Skip to content

Commit

Permalink
Merge pull request #14 from aws-solutions/release/v1.0.2
Browse files Browse the repository at this point in the history
Updated to version v1.0.2
  • Loading branch information
groverlalit authored Jan 11, 2023
2 parents a1a66aa + 648ffc5 commit ec20b08
Show file tree
Hide file tree
Showing 49 changed files with 20,669 additions and 4,384 deletions.
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ A clear and concise description of what you expected to happen.

- [ ] Version: [e.g. v1.0.0]

To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "_(SO0108) - AWS Network Firewall Deployment Automations for AWS Transit Gateway. Version **v1.0.0**_".
To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "_(SO0108) - Firewall Automation for Network Traffic on AWS. Version **v1.0.0**_".

- [ ] Region: [e.g. us-east-1]
- [ ] Was the solution modified from the version published on this repository?
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,7 @@ ENV/
*cdk.out*
*.d.ts
*.js
!jest.config.js

#ignore these in the deployment folder
*regional-s3-assets*
Expand Down
7 changes: 7 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [1.0.2] - 2022-12-19
### Updated
- Name change to Firewall Automation for Network Traffic on AWS
- Upgrade to CDK v2
- Fix NPM security warnings
- Fix SonarQube bugs and increase unit test coverage

## [1.0.1] - 2021-04-10
### Updated
- Updated default branch name to 'main'. [Change branch settings in your
Expand Down
6 changes: 3 additions & 3 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ information to effectively respond to your bug report or contribution.

We welcome you to use the GitHub issue tracker to report bugs or suggest features.

When filing an issue, please check [existing open](https://github.com/awslabs/network-firewall-automation/issues), or [recently closed](https://github.com/awslabs/network-firewall-automation/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), issues to make sure somebody else hasn't already
When filing an issue, please check [existing open](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/issues), or [recently closed](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), issues to make sure somebody else hasn't already
reported the issue. Please try to include as much information as you can. Details like these are incredibly useful:

* A reproducible test case or series of steps
Expand Down Expand Up @@ -42,7 +42,7 @@ GitHub provides additional document on [forking a repository](https://help.githu


## Finding contributions to work on
Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels ((enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any ['help wanted'](https://github.com/awslabs/network-firewall-automation/labels/help%20wanted) issues is a great place to start.
Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels ((enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any ['help wanted'](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/labels/help%20wanted) issues is a great place to start.


## Code of Conduct
Expand All @@ -57,6 +57,6 @@ If you discover a potential security issue in this project we ask that you notif

## Licensing

See the [LICENSE](https://github.com/awslabs/network-firewall-automation/blob/master/LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution.
See the [LICENSE](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/blob/master/LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution.

We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes.
22 changes: 13 additions & 9 deletions NOTICE.txt
Original file line number Diff line number Diff line change
@@ -1,10 +1,6 @@
AWS Network Firewall Automation
Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License Version 2.0 (the "License"). You may not use this file except
in compliance with the License. A copy of the License is located at http://www.apache.org/licenses/
or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied. See the License for the
specific language governing permissions and limitations under the License.
Firewall Automation for Network Traffic on AWS
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0

**********************
THIRD PARTY COMPONENTS
Expand All @@ -16,5 +12,13 @@ moment under the MIT License
uuid under the MIT License.
AWS SDK under the Apache License Version 2.0
aws-cdk under Apache License 2.0

AWS SDK under the Apache License Version 2.0
aws-cdk-lib under Apache License 2.0
@types/jest under the Massachusetts Institute of Technology (MIT) license
@types/node under the Massachusetts Institute of Technology (MIT) license
aws-sdk-client-mock under the Massachusetts Institute of Technology (MIT) license
constructs under Apache License 2.0
ts-jest under the Massachusetts Institute of Technology (MIT) license
ts-node under the Massachusetts Institute of Technology (MIT) license
typescript under Apache License 2.0
@types/moment under the Massachusetts Institute of Technology (MIT) license
@types/uuid under the Massachusetts Institute of Technology (MIT) license
30 changes: 10 additions & 20 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
**[AWS Network Firewall Deployment Automations for AWS Transit Gateway](https://aws.amazon.com/solutions/implementations/aws-network-firewall-deployment-automations-for-aws-transit-gateway)** | **[🚧 Feature request](https://github.com/awslabs/aws-network-firewall-deployment-automations-for-aws-transit-gateway/issues/new?assignees=&labels=feature-request%2C+enhancement&template=feature_request.md&title=)** | **[🐛 Bug Report](https://github.com/awslabs/aws-network-firewall-deployment-automations-for-aws-transit-gateway/issues/new?assignees=&labels=bug%2C+triage&template=bug_report.md&title=)**
**[Firewall Automation for Network Traffic on AWS](https://aws.amazon.com/solutions/implementations/firewall-automation-for-network-traffic-on-aws)** | **[🚧 Feature request](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/issues/new?assignees=&labels=feature-request%2C+enhancement&template=feature_request.md&title=)** | **[🐛 Bug Report](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/issues/new?assignees=&labels=bug%2C+triage&template=bug_report.md&title=)**

