constructor()

in source/lib/ssmplaybook.ts [60:118]

• 49 lines of code
• 10 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props: IssmPlaybookProps) {
    super(scope, id);
    
    let scriptPath = ''
    if (props.scriptPath == undefined ) {
        scriptPath = `${props.ssmDocPath}/scripts`
    } else {
        scriptPath = props.scriptPath
    }

    let illegalChars = /[\.]/g;

    const enableParam = new cdk.CfnParameter(this, 'Enable ' + props.controlId, {
        type: "String",
        description: `Enable/disable availability of remediation for ${props.securityStandard} version ${props.securityStandardVersion} Control ${props.controlId} in Security Hub Console Custom Actions. If NOT Available the remediation cannot be triggered from the Security Hub console in the Security Hub Admin account.`,
        default: "Available",
        allowedValues: ["Available", "NOT Available"]
    })
    enableParam.overrideLogicalId(`${props.securityStandard}${props.controlId.replace(illegalChars, '')}Active`)

    const installSsmDoc = new cdk.CfnCondition(this, 'Enable ' + props.controlId + ' Condition', {
        expression: cdk.Fn.conditionEquals(enableParam, "Available")
    })

    let ssmDocName = `SHARR-${props.securityStandard}_${props.securityStandardVersion}_${props.controlId}`
    let ssmDocFQFileName = `${props.ssmDocPath}/${props.ssmDocFileName}`
    let ssmDocType = props.ssmDocFileName.substr(props.ssmDocFileName.length - 4).toLowerCase()

    let ssmDocIn = fs.readFileSync(ssmDocFQFileName, 'utf8')

    let ssmDocOut: string = ''
    const re = /^(?<padding>\s+)%%SCRIPT=(?<script>.*)%%/

    for (let line of ssmDocIn.split('\n')) {
        let foundMatch = re.exec(line)
        if (foundMatch && foundMatch.groups && foundMatch.groups.script) {
            let scriptIn = fs.readFileSync(`${scriptPath}/${foundMatch.groups.script}`, 'utf8')
            for (let scriptLine of scriptIn.split('\n')) {
                ssmDocOut += foundMatch.groups.padding + scriptLine + '\n'
            }
        } else {
            ssmDocOut += line + '\n'
        }
    }

    let ssmDocSource = undefined
    if (ssmDocType == 'json') {
        ssmDocSource = JSON.parse(ssmDocOut)
    } else if (ssmDocType == 'yaml') {
        ssmDocSource = yaml.load(ssmDocOut)
    }

    const AutoDoc = new ssm.CfnDocument(this, 'Automation Document', {
        content: ssmDocSource,
        documentType: 'Automation',
        name: ssmDocName
    })
    AutoDoc.cfnOptions.condition = installSsmDoc
  }