Options
All
  • Public
  • Public/Protected
  • All
Menu

Class GlobalConfig

Accelerator global configuration

Hierarchy

  • GlobalConfig

Implements

Index

Constructors

Properties

Methods

Constructors

constructor

  • new GlobalConfig(props: { homeRegion: string }, values?: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }, configDir?: string, validateConfig?: boolean): GlobalConfig

  • Parameters

    • props: { homeRegion: string }
      • homeRegion: string
    • Optional values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean
    • Optional configDir: string
    • Optional validateConfig: boolean

    Returns GlobalConfig

Properties

Readonly accountNames

accountNames: string[] = []

Account name list

Readonly centralizeCdkBuckets

centralizeCdkBuckets: centralizeCdkBucketsConfig = ...

To indicate workload accounts should utilize the cdk-assets S3 buckets in the managemenet account, you need to provide below value for this parameter.

example
centralizeCdkBuckets:
  enable: true

Readonly cloudwatchLogRetentionInDays

cloudwatchLogRetentionInDays: 3653 = 3653

CloudWatchLogs retention in days, accelerator's custom resource lambda function logs retention period is configured based on this value.

Readonly controlTower

controlTower: ControlTowerConfig = ...

AWS ControlTower configuration

To indicate environment has control tower enabled, you need to provide below value for this parameter.

example
controlTower:
  enable: true

Readonly enabledRegions

enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[] = []

List of AWS Region names where accelerator will be deployed. Home region must be part of this list.

To add us-west-2 along with home region for accelerator deployment, you need to provide below value for this parameter.

example
enabledRegions:
  - *HOME_REGION
  - us-west-2

Private Readonly errors

errors: string[] = []

Readonly homeRegion

homeRegion: string = ''

Accelerator home region name. The region where accelerator pipeline deployed.

To use us-east-1 as home region for the accelerator, you need to provide below value for this parameter. Note: Variable HOME_REGION created for future usage of home region in the file

example
homeRegion: &HOME_REGION us-east-1

Readonly logging

logging: LoggingConfig = ...

Accelerator logging configuration

To enable organization trail and session manager logs sending to S3, you need to provide below value for this parameter.

example
logging:
  account: LogArchive
  cloudtrail:
    enable: false
    organizationTrail: false
    cloudtrailInsights:
      apiErrorRateInsight: true
      apiCallRateInsight: true
  sessionManager:
    sendToCloudWatchLogs: false
    sendToS3: true
  cloudwatchLogs:
    dynamicPartitioning: logging/dynamic-partition.json

Readonly managementAccountAccessRole

managementAccountAccessRole: "AWSControlTowerExecution" = 'AWSControlTowerExecution'

This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.

Examples:

  • AWSControlTowerExecution
  • OrganizationAccountAccessRole

Readonly ouIdNames

ouIdNames: string[] = ...

OUid name list

Readonly reports

reports: undefined | ReportConfig = undefined

Report configuration

To enable budget report along with cost and usage report, you need to provide below value for this parameter.

example
reports:
  costAndUsageReport:
    compression: Parquet
    format: Parquet
    reportName: accelerator-cur
    s3Prefix: cur
    timeUnit: DAILY
    refreshClosedReports: true
    reportVersioning: CREATE_NEW_REPORT
  budgets:
    - name: accel-budget
      timeUnit: MONTHLY
      type: COST
      amount: 2000
      includeUpfront: true
      includeTax: true
      includeSupport: true
      includeSubscription: true
      includeRecurring: true
      includeOtherSubscription: true
      includeDiscount: true
      includeCredit: false
      includeRefund: false
      useBlended: false
      useAmortized: false
      unit: USD
      notification:
      - type: ACTUAL
        thresholdType: PERCENTAGE
        threshold: 90
        comparisonOperator: GREATER_THAN
        subscriptionType: EMAIL
        address: myemail+pa-budg@example.com

Readonly terminationProtection

terminationProtection: true = true

Whether to enable termination protection for this stack.

