From c259153d9f97d5607173099db7578fc8305e5e9c Mon Sep 17 00:00:00 2001 From: gracelu0 Date: Thu, 27 Feb 2025 16:25:01 -0800 Subject: [PATCH 1/3] add minimal L2 interface for inspector assessment template and fromCfnAssessment template method --- .../aws-inspector/lib/assessment-template.ts | 37 +++++++++++++ .../aws-cdk-lib/aws-inspector/lib/index.ts | 1 + .../test/assessment-template.test.ts | 54 +++++++++++++++++++ 3 files changed, 92 insertions(+) create mode 100644 packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts create mode 100644 packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts diff --git a/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts b/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts new file mode 100644 index 0000000000000..f5b5338a7fe7d --- /dev/null +++ b/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts @@ -0,0 +1,37 @@ +import { Construct } from 'constructs'; +import { CfnAssessmentTemplate } from './inspector.generated'; +import { IResource, Resource } from '../../core'; + +/** + * Interface for an Inspector Assessment Template + */ +export interface IAssessmentTemplate extends IResource { + /** + * The Amazon Resource Name (ARN) of the assessment template. + * @attribute + */ + readonly assessmentTemplateArn: string; +} + +/** + * An Amazon Inspector assessment template. + * TODO: This class should implement IAssessmentTemplate when writing the L2 construct + */ +export class AssessmentTemplate extends Resource { + /** + * Creates an AssessmentTemplate from an existing CfnAssessmentTemplate. + * + * This method is provided to bridge the gap with L2 constructs since no L2 constructs + * exist for Inspector resources yet. It allows working with CfnAssessmentTemplate (L1) + * resources through the IAssessmentTemplate interface. + */ + public static fromCfnAssessmentTemplate(scope: Construct, id: string, template: CfnAssessmentTemplate): IAssessmentTemplate { + return new class extends Resource implements IAssessmentTemplate { + public readonly assessmentTemplateArn: string; + constructor() { + super(scope, id); + this.assessmentTemplateArn = template.attrArn; + } + }(); + } +} diff --git a/packages/aws-cdk-lib/aws-inspector/lib/index.ts b/packages/aws-cdk-lib/aws-inspector/lib/index.ts index dc769c1590df5..1d86dcfe350cc 100644 --- a/packages/aws-cdk-lib/aws-inspector/lib/index.ts +++ b/packages/aws-cdk-lib/aws-inspector/lib/index.ts @@ -1 +1,2 @@ export * from './inspector.generated'; +export * from './assessment-template'; diff --git a/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts b/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts new file mode 100644 index 0000000000000..330e1a22da4f8 --- /dev/null +++ b/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts @@ -0,0 +1,54 @@ +import { App, Stack } from '../../core'; +import { AssessmentTemplate, CfnAssessmentTarget, CfnAssessmentTemplate, IAssessmentTemplate } from '..'; + +describe('AssessmentTemplate', () => { + let app: App; + let stack: Stack; + let assessmentTarget: CfnAssessmentTarget; + + beforeEach(() => { + app = new App(); + stack = new Stack(app, 'Stack'); + assessmentTarget = new CfnAssessmentTarget(stack, 'AssessmentTarget', { + assessmentTargetName: 'MyAssessmentTarget', + }); + }); + + describe('fromCfnAssessmentTemplate', () => { + test('creates an IAssessmentTemplate from a CfnAssessmentTemplate', () => { + // GIVEN + const cfnAssessmentTemplate = new CfnAssessmentTemplate(stack, 'MyCfnAssessmentTemplate', { + assessmentTargetArn: assessmentTarget.attrArn, + durationInSeconds: 3600, + // https://docs.aws.amazon.com/inspector/v1/userguide/inspector_rules-arns.html#us-east-1 + rulesPackageArns: ['arn:aws:inspector:us-east-1:316112463485:rulespackage/0-gEjTy7T7'], + }); + + // WHEN + const assessmentTemplate = AssessmentTemplate.fromCfnAssessmentTemplate(stack, 