@fjall/components-infrastructure 0.1.10 → 0.1.11

package/dist/lib/resources/aws/database/databaseInstance.d.ts

@@ -0,0 +1,17 @@
+import { Connections, IConnectable, SecurityGroup, Vpc } from "aws-cdk-lib/aws-ec2";
+import { Construct } from "constructs";
+import { StackBuilder } from "../awsStack";
+import { KeyValue } from "../../../types";
+interface DatabaseProps {
+    vpc: Vpc;
+    tags: KeyValue | undefined;
+}
+export default class Database extends Construct implements IConnectable {
+    private readonly resource;
+    connections: Connections;
+    databaseSecurityGroup: SecurityGroup;
+    databaseSecretName: string;
+    constructor(scope: Construct, id: string, props: DatabaseProps);
+    static build(id: string, props?: Partial<DatabaseProps>): (sb: StackBuilder) => Construct;
+}
+export {};

package/dist/lib/resources/aws/database/databaseInstance.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const constructs_1 = require("constructs");
+const rdsInstance_1 = require("./rdsInstance");
+class Database extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.resource = new rdsInstance_1.default(scope, `${id}Rds`, {
+            vpc: props.vpc,
+            databaseName: id.replace("Database", ""),
+            readReplica: true,
+            tags: props.tags || {}
+        });
+        this.connections = this.resource.connections;
+        this.databaseSecurityGroup = this.resource.databaseSecurityGroup;
+    }
+    //todo: move to generic 'resource' class
+    static build(id, props) {
+        return (sb) => {
+            const newProps = {
+                ...props,
+                ...{
+                    vpc: sb.getNetwork() || props?.vpc,
+                    tags: props?.tags
+                }
+            };
+            return new this(sb.getStack(), id, newProps);
+        };
+    }
+}
+exports.default = Database;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGF0YWJhc2VJbnN0YW5jZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2RhdGFiYXNlL2RhdGFiYXNlSW5zdGFuY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFNQSwyQ0FBdUM7QUFHdkMsK0NBQWdDO0FBUWhDLE1BQXFCLFFBQVMsU0FBUSxzQkFBUztJQU03QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQW9CO1FBQzVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLHFCQUFHLENBQUMsS0FBSyxFQUFFLEdBQUcsRUFBRSxLQUFLLEVBQUU7WUFDekMsR0FBRyxFQUFFLEtBQUssQ0FBQyxHQUFHO1lBQ2QsWUFBWSxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsVUFBVSxFQUFFLEVBQUUsQ0FBQztZQUN4QyxXQUFXLEVBQUUsSUFBSTtZQUNqQixJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUksSUFBSSxFQUFFO1NBQ3ZCLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxXQUFXLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUM7UUFDN0MsSUFBSSxDQUFDLHFCQUFxQixHQUFHLElBQUksQ0FBQyxRQUFRLENBQUMscUJBQXFCLENBQUM7SUFDbkUsQ0FBQztJQUVELHdDQUF3QztJQUN4QyxNQUFNLENBQUMsS0FBSyxDQUNWLEVBQVUsRUFDVixLQUE4QjtRQUU5QixPQUFPLENBQUMsRUFBZ0IsRUFBRSxFQUFFO1lBQzFCLE1BQU0sUUFBUSxHQUFrQjtnQkFDOUIsR0FBRyxLQUFLO2dCQUNSLEdBQUc7b0JBQ0QsR0FBRyxFQUFHLEVBQUUsQ0FBQyxVQUFVLEVBQVUsSUFBSSxLQUFLLEVBQUUsR0FBRztvQkFDM0MsSUFBSSxFQUFFLEtBQUssRUFBRSxJQUFJO2lCQUNsQjthQUNGLENBQUM7WUFFRixPQUFPLElBQUksSUFBSSxDQUFDLEVBQUUsQ0FBQyxRQUFRLEVBQUUsRUFBRSxFQUFFLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDL0MsQ0FBQyxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBckNELDJCQXFDQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7XG4gIENvbm5lY3Rpb25zLFxuICBJQ29ubmVjdGFibGUsXG4gIFNlY3VyaXR5R3JvdXAsXG4gIFZwY1xufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjMlwiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuaW1wb3J0IHsgU3RhY2tCdWlsZGVyIH0gZnJvbSBcIi4uL2F3c1N0YWNrXCI7XG5pbXBvcnQgUmRzIGZyb20gXCIuL3Jkc0luc3RhbmNlXCI7XG5pbXBvcnQgeyBLZXlWYWx1ZSB9IGZyb20gXCIuLi8uLi8uLi90eXBlc1wiO1xuXG5pbnRlcmZhY2UgRGF0YWJhc2VQcm9wcyB7XG4gIHZwYzogVnBjO1xuICB0YWdzOiBLZXlWYWx1ZSB8IHVuZGVmaW5lZDtcbn1cblxuZXhwb3J0IGRlZmF1bHQgY2xhc3MgRGF0YWJhc2UgZXh0ZW5kcyBDb25zdHJ1Y3QgaW1wbGVtZW50cyBJQ29ubmVjdGFibGUge1xuICBwcml2YXRlIHJlYWRvbmx5IHJlc291cmNlOiBSZHM7XG4gIHB1YmxpYyBjb25uZWN0aW9uczogQ29ubmVjdGlvbnM7XG4gIHB1YmxpYyBkYXRhYmFzZVNlY3VyaXR5R3JvdXA6IFNlY3VyaXR5R3JvdXA7XG4gIHB1YmxpYyBkYXRhYmFzZVNlY3JldE5hbWU6IHN0cmluZztcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogRGF0YWJhc2VQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICB0aGlzLnJlc291cmNlID0gbmV3IFJkcyhzY29wZSwgYCR7aWR9UmRzYCwge1xuICAgICAgdnBjOiBwcm9wcy52cGMsXG4gICAgICBkYXRhYmFzZU5hbWU6IGlkLnJlcGxhY2UoXCJEYXRhYmFzZVwiLCBcIlwiKSxcbiAgICAgIHJlYWRSZXBsaWNhOiB0cnVlLFxuICAgICAgdGFnczogcHJvcHMudGFncyB8fCB7fVxuICAgIH0pO1xuXG4gICAgdGhpcy5jb25uZWN0aW9ucyA9IHRoaXMucmVzb3VyY2UuY29ubmVjdGlvbnM7XG4gICAgdGhpcy5kYXRhYmFzZVNlY3VyaXR5R3JvdXAgPSB0aGlzLnJlc291cmNlLmRhdGFiYXNlU2VjdXJpdHlHcm91cDtcbiAgfVxuXG4gIC8vdG9kbzogbW92ZSB0byBnZW5lcmljICdyZXNvdXJjZScgY2xhc3NcbiAgc3RhdGljIGJ1aWxkKFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJvcHM/OiBQYXJ0aWFsPERhdGFiYXNlUHJvcHM+XG4gICk6IChzYjogU3RhY2tCdWlsZGVyKSA9PiBDb25zdHJ1Y3Qge1xuICAgIHJldHVybiAoc2I6IFN0YWNrQnVpbGRlcikgPT4ge1xuICAgICAgY29uc3QgbmV3UHJvcHM6IERhdGFiYXNlUHJvcHMgPSB7XG4gICAgICAgIC4uLnByb3BzLFxuICAgICAgICAuLi57XG4gICAgICAgICAgdnBjOiAoc2IuZ2V0TmV0d29yaygpIGFzIFZwYykgfHwgcHJvcHM/LnZwYyxcbiAgICAgICAgICB0YWdzOiBwcm9wcz8udGFnc1xuICAgICAgICB9XG4gICAgICB9O1xuXG4gICAgICByZXR1cm4gbmV3IHRoaXMoc2IuZ2V0U3RhY2soKSwgaWQsIG5ld1Byb3BzKTtcbiAgICB9O1xuICB9XG59XG4iXX0=

package/dist/lib/resources/aws/database/index.d.ts

@@ -0,0 +1,2 @@
+export * from "../database";
+export * from "./rds";

package/dist/lib/resources/aws/database/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("../database"), exports);
