/
receipt-filter.ts
110 lines (97 loc) · 2.4 KB
/
receipt-filter.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
import { Construct } from 'constructs';
import { CfnReceiptFilter } from './ses.generated';
import { Resource } from '../../core';
/**
* The policy for the receipt filter.
*/
export enum ReceiptFilterPolicy {
/**
* Allow the ip address or range.
*/
ALLOW = 'Allow',
/**
* Block the ip address or range.
*/
BLOCK = 'Block',
}
/**
* Construction properties for a ReceiptFilter.
*/
export interface ReceiptFilterProps {
/**
* The name for the receipt filter.
*
* @default a CloudFormation generated name
*/
readonly receiptFilterName?: string;
/**
* The ip address or range to filter.
*
* @default 0.0.0.0/0
*/
readonly ip?: string;
/**
* The policy for the filter.
*
* @default Block
*/
readonly policy?: ReceiptFilterPolicy;
}
/**
* A receipt filter. When instantiated without props, it creates a
* block all receipt filter.
*/
export class ReceiptFilter extends Resource {
constructor(scope: Construct, id: string, props: ReceiptFilterProps = {}) {
super(scope, id, {
physicalName: props.receiptFilterName,
});
new CfnReceiptFilter(this, 'Resource', {
filter: {
ipFilter: {
cidr: props.ip || '0.0.0.0/0',
policy: props.policy || ReceiptFilterPolicy.BLOCK,
},
name: this.physicalName,
},
});
}
}
/**
* Construction properties for am AllowListReceiptFilter.
*/
export interface AllowListReceiptFilterProps {
/**
* A list of ip addresses or ranges to allow list.
*/
readonly ips: string[];
}
/**
* An allow list receipt filter.
*/
export class AllowListReceiptFilter extends Construct {
constructor(scope: Construct, id: string, props: AllowListReceiptFilterProps) {
super(scope, id);
new ReceiptFilter(this, 'BlockAll');
props.ips.forEach(ip => {
new ReceiptFilter(this, `Allow${ip.replace(/[^\d]/g, '')}`, {
ip,
policy: ReceiptFilterPolicy.ALLOW,
});
});
}
}
/**
* Construction properties for a WhiteListReceiptFilter.
* @deprecated use `AllowListReceiptFilterProps`
*/
export interface WhiteListReceiptFilterProps extends AllowListReceiptFilterProps { }
/**
* An allow list receipt filter.
* @deprecated use `AllowListReceiptFilter`
*/
export class WhiteListReceiptFilter extends AllowListReceiptFilter {
constructor(scope: Construct, id: string, props: WhiteListReceiptFilterProps) {
super(scope, id, props);
}
}