CDK analysis tool** for developers and teams.  
+Scan your AWS CDK stacks for **security vulnerabilities, cost optimization opportunities, and best practice issues**.  
+Unlike tools like **cdk-nag**, CDK Insights adds **AI-powered recommendations** for smarter cloud infrastructure improvements.
 
-CDK Insights helps you identify security vulnerabilities, cost optimization opportunities, and best practice issues in your AWS CDK infrastructure. It combines static analysis with AI-powered recommendations to provide actionable insights for improving your cloud infrastructure.
+👉 Learn more at [cdkinsights.dev](https://cdkinsights.dev)
 
-> **🚧 Currently in Beta** - We're actively developing and improving CDK Insights. The current version is stable for testing and early adoption, but we recommend using it in development environments first.
-
-## 🚀 Quick Start (30 Seconds)
-
-### Before You Start
-
-**What You Need:**
-
-- A CDK project with at least one stack
-- Node.js installed
-- AWS CDK CLI installed (`npm install -g aws-cdk`)
-
-**Quick Check:**
-Make sure you're in your CDK project directory:
-
-```bash
-ls -la
-# Should see: cdk.json, bin/, lib/ (or src/)
-```
+---
 
-### Option 1: Try It Immediately (No Installation)
+## 🚀 Quick Start
 
 ```bash
-# Run immediately without installing anything
+# Try it immediately without installing
 npx cdk-insights scan
-```
-
-This will:
-
-1. Scan your CDK stacks
-2. Show you issues it found
-3. Provide recommendations to fix them
 
-### Option 2: Install for Your Project (Recommended)
-
-```bash
-# 1. Install in your project
+# Or install in your project
 npm install --save-dev cdk-insights
-
-# 2. Run your first scan (use npx)
 npx cdk-insights scan
 ```
 
-**That's it!** CDK Insights will analyze your infrastructure and show you what needs attention.
-
-### Adding NPM Scripts for Convenience
-
-You can add convenience scripts to your `package.json` to make commands shorter:
+You can also add convenience scripts to your `package.json`:
 
 ```json
 {
@@ -61,656 +29,101 @@ You can add convenience scripts to your `package.json` to make commands shorter:
     "scan:json": "cdk-insights scan --format json",
     "scan:markdown": "cdk-insights scan --format markdown",
     "scan:summary": "cdk-insights scan --format summary",
-    "scan:with-issues": "cdk-insights scan --withIssue"
+    "scan:with-issue": "cdk-insights scan --withIssue"
   }
 }
 ```
 
-Then you can run:
-
-```bash
-npm run scan           # Interactive scan
-npm run scan:all       # Scan all stacks
-npm run scan:json      # Scan with JSON output
-npm run scan:markdown  # Scan with Markdown output
-npm run scan:summary   # Scan with summary output
-npm run scan:with-issues # Scan and create GitHub issues
-```
-
-## ✨ What CDK Insights Does
-
-- **🔍 Static Analysis**: Automatically checks your CDK code for 20+ AWS services
-- **🤖 AI-Powered Insights**: Gets intelligent recommendations using AWS Bedrock (Pro subscription)
-- **📊 Multiple Output Formats**: View results as JSON, Markdown, Table, or Summary
-- **🔧 Easy to Use**: Simple CLI with interactive prompts
-- **⚙️ Configurable**: Save your preferences and customize what gets analyzed
-- **🔗 GitHub Integration**: Create issues directly from findings
-- **🛡️ Security Focus**: Comprehensive security checks and recommendations
-- **💰 Cost Optimization**: Find opportunities to reduce AWS costs
-
-## 📖 How to Use CDK Insights
-
-### Basic Commands
-
-```bash
-# Scan a specific stack
-npx cdk-insights scan MyStack
-
-# Scan all stacks in your project
-npx cdk-insights scan --all
-
-# Interactive mode (recommended for first time)
-npx cdk-insights scan
-```
-
-> **💡 Tip**: After installing CDK Insights, you can use `npx cdk-insights <command>` for all commands. You can also add convenience scripts to your `package.json` (see section above).
-
-### What You'll See
-
-```
-🔍 Analyzing stack: MyStack
-📊 Found 12 issues across 8 resources
-
-🔴 CRITICAL (2)
-  • IAM policy allows full access to all resources
-  • S3 bucket allows public ACLs
-
-🟡 MEDIUM (7)
-  • Lambda function has high memory allocation
-  • DynamoDB table has no auto-scaling enabled
-
-🟢 LOW (3)
-  • S3 bucket does not use Intelligent-Tiering
-
-✅ Analysis complete.
-```
-
-## 🎯 What Happens Next?
-
-### Understanding Your Results
-
-**Severity Levels:**
-
-- **🔴 CRITICAL**: Security vulnerabilities or major issues that need immediate attention
-- **🟡 MEDIUM**: Issues that should be addressed soon for better security/cost
-- **🟢 LOW**: Minor optimizations and best practice recommendations
-
-### Common Next Steps
-
-**1. Fix Critical Issues First**
-
-```bash
-# Focus on critical security issues
-cdk-insights scan --rule-filter Security --output table
-```
-
-**2. Generate a Report for Your Team**
+Then run: `npm run scan`
 
