constructor()

in transcribe-ui-backend/provisioning/lib/construct/ip-restriction.ts [8:47]

• 37 lines of code
• 1 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id)

    const ipRange: string[] = scope.node.tryGetContext('allowIpRange')

    const ipSets = new waf.CfnIPSet(this, `${id}-ip-sets`, {
      name: 'Transcribe-WAF-IPsets',
      ipAddressVersion: 'IPV4',
      scope: 'REGIONAL',
      addresses: ipRange
    })

    this.webAcl = new waf.CfnWebACL(this, `${id}-waf`, {
      defaultAction: { block: {} },
      name: 'Transcribe-WAF-WebACL',
      scope: 'REGIONAL',
      visibilityConfig: {
        cloudWatchMetricsEnabled: true,
        sampledRequestsEnabled: true,
        metricName: 'Transcribe-WAF-WebACL'
      },
      rules: [
        {
          name: 'IP-Restriction',
          priority: 0,
          action: { allow: {} },
          visibilityConfig: {
            cloudWatchMetricsEnabled: true,
            sampledRequestsEnabled: true,
            metricName: 'Transcribe-WAF-IP-Restriction'
          },
          statement: {
            ipSetReferenceStatement: {
              arn: ipSets.attrArn
            }
          }
        }
      ]
    })
  }