Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env node
- import { Annotations, App as AwsApp, AppProps, Aspects, IAspect, Stack, StackProps } from 'aws-cdk-lib';
- import { Bucket, BucketEncryption, CfnBucket } from 'aws-cdk-lib/aws-s3';
- import { Construct, IConstruct } from 'constructs';
- class BucketEncryptionAspect implements IAspect {
- public visit(node: IConstruct): void {
- if (node instanceof CfnBucket) {
- if (!node.bucketEncryption) {
- Annotations.of(node).addError(
- `S3 bucket must be encrypted: ${node.bucketName}`
- );
- }
- }
- }
- }
- class App extends AwsApp {
- constructor(props?: AppProps) {
- super(props);
- Aspects.of(this).add(new BucketEncryptionAspect());
- }
- }
- class ExampleStack extends Stack {
- constructor(scope: Construct, id: string, props?: StackProps) {
- super(scope, id, props);
- new Bucket(this, 'ExampleStackBucket', {
- bucketName: 'example-stack-bucket',
- encryption: BucketEncryption.UNENCRYPTED,
- });
- }
- }
- const app = new App();
- new ExampleStack(app, 'ErrorExampleStack');
Add Comment
Please, Sign In to add comment
