fix linting errors

globaldatanet · Jul 8, 2024 · 1f8c728 · 1f8c728
1 parent 6aada69
commit 1f8c728
Show file tree

Hide file tree

Showing 5 changed files with 286 additions and 129 deletions.
diff --git a/bin/aws-firewall-factory.ts b/bin/aws-firewall-factory.ts
@@ -243,6 +243,7 @@ void (async () => {
           '\n     🪣 Amazon S3 bucket name must begin with "aws-waf-logs-" followed by at least one \n     of the following characters [a-z0-9_.-]\n\n',
         "\x1b[0m" + "\n\n"
       );
+
       process.exit(1);
     }
     new WafStack(

diff --git a/lib/_prerequisites-stack.ts b/lib/_prerequisites-stack.ts
@@ -613,13 +613,13 @@ export class PrerequisitesStack extends cdk.Stack {
         "aws-service-role/fms.amazonaws.com/AWSServiceRoleForFMS"
       );
       const snsRoleName = snsRole.roleArn;
-      const cwService= new iam.ServicePrincipal('cloudwatch.amazonaws.com');
+      const cwService = new iam.ServicePrincipal("cloudwatch.amazonaws.com");
       const FmsTopic = new sns.Topic(this, "FMS-Notifications-Topic");
       FmsTopic.addToResourcePolicy(
         new iam.PolicyStatement({
           actions: ["sns:Publish"],
           // Add permission for CloudWatchand FMS to publish to the SNS topic
-          principals: [snsRole,cwService],
+          principals: [snsRole, cwService],
           resources: [FmsTopic.topicArn],
         })
       );
@@ -643,20 +643,20 @@ export class PrerequisitesStack extends cdk.Stack {
         }
       );
       // Create a CloudWatch Alarm for DDoS attack metrics and add the SNS topic as an action
-    const ddosAlarm = new cloudwatch.Alarm(this, "DdosAlarm", {
-      metric: new cloudwatch.Metric({
-        namespace: "AWS/DDoSProtection",
-        metricName: "DDoSDetected",
-        statistic: "Sum",
-        period: cdk.Duration.minutes(1),
-      }),
-      threshold: 0,
-      evaluationPeriods: 1,
-      alarmDescription: "Alarm when a DDoS attack is detected",
-      actionsEnabled: true,
-    });
-
-    ddosAlarm.addAlarmAction(new cloudwatch_actions.SnsAction(FmsTopic));
+      const ddosAlarm = new cloudwatch.Alarm(this, "DdosAlarm", {
+        metric: new cloudwatch.Metric({
+          namespace: "AWS/DDoSProtection",
+          metricName: "DDoSDetected",
+          statistic: "Sum",
+          period: cdk.Duration.minutes(1),
+        }),
+        threshold: 0,
+        evaluationPeriods: 1,
+        alarmDescription: "Alarm when a DDoS attack is detected",
+        actionsEnabled: true,
+      });
+
+      ddosAlarm.addAlarmAction(new cloudwatch_actions.SnsAction(FmsTopic));
     }
 
     if (props.prerequisites.Grafana) {
@@ -783,6 +783,5 @@ export class PrerequisitesStack extends cdk.Stack {
         }
       );
     }
-
   }
 }
diff --git a/lib/_shield-advanced-stack.ts b/lib/_shield-advanced-stack.ts
@@ -53,12 +53,13 @@ export class ShieldStack extends cdk.Stack {
         managedServiceData: cdk.Fn.sub(JSON.stringify(managedServiceData), {}),
       },
     };
+    /* eslint-disable @typescript-eslint/no-unused-vars */
     const fmspolicy = new fms.CfnPolicy(
       this,
       "CfnPolicy",
       cfnShieldPolicyProps
     ); // NOSONAR -> SonarQube is identitfying this line as a Major Issue, but it is not. Sonarqube identify the following Error: Either remove this useless object instantiation or use it.
-
+     /* eslint-enable @typescript-eslint/no-unused-vars */
     if (props.shieldConfig.General.CreateDashboard === true) {
       new ShieldDashboard(this, "ShieldDashboardConstruct", {
         shieldConfig: {

diff --git a/lib/tools/helpers/aws-firewall-factory.ts b/lib/tools/helpers/aws-firewall-factory.ts
@@ -9,50 +9,74 @@ import { Config, ShieldConfig } from "../../types/config";
  */
 const FIREWALL_FACTORY_VERSION = packageJsonObject.version;
 
