All exports are available from a single entry point:
import { CloudBurnClient, builtInRuleMetadata, parseIaC, assertValidAwsRegion, isAwsDiscoveryErrorCode, awsCorePreset } from '@cloudburn/sdk';
Exports
| Export | Kind | Description |
|---|---|---|
CloudBurnClient | class | Main SDK entry point |
builtInRuleMetadata | constant | Array of all built-in rule metadata |
parseIaC | function | Standalone IaC parser |
assertValidAwsRegion | function | Region validator |
isAwsDiscoveryErrorCode | function | Type guard for discovery error codes |
awsCorePreset | constant | Default AWS rule preset (re-exported from @cloudburn/rules) |
CloudBurnClient
The main SDK class. See CloudBurnClient reference for full documentation.
import { CloudBurnClient } from '@cloudburn/sdk';
const client = new CloudBurnClient();
builtInRuleMetadata
An array of BuiltInRuleMetadata objects describing all rules that ship with CloudBurn. This is a plain serializable array — no class instances, safe to JSON.stringify.
import { builtInRuleMetadata } from '@cloudburn/sdk';
// List all AWS EC2 rules
const ec2Rules = builtInRuleMetadata.filter(
(rule) => rule.provider === 'aws' && rule.service === 'ec2'
);
for (const rule of ec2Rules) {
console.log(`${rule.id}: ${rule.name}`);
}
Each entry is typed as BuiltInRuleMetadata:
type BuiltInRuleMetadata = {
id: string;
name: string;
description: string;
provider: CloudProvider;
service: string;
supports: Source[];
};
See Rules for a browsable list of all built-in rules.
parseIaC
Parses IaC files and returns structured resource objects without running any rules.
parseIaC(
path: string,
options?: {
provider?: CloudProvider;
}
): Promise<IaCResource[]>
Parameters:
| Parameter | Type | Description |
|---|---|---|
path | string | Path to a directory or file containing IaC code |
options.provider | CloudProvider | Limit parsing to a specific cloud provider |
Returns: Promise<IaCResource[]>
Each IaCResource includes the resource type, name, attributes, and source location.
Example:
import { parseIaC } from '@cloudburn/sdk';
const resources = await parseIaC('./infrastructure');
for (const resource of resources) {
console.log(`${resource.provider}/${resource.type} "${resource.name}"`);
if (resource.location) {
console.log(` at ${resource.location.path}:${resource.location.line}`);
}
}
assertValidAwsRegion
Validates an AWS region string. Throws a TypeError if the value is not a recognized AWS region.
assertValidAwsRegion(region: unknown): asserts region is string
Use this to validate user-supplied or environment-supplied region values before passing them to SDK methods.
Throws: TypeError with a descriptive message if the region is invalid.
Example:
import { assertValidAwsRegion } from '@cloudburn/sdk';
const region = process.env.AWS_REGION;
assertValidAwsRegion(region); // throws if region is undefined or invalid
// region is now typed as string
const result = await client.discover({ target: { mode: 'region', region } });
isAwsDiscoveryErrorCode
Type guard that checks whether a string is a known CloudBurn discovery error code.
isAwsDiscoveryErrorCode(code: unknown): code is string
Returns: true if code is a recognized discovery error code.
Use this to handle specific discovery errors in ScanDiagnostic.code:
import { isAwsDiscoveryErrorCode } from '@cloudburn/sdk';
const result = await client.discover();
for (const diag of result.diagnostics ?? []) {
if (diag.code && isAwsDiscoveryErrorCode(diag.code)) {
console.error(`Discovery error [${diag.code}]: ${diag.message}`);
}
}
Known error codes include codes for Resource Explorer not enabled, insufficient permissions, and region access issues.
awsCorePreset
The default AWS rule preset, re-exported from @cloudburn/rules. Contains the set of rules enabled by default for AWS discovery and IaC scans.
import { awsCorePreset } from '@cloudburn/sdk';
console.log(`Default rule count: ${awsCorePreset.rules.length}`);
What's next
| Rules | Browse all built-in rules (referenced by builtInRuleMetadata) |
| Types Reference | Full type definitions |
| CloudBurnClient | Method reference |