-```bash
-# Create a markdown report for documentation
-cdk-insights scan --output markdown > security-report.md
-```
-
-**3. Set Up Regular Checks**
+### Quick Compatibility Check
 
 ```bash
-# Add to your development workflow
-npx cdk-insights scan
-```
-
-**4. Integrate with CI/CD**
-
-```bash
-# Fail builds on critical issues
-cdk-insights scan --output json --fail-on-critical
-```
-
-### Output Formats
-
-Choose how you want to see your results:
-
-```bash
-# Table format (default) - great for quick review
-cdk-insights scan --output table
-
-# Markdown format - perfect for GitHub issues and PRs
-cdk-insights scan --output markdown
-
-# JSON format - ideal for CI/CD pipelines
-cdk-insights scan --output json
-
-# Summary format - just the essentials
-cdk-insights scan --output summary
-```
-
-## 🔍 What Gets Scanned
-
-CDK Insights checks your infrastructure across these AWS services:
-
-| Service             | What It Checks         | Focus Areas                    |
-| ------------------- | ---------------------- | ------------------------------ |
-| **IAM**             | Policy permissions     | Security, Least privilege      |
-| **S3**              | Bucket settings        | Security, Cost optimization    |
-| **Lambda**          | Function configuration | Performance, Security          |
-| **DynamoDB**        | Table settings         | Cost optimization, Performance |
-| **RDS**             | Database configuration | Security, Cost optimization    |
-| **EC2**             | Instance settings      | Cost optimization, Security    |
-| **API Gateway**     | Endpoint security      | Security                       |
-| **CloudTrail**      | Logging setup          | Security, Compliance           |
-| **KMS**             | Key policies           | Security                       |
-| **SNS/SQS**         | Message security       | Security                       |
-| **Step Functions**  | Workflow configuration | Security, Performance          |
-| **EventBridge**     | Rule configuration     | Security, Performance          |
-| **Secrets Manager** | Secret configuration   | Security                       |
-
-## 🎯 Common Use Cases
-
-### Security Audits
-
-```bash
-# Focus on security issues
-cdk-insights scan --services IAM,S3,KMS,SecretsManager
-```
-
-### Cost Optimization
-
-```bash
-# Find cost savings opportunities
-cdk-insights scan --services EC2,DynamoDB,RDS
-```
-
-### Before Deployments
-
-```bash
-# Full scan before going to production
-cdk-insights scan --all --output markdown
-```
-
-### In Your CI/CD Pipeline
-
-```bash
-# Automated checks in your deployment process
-cdk-insights scan --output json | jq '.summary.totalIssues'
-```
-
-## ⚙️ Configuration
-
-Set your preferences once and CDK Insights will remember them:
-
-```bash
-# Interactive setup (recommended for first-time users)
-cdk-insights config setup
-# or
-npm run cdk-insights config setup
-
-# Set your preferred output format
-cdk-insights config set output markdown
-# or
-npm run cdk-insights config set output markdown
-
-# Set default services to scan
-cdk-insights config set services IAM,S3,Lambda
-# or
-npm run cdk-insights config set services IAM,S3,Lambda
-
-# View your current settings
-cdk-insights config list
-# or
-npm run cdk-insights config list
-
-# Clear your settings
-cdk-insights config reset
-# or
-npm run cdk-insights config reset
-```
-
-### Configuration File
-
-CDK Insights stores configuration in `.cdk-insights.json` in your project root:
-
-```json
-{
-  "stackName": "MyStack",
-  "output": "table",
-  "services": ["IAM", "S3", "Lambda"],
-  "redact": false,
-  "withIssue": false,
-  "summaryOnly": false,
-  "synth": false,
-  "ruleFilter": ["Security", "Cost Optimization"],
-  "failOnCritical": true,
-  "noCache": false,
-  "cache": {
-    "enabled": true,
-    "ttl": 600000,
-    "maxSize": 2000
-  }
-}
-```
-
-### 📋 Configuration Reference
-
-| Field            | Type     | Default | Description                                              |
-| ---------------- | -------- | ------- | -------------------------------------------------------- |
-| `stackName`      | string   | ""      | Default stack to analyze                                 |
-| `output`         | string   | "table" | Output format: json/table/markdown/summary               |
-| `services`       | string[] | []      | AWS services to scan (comma-separated)                   |
-| `redact`         | boolean  | false   | Redact sensitive resource names in output                |
-| `withIssue`      | boolean  | false   | Create GitHub issues for findings (markdown output only) |
-| `summaryOnly`    | boolean  | false   | Only show summary in console                             |
-| `synth`          | boolean  | false   | Run cdk synth automatically before analysis              |
-| `ruleFilter`     | string[] | []      | Filter rules by category (comma-separated)               |
-| `failOnCritical` | boolean  | true    | Exit with error code if critical issues found            |
-| `noCache`        | boolean  | false   | Disable cache and force fresh analysis                   |
-| `cache.enabled`  | boolean  | true    | Enable/disable caching                                   |
-| `cache.ttl`      | number   | 300000  | Cache TTL in milliseconds (5 minutes)                    |
-| `cache.maxSize`  | number   | 1000    | Maximum number of cached entries                         |
-
-### Example Configurations
-
-#### Security-Focused
-
-```json
-{
-  "services": ["IAM", "S3", "KMS"],
-  "ruleFilter": ["Security"],
-  "output": "markdown",
-  "withIssue": true,
-  "failOnCritical": true
-}
-```
-
-#### Performance-Optimized
-
-```json
-{
-  "cache": {
-    "enabled": true,
-    "ttl": 1800000,
-    "maxSize": 3000
-  },
-  "output": "summary",
-  "summaryOnly": true
-}
-```
-
-#### CI/CD Pipeline
-
-```json
-{
-  "ci": true,
-  "failOnCritical": true,
-  "output": "json",
-  "noCache": true,
-  "services": ["IAM", "S3", "Lambda"]
-}
+node --version  # Should be 18+
+ls cdk.json     # Should exist in CDK project
 ```
 
