aws-solutions-constructs.aws-wafwebacl-appsync


Nameaws-solutions-constructs.aws-wafwebacl-appsync JSON
Version 2.75.0 PyPI version JSON
download
home_pagehttps://github.com/awslabs/aws-solutions-constructs.git
SummaryCDK constructs for defining an AWS web WAF connected to an AWS AppSync API.
upload_time2024-12-23 13:20:04
maintainerNone
docs_urlNone
authorAmazon Web Services
requires_python~=3.8
licenseApache-2.0
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # aws-wafwebacl-appsync module

<!--BEGIN STABILITY BANNER-->---


![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge)

> All classes are under active development and subject to non-backward compatible changes or removal in any
> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model.
> This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

---
<!--END STABILITY BANNER-->

| **Reference Documentation**: | <span style="font-weight: normal">https://docs.aws.amazon.com/solutions/latest/constructs/</span> |
| :--------------------------- | :------------------------------------------------------------------------------------------------ |

<div style="height:8px"></div>

| **Language**                                                                                   | **Package**                                               |
| :--------------------------------------------------------------------------------------------- | --------------------------------------------------------- |
| ![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python             | `aws_solutions_constructs.aws_wafwebacl_appsync`          |
| ![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript | `@aws-solutions-constructs/aws-wafwebacl-appsync`         |
| ![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java                   | `software.amazon.awsconstructs.services.wafwebaclappsync` |

## Overview

This AWS Solutions Construct implements an AWS WAF web ACL connected to an AWS AppSync API.

Here is a minimal deployable pattern definition:

Typescript

```python
import { Construct } from "constructs";
import { Stack, StackProps } from "aws-cdk-lib";
import {
  WafwebaclToAppsyncProps,
  WafwebaclToAppsync,
} from "@aws-solutions-constructs/aws-wafwebacl-appsync";

// Use an existing AppSync GraphQL API
const existingGraphQLApi = previouslyCreatedApi;

// This construct can only be attached to a configured AWS AppSync API.
new WafwebaclToAppsync(this, "test-wafwebacl-appsync", {
  existingAppsyncApi: existingGraphQLApi,
});
```

Python

```python
from aws_solutions_constructs.aws_wafwebacl_appsync import WafwebaclToAppsyncProps, WafwebaclToAppsync
from aws_cdk import (
    aws_route53 as route53,
    Stack
)
from constructs import Construct

# Use an existing AppSync API
existingGraphQLApi = previouslyCreatedApi


# This construct can only be attached to a configured AWS AppSync API.
WafwebaclToAppsync(self, 'test_wafwebacl_appsync',
                existing_appsync_api=existingGraphQLApi
                )
```

Java

```java
import software.constructs.Construct;

import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
import software.amazon.awsconstructs.services.wafwebaclappsync.*;

// Use an existing AppSync API
final existingGraphQLApi = previouslyCreatedApi


// This construct can only be attached to a configured AWS AppSync API.
new WafwebaclToAppsync(this, "test-wafwebacl-appsync", new WafwebaclToAppsyncProps.Builder()
        .existingAppsyncApi(existingGraphQLApi)
        .build());
```

## Pattern Construct Props

| **Name**           | **Type**                                                                                                          | **Description**                                                                                                                                                                                                                                                                                                                                                                   |
| :----------------- | :---------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| existingAppsyncApi | [`appsync.CfnGraphQLApi`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_appsync.CfnGraphQLApi.html) | The existing Appsync CfnGraphQLApi object that will be protected with the WAF web ACL. *Note that a WAF web ACL can only be added to a configured AppSync API, so this construct only accepts an existing CfnGraphQLApi and does not accept CfnGraphQLApiProps.*                                                                                                                  |
| existingWebaclObj? | [`waf.CfnWebACL`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACL.html)                 | Existing instance of a WAF web ACL, an error will occur if this and props is set.                                                                                                                                                                                                                                                                                                 |
| webaclProps?       | [`waf.CfnWebACLProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACLProps.html)       | Optional user-provided props to override the default props for the AWS WAF web ACL. To use a different collection of managed rule sets, specify a new rules property. Use our [`wrapManagedRuleSet(managedGroupName: string, vendorName: string, priority: number)`](../core/lib/waf-defaults.ts) function from core to create an array entry from each desired managed rule set. |

## Pattern Properties

| **Name**   | **Type**                                                                                                          | **Description**                                                    |
| :--------- | :---------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------ |
| webacl     | [`waf.CfnWebACL`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACL.html)                 | Returns an instance of the waf.CfnWebACL created by the construct. |
| appsyncApi | [`appsync.CfnGraphQLApi`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_appsync.CfnGraphQLApi.html) | Returns an instance of the CfnGraphQLApi used by the pattern.      |

## Default settings

Out of the box implementation of the Construct without any override will set the following defaults:

### AWS WAF

* Deploy a WAF web ACL with 7 [AWS managed rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-list.html).

