CDK Aspect Integration

Name: CDK Insights
Author: CDK Insights

Enhance your CDK analysis with the CDK Insights Aspect. Get deeper insights, source location mapping, and CDK-specific recommendations.

What is the CDK Aspect?

The CDK Insights Aspect is a CDK construct that integrates directly with your CDK application to provide enhanced analysis capabilities. Unlike basic analysis that only examines the generated CloudFormation templates, the aspect provides:

Direct access to your CDK constructs and their properties
Source location mapping (exact file and line numbers)
CDK-specific best practices and patterns
Context-aware recommendations
Reduced false positives through construct understanding

Key Benefits

Source Location Mapping

Pinpoint exactly where issues occur in your CDK code

File path and line number for each issue

Direct links to problematic constructs

Context-aware recommendations

Enhanced Analysis

Deeper insights into your CDK constructs and patterns

Construct-level analysis

CDK-specific best practices

Pattern recognition and suggestions

Better Security

More accurate security analysis with construct context

Context-aware security rules

CDK construct-specific vulnerabilities

Improved false positive reduction

Basic vs Enhanced Analysis

Feature	Basic Analysis	Enhanced Analysis
Source Location	Limited (CloudFormation resource only)	✅ Exact file path and line number
Construct Analysis	Basic CloudFormation analysis	✅ CDK construct-specific insights
Issue Context	Generic recommendations	✅ Context-aware suggestions
CDK Best Practices	Limited CDK-specific rules	✅ Comprehensive CDK patterns

Installation & Setup

Install CDK Insights

Add CDK Insights to your project

npm install --save-dev cdk-insights

Import the Aspect

Import the CdkInsightsAspect in your app

import { CdkInsightsAspect } from 'cdk-insights';
import { Aspects } from 'aws-cdk-lib';

Add to your App

Apply the aspect to your CDK app

const app = new cdk.App();

// Add CDK Insights aspect for enhanced analysis
Aspects.of(app).add(new CdkInsightsAspect());

Run Analysis

Run CDK Insights as usual

npx cdk-insights scan

Output Comparison

Basic Analysis

🔴 CRITICAL: S3 bucket has public read access

Resource: MyBucket

Recommendation: Remove public access

Enhanced Analysis

🔴 CRITICAL: S3 bucket has public read access

Resource: MyBucket

Location: lib/my-stack.ts:15

Construct: s3.Bucket

Recommendation: Remove public access or use private bucket

Context: Consider using s3.BlockPublicAccess.BLOCK_ALL

Best Practices

Add to All Environments

Include the aspect in all your CDK apps (dev, staging, production) for consistent analysis.

Use in CI/CD Pipelines

Integrate CDK Insights with aspect into your CI/CD pipeline for automated analysis.

Regular Analysis

Run analysis regularly to catch issues early and maintain code quality.

Ready to Enhance Your Analysis?

Add the CDK Insights Aspect to your project for deeper insights and better recommendations.

CI/CD Integration Configuration Guide