-#### Development Workflow
-
-```json
-{
-  "output": "table",
-  "services": ["All"],
-  "cache": {
-    "enabled": true,
-    "ttl": 600000,
-    "maxSize": 2000
-  },
-  "synth": true
-}
-```
-
-## 🔗 GitHub Integration
-
-Create GitHub issues directly from your findings:
-
-```bash
-# Create issues for all findings (markdown output only)
-cdk-insights scan --output markdown --with-issue
-# or
-npm run cdk-insights scan --withIssue
-
-# Create issues for critical findings only
-cdk-insights scan --output markdown --with-issue --rule-filter Security
-```
-
-> **Note**: GitHub issue creation is only available with markdown output format.
-
-## 🛠️ Available Commands
-
-### Analysis Commands
-
-```bash
-# Main analysis command
-npx cdk-insights scan [stackName] [options]
-
-# Scan all stacks
-npx cdk-insights scan --all
-
-# Different output formats
-npx cdk-insights scan --output table|json|markdown|summary
-
-# Filter by services
-npx cdk-insights scan --services IAM,S3,Lambda
-
-# Create GitHub issues (markdown output only)
-npx cdk-insights scan --output markdown --with-issue
-```
-
-### Configuration Commands
-
-```bash
-# List current configuration
-npx cdk-insights config list
-
-# Set configuration values
-npx cdk-insights config set <key> <value>
-
-# Remove configuration values
-npx cdk-insights config unset <key>
-
-# Edit configuration file
-npx cdk-insights config edit
-```
-
-### Cache Commands
-
-```bash
-# Show cache status
-npx cdk-insights cache-status
-
-# Clear the cache
-npx cdk-insights clear-cache
-```
+---
 
-### Cache Configuration
+## ✨ Features — AWS CDK Security & Cost Analysis
 
-CDK Insights uses intelligent caching to speed up analysis. You can configure cache behavior in your `.cdk-insights.json`:
+- 🔍 **Static analysis** across 20+ AWS services (IAM, S3, Lambda, DynamoDB, RDS, EC2, API Gateway, and more)
+- 🤖 **AI-powered recommendations** using AWS Bedrock (Pro & Enterprise tiers)
+- 📊 Multiple output formats: **table**, **JSON**, **Markdown**, or **summary**
+- ⚙️ **Configurable** via `.cdk-insights.json`
+- 🔗 **GitHub integration**: create issues directly from findings
+- 🛡️ **Security checks** for IAM policies, S3 buckets, encryption, secrets, and more
+- 💰 **Cost optimization insights** for EC2, DynamoDB, RDS, and Lambda usage
 
