All Classes and Interfaces
Class
Description
Advanced security monitoring and compliance dashboard validation rules.
Creates CloudWatch alarms for application health monitoring.
Configuration properties for alarm creation.
ALB Factory using annotation-based context injection.
Universal factory class for deploying any application using ApplicationSpec.
Container for application system components created by the factory.
Application metadata for display and configuration purposes.
Auto-discovery utility for ApplicationSpec implementations using Java ServiceLoader.
Application-level OIDC Authentication Factory.
Marks a class as a pluggable application specification.
Application SAML Factory - configures SAML authentication for applications.
Universal application service topology configuration.
Application specification interface defining application-specific configuration.
Optional service port that can be enabled via deployment configuration.
Maps compliance controls to AWS infrastructure monitoring and Audit Manager evidence.
Framework-specific control mapping.
Central registry mapping infrastructure controls to multiple compliance frameworks.
Authentication mode for application access control.
AWS Config managed rules mapped to ComplianceMatrix SecurityControls.
AWS Regions enumeration with metadata for disaster recovery and compliance.
Geographic areas for data residency requirements.
Factory for creating AWS Backup resources for EFS and RDS.
Base class for factory classes that provides convenient access to SystemContext,
DeploymentContext, and SecurityProfileConfiguration.
Validates that maxCapacity >= minCapacity for scaling configurations.
Maps cdk-nag rule IDs to CloudForge SecurityControl enums for unified compliance reporting.
CDN and API security compliance validation rules.
CloudFormation string utilities using intrinsic functions.
Manages AWS Cognito User Pools for OIDC authentication.
OIDC configuration for Amazon Cognito User Pools.
Cognito SAML Factory for applications requiring SAML authentication.
Factory for creating compliance and audit resources (CloudTrail, AWS Config, AWS Audit Manager).
Marks a class as a pluggable compliance framework validator.
Jackson serializer/deserializer for converting between comma-separated strings
and
List<ComplianceFrameworkType>.Deserializes a comma-separated string to
List<ComplianceFrameworkType>.Serializes
List<ComplianceFrameworkType> to a comma-separated string.Defines the supported compliance frameworks for CloudForge deployments.
Multi-framework compliance control mapping matrix.
Framework-specific requirement with enforcement level.
Requirement enforcement level for a control within a compliance framework.
Security control definitions mapped to framework requirements.
Validation result for a control check.
Compliance validation mode controlling how validation failures are handled.
Represents a compliance rule with its validation status and AWS Config rule mapping.
Compute security compliance validation rules.
Marks a field in DeploymentConfig as user-configurable with metadata for
automatic prompt generation, validation, and JSON schema generation.
Runtime metadata for a configuration field discovered via introspection.
Discovers and filters configuration fields using reflection and annotations.
General configuration validation rules that apply to all deployments.
Standalone utility for injecting context values into annotated fields.
Database security compliance validation rules.
Database specification interface for applications requiring external databases.
Database connection information provided to applications.
Database requirement specification.
Resolves default values for configuration fields using layered priority.
Universal deployment configuration for CloudForge applications.
Annotation to extract specific values from DeploymentContext.
Typed configuration interface for CDK deployment context.
Development security configuration with relaxed security settings.
Development security profile configuration with minimal security constraints.
Domain Factory using annotation-based context extraction.
Drone CI ApplicationSpec implementation.
Runtime context information for EC2 UserData configuration.
Implementation of Ec2Context providing runtime information for UserData configuration.
Factory for creating EC2-based Jenkins compute infrastructure.
Factory for creating EFS file systems with support for persistence and reuse.
Elastic Load Balancer security compliance validation rules.
Extended IAM configuration with broader permissions for development.
Validates AWS Fargate CPU/memory combinations.
Factory for creating Fargate-based Jenkins compute infrastructure.
Field equality check for visibility conditions.
Tags that describe the impact and characteristics of configuration field changes.
Custom validator for configuration field cross-field validation.
VPC Flow Log Factory using annotation-based context injection.
Discovers and loads compliance framework validators using Java ServiceLoader.
Interface for pluggable compliance framework validators.
GDPR organizational and data protection validation rules.
GDPR (General Data Protection Regulation) compliance validation.
Gitea ApplicationSpec implementation.
GitLab ApplicationSpec implementation.
OIDC integration for GitLab using OmniAuth OpenID Connect.
Grafana ApplicationSpec implementation.