  * AWSManagedRulesBotControlRuleSet
  * AWSManagedRulesKnownBadInputsRuleSet
  * AWSManagedRulesCommonRuleSet
  * AWSManagedRulesAnonymousIpList
  * AWSManagedRulesAmazonIpReputationList
  * AWSManagedRulesAdminProtectionRuleSet
  * AWSManagedRulesSQLiRuleSet

  *Note that the default rules can be replaced by specifying the rules property of CfnWebACLProps*
* Send metrics to Amazon CloudWatch

### AppSync API

* User provided AppSync graphql API object is used as-is

## Architecture

![Architecture Diagram](architecture.png)

---


© Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/awslabs/aws-solutions-constructs.git",
    "name": "aws-solutions-constructs.aws-wafwebacl-appsync",
    "maintainer": null,
    "docs_url": null,
    "requires_python": "~=3.8",
    "maintainer_email": null,
    "keywords": null,
    "author": "Amazon Web Services",
    "author_email": null,
    "download_url": "https://files.pythonhosted.org/packages/c3/bf/9780ca355761cd54cc0076e3927ba1432a7730644734ae83532c46b923f2/aws_solutions_constructs_aws_wafwebacl_appsync-2.75.0.tar.gz",
    "platform": null,
    "description": "# aws-wafwebacl-appsync module\n\n<!--BEGIN STABILITY BANNER-->---\n\n\n![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge)\n\n> All classes are under active development and subject to non-backward compatible changes or removal in any\n> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model.\n> This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.\n\n---\n<!--END STABILITY BANNER-->\n\n| **Reference Documentation**: | <span style=\"font-weight: normal\">https://docs.aws.amazon.com/solutions/latest/constructs/</span> |\n| :--------------------------- | :------------------------------------------------------------------------------------------------ |\n\n<div style=\"height:8px\"></div>\n\n| **Language**                                                                                   | **Package**                                               |\n| :--------------------------------------------------------------------------------------------- | --------------------------------------------------------- |\n| ![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python             | `aws_solutions_constructs.aws_wafwebacl_appsync`          |\n| ![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript | `@aws-solutions-constructs/aws-wafwebacl-appsync`         |\n| ![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java                   | `software.amazon.awsconstructs.services.wafwebaclappsync` |\n\n## Overview\n\nThis AWS Solutions Construct implements an AWS WAF web ACL connected to an AWS AppSync API.\n\nHere is a minimal deployable pattern definition:\n\nTypescript\n\n```python\nimport { Construct } from \"constructs\";\nimport { Stack, StackProps } from \"aws-cdk-lib\";\nimport {\n  WafwebaclToAppsyncProps,\n  WafwebaclToAppsync,\n} from \"@aws-solutions-constructs/aws-wafwebacl-appsync\";\n\n// Use an existing AppSync GraphQL API\nconst existingGraphQLApi = previouslyCreatedApi;\n\n// This construct can only be attached to a configured AWS AppSync API.\nnew WafwebaclToAppsync(this, \"test-wafwebacl-appsync\", {\n  existingAppsyncApi: existingGraphQLApi,\n});\n```\n\nPython\n\n```python\nfrom aws_solutions_constructs.aws_wafwebacl_appsync import WafwebaclToAppsyncProps, WafwebaclToAppsync\nfrom aws_cdk import (\n    aws_route53 as route53,\n    Stack\n)\nfrom constructs import Construct\n\n# Use an existing AppSync API\nexistingGraphQLApi = previouslyCreatedApi\n\n\n# This construct can only be attached to a configured AWS AppSync API.\nWafwebaclToAppsync(self, 'test_wafwebacl_appsync',\n                existing_appsync_api=existingGraphQLApi\n                )\n```\n\nJava\n\n```java\nimport software.constructs.Construct;\n\nimport software.amazon.awscdk.Stack;\nimport software.amazon.awscdk.StackProps;\nimport software.amazon.awsconstructs.services.wafwebaclappsync.*;\n\n// Use an existing AppSync API\nfinal existingGraphQLApi = previouslyCreatedApi\n\n\n// This construct can only be attached to a configured AWS AppSync API.\nnew WafwebaclToAppsync(this, \"test-wafwebacl-appsync\", new WafwebaclToAppsyncProps.Builder()\n        .existingAppsyncApi(existingGraphQLApi)\n        .build());\n```\n\n## Pattern Construct Props\n\n| **Name**           | **Type**                                                                                                          | **Description**                                                                                                                                                                                                                                                                                                                                                                   |\n| :----------------- | :---------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| existingAppsyncApi | [`appsync.CfnGraphQLApi`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_appsync.CfnGraphQLApi.html) | The existing Appsync CfnGraphQLApi object that will be protected with the WAF web ACL. *Note that a WAF web ACL can only be added to a configured AppSync API, so this construct only accepts an existing CfnGraphQLApi and does not accept CfnGraphQLApiProps.