-```json
-{
-  "cache": {
-    "enabled": true, // Enable/disable cache (default: true)
-    "ttl": 600000, // Cache TTL in milliseconds (default: 300000 = 5 minutes)
-    "maxSize": 2000 // Maximum cache entries (default: 1000)
-  }
-}
-```
+---
 
-**Cache Features:**
+## 💡 Usage Examples for AWS CDK Projects
 
-- **Persistent storage** across CLI sessions (non-CI environments only)
-- **Deterministic keys** that only change when CDK code changes
-- **Automatic invalidation** when resources are modified
-- **Performance tracking** with hit rates and statistics
-- **CI-safe** - no disk operations in CI environments
+| Scenario               | Command Example                                                      |
+| ---------------------- | -------------------------------------------------------------------- |
+| Full project scan      | `npx cdk-insights scan --all --format summary`                       |
+| Security-only focus    | `npx cdk-insights scan --services IAM,S3,KMS --rule-filter Security` |
+| Markdown report output | `npx cdk-insights scan --format markdown > report.md`                |
+| CI/CD pipeline check   | `npx cdk-insights scan --format json --fail-on-critical`             |
 
-**Cache Options:**
+---
 
-- `enabled`: Set to `false` to disable caching entirely
-- `ttl`: How long cache entries are valid (in milliseconds)
-- `maxSize`: Maximum number of cache entries to store
+## ⚙️ Configuration & Advanced Usage
 
-**Command Line Override:**
+To set default configuration (output format, services, caching, etc.):
 
 ```bash
-# Force fresh analysis (bypass cache)
-npx cdk-insights scan --no-cache
+npx cdk-insights config setup
 ```
 
-### Utility Commands
-
-```bash
-# Reset all configuration
-npx cdk-insights reset
-
-# Setup basic cdk-nag integration (for basic static analysis)
-npx cdk-insights setup-cdk-nag
-
-# Install Git pre-commit hooks
-npx cdk-insights hook
-
-# Synthesize CDK stacks
-npx cdk-insights synth [--path <path>]
-```
-
-## 📊 Understanding Your Results
-
-### Severity Levels
-
-- **🔴 CRITICAL**: Security vulnerabilities or major issues that need immediate attention
-- **🟡 MEDIUM**: Issues that should be addressed soon for better security/cost
-- **🟢 LOW**: Minor optimizations and best practice recommendations
-
-### Issue Types
-
-- **Security**: IAM policies, encryption, access controls
-- **Cost Optimization**: Resource sizing, unused resources, better pricing models
-- **Performance**: Configuration that could impact speed or efficiency
-- **Compliance**: Best practices and industry standards
-
-## 🛠️ Troubleshooting
-
-### Common Issues
-
-**"No stacks found"**
-
-- Make sure you're in a CDK project directory
-- Run `cdk synth` first to generate CloudFormation templates
-
-**"Permission denied"**
-
-- Ensure you have read access to your CDK project files
-- Check that your AWS credentials are configured
-
-**"Scan is slow"**
+### Enhanced Analysis via CDK Insights Aspect
 
-- Use `--services` to limit what gets scanned
-- Try `--output summary` for faster results
+For precise file/line metadata and richer context, add the aspect in your CDK app:
 
