Metadata-Version: 2.1
Name: cdktf-aws-secure
Version: 2.0.1
Summary: High level CDKTF construct to provision secure configurations with AWS
Home-page: https://github.com/shazi7804/cdktf-aws-secure-constructs.git
Author: Scott Liao<shazi7804@gmail.com>
License: Apache-2.0
Project-URL: Source, https://github.com/shazi7804/cdktf-aws-secure-constructs.git
Platform: UNKNOWN
Classifier: Intended Audience :: Developers
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: JavaScript
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Typing :: Typed
Classifier: Development Status :: 5 - Production/Stable
Classifier: License :: OSI Approved
Requires-Python: >=3.6
Description-Content-Type: text/markdown
Requires-Dist: cdktf-cdktf-provider-aws (<2.0.0,>=1.0.59)
Requires-Dist: cdktf (<0.4.0,>=0.3.0)
Requires-Dist: constructs (<4.0.0,>=3.0.0)
Requires-Dist: jsii (<2.0.0,>=1.29.0)
Requires-Dist: publication (>=0.0.3)

[![NPM version](https://badge.fury.io/js/cdktf-aws-secure.svg)](https://badge.fury.io/js/cdktf-aws-secure)
[![PyPI version](https://badge.fury.io/py/cdktf-aws-secure.svg)](https://badge.fury.io/py/cdktf-aws-secure)
![Release](https://github.com/shazi7804/cdktf-aws-secure-constructs/workflows/Release/badge.svg)

# Terraform CDK - AWS Secure constructs

The Level 2 construct can be used to set up your AWS account with the reasonably secure configuration baseline. Internally it uses the [Terraform CDK](https://cdk.tf/) and the [AWS Provider](https://cdk.tf/provider/aws).

## Features

* Account password policies
* Cloudtrail
* Guardduty
* EBS encrypt default
* VPC flow log
* Security Hub
* Enable Config rules above

## Install

Just the constructs

```
npm install cdktf-aws-secure
```

## Examples

```python
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
from constructs import Construct
from cdktf import Resource
from cdktf_aws_secure import secure

class AwsSecure(Resource):
    def __init__(self, scope, name):
        super().__init__(scope, name)

        policy = secure.EnableAccountPasswordPolicy(self, "DefaultAccountPwdPolicy")

        policy.add_config_rule()# and also add Config rule.

        # enable guardduty
        secure.EnableGuardduty(self, "EnableGuardduty")

        # enable cloudtrail
        secure.EnableCloudTrail(self, "EnableCloudTrail")

        # enable ebs encrypt default
        secure.EnableEbsEncryption(self, "EnableEbsEncryption")secure.EnableGuardduty(self, "EnableGuardduty")

        # enable vpc flow log
        secure.EnableVpcFlowLog(self, "EnableVpcFlowLog",
            vpc_id="vpc-0123456789"
        )

        # enable security hub
        secure.EnableSecurityHub(self, "EnableSecurityHub")
```

## Docs

See [API Docs](./API.md)