Note: If you want to use the solution without building from source, navigate to Solution Landing Page

Expand All @@ -17,15 +17,15 @@ Note: If you want to use the solution without building from source, navigate to

<a name="solution-overview"></a>
# Solution Overview
Solution for AWS Network Firewall Deployment Automations for AWS Transit Gateway.
Solution for Firewall Automation for Network Traffic on AWS.

<a name="architecture-diagram"></a>
# Architecture Diagram
![Architecture Diagram](./source/architecture.png)

<a name="prerequisites-for-customization"></a>
## Prerequisites for Customization
* Node.js>12
* Node.js>16

<a name="build"></a>
## Build
Expand Down Expand Up @@ -68,13 +68,13 @@ Follow the steps for deploying your custom version of the solution.
* Copy the file ./deployment/regional-s3-assets/network-firewall-automation.zip to the location s3://[BUCKET_NAME]-[REGION]/network-firewall-automation/[VERSION_ID]/
* Copy the file ./deployment/regional-s3-assets/network-firewall-configuration.zip to the location s3://[BUCKET_NAME]-[REGION]/network-firewall-automation/latest/

Once the above steps are completed, use the file ./deployment/global-s3-assets/aws-network-firewall-deployment-automations-for-aws-transit-gateway.template to create a stack in CloudFormation.
Once the above steps are completed, use the file ./deployment/global-s3-assets/firewall-automation-for-network-traffic-on-aws.template to create a stack in CloudFormation.


<a name="file-structure"></a>
# File structure

aws-network-firewall-deployment-automations-for-aws-transit-gateway consists of:
firewall-automation-for-network-traffic-on-aws consists of:

- CDK constructs to generate necessary resources
- Microservices used in the solution
Expand Down Expand Up @@ -160,24 +160,14 @@ File Structure
</pre>

<a name="license"></a>


## Collection of operational metrics
This solution collects anonymous operational metrics to help AWS improve the quality and features of the solution. For more information, including how to disable this capability, please see the [implementation guide](https://docs.aws.amazon.com/solutions/latest/network-firewall-deployment-automations-for-aws-transit-gateway/collection-of-operational-metrics.html).


***

Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Licensed under the Apache License Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at

http://www.apache.org/licenses/

or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions and limitations under the License.

See [LICENSE](https://github.com/awslabs/aws-network-firewall-solution-for-aws-transit-gateway/blob/master/LICENSE.txt)
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0

See [LICENSE](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/blob/master/LICENSE.txt)

## Collection of operational metrics

This solution collects anonymous operational metrics to help AWS improve the quality and features of the solution. For more information, including how to disable this capability, please see the [implementation guide](https://docs.aws.amazon.com/solutions/latest/network-firewall-deployment-automations-for-aws-transit-gateway/collection-of-operational-metrics.html).

32 changes: 10 additions & 22 deletions deployment/build-s3-dist.sh
Original file line number Diff line number Diff line change
@@ -1,19 +1,8 @@
#!/bin/bash
#
# Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
# with the License. A copy of the License is located at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
# OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
# and limitations under the License.
#

# Important: CDK global version number
cdk_version=1.77.0
#
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
#

# Check to see if the required parameters have been provided:
if [ -z "$1" ] || [ -z "$2" ] || [ -z "$3" ]; then
Expand Down Expand Up @@ -66,15 +55,14 @@ echo "--------------------------------------------------------------------------
# Install the global aws-cdk package
echo "cd $source_dir"
cd $source_dir
echo "npm install"
npm install
echo "npm install aws-cdk@$cdk_version"
npm install aws-cdk@$cdk_version
echo "npm ci"
npm ci

# Run 'cdk synth' to generate raw solution outputs
cd "$source_dir"
echo "node_modules/aws-cdk/bin/cdk synth --output=$staging_dist_dir"
npm run build && node_modules/aws-cdk/bin/cdk synth --output=$staging_dist_dir
echo "npm run cdk -- synth --output=$staging_dist_dir"
npm run build
npm run cdk -- synth --output=$staging_dist_dir