-**"Configuration not working"**
-
-- Check that your `.cdk-insights.json` file is valid JSON
-- Use `cdk-insights config list` to see current settings
-- Use `cdk-insights config setup` for interactive configuration
-- Use `cdk-insights config set <field> --help` for field-specific help
-- Use `cdk-insights reset` to clear and start fresh
-
-**"Invalid configuration value"**
-
-- Use `cdk-insights config set <field> --help` to see valid values
-- Check the [Configuration Reference](#-configuration-reference) table above
-- Ensure boolean values are `true`/`false` (not strings)
-- Ensure arrays are comma-separated strings or JSON arrays
-
-**"Cache not working"**
-
-- Check cache status with `cdk-insights cache-status`
-- Verify cache is enabled in your configuration
-- Use `--no-cache` flag to bypass cache for testing
-- Clear cache with `cdk-insights clear-cache`
-
-**"Output format issues"**
-
-- `withIssue` only works with `markdown` output
-- `summaryOnly` works with all output formats
-- `table` output is best for console display
-- `json` output is best for CI/CD integration
-
-### Configuration Migration
-
-If you're upgrading from an older version of CDK Insights, your configuration will be automatically migrated. Here's what changed:
-
-**New Fields Added:**
-
-- `failOnCritical`: Controls whether to exit with error code on critical issues
-- `noCache`: Disable cache globally
-- `cache`: Object with `enabled`, `ttl`, and `maxSize` properties
-
-**Deprecated Fields:**
-
-- None currently
-
-**Migration Steps:**
-
-1. Run `cdk-insights config list` to see your current configuration
-2. Use `cdk-insights config setup` to add any new fields interactively
-3. Test your configuration with `cdk-insights scan`
-4. Update CI/CD scripts if using `failOnCritical: true`
-
-### Getting Help
-
-- **Documentation**: [docs/](docs/)
-- **Issues**: [GitHub Issues](https://github.com/TheLeePriest/cdk-insights/issues)
-- **Discussions**: [GitHub Discussions](https://github.com/TheLeePriest/cdk-insights/discussions)
-
-## 🔧 Advanced: Enhanced Analysis with CDK Insights Aspect
-
-> **For Advanced Users**: This section is for users who want the most detailed analysis possible. The basic scanning above works great for most use cases.
-
-For the most detailed and accurate analysis, integrate the CDK Insights aspect into your CDK app. This provides enhanced metadata, better source location tracking, and more precise issue identification.
-
-### Why Use the CDK Insights Aspect?
-
-The CDK Insights aspect provides several advantages over basic CDK Nag integration:
-
-- **🎯 Precise Source Location**: Pinpoints exact file, line, and column where issues occur
-- **📊 Enhanced Metadata**: Captures stack names, construct types, and resource relationships
-- **🔍 Better Issue Mapping**: Maps CDK constructs to CloudFormation resources accurately
-- **📈 Improved Analysis**: Provides richer context for AI-powered recommendations
-- **🏷️ Friendly Names**: Generates human-readable resource names for better reporting
-
-### Integration Options
-
-#### Option 1: CDK Insights Aspect (Recommended)
-
-For the best analysis experience, use the CDK Insights aspect:
-
-```typescript
-// bin/app.ts
+```ts
 import { App, Aspects } from 'aws-cdk-lib';
 import { CdkInsightsAspect } from 'cdk-insights';
 
 const app = new App();
-
-// Add CDK Insights aspect for enhanced analysis
 Aspects.of(app).add(new CdkInsightsAspect());
-
-// Your stacks...
+// define stacks...
 app.synth();
 ```
 
-#### Option 2: Basic CDK Nag Integration
-
-For basic static analysis without enhanced features:
-
-```typescript
-// bin/app.ts
-import { App, Aspects } from 'aws-cdk-lib';
-import { AwsSolutionsChecks } from 'cdk-nag';
-
-const app = new App();
-
-// Basic CDK Nag integration
-Aspects.of(app).add(new AwsSolutionsChecks());
-
-// Your stacks...
-app.synth();
-```
-
-#### Option 3: Automated Setup
-
-Use the CLI to automatically set up CDK Nag integration:
-
-```bash
-# Interactive setup (installs cdk-nag and adds to your app)
-cdk-insights setup-cdk-nag
-# or
-npm run cdk-insights setup-cdk-nag
-```
-
-### Comparison: CDK Insights Aspect vs Basic CDK Nag
-
-| Feature                | CDK Insights Aspect               | Basic CDK Nag             |
-| ---------------------- | --------------------------------- | ------------------------- |
-| **Source Location**    | ✅ Exact file/line/column         | ❌ No source tracking     |
-| **Stack Names**        | ✅ Accurate stack identification  | ❌ Generic stack names    |
-| **Construct Types**    | ✅ Precise construct mapping      | ❌ Limited type info      |
-| **Friendly Names**     | ✅ Human-readable resource names  | ❌ Technical resource IDs |
-| **Enhanced Metadata**  | ✅ Rich context for analysis      | ❌ Basic issue reporting  |
-| **AI Recommendations** | ✅ Better context for AI analysis | ⚠️ Limited context        |
-
-### Installation for Enhanced Analysis
+---
 
-1. **Install CDK Insights in your project**:
+## 💰 Plans & Pricing
 