'MyAssessmentTemplate', cfnAssessmentTemplate); + + // THEN + expect(assessmentTemplate.assessmentTemplateArn).toBe(cfnAssessmentTemplate.attrArn); + }); + + test('can be used where IAssessmentTemplate is expected', () => { + // GIVEN + const cfnAssessmentTemplate = new CfnAssessmentTemplate(stack, 'MyCfnAssessmentTemplate', { + assessmentTargetArn: 'arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX', + assessmentTemplateName: 'MyTemplate', + durationInSeconds: 3600, + rulesPackageArns: ['arn:aws:inspector:us-east-1:316112463485:rulespackage/0-gEjTy7T7'], + }); + + // WHEN + const assessmentTemplate = AssessmentTemplate.fromCfnAssessmentTemplate(stack, 'ImportedTemplate', cfnAssessmentTemplate); + + // THEN - this function accepts an IAssessmentTemplate + function acceptsIAssessmentTemplate(template: IAssessmentTemplate) { + return template.assessmentTemplateArn; + } + + expect(acceptsIAssessmentTemplate(assessmentTemplate)).toBe(cfnAssessmentTemplate.attrArn); + }); + }); +}); From b960280e4d6a58b10ed6e4d74219bca17618270c Mon Sep 17 00:00:00 2001 From: gracelu0 Date: Thu, 27 Feb 2025 17:05:03 -0800 Subject: [PATCH 2/3] fix import order --- .../aws-cdk-lib/aws-inspector/test/assessment-template.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts b/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts index 330e1a22da4f8..45b93a1af2723 100644 --- a/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts +++ b/packages/aws-cdk-lib/aws-inspector/test/assessment-template.test.ts @@ -1,5 +1,5 @@ import { App, Stack } from '../../core'; -import { AssessmentTemplate, CfnAssessmentTarget, CfnAssessmentTemplate, IAssessmentTemplate } from '..'; +import { AssessmentTemplate, CfnAssessmentTarget, CfnAssessmentTemplate, IAssessmentTemplate } from '../lib'; describe('AssessmentTemplate', () => { let app: App; From 63b74713e4c64274d66634ac17999cd411643ab2 Mon Sep 17 00:00:00 2001 From: gracelu0 Date: Fri, 28 Feb 2025 16:35:20 -0800 Subject: [PATCH 3/3] fix awslint issues --- .../aws-inspector/lib/assessment-template.ts | 10 +++++++++- packages/aws-cdk-lib/awslint.json | 4 +++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts b/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts index f5b5338a7fe7d..abd1c10404a18 100644 --- a/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts +++ b/packages/aws-cdk-lib/aws-inspector/lib/assessment-template.ts @@ -13,9 +13,17 @@ export interface IAssessmentTemplate extends IResource { readonly assessmentTemplateArn: string; } +/** + * Properties for creating an Inspector Assessment Template + * TODO: Add properties and remove "props-physical-name:aws-cdk-lib.aws_inspector.AssessmentTemplateProps" from `awslint.json` + * when implementing the L2 construct + */ +export interface AssessmentTemplateProps { } + /** * An Amazon Inspector assessment template. - * TODO: This class should implement IAssessmentTemplate when writing the L2 construct + * TODO: This class should implement IAssessmentTemplate and "construct-ctor-props-type:aws-cdk-lib.aws_inspector.AssessmentTemplate" should be + * removed from `awslint.json` when implementing the L2 construct */ export class AssessmentTemplate extends Resource { /** diff --git a/packages/aws-cdk-lib/awslint.json b/packages/aws-cdk-lib/awslint.json index 6c7775644b6f3..fda7d8621e7e3 100644 --- a/packages/aws-cdk-lib/awslint.json +++ b/packages/aws-cdk-lib/awslint.json @@ -998,6 +998,8 @@ "events-generic:aws-cdk-lib.aws_appconfig.Application", "events-generic:aws-cdk-lib.aws_appconfig.Environment", "events-generic:aws-cdk-lib.aws_appconfig.HostedConfiguration", - "events-generic:aws-cdk-lib.aws_appconfig.SourcedConfiguration" + "events-generic:aws-cdk-lib.aws_appconfig.SourcedConfiguration", + "construct-ctor-props-type:aws-cdk-lib.aws_inspector.AssessmentTemplate", + "props-physical-name:aws-cdk-lib.aws_inspector.AssessmentTemplateProps" ] }