Classes
Name | Description |
---|---|
AccessConrtolLambda | No description |
AdminRole | No description |
BillingRole | No description |
ComprehendS3olab | Creates the foundation necessary to deploy the S3 Object Lambda Acceess Control Use Case. |
CustSupportRole | No description |
GeneralRole | The role that you are going to assume (switch role). |
LambdaArnCaptorCustomResource | No description |
RedactionLambda | No description |
Structs
Name | Description |
---|---|
AccessConrtolLambdaProps | No description |
AdminRoleProps | No description |
BillingRoleProps | No description |
ComprehendS3olabProps | No description |
CustSupportRoleProps | No description |
GeneralRoleProps | No description |
LambdaArnCaptorResourceProps | No description |
RedactionLambdaProps | No description |
S3AccessPointNames | No description |
Enums
Name | Description |
---|---|
IamRoleName | No description |
Implements: IConstruct, IDependable Extends: Construct
new AccessConrtolLambda(scope: Construct, id: string, props: AccessConrtolLambdaProps)
- scope (
Construct
) No description - id (
string
) No description - props (
AccessConrtolLambdaProps
) No description- confidenceThreshold (
string
) The minimum prediction confidence score above which PII classification and detection would be considered as final answer. Default: '0.5' - containsPiiEntitiesThreadCount (
string
) Number of threads to use for calling Comprehend's ContainsPiiEntities API. Default: '20' - defaultLanguageCode (
string
) Default language of the text to be processed. Default: 'en' - documentMaxSize (
string
) Default maximum document size (in bytes) that this function can process otherwise will throw exception for too large document size. Default: '102400' - documentMaxSizeContainsPiiEntities (
string
) Maximum document size (in bytes) to be used for making calls to Comprehend's ContainsPiiEntities API. Default: '50000' - isPartialObjectSupported (
string
) Whether to support partial objects or not. Default: 'false' - logLevel (
string
) Log level for Lambda function logging, e.g., ERROR, INFO, DEBUG, etc. Default: 'INFO' - maxCharsOverlap (
string
) Maximum characters to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '200' - piiEntityTypes (
string
) List of comma separated PII entity types to be considered for access control. Default: 'ALL' - publishCloudWatchMetrics (
string
) True if publish metrics to Cloudwatch, false otherwise. Default: 'true' - semanticVersion (
string
) The version of the serverless application. Default: '1.0.2' - subsegmentOverlappingTokens (
string
) Number of tokens/words to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '20' - unsupportedFileHandling (
string
) Handling logic for Unsupported files. Default: 'FAIL'
- confidenceThreshold (
Name | Type | Description |
---|---|---|
stackName | string |
The name of the underlying resoure in the serverless application. |
Implements: IConstruct, IDependable Extends: Construct
new AdminRole(scope: Construct, id: string, props?: AdminRoleProps)
- scope (
Construct
) No description - id (
string
) No description - props (
AdminRoleProps
) No description- iamRoleName (
string
) The name of the IAM role. Default: 'RedactionAdminRole' - objectLambdaAccessPointName (
string
) The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'admin-s3olap-call-transcripts-known-pii' - policyName (
string
) The name of the IAM policy for the IAM role. Default: 'admin-role-s3olap-policy'
- iamRoleName (
Name | Type | Description |
---|---|---|
roleArn | string |
The ARN of the IAM role. |
roleId | string |
The unique string identifying the role. |
roleName | string |
The name of the IAM role. |
Implements: IConstruct, IDependable Extends: Construct
new BillingRole(scope: Construct, id: string, props?: AdminRoleProps)
- scope (
Construct
) No description - id (
string
) No description - props (
AdminRoleProps
) No description- iamRoleName (
string
) The name of the IAM role. Default: 'RedactionAdminRole' - objectLambdaAccessPointName (
string
) The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'admin-s3olap-call-transcripts-known-pii' - policyName (
string
) The name of the IAM policy for the IAM role. Default: 'admin-role-s3olap-policy'
- iamRoleName (
Name | Type | Description |
---|---|---|
roleArn | string |
The ARN of the IAM role. |
roleId | string |
The unique string identifying the role. |
roleName | string |
The name of the IAM role. |
Creates the foundation necessary to deploy the S3 Object Lambda Acceess Control Use Case.
