Package com.cloudforgeci.api.core.rules
Class CdnApiSecurityRules
java.lang.Object
com.cloudforgeci.api.core.rules.CdnApiSecurityRules
- All Implemented Interfaces:
FrameworkRules<SystemContext>
@ComplianceFramework(value="CdnApiSecurity",
priority=0,
alwaysLoad=true,
displayName="CDN & API Security",
description="Cross-framework CDN and API Gateway security validation")
public class CdnApiSecurityRules
extends Object
implements FrameworkRules<SystemContext>
CDN and API security compliance validation rules.
These rules enforce CloudFront and API Gateway security requirements across multiple compliance frameworks:
- PCI-DSS - Req 4.1: Encrypt transmission; Req 6.6: WAF protection
- HIPAA - ยง164.312(e)(1): Transmission security
- SOC 2 - CC6.6/CC6.7: Network and data protection
- GDPR - Art.32(1)(a): Encryption of data
Controls Implemented
- CloudFront HTTPS enforcement
- CloudFront WAF integration
- API Gateway access logging
- API Gateway SSL/TLS configuration
- Minimum TLS version enforcement
- Since:
- 3.0.0
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidinstall(SystemContext ctx) Install compliance validation rules into the CDK construct tree.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.cloudforge.core.interfaces.FrameworkRules
alwaysLoad, description, displayName, frameworkId, priority
-
Constructor Details
-
CdnApiSecurityRules
public CdnApiSecurityRules()
-
-
Method Details
-
install
Description copied from interface:FrameworkRulesInstall compliance validation rules into the CDK construct tree.This method is called during CDK synthesis to register validation rules for the compliance framework. Implementations should use
ctx.getNode().addValidation()to add CDK validations.- Specified by:
installin interfaceFrameworkRules<SystemContext>- Parameters:
ctx- the system context containing deployment configuration and CDK stack
-