Output Formats
CDK Insights offers multiple output formats to fit your workflow. Choose from table, JSON, markdown, summary, SARIF, or GitHub Actions formats for different use cases.
š Output Behavior Guide
Terminal Output
Table and Summary formats display results directly in your terminal. No files are created.
File Output
JSON and Markdown formats create files in your project directory. Results are not shown in terminal.
Available Output Formats
CDK Insights supports six different output formats, each optimized for specific use cases:
- Table - Human-readable format perfect for terminal output
- JSON - Structured format ideal for automation and integration
- Markdown - Documentation-friendly format for reports and GitHub
- Summary - Concise format focusing on critical issues and metrics
- SARIF - Security tool format for GitHub Code Scanning integration
- GitHub Actions - Workflow commands for PR annotations
You can specify the output format using the --output flag.
Format Details
Table Format
Human-readable table format perfect for terminal output and quick reviews
Best For
- Quick reviews
- Terminal output
- Development workflow
Command
npx cdk-insights scan --output tableā Displays in terminal - no files created
Output: Terminal-only ā¢ Files: No files created
Example Output
āāāāāāāāāāāāāāā¬āāāāāāāāāāāāāāā¬āāāāāāāāāāā¬āāāāāāāāāā¬āāāāāāāāāāāāāāāāāāāāāāāāāā¬āāāāāāāāāāāāāāā ā Resource ā Stack ā Severity ā Service ā Issue ā Location ā āāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāā¼āāāāāāāāāāā¼āāāāāāāāāā¼āāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāā¤ ā MyBucket ā MyStack ā š“ CRIT ā S3 ā Public read access ā lib/stack.ts ā ā MyRole ā MyStack ā š HIGH ā IAM ā Overly permissive ā lib/stack.ts ā ā MyFunction ā MyStack ā š” MED ā Lambda ā High memory allocation ā lib/stack.ts ā āāāāāāāāāāāāāāā“āāāāāāāāāāāāāāā“āāāāāāāāāāā“āāāāāāāāāā“āāāāāāāāāāāāāāāāāāāāāāāāāā“āāāāāāāāāāāāāāā
JSON Format
Structured JSON output ideal for automation and integration with other tools
Best For
- CI/CD pipelines
- API integration
- Automated processing
Command
npx cdk-insights scan --output jsonā ļø Outputs to file only - not displayed in terminal
Output: File-based ā¢ Files: Creates {stackName}_analysis_report.json
Example Output
{
"summary": {
"totalIssues": 15,
"critical": 3,
"high": 5,
"medium": 4,
"low": 3
},
"issues": [
{
"resource": "MyBucket",
"stack": "MyStack",
"severity": "CRITICAL",
"service": "S3",
"issue": "S3 bucket has public read access",
"location": "lib/stack.ts:15",
"recommendation": "Remove public access or use private bucket"
}
]
}Markdown Format
Markdown format perfect for documentation, reports, and GitHub integration
Best For
- Documentation
- GitHub issues
- Team reports
Command
npx cdk-insights scan --output markdownā ļø Outputs to file only - not displayed in terminal
Output: File-based ā¢ Files: Creates {stackName}_analysis_report.md
Example Output
# CDK Insights Analysis Report ## Summary - **Total Issues**: 15 - **Critical**: 3 - **High**: 5 - **Medium**: 4 - **Low**: 3 ## Critical Issues ### MyBucket (S3) - **Stack**: MyStack - **Location**: lib/stack.ts:15 - **Issue**: S3 bucket has public read access - **Recommendation**: Remove public access or use private bucket
Summary Format
Concise summary format showing only high-level statistics and critical issues
Best For
- Quick overviews
- Status checks
- CI/CD status
Command
npx cdk-insights scan --output summaryā Displays in terminal - no files created
Output: Terminal-only ā¢ Files: No files created
Example Output
CDK Insights Analysis Summary ================================ š Total Issues: 15 š“ Critical: 3 š High: 5 š” Medium: 4 š¢ Low: 3 šØ Critical Issues Found: - MyBucket: Public read access (lib/stack.ts:15) - MyRole: Overly permissive policies (lib/stack.ts:25) - MyFunction: High memory allocation (lib/stack.ts:35) ā ļø Analysis completed with critical issues found.
SARIF Format
Static Analysis Results Interchange Format for GitHub Code Scanning and other security tools
Best For
- GitHub Code Scanning
- Security tools integration
- IDE integrations
Command
npx cdk-insights scan --output sarifā ļø Outputs to file only - for security tool integration
Output: File-based ā¢ Files: Creates {stackName}_analysis_report.sarif per stack, plus consolidated_analysis_report.sarif when analyzing multiple stacks
Example Output
{
"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
"version": "2.1.0",
"runs": [{
"tool": {
"driver": {
"name": "CDK Insights",
"version": "0.13.0"
}
},
"results": [{
"ruleId": "S3-PUBLIC-ACCESS",
"level": "error",
"message": {
"text": "S3 bucket has public read access"
},
"locations": [{
"physicalLocation": {
"artifactLocation": { "uri": "lib/stack.ts" },
"region": { "startLine": 15 }
}
}]
}]
}]
}GitHub Actions Format
GitHub Actions workflow commands format for annotations in PR checks
Best For
- GitHub Actions workflows
- PR check annotations
- CI/CD pipelines
Command
npx cdk-insights scan --output github-actionsā Outputs workflow commands to terminal
Output: Terminal-only ā¢ Files: No files created. When analyzing multiple stacks, a consolidated summary is generated across all stacks
Example Output
::error file=lib/stack.ts,line=15,title=S3 Public Access::S3 bucket has public read access. Remove public access or use private bucket. ::warning file=lib/stack.ts,line=25,title=IAM Permissions::Overly permissive IAM policy. Apply least privilege principle. ::notice file=lib/stack.ts,line=35,title=Lambda Memory::High memory allocation for Lambda function.
Use Case Recommendations
Development Workflow
Quick analysis during development
Easy to read in terminal, shows all details at a glance
npx cdk-insights scan --output tableCI/CD Pipeline
Automated analysis in continuous integration
Structured data for programmatic processing and decision making
npx cdk-insights scan --output json --fail-on-criticalGitHub Integration
Creating issues from analysis results
GitHub-friendly format that can be directly posted as issue content
npx cdk-insights scan --output markdown --with-issueTeam Reporting
Sharing results with team members
Professional format suitable for documentation and team communication
npx cdk-insights scan --output markdown > analysis-report.mdStatus Monitoring
Quick health checks and monitoring
Concise format focusing on critical issues and high-level metrics
npx cdk-insights scan --output summaryGitHub Code Scanning
Security vulnerability tracking in GitHub Security tab
Industry-standard format integrated with GitHub Code Scanning
npx cdk-insights scan --output sarifAdvanced Output Options
Save to File
Redirect output to a file for later review or sharing:
npx cdk-insights scan --output markdown > analysis-report.mdCombine with Other Options
Output formats work with all other CDK Insights options:
npx cdk-insights scan --all --output json --fail-on-criticalnpx cdk-insights scan MyStack --output markdown --with-issueDefault Format
If no format is specified, CDK Insights uses table format by default:
npx cdk-insights scan # Uses table formatChoose Your Output Format
Experiment with different output formats to find the one that works best for your workflow.