Implements: IConstruct, IDependable Extends: Construct
new ComprehendS3olab(scope: Construct, id: string, props: ComprehendS3olabProps)
- scope (
Construct
) No description - id (
string
) No description - props (
ComprehendS3olabProps
) No description- accessControlLambdaConfig (
AccessConrtolLambdaProps
) The parameters needed for theComprehendPiiAccessControlS3ObjectLambda
function. Optional - adminRedactionLambdaConfig (
RedactionLambdaProps
) The parameters of theComprehendPiiRedactionS3ObjectLambda
function for theAdminRole
. Optional - adminRoleConfig (
AdminRoleProps
) The manageable properties for the administrator IAM role in the redaction case. Optional - billingRedactionLambdaConfig (
RedactionLambdaProps
) The parameters of theComprehendPiiRedactionS3ObjectLambda
function for theBillingRole
. Optional - billingRoleConfig (
BillingRoleProps
) The manageable properties for the billing IAM role in the redaction case. Optional - cusrtSupportRedactionLambdaConfig (
RedactionLambdaProps
) The parameters of theComprehendPiiRedactionS3ObjectLambda
function for theCustSupportRole
. Optional - custSupportRoleConfig (
CustSupportRoleProps
) The manageable properties for the customer support IAM role in the redaction case. Optional - exampleFileDir (
string
) The directory path wherefiles/access_control/*.txt
andfiles/redaction/*.txt
will be put. Default: __dirname - generalRoleConfig (
GeneralRoleProps
) The manageable properties for the IAM role used to access thesurvey-results.txt
data. Optional - generateRandomCharacters (
boolean
) For distinguish test and normal deployment. Default: true - s3AccessPointNames (
S3AccessPointNames
) The names of the S3 access points for the access control case and redaction case. Optional - surveyBucketPrefix (
string
) The prefix attached to the name of the S3 bucket where you are going to explore the S3 Object Lambda pertaining to the access control case. Default: 6 random words - transcriptsBucketPrefix (
string
) The prefix attached to the name of the S3 bucket where you are going to explore the S3 Object Lambda pertaining to the redaction case. Default: 6 random words
- accessControlLambdaConfig (
Name | Type | Description |
---|---|---|
adminLambdaArn | string |
The ARN of the Lambda function combined with Amazon Comprehend for thie administrator role in the redaction case. |
billingLambdaArn | string |
The ARN of the Lambda function combined with Amazon Comprehend for thie billing role in the redaction case. |
customerSupportLambdaArn | string |
The ARN of the Lambda function combined with Amazon Comprehend for thie customer support role in the redaction case. |
piiAccessConrtolLambdaArn | string |
The ARN of the Lambda function combined with Amazon Comprehend for the general case. |
s3objectLambdaAccessControlArn | string |
The ARN of the S3 Object Lambda for access control. |
s3objectLambdaAdminArn | string |
The ARN of the S3 Object Lambda for the admin role in the redaction case. |
s3objectLambdaBillingArn | string |
The ARN of the S3 Object Lambda for the billing role in the redaction case. |
s3objectLambdaCustomerSupportArn | string |
The ARN of the S3 Object Lambda for the customer support role in the redaction case. |
generateS3Prefix(length: number): string
- length (
number
) No description
Returns:
string
Implements: IConstruct, IDependable Extends: Construct
new CustSupportRole(scope: Construct, id: string, props?: AdminRoleProps)
- scope (
Construct
) No description - id (
string
) No description - props (
AdminRoleProps
) No description- iamRoleName (
string
) The name of the IAM role. Default: 'RedactionAdminRole' - objectLambdaAccessPointName (
string
) The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'admin-s3olap-call-transcripts-known-pii' - policyName (
string
) The name of the IAM policy for the IAM role. Default: 'admin-role-s3olap-policy'
- iamRoleName (
Name | Type | Description |
---|---|---|
roleArn | string |
The ARN of the IAM role. |
roleId | string |
The unique string identifying the role. |
roleName | string |
The name of the IAM role. |
The role that you are going to assume (switch role).