-
 /**
  * The function will display info banner and returns deploymentRegion for WAF Stack
  * @param config configuration object of the values.json
  * @return deploymentRegion AWS region, e.g. eu-central-1
  */
-export const outputInfoBanner = (config?:Config, shieldConfig?: ShieldConfig) => {
+export const outputInfoBanner = (
+  config?: Config,
+  shieldConfig?: ShieldConfig
+) => {
   /**
    * the region into which the stack is deployed
    */
   let deploymentRegion = "";
   // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
-  cfonts.say("AWS FIREWALL FACTORY", {font: "block",align: "center",colors: ["#00ecbd"],background: "transparent",letterSpacing: 0,lineHeight: 0,space: true,maxLength: "13",gradient: false,independentGradient: false,transitionGradient: false,env: "node",width:"80%"});
+  cfonts.say("AWS FIREWALL FACTORY", {
+    font: "block",
+    align: "center",
+    colors: ["#00ecbd"],
+    background: "transparent",
+    letterSpacing: 0,
+    lineHeight: 0,
+    space: true,
+    maxLength: "13",
+    gradient: false,
+    independentGradient: false,
+    transitionGradient: false,
+    env: "node",
+    width: "80%",
+  });
   console.log("\n © by globaldatanet");
-  console.log("\n🏷  Version: ","\x1B[1m",FIREWALL_FACTORY_VERSION,"\x1b[0m");
-  if(shieldConfig || config){
+  console.log("\n🏷  Version: ", "\x1B[1m", FIREWALL_FACTORY_VERSION, "\x1b[0m");
+  if (shieldConfig || config) {
     console.log("\n👤 AWS FMS Administrator Account: ");
-    console.log("\x1b[33m",`                        ${process.env.CDK_DEFAULT_ACCOUNT}`,"\x1b[0m");
-    }
-  if(shieldConfig){
-    if(shieldConfig.resourceType === "AWS::CloudFront::Distribution"){
+    console.log(
+      "\x1b[33m",
+      `                        ${process.env.CDK_DEFAULT_ACCOUNT}`,
+      "\x1b[0m"
+    );
+  }
+  if (shieldConfig) {
+    if (shieldConfig.resourceType === "AWS::CloudFront::Distribution") {
       deploymentRegion = "us-east-1";
-    }
-    else{
+    } else {
       deploymentRegion = process.env.AWS_REGION || "eu-central-1";
     }
   }
-  if(config){
-    if(process.env.PREREQUISITE === "true"){
+  if (config) {
+    if (process.env.PREREQUISITE === "true") {
       console.log("🌎 Deployment region:");
-      console.log("\x1b[32m",`                      ${process.env.AWS_REGION}`,"\x1b[0m \n\n");
-    }
-    else{
-      if(config.WebAcl.Scope === "CLOUDFRONT"){
+      console.log(
+        "\x1b[32m",
+        `                      ${process.env.AWS_REGION}`,
+        "\x1b[0m \n\n"
+      );
+    } else {
+      if (config.WebAcl.Scope === "CLOUDFRONT") {
         deploymentRegion = "us-east-1";
-      }
-      else{
+      } else {
         deploymentRegion = process.env.REGION || "eu-central-1";
       }
       console.log("🌎 CDK deployment region:");
-      console.log("\x1b[32m",`                      ${deploymentRegion}`,"\x1b[0m \n");
+      console.log(
+        "\x1b[32m",
+        `                      ${deploymentRegion}`,
+        "\x1b[0m \n"
+      );
     }
-  }
-  else{
+  } else {
     deploymentRegion = process.env.REGION || "eu-central-1";
   }
   return deploymentRegion;
@@ -62,7 +86,7 @@ export const outputInfoBanner = (config?:Config, shieldConfig?: ShieldConfig) =>
  * initialize a runtime properties object
  * @returns the runtime properties object
  */
-export function initRuntimeProperties() : RuntimeProperties {
+export function initRuntimeProperties(): RuntimeProperties {
   return {
     AllAwsRegions: [],
     GuidanceSummary: [],
@@ -90,7 +114,7 @@ export function initRuntimeProperties() : RuntimeProperties {
       CustomRuleCount: 0,
       IpReputationListCount: 0,
       CustomRuleGroupCount: 0,
-      CustomCaptchaRuleCount: 0
+      CustomCaptchaRuleCount: 0,
     },
     PreProcess: {
       Capacity: 0,
@@ -104,7 +128,7 @@ export function initRuntimeProperties() : RuntimeProperties {
       IpReputationListCount: 0,
       CustomRuleCount: 0,
       CustomRuleGroupCount: 0,
-      CustomCaptchaRuleCount: 0
+      CustomCaptchaRuleCount: 0,
     },
     Pricing: {
       Policy: 0,
@@ -116,18 +140,18 @@ export function initRuntimeProperties() : RuntimeProperties {
       Captcha: 0,
       AccountTakeoverPrevention: 0,
       AccountTakeoverPreventionRequest: 0,
-      Dashboard: 0
-    }
+      Dashboard: 0,
+    },
   };
 }
 
 /**
  * The function will check if s3 bucket is Parameter is starting with aws-waf-logs- if Logging Configuration is set to S3
  * @param config Config
  */
-export function wrongLoggingConfiguration(config: Config): boolean{
-  if(config.General.LoggingConfiguration === "S3"){
-    if(!config.General.S3LoggingBucketName.startsWith("aws-waf-logs-")){
+export function wrongLoggingConfiguration(config: Config): boolean {
+  if (config.General.LoggingConfiguration === "S3") {
+    if (!config.General.S3LoggingBucketName.startsWith("aws-waf-logs-")) {
       return true;
     }
     return false;