OIDC integration for Grafana using generic_oauth provider.
Factory for AWS GuardDuty threat detection and compliance automation.
Harbor Container Registry ApplicationSpec implementation.
HIPAA organizational and administrative safeguard validation rules.
HIPAA Security Rule compliance validation.
IAM Configuration interface that extends the base BaseConfiguration interface.
Example demonstrating how to use the IAM Rules system with different permission profiles.
IAM Profile enum defining different levels of permissions for AWS resources.
Maps Security Profiles to appropriate IAM Profiles following security best practices.
IAM security compliance validation rules.
Identity Center Factory for AWS IAM Identity Center (formerly AWS SSO) setup.
OIDC configuration for AWS IAM Identity Center (formerly AWS SSO).
IAM Identity Center SAML Factory for automated SAML 2.0 application provisioning.
Incident response and disaster recovery compliance validation rules.
Interactive prompting utility that generates questions from @ConfigField annotations.
ISO/IEC 27001:2022 Information Security Management compliance validation.
Jenkins ApplicationSpec implementation.
Deprecated, for removal: This API element is subject to removal in a future version.
OIDC integration for Jenkins using the OpenID Connect Authentication Plugin.
Keycloak SAML Bridge Factory.
Key Management compliance validation rules.
Lambda security compliance validation rules.
Load balancer type for application ingress.
CloudWatch Logging Factory using annotation-based context injection.
Mattermost Enterprise Edition ApplicationSpec implementation.
OIDC integration for Mattermost Team Edition using GitLab OAuth provider.
OIDC integration for Mattermost using native OpenID Connect.
SAML 2.0 integration for Mattermost.
Mattermost Team Edition ApplicationSpec implementation (FREE).
Messaging security compliance validation rules.
Metabase Business Intelligence ApplicationSpec implementation.
SAML integration for Metabase (Pro/Enterprise editions).
Migration guide for converting existing factory classes to use annotation-based context injection.
Minimal IAM configuration with least privilege permissions.
Network topology mode for VPC configuration.
Sonatype Nexus Repository Manager ApplicationSpec implementation.
OIDC Authentication Factory for ALB-based authentication with AWS IAM Identity Center.
OIDC configuration for application-level authentication.
Application-level OIDC integration interface.
PCI-DSS compliance validation rules.
Permission Matrix defining the minimum required permissions for each topology/runtime combination.
Validation result containing success status and any issues found.
PostgreSQL ApplicationSpec implementation.
Production security configuration with hardened security settings.
Production security profile configuration with comprehensive security measures.
Prometheus ApplicationSpec implementation.
Factory for provisioning AWS RDS database instances based on DatabaseSpec requirements.
Redis ApplicationSpec implementation.
Utility for converting integer day values to AWS CDK RetentionDays enum.
Defines the compute runtime environments supported by CloudForge.
Example demonstrating how to use the Security Rules system with different security profiles.
Factory for creating security monitoring and alerting configurations.
Defines the security profile levels for CloudForge deployments.
Annotation to extract specific values from SecurityProfileConfiguration.
Configuration interface for security profile settings.
Example demonstrating how to access SecurityProfileConfiguration from SystemContext.
Factory for creating security profile-based observability configurations.
Security rules installation and compliance framework orchestration.
Registry for shared/account-level resources that should be reused across stacks.
SOC 2 (Service Organization Control 2) Trust Services Criteria compliance validation.
Staging security configuration with moderate security settings.
Staging security profile configuration for pre-production environments.
Standard IAM configuration with balanced permissions.
Apache Superset Business Intelligence ApplicationSpec implementation.
Annotation to extract specific values from SystemContext.
Container for domain and SSL factories.
Container for infrastructure factories created by the orchestration layer.
Container for complete Jenkins deployment.
Container for Jenkins-specific factories.
Container for complete S3 + CloudFront deployment.
Container for S3 and CloudFront factories.
Threat protection compliance validation rules.
Defines the deployment topology patterns supported by CloudForge.
Builder interface for constructing EC2 UserData scripts.
Implementation of UserDataBuilder that generates bash commands for EC2 UserData scripts.
Result of field validation.
HashiCorp Vault ApplicationSpec implementation.
Visibility condition expression language for configuration fields.
Example expressions for testing and documentation.
Evaluates visibility expressions for configuration fields.
Factory for creating VPC (Virtual Private Cloud) infrastructure.
Factory for creating AWS WAF WebACL resources.