# Remove unnecessary output files
echo "cd $staging_dist_dir"
Expand Down Expand Up @@ -110,7 +98,7 @@ echo "find $staging_dist_dir -iname "package-lock.json" -type f -exec rm -f "{}"
find $staging_dist_dir -iname "package-lock.json" -type f -exec rm -f "{}" \; 2> /dev/null

echo "------------------------------------------------------------------------------"
echo "Package Network Firewall Automation node project for Code Build/Deploy stage "
echo "Package Firewall Automation for Network Traffic on AWS node project for Code Build/Deploy stage "
echo "------------------------------------------------------------------------------"
cd $source_dir/networkFirewallAutomation/
npm install
Expand Down
35 changes: 17 additions & 18 deletions source/bin/network-firewall-auto-solution.ts
Original file line number Diff line number Diff line change
@@ -1,17 +1,10 @@
#!/usr/bin/env node
/**
* Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
* with the License. A copy of the License is located at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
* OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
import * as cdk from '@aws-cdk/core';
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0
*/

import { App, DefaultStackSynthesizer } from 'aws-cdk-lib';
import {
NetworkFirewallAutomationStack,
NetworkFirewallAutomationStackProps
Expand All @@ -24,17 +17,23 @@ const SOLUTION_BUCKET = process.env['DIST_OUTPUT_BUCKET'];
const SOLUTION_TMN = process.env['SOLUTION_TRADEMARKEDNAME'];
const SOLUTION_PROVIDER = 'AWS Solution Development';

const app = new cdk.App();
const app = new App();

let NetworkFirewallAutomationStackProperties: NetworkFirewallAutomationStackProps = {
synthesizer: new DefaultStackSynthesizer({
generateBootstrapVersionRule: false
}),
solutionId: SOLUTION_ID,
solutionTradeMarkName: SOLUTION_TMN,
solutionProvider: SOLUTION_PROVIDER,
solutionBucket: SOLUTION_BUCKET,
solutionName: SOLUTION_NAME,
solutionVersion: SOLUTION_VERSION,
description: '(' + SOLUTION_ID + ') - The AWS CloudFormation template' +
' for deployment of the ' + SOLUTION_NAME + ', Version: ' + SOLUTION_VERSION,
}
description: `(${SOLUTION_ID}) - The AWS CloudFormation template for deployment of the ${SOLUTION_NAME}, Version: ${SOLUTION_VERSION}`
};

new NetworkFirewallAutomationStack(app, 'aws-network-firewall-deployment-automations-for-aws-transit-gateway', NetworkFirewallAutomationStackProperties);
new NetworkFirewallAutomationStack(
app,
'firewall-automation-for-network-traffic-on-aws',
NetworkFirewallAutomationStackProperties
);
49 changes: 36 additions & 13 deletions source/jest.config.js
100755 → 100644
Original file line number Diff line number Diff line change
@@ -1,13 +1,36 @@
module.exports = {
"roots": [
"<rootDir>/test"
],
testMatch: [ '**/*.test.ts'],
"transform": {
"^.+\\.tsx?$": "ts-jest"
},
coverageReporters: [
"text",
["lcov", {"projectRoot": "../"}]
]
}
'use strict';
Object.defineProperty(exports, '__esModule', { value: true });
const config = {
clearMocks: false,
collectCoverage: true,
// The directory where Jest should output its coverage files
coverageDirectory: 'coverage',
// An array of regexp pattern strings used to skip coverage collection
coveragePathIgnorePatterns: ['/node_modules/'],
// An array of directory names to be searched recursively up from the requiring module's location
moduleDirectories: ['node_modules'],
// An array of file extensions your modules use
moduleFileExtensions: ['ts', 'json', 'jsx', 'js', 'tsx', 'node'],
// Automatically reset mock state between every test
resetMocks: false,
// The glob patterns Jest uses to detect test files
testMatch: ['**/?(*.)+(spec|test).[t]s?(x)'],
// An array of regexp pattern strings that are matched against all test paths, matched tests are skipped
testPathIgnorePatterns: ['/node_modules/', '/networkFirewallAutomation/'],
// A map from regular expressions to paths to transformers
transform: {
'^.+\\.(t)sx?$': 'ts-jest',
},
// Indicates whether each individual test should be reported during the run
verbose: false,
// An array of glob patterns indicating a set of files for which coverage information should be collected
collectCoverageFrom: [
'./lib/*.ts',
'!**/*.d.ts',
'!**/*.spec.ts',
],
coverageReporters: [['lcov', { projectRoot: '../' }], 'text'],
rootDir: './',
testTimeout: 30000,
};
exports.default = config;
Loading

0 comments on commit ec20b08

Please sign in to comment.