Explores how the S3 Object Lambda works.
Implements: IConstruct, IDependable Extends: Construct
new GeneralRole(scope: Construct, id: string, props: GeneralRoleProps)
- scope (
Construct
) No description - id (
string
) No description - props (
GeneralRoleProps
) No description- iamRoleName (
string
) The name of the IAM role. Default: 'GeneralRole' - objectLambdaAccessPointName (
string
) The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'accessctl-s3olap-survey-results-unknown-pii' - policyName (
string
) The name of the IAM policy for the IAM role. Default: 'general-role-s3olap-policy'
- iamRoleName (
Name | Type | Description |
---|---|---|
roleArn | string |
The ARN of the IAM role. |
roleId | string |
The unique string identifying the role. |
roleName | string |
The name of the IAM role. |
Implements: IConstruct, IDependable Extends: Construct
new LambdaArnCaptorCustomResource(scope: Construct, id: string, props: LambdaArnCaptorResourceProps)
- scope (
Construct
) No description - id (
string
) No description - props (
LambdaArnCaptorResourceProps
) No description- partialLambdaName (
string
) The partial fixed name of the gemeral Lambda function created from the serverless application. - roleName (
string
) the name of the corresponding IAM role.
- partialLambdaName (
Name | Type | Description |
---|---|---|
lambdaArn | string |
The ARN of the general Lambda function created from the serverless application. |
Implements: IConstruct, IDependable Extends: Construct
new RedactionLambda(scope: Construct, id: string, props?: RedactionLambdaProps)
- scope (
Construct
) No description - id (
string
) No description - props (
RedactionLambdaProps
) No description- confidenceThreshold (
string
) The minimum prediction confidence score above which PII classification and detection would be considered as final answer. Default: '0.5' - containsPiiEntitiesThreadCount (
string
) Number of threads to use for calling Comprehend's ContainsPiiEntities API. Default: '20' - defaultLanguageCode (
string
) Default language of the text to be processed. Default: 'en' - detectPiiEntitiesThreadCount (
string
) Number of threads to use for calling Comprehend's DetectPiiEntities API. Default: '8' - documentMaxSize (
string
) Default maximum document size (in bytes) that this function can process otherwise will throw exception for too large document size. Default: '102400' - documentMaxSizeContainsPiiEntities (
string
) Maximum document size (in bytes) to be used for making calls to Comprehend's ContainsPiiEntities API. Default: '50000' - documentMaxSizeDetectPiiEntities (
string
) Maximum document size (in bytes) to be used for making calls to Comprehend's DetectPiiEntities API. Default: '5000' - isPartialObjectSupported (
string
) Whether to support partial objects or not. Default: 'false' - logLevel (
string
) Log level for Lambda function logging, e.g., ERROR, INFO, DEBUG, etc. Default: 'INFO' - maskCharacter (
string
) A character that replaces each character in the redacted PII entity. Default: '*' - maskMode (
string
) Specifies whether the PII entity is redacted with the mask character or the entity type. Optional - maxCharsOverlap (
string
) Maximum characters to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '200' - piiEntityTypes (
string
) List of comma separated PII entity types to be considered for redaction. Default: 'ALL' - publishCloudWatchMetrics (
string
) True if publish metrics to Cloudwatch, false otherwise. Default: 'true' - semanticVersion (
string
) The version of the serverless application. Default: '1.0.2' - subsegmentOverlappingTokens (
string
) Number of tokens/words to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '20' - unsupportedFileHandling (
string
) Handling logic for Unsupported files. Default: 'FAIL'
- confidenceThreshold (
Name | Type | Description |
---|---|---|
stackName | string |
The name of the underlying resoure in the serverless application. |
Name | Type | Description |
---|---|---|
confidenceThreshold? | string |
