Skip to content

Experimental

Warning

This submodule is subject to non-backward compatible changes or removal in any future version. Breaking changes will be announced in the release notes, however will result in a minor version bump only.

Whilst you may use this package, you may need to update your source code when upgrading to a newer version.

API Reference

Structs

CdkGraphThreatComposerPluginOptions

Options for the Threat Composer CDK Graph plugin.

Initializer

import { CdkGraphThreatComposerPluginOptions } from '@aws/pdk/cdk-graph-plugin-threat-composer'

const cdkGraphThreatComposerPluginOptions: CdkGraphThreatComposerPluginOptions = { ... }

Properties

Name Type Description
applicationDetails ThreatComposerApplicationDetails Details about the application to include in the threat model.

applicationDetailsOptional
public readonly applicationDetails: ThreatComposerApplicationDetails;

Details about the application to include in the threat model.


ThreatComposerApplicationDetails

Details about the application to include in the threat model.

Initializer

import { ThreatComposerApplicationDetails } from '@aws/pdk/cdk-graph-plugin-threat-composer'

const threatComposerApplicationDetails: ThreatComposerApplicationDetails = { ... }

Properties

Name Type Description
description string A description of the application.
name string The name of the application.

descriptionOptional
public readonly description: string;
  • Type: string

A description of the application.


nameOptional
public readonly name: string;
  • Type: string
  • Default: "My Application"

The name of the application.


Classes

CdkGraphThreatComposerPlugin

  • Implements: aws/pdk/cdk-graph.ICdkGraphPlugin

CdkGraphThreatComposerPlugin is a {@link ICdkGraphPluginCdkGraph Plugin} implementation for generating Threat Composer threat models.

awslabs/threat-composer

Initializers

import { CdkGraphThreatComposerPlugin } from '@aws/pdk/cdk-graph-plugin-threat-composer'

new CdkGraphThreatComposerPlugin(options?: CdkGraphThreatComposerPluginOptions)
Name Type Description
options CdkGraphThreatComposerPluginOptions No description.

optionsOptional

Properties

Name Type Description
id string Unique identifier for this plugin.
version string Plugin version.
dependencies string[] List of plugins this plugin depends on, including optional semver version (eg: ["foo", "bar@1.2"]).
threatModelArtifact aws/pdk/cdk-graph.CdkGraphArtifact Retrieve the threat model artifact.
bind aws/pdk/cdk-graph.IGraphPluginBindCallback Binds the plugin to the CdkGraph instance.
report aws/pdk/cdk-graph.IGraphReportCallback Generate asynchronous reports based on the graph.

idRequired
public readonly id: string;
  • Type: string

Unique identifier for this plugin.


versionRequired
public readonly version: string;
  • Type: string

Plugin version.


dependenciesOptional
public readonly dependencies: string[];
  • Type: string[]

List of plugins this plugin depends on, including optional semver version (eg: ["foo", "bar@1.2"]).


threatModelArtifactOptional
public readonly threatModelArtifact: CdkGraphArtifact;
  • Type: aws/pdk/cdk-graph.CdkGraphArtifact

Retrieve the threat model artifact.


bindRequired
public readonly bind: IGraphPluginBindCallback;
  • Type: aws/pdk/cdk-graph.IGraphPluginBindCallback

Binds the plugin to the CdkGraph instance.

Enables plugins to receive base configs.


reportOptional
public readonly report: IGraphReportCallback;
  • Type: aws/pdk/cdk-graph.IGraphReportCallback

Generate asynchronous reports based on the graph.

This is not automatically called when synthesizing CDK. Developer must explicitly add await graphInstance.report() to the CDK bin or invoke this outside of the CDK synth. In either case, the plugin receives the in-memory graph interface when invoked, as the CdkGraph will deserialize the graph prior to invoking the plugin report.


Constants

Name Type Description
ID string Fixed ID of the threat-composer plugin.
VERSION string Curent semantic version of the threat-composer plugin.

IDRequired
public readonly ID: string;
  • Type: string

Fixed ID of the threat-composer plugin.


VERSIONRequired
public readonly VERSION: string;
  • Type: string

Curent semantic version of the threat-composer plugin.



Last update: 2024-10-30