Fugue.AWS.SNS.Compliance

Module Members

subscriptionNoHttp

(Function)

Type Signature

 fun { references: Optional<List<String>> } -> fun (Subscription) -> Validation
Argument: references
Type: Optional<List<String>>
Returns:
Type: fun ( Subscription) -> Validation

topicDenyHttp

(Function)

This is a stricter validation than snsSubscriptionNoHttp. It requires that we have a policy that denies HTTP receives. This protects the topic from HTTP receives that do not originate from this account.

Type Signature

 fun { references: Optional<List<String>> } -> fun (Topic) -> Validation
Argument: references
Type: Optional<List<String>>
Returns:
Type: fun ( Topic) -> Validation

topicPolicyNotWildcard

(Function)

Type Signature

 fun { references: Optional<List<String>> } -> fun (Topic) -> Validation
Argument: references
Type: Optional<List<String>>
Returns:
Type: fun ( Topic) -> Validation

validateTopicSubscription

(Function)

This function allows you to write validations for a specific topic.

For example if you have a sensitive topic that should not have any HTTP endpoints, you can use:

topic: SNS.Topic.new {
  name: "sensitive",
  region: AWS.Us-east-1
}

validate validateTopicSubscription {
  name: "sensitive",
  validation: fun(endpoint): Validation.error {
    message: "Don't use HTTP",
    when: case endpoint of
    | SNS.Http _ -> True
    | _ -> False
  }
}

Type Signature

 fun { name: String,
       region: Optional<Region>,
       validation: fun (EndpointType) -> Validation} -> fun (Subscription) -> Validation
Argument: name
Type: String
Argument: region
Type: Optional<Region>
Argument: validation
Type: fun ( EndpointType) -> Validation
Returns:
Type: fun ( Subscription) -> Validation