The minimum prediction confidence score above which PII classification and detection would be considered as final answer. Default: '0.5' |
containsPiiEntitiesThreadCount? | string |
Number of threads to use for calling Comprehend's ContainsPiiEntities API. Default: '20' |
defaultLanguageCode? | string |
Default language of the text to be processed. Default: 'en' |
documentMaxSize? | string |
Default maximum document size (in bytes) that this function can process otherwise will throw exception for too large document size. Default: '102400' |
documentMaxSizeContainsPiiEntities? | string |
Maximum document size (in bytes) to be used for making calls to Comprehend's ContainsPiiEntities API. Default: '50000' |
isPartialObjectSupported? | string |
Whether to support partial objects or not. Default: 'false' |
logLevel? | string |
Log level for Lambda function logging, e.g., ERROR, INFO, DEBUG, etc. Default: 'INFO' |
maxCharsOverlap? | string |
Maximum characters to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '200' |
piiEntityTypes? | string |
List of comma separated PII entity types to be considered for access control. Default: 'ALL' |
publishCloudWatchMetrics? | string |
True if publish metrics to Cloudwatch, false otherwise. Default: 'true' |
semanticVersion? | string |
The version of the serverless application. Default: '1.0.2' |
subsegmentOverlappingTokens? | string |
Number of tokens/words to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '20' |
unsupportedFileHandling? | string |
Handling logic for Unsupported files. Default: 'FAIL' |
Name | Type | Description |
---|---|---|
iamRoleName? | string |
The name of the IAM role. Default: 'RedactionAdminRole' |
objectLambdaAccessPointName? | string |
The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'admin-s3olap-call-transcripts-known-pii' |
policyName? | string |
The name of the IAM policy for the IAM role. Default: 'admin-role-s3olap-policy' |
Name | Type | Description |
---|---|---|
iamRoleName? | string |
The name of the IAM role. Default: 'RedactionBillingRole' |
objectLambdaAccessPointName? | string |
The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'billing-s3olap-call-transcripts-known-pii' |
policyName? | string |
The name of the IAM policy for the IAM role. Default: 'billing-role-s3olap-policy' |
Name | Type | Description |
---|---|---|
accessControlLambdaConfig? | AccessConrtolLambdaProps |
The parameters needed for the ComprehendPiiAccessControlS3ObjectLambda function.Optional |
adminRedactionLambdaConfig? | RedactionLambdaProps |
The parameters of the ComprehendPiiRedactionS3ObjectLambda function for the AdminRole .Optional |
adminRoleConfig? | AdminRoleProps |
The manageable properties for the administrator IAM role in the redaction case. Optional |
billingRedactionLambdaConfig? | RedactionLambdaProps |
The parameters of the ComprehendPiiRedactionS3ObjectLambda function for the BillingRole .Optional |
billingRoleConfig? | BillingRoleProps |
The manageable properties for the billing IAM role in the redaction case. Optional |
cusrtSupportRedactionLambdaConfig? | RedactionLambdaProps |
The parameters of the ComprehendPiiRedactionS3ObjectLambda function for the CustSupportRole .Optional |
custSupportRoleConfig? | CustSupportRoleProps |
The manageable properties for the customer support IAM role in the redaction case. Optional |
exampleFileDir? | string |
The directory path where files/access_control/*.txt and files/redaction/*.txt will be put.Default: __dirname |
generalRoleConfig? | GeneralRoleProps |
The manageable properties for the IAM role used to access the survey-results.txt data.Optional |
generateRandomCharacters? | boolean |
For distinguish test and normal deployment. Default: true |
s3AccessPointNames? | S3AccessPointNames |
The names of the S3 access points for the access control case and redaction case. Optional |
surveyBucketPrefix? | string |
The prefix attached to the name of the S3 bucket where you are going to explore the S3 Object Lambda pertaining to the access control case. Default: 6 random words |