-   ```bash
-   npm install --save-dev cdk-insights
-   ```
+CDK Insights offers flexible tiers:
 
-2. **Add the aspect to your CDK app**:
+- 🆓 **Free** — Basic static scanning & essential checks
+- 🚀 **Pro** — AI-powered insights, unlimited scanning, team features
+- 🏢 **Enterprise** — Advanced compliance, unlimited usage, and dedicated support
 
-   ```typescript
-   // bin/app.ts
-   import { App, Aspects } from 'aws-cdk-lib';
-   import { CdkInsightsAspect } from 'cdk-insights';
+👉 [View full pricing & details →](https://cdkinsights.dev/#pricing)
 
-   const app = new App();
-   Aspects.of(app).add(new CdkInsightsAspect());
+---
 
-   // Your stacks...
-   app.synth();
-   ```
+## 🧰 Requirements
 
-3. **Synthesize your CDK app**:
+- Node.js 18 or later
+- AWS CDK v2 project
 
-   ```bash
-   cdk synth
-   ```
+---
 
-4. **Run enhanced analysis**:
+## 📚 Links & Resources
 
-   ```bash
-   npx cdk-insights scan
-   ```
+- [GitHub Repository & Issues](https://github.com/TheLeePriest/cdk-insights)
+- [Documentation](https://github.com/TheLeePriest/cdk-insights/tree/main/docs)
+- [Pricing & Tiers](https://cdkinsights.dev/#pricing)
+- License: MIT
 
-### Example: Enhanced Analysis Output
+---
 
-With the CDK Insights aspect, you'll get more detailed output:
+Start with:
 
