Python IConstructの例

コード例 #1

ファイル: aws_sdk_config_aspect.py プロジェクト: tabdunabi/aws-mlops-framework

 def visit(self, node: IConstruct):
     if isinstance(node, Function):
         user_agent = json.dumps({
             "user_agent_extra":
             f"AwsSolution/{self.solution_id}/%%VERSION%%"
         })
         node.add_environment(key="AWS_SDK_USER_AGENT", value=user_agent)

コード例 #2

ファイル: override_rule.py プロジェクト: awslabs/sql-based-etl-with-apache-spark-on-amazon-eks

def suppress_iam_cfnnag_rule(cnstrt: IConstruct):
    cnstrt.add_metadata(
        'cfn_nag', {
            "rules_to_suppress":
            [{
                "id": "W12",
                "reason": "by default the role scaler_sa has * resource"
            }, {
                "id": "W76",
                "reason": "standard IAM role offered by ALB ingress controller"
            }]
        })

コード例 #3

ファイル: override_rule.py プロジェクト: awslabs/sql-based-etl-with-apache-spark-on-amazon-eks

def suppress_network_cfnnag_rule(cnstrt: IConstruct):
    cnstrt.add_metadata(
        'cfn_nag', {
            "rules_to_suppress":
            [{
                "id":
                "W40",
                "reason":
                "Egress IP Protocol of -1 is default and generally considered OK"
            }, {
                "id": "W5",
                "reason": "The Security Group with cidr open considered OK"
            }]
        })

コード例 #4

ファイル: override_rule.py プロジェクト: awslabs/sql-based-etl-with-apache-spark-on-amazon-eks

def suppress_lambda_cfnnag_rule(cnstrt: IConstruct):
    cnstrt.add_metadata(
        'cfn_nag', {
            "rules_to_suppress":
            [{
                "id":
                "W58",
                "reason":
                "service role has permission to write logs to CloudWatch"
            }, {
                "id": "W89",
                "reason": "interal function does not need to associate to VPC"
            }, {
                "id":
                "W92",
                "reason":
                "Setting up ReservedConcurrentExecutions is out of reach with the internal function created by CDK"
            }]
        })

コード例 #5

ファイル: cfn_condition.py プロジェクト: emmanuellim/improving-forecast-accuracy-with-machine-learning

 def visit(self, node: IConstruct):
     if "is_cfn_element" in dir(node) and node.is_cfn_element(node):
         node.cfn_options.condition = self.condition
     elif "is_cfn_element" in dir(node.node.default_child):
         node.node.default_child.cfn_options.condition = self.condition

コード例 #6

ファイル: override_rule.py プロジェクト: awslabs/sql-based-etl-with-apache-spark-on-amazon-eks

def suppress_cfnnag_rule(rule_id: str, reason: str, cnstrt: IConstruct):
    cnstrt.add_metadata(
        'cfn_nag', {"rules_to_suppress": [{
            "id": rule_id,
            "reason": reason
        }]})

コード例 #7

 def visit(self, node: core.IConstruct) -> None:
     """ Function to implement a path pattern """
     if isinstance(node, iam.CfnRole):
         node.path = f"/{context.role_prefix}/" if context.role_prefix else "/"