cdk-insights 1.38.0 → 1.40.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/README.md +1 -1
  2. package/dist/analysis/static/awsServices/SNS/topicPolicy/snsTopicPolicySelfLockoutChecks.d.ts +2 -0
  3. package/dist/analysis/static/awsServices/SNS/topicPolicy/snsTopicPolicySelfLockoutChecks.test.d.ts +1 -0
  4. package/dist/analysis/static/awsServices/SQS/queuePolicy/sqsQueuePolicySelfLockoutChecks.d.ts +2 -0
  5. package/dist/analysis/static/awsServices/SQS/queuePolicy/sqsQueuePolicySelfLockoutChecks.test.d.ts +1 -0
  6. package/dist/entry.js +212 -209
  7. package/dist/functions/factories/awsServices.d.ts +2 -0
  8. package/dist/helpers/applyValidationReportFindings/applyValidationReportFindings.d.ts +35 -0
  9. package/dist/helpers/applyValidationReportFindings/applyValidationReportFindings.test.d.ts +1 -0
  10. package/dist/helpers/parseValidationReport/parseValidationReport.d.ts +73 -0
  11. package/dist/helpers/parseValidationReport/parseValidationReport.test.d.ts +1 -0
  12. package/dist/helpers/synthesizeCdkStacks/synthesizeCdkStacks.d.ts +10 -0
  13. package/dist/helpers/writeAnalysisReport/writeAnalysisReport.d.ts +2 -2
  14. package/dist/index.d.ts +11 -1
  15. package/dist/index.js +133 -130
  16. package/dist/types/analysis.types.d.ts +25 -1
  17. package/dist/types/scanReport.types.d.ts +6 -1
  18. package/package.json +1 -1
package/README.md CHANGED
@@ -74,7 +74,7 @@ CDK Insights scans for real problems across **35+ AWS services**:
74
74
 
75
75
  | Category | Examples |
76
76
  |----------|---------|
77
- | **Security** | Public S3 buckets, wildcard IAM policies, unencrypted RDS/DynamoDB/SQS, open security groups, self-locking bucket and KMS key policies (Deny without root carveout) |
77
+ | **Security** | Public S3 buckets, wildcard IAM policies, unencrypted RDS/DynamoDB/SQS, open security groups, self-locking S3 bucket / KMS key / SQS queue / SNS topic policies (Deny without root carveout) |
78
78
  | **Cost** | Over-provisioned Lambda memory, missing S3 lifecycle policies, unused resources |
79
79
  | **Best Practices** | Missing CloudWatch alarms, no VPC flow logs, missing point-in-time recovery |
80
80
  | **Compliance** | Encryption at rest, logging enabled, backup configuration |
package/dist/analysis/static/awsServices/SNS/topicPolicy/snsTopicPolicySelfLockoutChecks.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { AnalysisResults, CloudFormationStack, CreateFindingFunction, RuleContext } from '../../../../../types/analysis.types';
2
+ export declare const checkSNSTopicPolicySelfLockout: (template: CloudFormationStack, createFinding: CreateFindingFunction, ruleContext?: RuleContext) => AnalysisResults;
package/dist/analysis/static/awsServices/SQS/queuePolicy/sqsQueuePolicySelfLockoutChecks.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { AnalysisResults, CloudFormationStack, CreateFindingFunction, RuleContext } from '../../../../../types/analysis.types';
2
+ export declare const checkSQSQueuePolicySelfLockout: (template: CloudFormationStack, createFinding: CreateFindingFunction, ruleContext?: RuleContext) => AnalysisResults;