Static Readonly FILENAME

FILENAME: "global-config.yaml" = 'global-config.yaml'

Global configuration file name, this file must be present in accelerator config repository

Methods

Private checkForArray

  • checkForArray(inputStr: string, errorMessage: string): void

  • Parameters

    • inputStr: string
    • errorMessage: string

    Returns void

Private checkSchema

  • checkSchema(inputStr: string, errorMessage: string): void

  • Parameters

    • inputStr: string
    • errorMessage: string

    Returns void

Private getAccountNames

  • getAccountNames(configDir: string): void

  • Prepare list of Account names from account config file

    Parameters

    • configDir: string

    Returns void

Private getOuIdNames

  • getOuIdNames(configDir: string): void

  • Prepare list of OU ids from organization config file

    Parameters

    • configDir: string

    Returns void

Private isDynamicLogType

  • isDynamicLogType(o: any): o is { logGroupPattern: string; s3Prefix: string }

  • Parameters

    • o: any

    Returns o is { logGroupPattern: string; s3Prefix: string }

Private validateBudgetDeploymentTargetOUs

  • validateBudgetDeploymentTargetOUs(values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }): void

  • Function to validate existence of budget deployment target OUs Make sure deployment target OUs are part of Organization config file

    Parameters

    • values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean

    Returns void

Private validateBudgetNotificationEmailIds

  • validateBudgetNotificationEmailIds(values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }): void

  • Function to validate budget notification email address

    Parameters

    • values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean

    Returns void

Private validateCloudTrailSettings

  • validateCloudTrailSettings(values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }): void

  • Parameters

    • values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean

    Returns void

Private validateCloudWatchDynamicPartition

  • validateCloudWatchDynamicPartition(values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }, configDir: string): void

  • Function to validate CloudWatch Logs Dynamic Partition and enforce format, key-value provided

    Parameters

    • values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean
    • configDir: string

    Returns void

Private validateLifecycleRuleExpiration

  • validateLifecycleRuleExpiration(values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }): void

  • Function to validate S3 lifecycle expiration to be smaller than noncurrentVersionExpiration

    Parameters

    • values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean

    Returns void

Private validateLoggingAccountName

  • validateLoggingAccountName(values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }): void

  • Function to validate existence of logging target account name Make sure deployment target accounts are part of account config file

    Parameters

    • values: { centralizeCdkBuckets: undefined | { enable: boolean; }; cloudwatchLogRetentionInDays: number; controlTower: { enable: boolean; }; enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]; homeRegion: string; logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...; managementAccountAccessRole: string; reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...; terminationProtection: undefined | boolean }
      • centralizeCdkBuckets: undefined | { enable: boolean; }
      • cloudwatchLogRetentionInDays: number
      • controlTower: { enable: boolean; }
      • enabledRegions: ("af-south-1" | "ap-east-1" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ca-central-1" | "cn-north-1" | "cn-northwest-1" | "eu-central-1" | "eu-north-1" | "eu-south-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-gov-east-1" | "us-gov-west-1" | "us-west-1" | "us-west-2" | "us-iso-west-1" | "us-iso-east-1" | "us-isob-east-1")[]
      • homeRegion: string
      • logging: { account: string; cloudtrail: { enable: boolean; organizationTrail: boolean; organizationTrailSettings: { multiRegionTrail: boolean; globalServiceEvents: boolean; managementEvents: boolean; ... 4 more ...; apiCallRateInsight: boolean; } | undefined; accountTrails: { ...; }[] | undefined; lifecycleRules: { ...; }[] ...
      • managementAccountAccessRole: string
      • reports: undefined | { costAndUsageReport: { additionalSchemaElements: string[] | undefined; compression: string; format: string; reportName: string; s3Prefix: string; timeUnit: string; additionalArtifacts: ("REDSHIFT" | ... 1 more ... | "ATHENA")[] | undefined; refreshClosedReports: boolean; reportVersioning: string; lifecycleRules: { ...
      • terminationProtection: undefined | boolean

    Returns void

Static load

  • Load from file in given directory

    Parameters

    • dir: string
    • Optional validateConfig: boolean

    Returns GlobalConfig

Static loadFromString

  • Load from string content

    Parameters

    • content: string

    Returns undefined | GlobalConfig

Generated using TypeDoc