⚠️ Important: This solution requires the use of AWS CodeCommit, which is no longer available to new customers. Existing customers of AWS CodeCommit can continue using and deploying this AWS Solution as normal. ⚠️
Centralized Network Inspection on AWS | 🚧 Feature request | 🐛 Bug Report
Note: If you want to use the solution without building from source, navigate to Solution Landing Page
Solution for Centralized Network Inspection on AWS.
Build the CDK code
cd source/
npm run build
Build the Centralized Network Inspection Solution CodeBuild source code
cd source/centralizedNetworkInspection
tsc
Build the templates for custom deployments
cd deployments/
chmod +x ./build-s3-dist.sh
./build-s3-dist.sh [SOLUTION_DIST_BUCKET] centralized-network-inspection [VERSION_ID]
Run the unit tests
cd <rootDir>/deployment
chmod +x ./run-unit-tests.sh
./run-unit-tests.sh
Follow the steps for deploying your custom version of the solution.
Once the above steps are completed, use the file ./deployment/global-s3-assets/centralized-network-inspection-on-aws.template to create a stack in CloudFormation.
centralized-network-inspection-on-aws consists of:
File Structure
|-deployment/ |build-s3-dist.sh/ [ Build script for create the distribution for the solution.] |-source/ |-bin/ |-centralized-network-inspection-solution.ts [ entry point for CDK app ] |-test/ [ unit tests for CDK constructs ] |-centralized-network-inspection-solution.test.ts [CDK construct for the solution.] |-__snapshots__ |-centralized-network-inspection-solution.test.ts.snap [CDK construct template snapshot of unit testing.] |-lib/ |-centralized-network-inspection.stack.ts [ CDK construct for the solution. ] |-centralizedNetworkInspection |-__tests__ |-firewall-test-configuration |-firewalls |-firewall-invalid.json |-firewall-nopolicy.json |-firewall-example.json |-firewallPolicies |-firewall-invalid-policy.json |-firewall-policy-2.json |-firewall-policy.example.json |-ruleGroups |-stateless-pass-action.example.json |-stateless-fwd-to-stateful.example.json |-stateful-domainblock.example.json |-drop.rules |-suricata-rule-reference.json |-network-firewall-service.spec.ts |-ec2-manager.spec.ts |-firewall-config-validation.spec.ts |-network-firewall-manager.spec.ts |-send-metrics.spec.ts |-config |-examples |-firewalls |-firewall.example.json |-firewallPolicies |-firewall-policy.example.json |-ruleGroups |-stateless-pass-action.example.json |-stateless-fwd-to-stateful.example.json |-stateful-domainblock.example.json |-drop.rules |-suricata-rule-reference.json |-firewallPolicies |-firewall-policy-1.json |-firewalls |-firewall-1.json |-lib |-ec2-manager.ts |-network-firewall-manager.ts |-common |-configReader |-config-reader.ts |-logger.ts |-stringUtils.ts |-firewall-config-validation.ts |-send-metrics.ts |-service |-awsClientConfig.ts |-ec2-service.ts |-network-firewall-service.ts |-build.ts |-index.ts |-config_files [ tsconfig, jest.config.js, package.json etc. ] |-config_files [ tsconfig, cdk.json, package.json etc. ] |-run-all-tests.sh |-buildspec.yml |-architecture.yml |-CHANGELOG.md |-CODE_OF_CONDUCT.md |-LICENSE.txt |-CONTRIBUTING.md |-NOTICE.txt
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: Apache-2.0
See LICENSE
This solution collects anonymized operational metrics to help AWS improve the quality and features of the solution. For more information, including how to disable this capability, please see the implementation guide.