+__exportStar(require("./rds"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9kYXRhYmFzZS9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsOENBQTRCO0FBQzVCLHdDQUFzQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuLi9kYXRhYmFzZVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vcmRzXCI7XG4iXX0=

package/dist/lib/resources/aws/database/rds.d.ts

@@ -0,0 +1,23 @@
+import { Duration } from "aws-cdk-lib";
+import { Connections, IConnectable, Vpc } from "aws-cdk-lib/aws-ec2";
+import { BackupProps, ClusterInstance, IClusterEngine } from "aws-cdk-lib/aws-rds";
+import { Construct } from "constructs";
+import { KeyValue } from "../../../types";
+interface RdsProps {
+    vpc: Vpc;
+    databaseName?: string;
+    engine?: IClusterEngine;
+    backup?: BackupProps;
+    clusterIdentifier?: string;
+    monitoringInterval?: Duration;
+    preferredMaintenanceWindow?: string;
+    port?: number;
+    writer?: ClusterInstance;
+    readers?: ClusterInstance[];
+    tags: KeyValue;
+}
+export default class Rds extends Construct implements IConnectable {
+    connections: Connections;
+    constructor(scope: Construct, id: string, props: RdsProps);
+}
+export {};

package/dist/lib/resources/aws/database/rds.js

@@ -0,0 +1,130 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
+const aws_rds_1 = require("aws-cdk-lib/aws-rds");
+const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager");
+const constructs_1 = require("constructs");
+const iam_1 = require("../iam");
+const secrets_1 = require("../secrets");
+class Rds extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        // Database Credentials
+        const databaseCredentials = new secrets_1.Secret(this, `${props.databaseName}Credentials`, {
+            secretName: `${props.databaseName}Credentials`,
+            generateSecretString: {
+                secretStringTemplate: JSON.stringify({
+                    username: "postgres"
+                }),
+                excludePunctuation: true,
+                includeSpace: false,
+                generateStringKey: "password"
+            },
+            tags: props.tags
+        });
+        // Customer Managed Keys
+        const encryptionKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}ClusterEncryptionKey`, {
+            aliasName: `cmk/rds/${props.databaseName}/encryptionKey`,
+            tags: props.tags
+        });
+        const primaryReaderInsightsKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}PrimaryReaderInsightsKey`, {
+            aliasName: `cmk/rds/${props.databaseName}/PrimaryReaderInsightsKey`,
+            tags: props.tags
+        });
+        const secondaryReaderInsightsKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}SecondaryReaderInsightsKey`, {
+            aliasName: `cmk/rds/${props.databaseName}/SecondaryReaderInsightsKey`,
+            tags: props.tags
+        });
+        const primaryWriterPerformanceInsightsKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}PrimaryWriterPerformanceInsightsKey`, {
+            aliasName: `cmk/rds/${props.databaseName}/PrimaryWriterInsightsKey`,
+            tags: props.tags
+        });
+        const clusterSecurityGroup = new iam_1.SecurityGroup(this, `${id}SecurityGroup`, {
+            vpc: props.vpc,
+            description: `Security group that allows inbound access to the postgres cluster for ${props.databaseName}`
+        });
+        //TODO: Remove this line, that allows the proxy to connect to the database. Replace with seperated security groups
+        clusterSecurityGroup.addIngressRule(clusterSecurityGroup, aws_ec2_1.Port.tcp(5432));
+        this.connections = clusterSecurityGroup.connections;
+        // Database Cluster
+        const databaseCluster = new aws_rds_1.DatabaseCluster(scope, `${id}Database`, {
+            vpc: props.vpc,
+            vpcSubnets: {
+                subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS
+            },
+            securityGroups: [clusterSecurityGroup],
+            engine: props.engine ||
+                aws_rds_1.DatabaseClusterEngine.auroraPostgres({
+                    //TODO: Do we update these when we release a new version? Or try to keep them constantly updated?
+                    version: aws_rds_1.AuroraPostgresEngineVersion.VER_15_6
+                }),
+            backup: props.backup || {
+                retention: aws_cdk_lib_1.Duration.days(14)
+            },
+            storageEncrypted: true,
+            storageEncryptionKey: encryptionKey.key,
+            clusterIdentifier: props.clusterIdentifier || `${props.databaseName}-cluster`,
+            credentials: aws_rds_1.Credentials.fromSecret(databaseCredentials.secret),
+            defaultDatabaseName: props.databaseName || `${id.replace("Rds", "")}`,
+            monitoringInterval: props.monitoringInterval || aws_cdk_lib_1.Duration.minutes(1),
+            preferredMaintenanceWindow: props.preferredMaintenanceWindow || "Sat:12:30-Sat:20:30",
+            port: props.port || 5432,
+            removalPolicy: aws_cdk_lib_1.RemovalPolicy.SNAPSHOT,
+            writer: props.writer ||
+                aws_rds_1.ClusterInstance.serverlessV2(`${props.databaseName}Writer`, {
+                    enablePerformanceInsights: true,
+                    performanceInsightEncryptionKey: primaryWriterPerformanceInsightsKey.key,
+                    instanceIdentifier: `${props.databaseName}-primary-writer`,
