-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: check origin access control usage for cloudfront with s3 origin #1794
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you! Very minor comment to address, but then this should be good to go!
test/rules/CloudFront.test.ts
Outdated
test('Noncompliance 1', () => { | ||
new CfnDistribution(stack, 'rDistribution', { | ||
test('Noncompliance', () => { | ||
new CfnStreamingDistribution(stack, 'rStreamingDistribution', { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please the remove the r
prefix from the ids, it's a naming convention that doesn't work well with CDK and that I'd like to remove from the project
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed!
Fixes #1582
CDK now supports S3 Origin Access Control L2 construct. Added a new rule to check if OAC is configured for CloudFront distributions using S3 as an origin.
AwsSolutions-CFR7