transcriptsBucketPrefix? | string |
The prefix attached to the name of the S3 bucket where you are going to explore the S3 Object Lambda pertaining to the redaction case. Default: 6 random words |
Name | Type | Description |
---|---|---|
iamRoleName? | string |
The name of the IAM role. Default: 'RedactionCustSupportRole' |
objectLambdaAccessPointName? | string |
The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'custsupport-s3olap-call-transcripts-known-pii' |
policyName? | string |
The name of the IAM policy for the IAM role. Default: 'customersupport-role-s3olap-policy' |
Name | Type | Description |
---|---|---|
iamRoleName? | string |
The name of the IAM role. Default: 'GeneralRole' |
objectLambdaAccessPointName? | string |
The name of the object Lambda access point, which will be the same as the S3 acceess point for the S3 bucket in the demostration. Default: 'accessctl-s3olap-survey-results-unknown-pii' |
policyName? | string |
The name of the IAM policy for the IAM role. Default: 'general-role-s3olap-policy' |
Name | Type | Description |
---|---|---|
partialLambdaName | string |
The partial fixed name of the gemeral Lambda function created from the serverless application. |
roleName | string |
the name of the corresponding IAM role. |
Name | Type | Description |
---|---|---|
confidenceThreshold? | string |
The minimum prediction confidence score above which PII classification and detection would be considered as final answer. Default: '0.5' |
containsPiiEntitiesThreadCount? | string |
Number of threads to use for calling Comprehend's ContainsPiiEntities API. Default: '20' |
defaultLanguageCode? | string |
Default language of the text to be processed. Default: 'en' |
detectPiiEntitiesThreadCount? | string |
Number of threads to use for calling Comprehend's DetectPiiEntities API. Default: '8' |
documentMaxSize? | string |
Default maximum document size (in bytes) that this function can process otherwise will throw exception for too large document size. Default: '102400' |
documentMaxSizeContainsPiiEntities? | string |
Maximum document size (in bytes) to be used for making calls to Comprehend's ContainsPiiEntities API. Default: '50000' |
documentMaxSizeDetectPiiEntities? | string |
Maximum document size (in bytes) to be used for making calls to Comprehend's DetectPiiEntities API. Default: '5000' |
isPartialObjectSupported? | string |
Whether to support partial objects or not. Default: 'false' |
logLevel? | string |
Log level for Lambda function logging, e.g., ERROR, INFO, DEBUG, etc. Default: 'INFO' |
maskCharacter? | string |
A character that replaces each character in the redacted PII entity. Default: '*' |
maskMode? | string |
Specifies whether the PII entity is redacted with the mask character or the entity type. Optional |
maxCharsOverlap? | string |
Maximum characters to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '200' |
piiEntityTypes? | string |
List of comma separated PII entity types to be considered for redaction. Default: 'ALL' |
publishCloudWatchMetrics? | string |
True if publish metrics to Cloudwatch, false otherwise. Default: 'true' |
semanticVersion? | string |
The version of the serverless application. Default: '1.0.2' |
subsegmentOverlappingTokens? | string |
Number of tokens/words to overlap among segments of a document in case chunking is needed because of maximum document size limit. Default: '20' |
unsupportedFileHandling? | string |
Handling logic for Unsupported files. Default: 'FAIL' |
Name | Type | Description |
---|---|---|
admin | string |
The name of the S3 aceess point for the admin role in the redaction case. |
billing | string |
The name of the S3 aceess point for the billing role in the redaction case. |
customerSupport | string |
The name of the S3 aceess point for the customer support role in the redaction case. |
general | string |
The name of the S3 aceess point for the general role in the access control case. |
Name | Description |
---|---|
GENERAL | |
ADMIN | |
BILLING | |
CUST_SUPPORT |