+                    //TODO: Do we update these when we release a new version? Or try to keep them constantly updated?
+                    caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1
+                }),
+            readers: props.readers || [
+                aws_rds_1.ClusterInstance.serverlessV2(`${props.databaseName}PrimaryReader`, {
+                    scaleWithWriter: true,
+                    enablePerformanceInsights: true,
+                    performanceInsightEncryptionKey: primaryReaderInsightsKey.key,
+                    instanceIdentifier: `${props.databaseName}-primary-reader`,
+                    caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1
+                }),
+                aws_rds_1.ClusterInstance.serverlessV2(`${props.databaseName}SecondaryReader`, {
+                    scaleWithWriter: false,
+                    enablePerformanceInsights: true,
+                    performanceInsightEncryptionKey: secondaryReaderInsightsKey.key,
+                    instanceIdentifier: `${props.databaseName}-secondary-reader`,
+                    caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1
+                })
+            ]
+        });
+        const databaseProxy = new aws_rds_1.DatabaseProxy(this, `${props.databaseName}DatabaseProxy`, {
+            proxyTarget: aws_rds_1.ProxyTarget.fromCluster(databaseCluster),
+            secrets: [databaseCredentials.secret],
+            securityGroups: [clusterSecurityGroup],
+            vpc: props.vpc,
+            vpcSubnets: {
+                subnetType: aws_ec2_1.SubnetType.PUBLIC
+            }
+        });
+        new aws_cdk_lib_1.CfnOutput(this, `${props.databaseName}ProxyEndpointOutput`, {
+            key: `${props.databaseName}ProxyEndpoint`,
+            exportName: `${props.databaseName}ProxyEndpoint`,
+            value: databaseProxy.endpoint
+        });
+        // Rotate the Secret every 30 days
+        const masterSecret = new secrets_1.Secret(this, `${props.databaseName}MasterSecret`, {
+            secretName: `${props.databaseName}MasterSecret`,
+            tags: props.tags
+        });
+        new aws_secretsmanager_1.SecretRotation(this, `${props.databaseName}SecretRotation`, {
+            application: new aws_secretsmanager_1.SecretRotationApplication("SecretsManagerRDSPostgreSQLRotationMultiUser", "1.1.367", {
+                isMultiUser: true
+            }),
+            secret: databaseCredentials.secret,
+            masterSecret: masterSecret.secret,
+            target: databaseCluster,
+            vpc: databaseCluster.vpc
+        });
+    }
+}
+exports.default = Rds;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3MvZGF0YWJhc2UvcmRzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsNkNBQWlFO0FBQ2pFLGlEQU02QjtBQUM3QixpREFXNkI7QUFDN0IsdUVBR3dDO0FBQ3hDLDJDQUF1QztBQUN2QyxnQ0FBdUM7QUFDdkMsd0NBQXdEO0FBaUJ4RCxNQUFxQixHQUFJLFNBQVEsc0JBQVM7SUFHeEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFlO1FBQ3ZELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsdUJBQXVCO1FBQ3ZCLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxnQkFBTSxDQUNwQyxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxhQUFhLEVBQ2xDO1lBQ0UsVUFBVSxFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksYUFBYTtZQUM5QyxvQkFBb0IsRUFBRTtnQkFDcEIsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQztvQkFDbkMsUUFBUSxFQUFFLFVBQVU7aUJBQ3JCLENBQUM7Z0JBQ0Ysa0JBQWtCLEVBQUUsSUFBSTtnQkFDeEIsWUFBWSxFQUFFLEtBQUs7Z0JBQ25CLGlCQUFpQixFQUFFLFVBQVU7YUFDOUI7WUFDRCxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7U0FDakIsQ0FDRixDQUFDO1FBRUYsd0JBQXdCO1FBQ3hCLE1BQU0sYUFBYSxHQUFHLElBQUksNEJBQWtCLENBQzFDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLHNCQUFzQixFQUMzQztZQUNFLFNBQVMsRUFBRSxXQUFXLEtBQUssQ0FBQyxZQUFZLGdCQUFnQjtZQUN4RCxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7U0FDakIsQ0FDRixDQUFDO1FBRUYsTUFBTSx3QkFBd0IsR0FBRyxJQUFJLDRCQUFrQixDQUNyRCxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSwwQkFBMEIsRUFDL0M7WUFDRSxTQUFTLEVBQUUsV0FBVyxLQUFLLENBQUMsWUFBWSwyQkFBMkI7WUFDbkUsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO1NBQ2pCLENBQ0YsQ0FBQztRQUVGLE1BQU0sMEJBQTBCLEdBQUcsSUFBSSw0QkFBa0IsQ0FDdkQsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksNEJBQTRCLEVBQ2pEO1lBQ0UsU0FBUyxFQUFFLFdBQVcsS0FBSyxDQUFDLFlBQVksNkJBQTZCO1lBQ3JFLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtTQUNqQixDQUNGLENBQUM7UUFFRixNQUFNLG1DQUFtQyxHQUFHLElBQUksNEJBQWtCLENBQ2hFLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLHFDQUFxQyxFQUMxRDtZQUNFLFNBQVMsRUFBRSxXQUFXLEtBQUssQ0FBQyxZQUFZLDJCQUEyQjtZQUNuRSxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7U0FDakIsQ0FDRixDQUFDO1FBRUYsTUFBTSxvQkFBb0IsR0FBRyxJQUFJLG1CQUFhLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxlQUFlLEVBQUU7WUFDekUsR0FBRyxFQUFFLEtBQUssQ0FBQyxHQUFHO1lBQ2QsV0FBVyxFQUFFLHlFQUF5RSxLQUFLLENBQUMsWUFBWSxFQUFFO1NBQzNHLENBQUMsQ0FBQztRQUVILGtIQUFrSDtRQUNsSCxvQkFBb0IsQ0FBQyxjQUFjLENBQUMsb0JBQW9CLEVBQUUsY0FBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1FBRTFFLElBQUksQ0FBQyxXQUFXLEdBQUcsb0JBQW9CLENBQUMsV0FBVyxDQUFDO1FBRXBELG1CQUFtQjtRQUNuQixNQUFNLGVBQWUsR0FBRyxJQUFJLHlCQUFlLENBQUMsS0FBSyxFQUFFLEdBQUcsRUFBRSxVQUFVLEVBQUU7WUFDbEUsR0FBRyxFQUFFLEtBQUssQ0FBQyxHQUFHO1lBQ2QsVUFBVSxFQUFFO2dCQUNWLFVBQVUsRUFBRSxvQkFBVSxDQUFDLG1CQUFtQjthQUMzQztZQUNELGNBQWMsRUFBRSxDQUFDLG9CQUFvQixDQUFDO1lBQ3RDLE1BQU0sRUFDSixLQUFLLENBQUMsTUFBTTtnQkFDWiwrQkFBcUIsQ0FBQyxjQUFjLENBQUM7b0JBQ25DLGlHQUFpRztvQkFDakcsT0FBTyxFQUFFLHFDQUEyQixDQUFDLFFBQVE7aUJBQzlDLENBQUM7WUFDSixNQUFNLEVBQUUsS0FBSyxDQUFDLE1BQU0sSUFBSTtnQkFDdEIsU0FBUyxFQUFFLHNCQUFRLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQzthQUM3QjtZQUNELGdCQUFnQixFQUFFLElBQUk7WUFDdEIsb0JBQW9CLEVBQUUsYUFBYSxDQUFDLEdBQUc7WUFDdkMsaUJBQWlCLEVBQ2YsS0FBSyxDQUFDLGlCQUFpQixJQUFJLEdBQUcsS0FBSyxDQUFDLFlBQVksVUFBVTtZQUM1RCxXQUFXLEVBQUUscUJBQVcsQ0FBQyxVQUFVLENBQUMsbUJBQW1CLENBQUMsTUFBTSxDQUFDO1lBQy9ELG1CQUFtQixFQUFFLEtBQUssQ0FBQyxZQUFZLElBQUksR0FBRyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsRUFBRTtZQUNyRSxrQkFBa0IsRUFBRSxLQUFLLENBQUMsa0JBQWtCLElBQUksc0JBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1lBQ25FLDBCQUEwQixFQUN4QixLQUFLLENBQUMsMEJBQTBCLElBQUkscUJBQXFCO1lBQzNELElBQUksRUFBRSxLQUFLLENBQUMsSUFBSSxJQUFJLElBQUk7WUFDeEIsYUFBYSxFQUFFLDJCQUFhLENBQUMsUUFBUTtZQUNyQyxNQUFNLEVBQ0osS0FBSyxDQUFDLE1BQU07Z0JBQ1oseUJBQWUsQ0FBQyxZQUFZLENBQUMsR0FBRyxLQUFLLENBQUMsWUFBWSxRQUFRLEVBQUU7b0JBQzFELHlCQUF5QixFQUFFLElBQUk7b0JBQy9CLCtCQUErQixFQUM3QixtQ0FBbUMsQ0FBQyxHQUFHO29CQUN6QyxrQkFBa0IsRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGlCQUFpQjtvQkFDMUQsaUdBQWlHO29CQUNqRyxhQUFhLEVBQUUsdUJBQWEsQ0FBQyxpQkFBaUI7aUJBQy9DLENBQUM7WUFDSixPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU8sSUFBSTtnQkFDeEIseUJBQWUsQ0FBQyxZQUFZLENBQUMsR0FBRyxLQUFLLENBQUMsWUFBWSxlQUFlLEVBQUU7b0JBQ2pFLGVBQWUsRUFBRSxJQUFJO29CQUNyQix5QkFBeUIsRUFBRSxJQUFJO29CQUMvQiwrQkFBK0IsRUFBRSx3QkFBd0IsQ0FBQyxHQUFHO29CQUM3RCxrQkFBa0IsRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGlCQUFpQjtvQkFDMUQsYUFBYSxFQUFFLHVCQUFhLENBQUMsaUJBQWlCO2lCQUMvQyxDQUFDO2dCQUNGLHlCQUFlLENBQUMsWUFBWSxDQUFDLEdBQUcsS0FBSyxDQUFDLFlBQVksaUJBQWlCLEVBQUU7b0JBQ25FLGVBQWUsRUFBRSxLQUFLO29CQUN0Qix5QkFBeUIsRUFBRSxJQUFJO29CQUMvQiwrQkFBK0IsRUFBRSwwQkFBMEIsQ0FBQyxHQUFHO29CQUMvRCxrQkFBa0IsRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLG1CQUFtQjtvQkFDNUQsYUFBYSxFQUFFLHVCQUFhLENBQUMsaUJBQWlCO2lCQUMvQyxDQUFDO2FBQ0g7U0FDRixDQUFDLENBQUM7UUFFSCxNQUFNLGFBQWEsR0FBRyxJQUFJLHVCQUFhLENBQ3JDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLGVBQWUsRUFDcEM7WUFDRSxXQUFXLEVBQUUscUJBQVcsQ0FBQyxXQUFXLENBQUMsZUFBZSxDQUFDO1lBQ3JELE9BQU8sRUFBRSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sQ0FBQztZQUNyQyxjQUFjLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQztZQUN0QyxHQUFHLEVBQUUsS0FBSyxDQUFDLEdBQUc7WUFDZCxVQUFVLEVBQUU7Z0JBQ1YsVUFBVSxFQUFFLG9CQUFVLENBQUMsTUFBTTthQUM5QjtTQUNGLENBQ0YsQ0FBQztRQUVGLElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxLQUFLLENBQUMsWUFBWSxxQkFBcUIsRUFBRTtZQUM5RCxHQUFHLEVBQUUsR0FBRyxLQUFLLENBQUMsWUFBWSxlQUFlO1lBQ3pDLFVBQVUsRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGVBQWU7WUFDaEQsS0FBSyxFQUFFLGFBQWEsQ0FBQyxRQUFRO1NBQzlCLENBQUMsQ0FBQztRQUVILGtDQUFrQztRQUNsQyxNQUFNLFlBQVksR0FBRyxJQUFJLGdCQUFNLENBQUMsSUFBSSxFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksY0FBYyxFQUFFO1lBQ3pFLFVBQVUsRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGNBQWM7WUFDL0MsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO1NBQ2pCLENBQUMsQ0FBQztRQUVILElBQUksbUNBQWMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxLQUFLLENBQUMsWUFBWSxnQkFBZ0IsRUFBRTtZQUM5RCxXQUFXLEVBQUUsSUFBSSw4Q0FBeUIsQ0FDeEMsOENBQThDLEVBQzlDLFNBQVMsRUFDVDtnQkFDRSxXQUFXLEVBQUUsSUFBSTthQUNsQixDQUNGO1lBQ0QsTUFBTSxFQUFFLG1CQUFtQixDQUFDLE1BQU07WUFDbEMsWUFBWSxFQUFFLFlBQVksQ0FBQyxNQUFNO1lBQ2pDLE1BQU0sRUFBRSxlQUFlO1lBQ3ZCLEdBQUcsRUFBRSxlQUFlLENBQUMsR0FBRztTQUN6QixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUF0S0Qsc0JBc0tDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ2ZuT3V0cHV0LCBEdXJhdGlvbiwgUmVtb3ZhbFBvbGljeSB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHtcbiAgQ29ubmVjdGlvbnMsXG4gIElDb25uZWN0YWJsZSxcbiAgUG9ydCxcbiAgU3VibmV0VHlwZSxcbiAgVnBjXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtZWMyXCI7XG5pbXBvcnQge1xuICBBdXJvcmFQb3N0Z3Jlc0VuZ2luZVZlcnNpb24sXG4gIEJhY2t1cFByb3BzLFxuICBDYUNlcnRpZmljYXRlLFxuICBDbHVzdGVySW5zdGFuY2UsXG4gIENyZWRlbnRpYWxzLFxuICBEYXRhYmFzZUNsdXN0ZXIsXG4gIERhdGFiYXNlQ2x1c3RlckVuZ2luZSxcbiAgRGF0YWJhc2VQcm94eSxcbiAgSUNsdXN0ZXJFbmdpbmUsXG4gIFByb3h5VGFyZ2V0XG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtcmRzXCI7XG5pbXBvcnQge1xuICBTZWNyZXRSb3RhdGlvbixcbiAgU2VjcmV0Um90YXRpb25BcHBsaWNhdGlvblxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgU2VjdXJpdHlHcm91cCB9IGZyb20gXCIuLi9pYW1cIjtcbmltcG9ydCB7IEN1c3RvbWVyTWFuYWdlZEtleSwgU2VjcmV0IH0gZnJvbSBcIi4uL3NlY3JldHNcIjtcbmltcG9ydCB7IEtleVZhbHVlIH0gZnJvbSBcIi4uLy4uLy4uL3R5cGVzXCI7XG5cbmludGVyZmFjZSBSZHNQcm9wcyB7XG4gIHZwYzogVnBjO1xuICBkYXRhYmFzZU5hbWU/OiBzdHJpbmc7XG4gIGVuZ2luZT86IElDbHVzdGVyRW5naW5lO1xuICBiYWNrdXA/OiBCYWNrdXBQcm9wcztcbiAgY2x1c3RlcklkZW50aWZpZXI/OiBzdHJpbmc7XG4gIG1vbml0b3JpbmdJbnRlcnZhbD86IER1cmF0aW9uO1xuICBwcmVmZXJyZWRNYWludGVuYW5jZVdpbmRvdz86IHN0cmluZztcbiAgcG9ydD86IG51bWJlcjtcbiAgd3JpdGVyPzogQ2x1c3Rlckluc3RhbmNlO1xuICByZWFkZXJzPzogQ2x1c3Rlckluc3RhbmNlW107XG4gIHRhZ3M6IEtleVZhbHVlO1xufVxuXG5leHBvcnQgZGVmYXVsdCBjbGFzcyBSZHMgZXh0ZW5kcyBDb25zdHJ1Y3QgaW1wbGVtZW50cyBJQ29ubmVjdGFibGUge1xuICBwdWJsaWMgY29ubmVjdGlvbnM6IENvbm5lY3Rpb25zO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBSZHNQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICAvLyBEYXRhYmFzZSBDcmVkZW50aWFsc1xuICAgIGNvbnN0IGRhdGFiYXNlQ3JlZGVudGlhbHMgPSBuZXcgU2VjcmV0KFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1DcmVkZW50aWFsc2AsXG4gICAgICB7XG4gICAgICAgIHNlY3JldE5hbWU6IGAke3Byb3BzLmRhdGFiYXNlTmFtZX1DcmVkZW50aWFsc2AsXG4gICAgICAgIGdlbmVyYXRlU2VjcmV0U3RyaW5nOiB7XG4gICAgICAgICAgc2VjcmV0U3RyaW5nVGVtcGxhdGU6IEpTT04uc3RyaW5naWZ5KHtcbiAgICAgICAgICAgIHVzZXJuYW1lOiBcInBvc3RncmVzXCJcbiAgICAgICAgICB9KSxcbiAgICAgICAgICBleGNsdWRlUHVuY3R1YXRpb246IHRydWUsXG4gICAgICAgICAgaW5jbHVkZVNwYWNlOiBmYWxzZSxcbiAgICAgICAgICBnZW5lcmF0ZVN0cmluZ0tleTogXCJwYXNzd29yZFwiXG4gICAgICAgIH0sXG4gICAgICAgIHRhZ3M6IHByb3BzLnRhZ3NcbiAgICAgIH1cbiAgICApO1xuXG4gICAgLy8gQ3VzdG9tZXIgTWFuYWdlZCBLZXlzXG4gICAgY29uc3QgZW5jcnlwdGlvbktleSA9IG5ldyBDdXN0b21lck1hbmFnZWRLZXkoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfUNsdXN0ZXJFbmNyeXB0aW9uS2V5YCxcbiAgICAgIHtcbiAgICAgICAgYWxpYXNOYW1lOiBgY21rL3Jkcy8ke3Byb3BzLmRhdGFiYXNlTmFtZX0vZW5jcnlwdGlvbktleWAsXG4gICAgICAgIHRhZ3M6IHByb3BzLnRhZ3NcbiAgICAgIH1cbiAgICApO1xuXG4gICAgY29uc3QgcHJpbWFyeVJlYWRlckluc2lnaHRzS2V5ID0gbmV3IEN1c3RvbWVyTWFuYWdlZEtleShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UHJpbWFyeVJlYWRlckluc2lnaHRzS2V5YCxcbiAgICAgIHtcbiAgICAgICAgYWxpYXNOYW1lOiBgY21rL3Jkcy8ke3Byb3BzLmRhdGFiYXNlTmFtZX0vUHJpbWFyeVJlYWRlckluc2lnaHRzS2V5YCxcbiAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgfVxuICAgICk7XG5cbiAgICBjb25zdCBzZWNvbmRhcnlSZWFkZXJJbnNpZ2h0c0tleSA9IG5ldyBDdXN0b21lck1hbmFnZWRLZXkoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVNlY29uZGFyeVJlYWRlckluc2lnaHRzS2V5YCxcbiAgICAgIHtcbiAgICAgICAgYWxpYXNOYW1lOiBgY21rL3Jkcy8ke3Byb3BzLmRhdGFiYXNlTmFtZX0vU2Vjb25kYXJ5UmVhZGVySW5zaWdodHNLZXlgLFxuICAgICAgICB0YWdzOiBwcm9wcy50YWdzXG4gICAgICB9XG4gICAgKTtcblxuICAgIGNvbnN0IHByaW1hcnlXcml0ZXJQZXJmb3JtYW5jZUluc2lnaHRzS2V5ID0gbmV3IEN1c3RvbWVyTWFuYWdlZEtleShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UHJpbWFyeVdyaXRlclBlcmZvcm1hbmNlSW5zaWdodHNLZXlgLFxuICAgICAge1xuICAgICAgICBhbGlhc05hbWU6IGBjbWsvcmRzLyR7cHJvcHMuZGF0YWJhc2VOYW1lfS9QcmltYXJ5V3JpdGVySW5zaWdodHNLZXlgLFxuICAgICAgICB0YWdzOiBwcm9wcy50YWdzXG4gICAgICB9XG4gICAgKTtcblxuICAgIGNvbnN0IGNsdXN0ZXJTZWN1cml0eUdyb3VwID0gbmV3IFNlY3VyaXR5R3JvdXAodGhpcywgYCR7aWR9U2VjdXJpdHlHcm91cGAsIHtcbiAgICAgIHZwYzogcHJvcHMudnBjLFxuICAgICAgZGVzY3JpcHRpb246IGBTZWN1cml0eSBncm91cCB0aGF0IGFsbG93cyBpbmJvdW5kIGFjY2VzcyB0byB0aGUgcG9zdGdyZXMgY2x1c3RlciBmb3IgJHtwcm9wcy5kYXRhYmFzZU5hbWV9YFxuICAgIH0pO1xuXG4gICAgLy9UT0RPOiBSZW1vdmUgdGhpcyBsaW5lLCB0aGF0IGFsbG93cyB0aGUgcHJveHkgdG8gY29ubmVjdCB0byB0aGUgZGF0YWJhc2UuIFJlcGxhY2Ugd2l0aCBzZXBlcmF0ZWQgc2VjdXJpdHkgZ3JvdXBzXG4gICAgY2x1c3RlclNlY3VyaXR5R3JvdXAuYWRkSW5ncmVzc1J1bGUoY2x1c3RlclNlY3VyaXR5R3JvdXAsIFBvcnQudGNwKDU0MzIpKTtcblxuICAgIHRoaXMuY29ubmVjdGlvbnMgPSBjbHVzdGVyU2VjdXJpdHlHcm91cC5jb25uZWN0aW9ucztcblxuICAgIC8vIERhdGFiYXNlIENsdXN0ZXJcbiAgICBjb25zdCBkYXRhYmFzZUNsdXN0ZXIgPSBuZXcgRGF0YWJhc2VDbHVzdGVyKHNjb3BlLCBgJHtpZH1EYXRhYmFzZWAsIHtcbiAgICAgIHZwYzogcHJvcHMudnBjLFxuICAgICAgdnBjU3VibmV0czoge1xuICAgICAgICBzdWJuZXRUeXBlOiBTdWJuZXRUeXBlLlBSSVZBVEVfV0lUSF9FR1JFU1NcbiAgICAgIH0sXG4gICAgICBzZWN1cml0eUdyb3VwczogW2NsdXN0ZXJTZWN1cml0eUdyb3VwXSxcbiAgICAgIGVuZ2luZTpcbiAgICAgICAgcHJvcHMuZW5naW5lIHx8XG4gICAgICAgIERhdGFiYXNlQ2x1c3RlckVuZ2luZS5hdXJvcmFQb3N0Z3Jlcyh7XG4gICAgICAgICAgLy9UT0RPOiBEbyB3ZSB1cGRhdGUgdGhlc2Ugd2hlbiB3ZSByZWxlYXNlIGEgbmV3IHZlcnNpb24/IE9yIHRyeSB0byBrZWVwIHRoZW0gY29uc3RhbnRseSB1cGRhdGVkP1xuICAgICAgICAgIHZlcnNpb246IEF1cm9yYVBvc3RncmVzRW5naW5lVmVyc2lvbi5WRVJfMTVfNlxuICAgICAgICB9KSxcbiAgICAgIGJhY2t1cDogcHJvcHMuYmFja3VwIHx8IHtcbiAgICAgICAgcmV0ZW50aW9uOiBEdXJhdGlvbi5kYXlzKDE0KVxuICAgICAgfSxcbiAgICAgIHN0b3JhZ2VFbmNyeXB0ZWQ6IHRydWUsXG4gICAgICBzdG9yYWdlRW5jcnlwdGlvbktleTogZW5jcnlwdGlvbktleS5rZXksXG4gICAgICBjbHVzdGVySWRlbnRpZmllcjpcbiAgICAgICAgcHJvcHMuY2x1c3RlcklkZW50aWZpZXIgfHwgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfS1jbHVzdGVyYCxcbiAgICAgIGNyZWRlbnRpYWxzOiBDcmVkZW50aWFscy5mcm9tU2VjcmV0KGRhdGFiYXNlQ3JlZGVudGlhbHMuc2VjcmV0KSxcbiAgICAgIGRlZmF1bHREYXRhYmFzZU5hbWU6IHByb3BzLmRhdGFiYXNlTmFtZSB8fCBgJHtpZC5yZXBsYWNlKFwiUmRzXCIsIFwiXCIpfWAsXG4gICAgICBtb25pdG9yaW5nSW50ZXJ2YWw6IHByb3BzLm1vbml0b3JpbmdJbnRlcnZhbCB8fCBEdXJhdGlvbi5taW51dGVzKDEpLFxuICAgICAgcHJlZmVycmVkTWFpbnRlbmFuY2VXaW5kb3c6XG4gICAgICAgIHByb3BzLnByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93IHx8IFwiU2F0OjEyOjMwLVNhdDoyMDozMFwiLFxuICAgICAgcG9ydDogcHJvcHMucG9ydCB8fCA1NDMyLFxuICAgICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5TTkFQU0hPVCxcbiAgICAgIHdyaXRlcjpcbiAgICAgICAgcHJvcHMud3JpdGVyIHx8XG4gICAgICAgIENsdXN0ZXJJbnN0YW5jZS5zZXJ2ZXJsZXNzVjIoYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVdyaXRlcmAsIHtcbiAgICAgICAgICBlbmFibGVQZXJmb3JtYW5jZUluc2lnaHRzOiB0cnVlLFxuICAgICAgICAgIHBlcmZvcm1hbmNlSW5zaWdodEVuY3J5cHRpb25LZXk6XG4gICAgICAgICAgICBwcmltYXJ5V3JpdGVyUGVyZm9ybWFuY2VJbnNpZ2h0c0tleS5rZXksXG4gICAgICAgICAgaW5zdGFuY2VJZGVudGlmaWVyOiBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9LXByaW1hcnktd3JpdGVyYCxcbiAgICAgICAgICAvL1RPRE86IERvIHdlIHVwZGF0ZSB0aGVzZSB3aGVuIHdlIHJlbGVhc2UgYSBuZXcgdmVyc2lvbj8gT3IgdHJ5IHRvIGtlZXAgdGhlbSBjb25zdGFudGx5IHVwZGF0ZWQ/XG4gICAgICAgICAgY2FDZXJ0aWZpY2F0ZTogQ2FDZXJ0aWZpY2F0ZS5SRFNfQ0FfUlNBNDA5Nl9HMVxuICAgICAgICB9KSxcbiAgICAgIHJlYWRlcnM6IHByb3BzLnJlYWRlcnMgfHwgW1xuICAgICAgICBDbHVzdGVySW5zdGFuY2Uuc2VydmVybGVzc1YyKGAke3Byb3BzLmRhdGFiYXNlTmFtZX1QcmltYXJ5UmVhZGVyYCwge1xuICAgICAgICAgIHNjYWxlV2l0aFdyaXRlcjogdHJ1ZSxcbiAgICAgICAgICBlbmFibGVQZXJmb3JtYW5jZUluc2lnaHRzOiB0cnVlLFxuICAgICAgICAgIHBlcmZvcm1hbmNlSW5zaWdodEVuY3J5cHRpb25LZXk6IHByaW1hcnlSZWFkZXJJbnNpZ2h0c0tleS5rZXksXG4gICAgICAgICAgaW5zdGFuY2VJZGVudGlmaWVyOiBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9LXByaW1hcnktcmVhZGVyYCxcbiAgICAgICAgICBjYUNlcnRpZmljYXRlOiBDYUNlcnRpZmljYXRlLlJEU19DQV9SU0E0MDk2X0cxXG4gICAgICAgIH0pLFxuICAgICAgICBDbHVzdGVySW5zdGFuY2Uuc2VydmVybGVzc1YyKGAke3Byb3BzLmRhdGFiYXNlTmFtZX1TZWNvbmRhcnlSZWFkZXJgLCB7XG4gICAgICAgICAgc2NhbGVXaXRoV3JpdGVyOiBmYWxzZSxcbiAgICAgICAgICBlbmFibGVQZXJmb3JtYW5jZUluc2lnaHRzOiB0cnVlLFxuICAgICAgICAgIHBlcmZvcm1hbmNlSW5zaWdodEVuY3J5cHRpb25LZXk6IHNlY29uZGFyeVJlYWRlckluc2lnaHRzS2V5LmtleSxcbiAgICAgICAgICBpbnN0YW5jZUlkZW50aWZpZXI6IGAke3Byb3BzLmRhdGFiYXNlTmFtZX0tc2Vjb25kYXJ5LXJlYWRlcmAsXG4gICAgICAgICAgY2FDZXJ0aWZpY2F0ZTogQ2FDZXJ0aWZpY2F0ZS5SRFNfQ0FfUlNBNDA5Nl9HMVxuICAgICAgICB9KVxuICAgICAgXVxuICAgIH0pO1xuXG4gICAgY29uc3QgZGF0YWJhc2VQcm94eSA9IG5ldyBEYXRhYmFzZVByb3h5KFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EYXRhYmFzZVByb3h5YCxcbiAgICAgIHtcbiAgICAgICAgcHJveHlUYXJnZXQ6IFByb3h5VGFyZ2V0LmZyb21DbHVzdGVyKGRhdGFiYXNlQ2x1c3RlciksXG4gICAgICAgIHNlY3JldHM6IFtkYXRhYmFzZUNyZWRlbnRpYWxzLnNlY3JldF0sXG4gICAgICAgIHNlY3VyaXR5R3JvdXBzOiBbY2x1c3RlclNlY3VyaXR5R3JvdXBdLFxuICAgICAgICB2cGM6IHByb3BzLnZwYyxcbiAgICAgICAgdnBjU3VibmV0czoge1xuICAgICAgICAgIHN1Ym5ldFR5cGU6IFN1Ym5ldFR5cGUuUFVCTElDXG4gICAgICAgIH1cbiAgICAgIH1cbiAgICApO1xuXG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UHJveHlFbmRwb2ludE91dHB1dGAsIHtcbiAgICAgIGtleTogYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVByb3h5RW5kcG9pbnRgLFxuICAgICAgZXhwb3J0TmFtZTogYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVByb3h5RW5kcG9pbnRgLFxuICAgICAgdmFsdWU6IGRhdGFiYXNlUHJveHkuZW5kcG9pbnRcbiAgICB9KTtcblxuICAgIC8vIFJvdGF0ZSB0aGUgU2VjcmV0IGV2ZXJ5IDMwIGRheXNcbiAgICBjb25zdCBtYXN0ZXJTZWNyZXQgPSBuZXcgU2VjcmV0KHRoaXMsIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1NYXN0ZXJTZWNyZXRgLCB7XG4gICAgICBzZWNyZXROYW1lOiBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9TWFzdGVyU2VjcmV0YCxcbiAgICAgIHRhZ3M6IHByb3BzLnRhZ3NcbiAgICB9KTtcblxuICAgIG5ldyBTZWNyZXRSb3RhdGlvbih0aGlzLCBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9U2VjcmV0Um90YXRpb25gLCB7XG4gICAgICBhcHBsaWNhdGlvbjogbmV3IFNlY3JldFJvdGF0aW9uQXBwbGljYXRpb24oXG4gICAgICAgIFwiU2VjcmV0c01hbmFnZXJSRFNQb3N0Z3JlU1FMUm90YXRpb25NdWx0aVVzZXJcIixcbiAgICAgICAgXCIxLjEuMzY3XCIsXG4gICAgICAgIHtcbiAgICAgICAgICBpc011bHRpVXNlcjogdHJ1ZVxuICAgICAgICB9XG4gICAgICApLFxuICAgICAgc2VjcmV0OiBkYXRhYmFzZUNyZWRlbnRpYWxzLnNlY3JldCxcbiAgICAgIG1hc3RlclNlY3JldDogbWFzdGVyU2VjcmV0LnNlY3JldCxcbiAgICAgIHRhcmdldDogZGF0YWJhc2VDbHVzdGVyLFxuICAgICAgdnBjOiBkYXRhYmFzZUNsdXN0ZXIudnBjXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==

package/dist/lib/resources/aws/database/rdsFreeTier.d.ts

@@ -0,0 +1,36 @@
+import { Duration, StackProps } from "aws-cdk-lib";
+import { Connections, IConnectable, InstanceType } from "aws-cdk-lib/aws-ec2";
+import { IInstanceEngine } from "aws-cdk-lib/aws-rds";
+import { Construct } from "constructs";
+import { SecurityGroup } from "../iam";
+import { KeyValue } from "../../../types";
+import { Vpc } from "../networking/vpc";
+interface RdsProps extends StackProps {
+    vpc?: Vpc;
+    databaseName?: string;
+    engine?: IInstanceEngine;
+    instanceType?: InstanceType;
+    maxAllocatedStorage?: number;
+    allocatedStorage?: number;
+    backupRetention?: Duration;
+    clusterIdentifier?: string;
+    monitoringInterval?: Duration;
+    preferredMaintenanceWindow?: string;
+    port?: number;
+    enablePerformanceInsights?: boolean;
+    databaseProxy?: boolean;
+    readReplica?: boolean;
+    tags: KeyValue;
+}
+export default class Rds extends Construct implements IConnectable {
+    connections: Connections;
+    databaseSecurityGroup: SecurityGroup;
+    private databaseCredentials;
+    private encryptionKey;
+    private database;
+    private vpc;
+    constructor(scope: Construct, id: string, props: RdsProps);
+    addVpc(props: RdsProps): void;
+    addDatabase(props: RdsProps): void;
+}
+export {};

package/dist/lib/resources/aws/database/rdsFreeTier.js

@@ -0,0 +1,80 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
+const aws_rds_1 = require("aws-cdk-lib/aws-rds");
+const constructs_1 = require("constructs");
+const iam_1 = require("../iam");
+const secrets_1 = require("../secrets");
+const tagResource_1 = require("../../../utils/tagResource");
+const vpc_1 = require("../networking/vpc");
+class Rds extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.addVpc(props);
+        this.addDatabase(props);
+    }
+    addVpc(props) {
+        this.vpc = props.vpc
+            ? props.vpc
+            : new vpc_1.Vpc(this, `${props.databaseName}Vpc`, {
+                tags: props.tags,
+                environment: aws_cdk_lib_1.Fn.importValue("Environment")
+            });
+    }
+    addDatabase(props) {
+        // Database Credentials
+        this.databaseCredentials = new secrets_1.Secret(this, `${props.databaseName}Credentials`, {
+            secretName: `${props.databaseName}Credentials`,
+            generateSecretString: {
+                secretStringTemplate: JSON.stringify({
+                    username: "postgres"
+                }),
+                excludePunctuation: true,
+                includeSpace: false,
+                generateStringKey: "password"
+            },
+            tags: props.tags
+        });
+        // Customer Managed Keys
+        this.encryptionKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}ClusterEncryptionKey`, {
+            aliasName: `cmk/rds/${props.databaseName}/encryptionKey`,
+            tags: props.tags
+        });
+        this.databaseSecurityGroup = new iam_1.SecurityGroup(this, `${props.databaseName}SecurityGroup`, {
+            vpc: this.vpc,
+            description: `Security group that allows inbound access to the postgres cluster for ${props.databaseName}`
+        });
+        // Database Cluster
+        this.database = new aws_rds_1.DatabaseInstance(this, `${props.databaseName}Database`, {
+            vpc: this.vpc,
+            vpcSubnets: {