 ```bash
-🔍 Analyzing stack: MyAppStack
-📊 Found 3 issues with enhanced metadata
-
-┌─────────────┬─────────────┬──────────┬─────────────────────┬─────────────────┐
-│ Resource    │ Stack       │ Severity │ Service             │ Issue           │
-├─────────────┼─────────────┼──────────┼─────────────────────┼─────────────────┤
-│ MyFunction  │ MyAppStack  │ 🔴 HIGH  │ Lambda              │ Missing VPC     │
-│ MyBucket    │ MyAppStack  │ 🟡 MEDIUM│ S3                  │ No encryption   │
-│ MyRole      │ MyAppStack  │ 🔴 HIGH  │ IAM                 │ Wildcard policy │
-└─────────────┴─────────────┴──────────┴─────────────────────┴─────────────────┘
-
-📍 Source Locations:
-- MyFunction: src/stacks/MyStack.ts:45:12
-- MyBucket: src/stacks/MyStack.ts:67:8
-- MyRole: src/stacks/MyStack.ts:23:15
+npx cdk-insights scan
 ```
 
-## 💰 Pricing & Plans
-
-CDK Insights offers flexible plans for teams of all sizes:
-
-- **🆓 Free Tier**: Basic static scanning with essential security checks
-- **🚀 Pro Tier**: AI-powered insights, unlimited scanning, and team features
-- **🏢 Enterprise**: Advanced compliance, unlimited usage, and dedicated support
-
-[**View all plans and pricing →**](https://cdkinsights.dev/#pricing)
-
-## 📄 License
-
-CDK Insights is licensed under the MIT License. Some functionality integrates with cdk-nag, which is licensed under Apache License 2.0.
-
----
-
-**Ready to improve your CDK infrastructure?** Start with `npx cdk-insights scan` and discover what insights await! 🚀
+And explore outputs, configuration, and integrations from there. 🚀

package/dist/cli/entry.js

@@ -83185,68 +83185,71 @@ var isGeneratedByCDK = (cdkPath, constructType) => {
 };
 var enrichRecommendations = (originalMap, pathToLogicalId, unifiedResourceMap, stack, resourceIdMetadata) => {
   const manifest = loadManifest("cdk.out");
-  return Object.entries(originalMap).reduce((acc, [resourceId, group]) => {
-    const cdkPath = Object.keys(pathToLogicalId).find(
-      (p3) => pathToLogicalId[p3] === resourceId
-    ) ?? group.cdkPath;
-    const constructType = unifiedResourceMap[resourceId]?.__constructType ?? stack.Resources[resourceId]?.Type ?? "";
-    const githubUrl = resourceIdMetadata[resourceId]?.githubUrl;
-    const docUrl = resourceIdMetadata[resourceId]?.docUrl;
-    const constructName = resourceIdMetadata[resourceId]?.constructName;
-    const isGenerated = isGeneratedByCDK(cdkPath, constructType);
-    const displayName = unifiedResourceMap[resourceId]?.displayName;
-    const friendlyName = displayName ?? unifiedResourceMap[resourceId]?.__friendlyName ?? cdkPath.split("/").pop() ?? resourceId;
-    const locationHint = displayName ?? cdkPath ?? group.locationHint;
-    const enhancedFileHint = findEnhancedFileFromPath(manifest, resourceId);
-    const allIssues = [
-      ...group.sources.cdkInsights.issues,
-      ...group.sources.cdkNag.issues
-    ].map((issue) => ({
-      ...issue,
-      locationHint,
-      githubUrl,
-      docUrl,
-      constructName,
-      // Add source location if available
-      ...enhancedFileHint?.filePath && {
-        sourceLocation: {
-          filePath: enhancedFileHint.filePath,
-          line: enhancedFileHint.line || 1,
-          column: enhancedFileHint.column || 1,
-          confidence: enhancedFileHint.confidence || "low"
-        }
-      },
-      // Add additional metadata
-      stackName: enhancedFileHint?.stackName,
-      stackId: enhancedFileHint?.stackName,
-      // Using stackName as stackId for now
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
-    }));
-    const cdkInsightsIssues = allIssues.filter(
-      (issue) => issue.foundBy !== "cdkNag"
-    );
-    const cdkNagIssues = allIssues.filter(
-      (issue) => issue.foundBy === "cdkNag"
-    );
-    acc[resourceId] = {
-      ...group,
-      resourceId,
-      displayName,
-      cdkPath,
-      friendlyName,
-      locationHint,
-      constructName,
-      githubUrl,
-      docUrl,
-      isGenerated,
-      type: constructType,
-      sources: {
-        cdkInsights: { issues: cdkInsightsIssues },
-        cdkNag: { issues: cdkNagIssues }
-      }
-    };
-    return acc;
-  }, {});
+  return Object.entries(originalMap).reduce(
+    (acc, [resourceId, group]) => {
+      const cdkPath = Object.keys(pathToLogicalId).find(
+        (p3) => pathToLogicalId[p3] === resourceId
+      ) ?? group.cdkPath;
+      const constructType = unifiedResourceMap[resourceId]?.__constructType ?? stack.Resources[resourceId]?.Type ?? "";
+      const githubUrl = resourceIdMetadata[resourceId]?.githubUrl;
+      const docUrl = resourceIdMetadata[resourceId]?.docUrl;
+      const constructName = resourceIdMetadata[resourceId]?.constructName;
+      const isGenerated = isGeneratedByCDK(cdkPath, constructType);
+      const displayName = unifiedResourceMap[resourceId]?.displayName;
+      const friendlyName = displayName ?? unifiedResourceMap[resourceId]?.__friendlyName ?? cdkPath.split("/").pop() ?? resourceId;
+      const locationHint = displayName ?? cdkPath ?? group.locationHint;
+      const enhancedFileHint = findEnhancedFileFromPath(manifest, resourceId);
+      const allIssues = [
+        ...group.sources.cdkInsights.issues,
+        ...group.sources.cdkNag.issues
+      ].map((issue) => ({
+        ...issue,
+        locationHint,
+        githubUrl,
+        docUrl,
+        constructName,
+        // Add source location if available
+        ...enhancedFileHint?.filePath && {