*                                                                                                                  |\n| existingWebaclObj? | [`waf.CfnWebACL`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACL.html)                 | Existing instance of a WAF web ACL, an error will occur if this and props is set.                                                                                                                                                                                                                                                                                                 |\n| webaclProps?       | [`waf.CfnWebACLProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACLProps.html)       | Optional user-provided props to override the default props for the AWS WAF web ACL. To use a different collection of managed rule sets, specify a new rules property. Use our [`wrapManagedRuleSet(managedGroupName: string, vendorName: string, priority: number)`](../core/lib/waf-defaults.ts) function from core to create an array entry from each desired managed rule set. |\n\n## Pattern Properties\n\n| **Name**   | **Type**                                                                                                          | **Description**                                                    |\n| :--------- | :---------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------ |\n| webacl     | [`waf.CfnWebACL`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_waf.CfnWebACL.html)                 | Returns an instance of the waf.CfnWebACL created by the construct. |\n| appsyncApi | [`appsync.CfnGraphQLApi`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_appsync.CfnGraphQLApi.html) | Returns an instance of the CfnGraphQLApi used by the pattern.      |\n\n## Default settings\n\nOut of the box implementation of the Construct without any override will set the following defaults:\n\n### AWS WAF\n\n* Deploy a WAF web ACL with 7 [AWS managed rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-list.html).\n\n  * AWSManagedRulesBotControlRuleSet\n  * AWSManagedRulesKnownBadInputsRuleSet\n  * AWSManagedRulesCommonRuleSet\n  * AWSManagedRulesAnonymousIpList\n  * AWSManagedRulesAmazonIpReputationList\n  * AWSManagedRulesAdminProtectionRuleSet\n  * AWSManagedRulesSQLiRuleSet\n\n  *Note that the default rules can be replaced by specifying the rules property of CfnWebACLProps*\n* Send metrics to Amazon CloudWatch\n\n### AppSync API\n\n* User provided AppSync graphql API object is used as-is\n\n## Architecture\n\n![Architecture Diagram](architecture.png)\n\n---\n\n\n\u00a9 Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n",
    "bugtrack_url": null,
    "license": "Apache-2.0",
    "summary": "CDK constructs for defining an AWS web WAF connected to an AWS AppSync API.",
    "version": "2.75.0",
    "project_urls": {
        "Homepage": "https://github.com/awslabs/aws-solutions-constructs.git",
        "Source": "https://github.com/awslabs/aws-solutions-constructs.git"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "a7c15f14c04648842e790309aeddcbf2b7ded8b60bb32553d6fdd0a2213b0f55",
                "md5": "3fa0a9f7ab475ff9eb65dcdaec1e747d",
                "sha256": "aad97df561d303814b1ffc27df9c31ff154cff2ee994bf05ef58bc205aed1b94"
            },
            "downloads": -1,
            "filename": "aws_solutions_constructs.aws_wafwebacl_appsync-2.75.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "3fa0a9f7ab475ff9eb65dcdaec1e747d",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": "~=3.8",
            "size": 154569,
            "upload_time": "2024-12-23T13:18:29",
            "upload_time_iso_8601": "2024-12-23T13:18:29.842601Z",
            "url": "https://files.pythonhosted.org/packages/a7/c1/5f14c04648842e790309aeddcbf2b7ded8b60bb32553d6fdd0a2213b0f55/aws_solutions_constructs.aws_wafwebacl_appsync-2.75.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "c3bf9780ca355761cd54cc0076e3927ba1432a7730644734ae83532c46b923f2",
                "md5": "cdb0d494e45406b08198940a93613767",
                "sha256": "86f4bab1dc37098ecb58e9aa3302ad48a79e74537e483c7e679989a4e24f09f1"
            },
            "downloads": -1,
            "filename": "aws_solutions_constructs_aws_wafwebacl_appsync-2.75.0.tar.gz",
            "has_sig": false,
            "md5_digest": "cdb0d494e45406b08198940a93613767",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": "~=3.8",
            "size": 155299,
            "upload_time": "2024-12-23T13:20:04",
            "upload_time_iso_8601": "2024-12-23T13:20:04.989132Z",
            "url": "https://files.pythonhosted.org/packages/c3/bf/9780ca355761cd54cc0076e3927ba1432a7730644734ae83532c46b923f2/aws_solutions_constructs_aws_wafwebacl_appsync-2.75.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-12-23 13:20:04",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "awslabs",
    "github_project": "aws-solutions-constructs",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "aws-solutions-constructs.aws-wafwebacl-appsync"
}
        
Elapsed time: 0.73099s