+          sourceLocation: {
+            filePath: enhancedFileHint.filePath,
+            line: enhancedFileHint.line || 1,
+            column: enhancedFileHint.column || 1,
+            confidence: enhancedFileHint.confidence || "low"
+          }
+        },
+        // Add additional metadata
+        stackName: enhancedFileHint?.stackName,
+        stackId: enhancedFileHint?.stackName,
+        // Using stackName as stackId for now
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      }));
+      const cdkInsightsIssues = allIssues.filter(
+        (issue) => issue.foundBy !== "cdkNag"
+      );
+      const cdkNagIssues = allIssues.filter(
+        (issue) => issue.foundBy === "cdkNag"
+      );
+      acc[resourceId] = {
+        ...group,
+        resourceId,
+        displayName,
+        cdkPath,
+        friendlyName,
+        locationHint,
+        constructName,
+        githubUrl,
+        docUrl,
+        isGenerated,
+        type: constructType,
+        sources: {
+          cdkInsights: { issues: cdkInsightsIssues },
+          cdkNag: { issues: cdkNagIssues }
+        }
+      };
+      return acc;
+    },
+    {}
+  );
 };
 
 // src/helpers/extractInlineNagFindings/nagToWAFMap.ts
@@ -84693,7 +84696,10 @@ var TerminalOutput = class _TerminalOutput {
       const trialDuration = trialEnd - trialStart;
       const elapsed = now - trialStart;
       const remaining = trialEnd - now;
-      const trialProgress = Math.max(0, Math.min(100, elapsed / trialDuration * 100));
+      const trialProgress = Math.max(
+        0,
+        Math.min(100, elapsed / trialDuration * 100)
+      );
       const trialFilledBars = Math.round(trialProgress / 100 * barWidth);
       const trialEmptyBars = Math.max(0, barWidth - trialFilledBars);
       const trialProgressBar = "\u2588".repeat(trialFilledBars) + "\u2591".repeat(trialEmptyBars);
@@ -89778,10 +89784,13 @@ var runStaticAnalysis = (cloudformationTemplate, createFinding2, selectedService
   const resourceFilter = createResourceFilter(selectedServices);
   const userResources = Object.entries(cloudformationTemplate.Resources || {}).filter(
     ([, cloudFormationResource]) => resourceFilter(cloudFormationResource)
-  ).reduce((accumulatedResources, [resourceId, cloudFormationResource]) => {
-    accumulatedResources[resourceId] = cloudFormationResource;
-    return accumulatedResources;
-  }, {});
+  ).reduce(
+    (accumulatedResources, [resourceId, cloudFormationResource]) => {
+      accumulatedResources[resourceId] = cloudFormationResource;
+      return accumulatedResources;
+    },
+    {}
+  );
   for (const serviceName of servicesToAnalyze) {
     try {
       const serviceCheckFunction = serviceChecks[serviceName];
@@ -91909,11 +91918,7 @@ var createGithubIssue = async ({
     if (gistUrl) {
       terminal.githubGistCreated(gistUrl);
       if (recommendations && summary) {
-        bodyToWrite = generateMarkdownSummary(
-          stackName,
-          summary,
-          gistUrl
-        );
+        bodyToWrite = generateMarkdownSummary(stackName, summary, gistUrl);
       } else {
         const summarySection = issueBody.split("\n---\n")[0];
         bodyToWrite = `${summarySection}

package/dist/index.js

@@ -54753,10 +54753,13 @@ var runStaticAnalysis = (cloudformationTemplate, createFinding2, selectedService
   const resourceFilter = createResourceFilter(selectedServices);
   const userResources = Object.entries(cloudformationTemplate.Resources || {}).filter(
     ([, cloudFormationResource]) => resourceFilter(cloudFormationResource)
-  ).reduce((accumulatedResources, [resourceId, cloudFormationResource]) => {
-    accumulatedResources[resourceId] = cloudFormationResource;
-    return accumulatedResources;
-  }, {});
+  ).reduce(
+    (accumulatedResources, [resourceId, cloudFormationResource]) => {
+      accumulatedResources[resourceId] = cloudFormationResource;
+      return accumulatedResources;
+    },
+    {}
+  );
   for (const serviceName of servicesToAnalyze) {
     try {
       const serviceCheckFunction = serviceChecks[serviceName];
@@ -57580,7 +57583,10 @@ var TerminalOutput = class _TerminalOutput {
       const trialDuration = trialEnd - trialStart;
       const elapsed = now - trialStart;
       const remaining = trialEnd - now;
-      const trialProgress = Math.max(0, Math.min(100, elapsed / trialDuration * 100));
+      const trialProgress = Math.max(
+        0,
+        Math.min(100, elapsed / trialDuration * 100)
+      );
       const trialFilledBars = Math.round(trialProgress / 100 * barWidth);
       const trialEmptyBars = Math.max(0, barWidth - trialFilledBars);
       const trialProgressBar = "\u2588".repeat(trialFilledBars) + "\u2591".repeat(trialEmptyBars);
@@ -58465,11 +58471,7 @@ var createGithubIssue = async ({
     if (gistUrl) {
       terminal2.githubGistCreated(gistUrl);
       if (recommendations && summary) {
-        bodyToWrite = generateMarkdownSummary(
-          stackName,
-          summary,
-          gistUrl
-        );
+        bodyToWrite = generateMarkdownSummary(stackName, summary, gistUrl);
       } else {
         const summarySection = issueBody.split("\n---\n")[0];
         bodyToWrite = `${summarySection}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cdk-insights",
-  "version": "0.2.0-beta.8",
+  "version": "0.4.0",
   "description": "AWS CDK security and cost analysis tool with AI-powered insights",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",