+                subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS
+            },
+            securityGroups: [this.databaseSecurityGroup],
+            engine: props.engine ||
+                aws_rds_1.DatabaseInstanceEngine.postgres({
+                    version: aws_rds_1.PostgresEngineVersion.VER_16_3
+                }),
+            allocatedStorage: props.allocatedStorage,
+            backupRetention: props.backupRetention || aws_cdk_lib_1.Duration.days(14),
+            storageEncrypted: true,
+            storageEncryptionKey: this.encryptionKey.key,
+            storageType: aws_rds_1.StorageType.GP3,
+            caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1,
+            removalPolicy: aws_cdk_lib_1.RemovalPolicy.SNAPSHOT,
+            deleteAutomatedBackups: false,
+            databaseName: props.databaseName || `${this.node.id.replace("Rds", "")}`,
+            instanceIdentifier: props.databaseName,
+            instanceType: props.instanceType ||
+                aws_ec2_1.InstanceType.of(aws_ec2_1.InstanceClass.BURSTABLE3, aws_ec2_1.InstanceSize.MICRO),
+            multiAz: false,
+            port: props.port,
+            preferredMaintenanceWindow: props.preferredMaintenanceWindow || "Sat:12:30-Sat:20:30",
+            credentials: aws_rds_1.Credentials.fromSecret(this.databaseCredentials.secret)
+        });
+        (0, tagResource_1.default)(this.database, props.tags);
+    }
+}
+exports.default = Rds;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmRzRnJlZVRpZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9kYXRhYmFzZS9yZHNGcmVlVGllci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDZDQUFzRTtBQUN0RSxpREFRNkI7QUFDN0IsaURBUTZCO0FBQzdCLDJDQUF1QztBQUN2QyxnQ0FBdUM7QUFDdkMsd0NBQXdEO0FBRXhELDREQUFxRDtBQUNyRCwyQ0FBd0M7QUFxQnhDLE1BQXFCLEdBQUksU0FBUSxzQkFBUztJQVV4QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQWU7UUFDdkQsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUNqQixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ25CLElBQUksQ0FBQyxXQUFXLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDMUIsQ0FBQztJQUVELE1BQU0sQ0FBQyxLQUFlO1FBQ3BCLElBQUksQ0FBQyxHQUFHLEdBQUcsS0FBSyxDQUFDLEdBQUc7WUFDbEIsQ0FBQyxDQUFDLEtBQUssQ0FBQyxHQUFHO1lBQ1gsQ0FBQyxDQUFDLElBQUksU0FBRyxDQUFDLElBQUksRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLEtBQUssRUFBRTtnQkFDeEMsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2dCQUNoQixXQUFXLEVBQUUsZ0JBQUUsQ0FBQyxXQUFXLENBQUMsYUFBYSxDQUFDO2FBQzNDLENBQUMsQ0FBQztJQUNULENBQUM7SUFDRCxXQUFXLENBQUMsS0FBZTtRQUN6Qix1QkFBdUI7UUFDdkIsSUFBSSxDQUFDLG1CQUFtQixHQUFHLElBQUksZ0JBQU0sQ0FDbkMsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksYUFBYSxFQUNsQztZQUNFLFVBQVUsRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGFBQWE7WUFDOUMsb0JBQW9CLEVBQUU7Z0JBQ3BCLG9CQUFvQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUM7b0JBQ25DLFFBQVEsRUFBRSxVQUFVO2lCQUNyQixDQUFDO2dCQUNGLGtCQUFrQixFQUFFLElBQUk7Z0JBQ3hCLFlBQVksRUFBRSxLQUFLO2dCQUNuQixpQkFBaUIsRUFBRSxVQUFVO2FBQzlCO1lBQ0QsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO1NBQ2pCLENBQ0YsQ0FBQztRQUVGLHdCQUF3QjtRQUN4QixJQUFJLENBQUMsYUFBYSxHQUFHLElBQUksNEJBQWtCLENBQ3pDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLHNCQUFzQixFQUMzQztZQUNFLFNBQVMsRUFBRSxXQUFXLEtBQUssQ0FBQyxZQUFZLGdCQUFnQjtZQUN4RCxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7U0FDakIsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLHFCQUFxQixHQUFHLElBQUksbUJBQWEsQ0FDNUMsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksZUFBZSxFQUNwQztZQUNFLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztZQUNiLFdBQVcsRUFBRSx5RUFBeUUsS0FBSyxDQUFDLFlBQVksRUFBRTtTQUMzRyxDQUNGLENBQUM7UUFFRixtQkFBbUI7UUFDbkIsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLDBCQUFnQixDQUNsQyxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxVQUFVLEVBQy9CO1lBQ0UsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHO1lBQ2IsVUFBVSxFQUFFO2dCQUNWLFVBQVUsRUFBRSxvQkFBVSxDQUFDLG1CQUFtQjthQUMzQztZQUNELGNBQWMsRUFBRSxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQztZQUM1QyxNQUFNLEVBQ0osS0FBSyxDQUFDLE1BQU07Z0JBQ1osZ0NBQXNCLENBQUMsUUFBUSxDQUFDO29CQUM5QixPQUFPLEVBQUUsK0JBQXFCLENBQUMsUUFBUTtpQkFDeEMsQ0FBQztZQUNKLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxnQkFBZ0I7WUFDeEMsZUFBZSxFQUFFLEtBQUssQ0FBQyxlQUFlLElBQUksc0JBQVEsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQzNELGdCQUFnQixFQUFFLElBQUk7WUFDdEIsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxHQUFHO1lBQzVDLFdBQVcsRUFBRSxxQkFBVyxDQUFDLEdBQUc7WUFDNUIsYUFBYSxFQUFFLHVCQUFhLENBQUMsaUJBQWlCO1lBQzlDLGFBQWEsRUFBRSwyQkFBYSxDQUFDLFFBQVE7WUFDckMsc0JBQXNCLEVBQUUsS0FBSztZQUM3QixZQUFZLEVBQ1YsS0FBSyxDQUFDLFlBQVksSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLEVBQUU7WUFDNUQsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLFlBQVk7WUFDdEMsWUFBWSxFQUNWLEtBQUssQ0FBQyxZQUFZO2dCQUNsQixzQkFBWSxDQUFDLEVBQUUsQ0FBQyx1QkFBYSxDQUFDLFVBQVUsRUFBRSxzQkFBWSxDQUFDLEtBQUssQ0FBQztZQUMvRCxPQUFPLEVBQUUsS0FBSztZQUNkLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtZQUNoQiwwQkFBMEIsRUFDeEIsS0FBSyxDQUFDLDBCQUEwQixJQUFJLHFCQUFxQjtZQUMzRCxXQUFXLEVBQUUscUJBQVcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sQ0FBQztTQUNyRSxDQUNGLENBQUM7UUFDRixJQUFBLHFCQUFXLEVBQUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDekMsQ0FBQztDQUNGO0FBcEdELHNCQW9HQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IER1cmF0aW9uLCBGbiwgUmVtb3ZhbFBvbGljeSwgU3RhY2tQcm9wcyB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHtcbiAgQ29ubmVjdGlvbnMsXG4gIElDb25uZWN0YWJsZSxcbiAgSW5zdGFuY2VDbGFzcyxcbiAgSW5zdGFuY2VTaXplLFxuICBJbnN0YW5jZVR5cGUsXG4gIElWcGMsXG4gIFN1Ym5ldFR5cGVcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzJcIjtcbmltcG9ydCB7XG4gIENhQ2VydGlmaWNhdGUsXG4gIENyZWRlbnRpYWxzLFxuICBEYXRhYmFzZUluc3RhbmNlLFxuICBEYXRhYmFzZUluc3RhbmNlRW5naW5lLFxuICBJSW5zdGFuY2VFbmdpbmUsXG4gIFBvc3RncmVzRW5naW5lVmVyc2lvbixcbiAgU3RvcmFnZVR5cGVcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1yZHNcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBTZWN1cml0eUdyb3VwIH0gZnJvbSBcIi4uL2lhbVwiO1xuaW1wb3J0IHsgQ3VzdG9tZXJNYW5hZ2VkS2V5LCBTZWNyZXQgfSBmcm9tIFwiLi4vc2VjcmV0c1wiO1xuaW1wb3J0IHsgS2V5VmFsdWUgfSBmcm9tIFwiLi4vLi4vLi4vdHlwZXNcIjtcbmltcG9ydCB0YWdSZXNvdXJjZSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvdGFnUmVzb3VyY2VcIjtcbmltcG9ydCB7IFZwYyB9IGZyb20gXCIuLi9uZXR3b3JraW5nL3ZwY1wiO1xuXG5pbnRlcmZhY2UgUmRzUHJvcHMgZXh0ZW5kcyBTdGFja1Byb3BzIHtcbiAgdnBjPzogVnBjO1xuICBkYXRhYmFzZU5hbWU/OiBzdHJpbmc7XG4gIGVuZ2luZT86IElJbnN0YW5jZUVuZ2luZTtcbiAgaW5zdGFuY2VUeXBlPzogSW5zdGFuY2VUeXBlO1xuICBtYXhBbGxvY2F0ZWRTdG9yYWdlPzogbnVtYmVyO1xuICBhbGxvY2F0ZWRTdG9yYWdlPzogbnVtYmVyO1xuICBiYWNrdXBSZXRlbnRpb24/OiBEdXJhdGlvbjtcbiAgY2x1c3RlcklkZW50aWZpZXI/OiBzdHJpbmc7XG4gIG1vbml0b3JpbmdJbnRlcnZhbD86IER1cmF0aW9uO1xuICBwcmVmZXJyZWRNYWludGVuYW5jZVdpbmRvdz86IHN0cmluZztcbiAgcG9ydD86IG51bWJlcjtcbiAgZW5hYmxlUGVyZm9ybWFuY2VJbnNpZ2h0cz86IGJvb2xlYW47XG4gIGRhdGFiYXNlUHJveHk/OiBib29sZWFuO1xuICAvLyBUT0RPOiBUaGUgYmVsb3cgY291bGQgYmUgYSBudW1iZXIsIHRoZW4gaXQgc2NhbGVzIGJhc2VkIG9uIHRoZSBhbW91bnRcbiAgcmVhZFJlcGxpY2E/OiBib29sZWFuO1xuICB0YWdzOiBLZXlWYWx1ZTtcbn1cblxuZXhwb3J0IGRlZmF1bHQgY2xhc3MgUmRzIGV4dGVuZHMgQ29uc3RydWN0IGltcGxlbWVudHMgSUNvbm5lY3RhYmxlIHtcbiAgcHVibGljIGNvbm5lY3Rpb25zOiBDb25uZWN0aW9ucztcbiAgcHVibGljIGRhdGFiYXNlU2VjdXJpdHlHcm91cDogU2VjdXJpdHlHcm91cDtcblxuICBwcml2YXRlIGRhdGFiYXNlQ3JlZGVudGlhbHM6IFNlY3JldDtcbiAgcHJpdmF0ZSBlbmNyeXB0aW9uS2V5OiBDdXN0b21lck1hbmFnZWRLZXk7XG4gIC8vIHByaXZhdGUgZGF0YWJhc2VTZWN1cml0eUdyb3VwOiBTZWN1cml0eUdyb3VwO1xuICBwcml2YXRlIGRhdGFiYXNlOiBEYXRhYmFzZUluc3RhbmNlO1xuICBwcml2YXRlIHZwYzogSVZwYztcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogUmRzUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuICAgIHRoaXMuYWRkVnBjKHByb3BzKTtcbiAgICB0aGlzLmFkZERhdGFiYXNlKHByb3BzKTtcbiAgfVxuXG4gIGFkZFZwYyhwcm9wczogUmRzUHJvcHMpIHtcbiAgICB0aGlzLnZwYyA9IHByb3BzLnZwY1xuICAgICAgPyBwcm9wcy52cGNcbiAgICAgIDogbmV3IFZwYyh0aGlzLCBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9VnBjYCwge1xuICAgICAgICAgIHRhZ3M6IHByb3BzLnRhZ3MsXG4gICAgICAgICAgZW52aXJvbm1lbnQ6IEZuLmltcG9ydFZhbHVlKFwiRW52aXJvbm1lbnRcIilcbiAgICAgICAgfSk7XG4gIH1cbiAgYWRkRGF0YWJhc2UocHJvcHM6IFJkc1Byb3BzKSB7XG4gICAgLy8gRGF0YWJhc2UgQ3JlZGVudGlhbHNcbiAgICB0aGlzLmRhdGFiYXNlQ3JlZGVudGlhbHMgPSBuZXcgU2VjcmV0KFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1DcmVkZW50aWFsc2AsXG4gICAgICB7XG4gICAgICAgIHNlY3JldE5hbWU6IGAke3Byb3BzLmRhdGFiYXNlTmFtZX1DcmVkZW50aWFsc2AsXG4gICAgICAgIGdlbmVyYXRlU2VjcmV0U3RyaW5nOiB7XG4gICAgICAgICAgc2VjcmV0U3RyaW5nVGVtcGxhdGU6IEpTT04uc3RyaW5naWZ5KHtcbiAgICAgICAgICAgIHVzZXJuYW1lOiBcInBvc3RncmVzXCJcbiAgICAgICAgICB9KSxcbiAgICAgICAgICBleGNsdWRlUHVuY3R1YXRpb246IHRydWUsXG4gICAgICAgICAgaW5jbHVkZVNwYWNlOiBmYWxzZSxcbiAgICAgICAgICBnZW5lcmF0ZVN0cmluZ0tleTogXCJwYXNzd29yZFwiXG4gICAgICAgIH0sXG4gICAgICAgIHRhZ3M6IHByb3BzLnRhZ3NcbiAgICAgIH1cbiAgICApO1xuXG4gICAgLy8gQ3VzdG9tZXIgTWFuYWdlZCBLZXlzXG4gICAgdGhpcy5lbmNyeXB0aW9uS2V5ID0gbmV3IEN1c3RvbWVyTWFuYWdlZEtleShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9Q2x1c3RlckVuY3J5cHRpb25LZXlgLFxuICAgICAge1xuICAgICAgICBhbGlhc05hbWU6IGBjbWsvcmRzLyR7cHJvcHMuZGF0YWJhc2VOYW1lfS9lbmNyeXB0aW9uS2V5YCxcbiAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgfVxuICAgICk7XG5cbiAgICB0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cCA9IG5ldyBTZWN1cml0eUdyb3VwKFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1TZWN1cml0eUdyb3VwYCxcbiAgICAgIHtcbiAgICAgICAgdnBjOiB0aGlzLnZwYyxcbiAgICAgICAgZGVzY3JpcHRpb246IGBTZWN1cml0eSBncm91cCB0aGF0IGFsbG93cyBpbmJvdW5kIGFjY2VzcyB0byB0aGUgcG9zdGdyZXMgY2x1c3RlciBmb3IgJHtwcm9wcy5kYXRhYmFzZU5hbWV9YFxuICAgICAgfVxuICAgICk7XG5cbiAgICAvLyBEYXRhYmFzZSBDbHVzdGVyXG4gICAgdGhpcy5kYXRhYmFzZSA9IG5ldyBEYXRhYmFzZUluc3RhbmNlKFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EYXRhYmFzZWAsXG4gICAgICB7XG4gICAgICAgIHZwYzogdGhpcy52cGMsXG4gICAgICAgIHZwY1N1Ym5ldHM6IHtcbiAgICAgICAgICBzdWJuZXRUeXBlOiBTdWJuZXRUeXBlLlBSSVZBVEVfV0lUSF9FR1JFU1NcbiAgICAgICAgfSxcbiAgICAgICAgc2VjdXJpdHlHcm91cHM6IFt0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cF0sXG4gICAgICAgIGVuZ2luZTpcbiAgICAgICAgICBwcm9wcy5lbmdpbmUgfHxcbiAgICAgICAgICBEYXRhYmFzZUluc3RhbmNlRW5naW5lLnBvc3RncmVzKHtcbiAgICAgICAgICAgIHZlcnNpb246IFBvc3RncmVzRW5naW5lVmVyc2lvbi5WRVJfMTZfM1xuICAgICAgICAgIH0pLFxuICAgICAgICBhbGxvY2F0ZWRTdG9yYWdlOiBwcm9wcy5hbGxvY2F0ZWRTdG9yYWdlLFxuICAgICAgICBiYWNrdXBSZXRlbnRpb246IHByb3BzLmJhY2t1cFJldGVudGlvbiB8fCBEdXJhdGlvbi5kYXlzKDE0KSxcbiAgICAgICAgc3RvcmFnZUVuY3J5cHRlZDogdHJ1ZSxcbiAgICAgICAgc3RvcmFnZUVuY3J5cHRpb25LZXk6IHRoaXMuZW5jcnlwdGlvbktleS5rZXksXG4gICAgICAgIHN0b3JhZ2VUeXBlOiBTdG9yYWdlVHlwZS5HUDMsXG4gICAgICAgIGNhQ2VydGlmaWNhdGU6IENhQ2VydGlmaWNhdGUuUkRTX0NBX1JTQTQwOTZfRzEsXG4gICAgICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuU05BUFNIT1QsXG4gICAgICAgIGRlbGV0ZUF1dG9tYXRlZEJhY2t1cHM6IGZhbHNlLFxuICAgICAgICBkYXRhYmFzZU5hbWU6XG4gICAgICAgICAgcHJvcHMuZGF0YWJhc2VOYW1lIHx8IGAke3RoaXMubm9kZS5pZC5yZXBsYWNlKFwiUmRzXCIsIFwiXCIpfWAsXG4gICAgICAgIGluc3RhbmNlSWRlbnRpZmllcjogcHJvcHMuZGF0YWJhc2VOYW1lLFxuICAgICAgICBpbnN0YW5jZVR5cGU6XG4gICAgICAgICAgcHJvcHMuaW5zdGFuY2VUeXBlIHx8XG4gICAgICAgICAgSW5zdGFuY2VUeXBlLm9mKEluc3RhbmNlQ2xhc3MuQlVSU1RBQkxFMywgSW5zdGFuY2VTaXplLk1JQ1JPKSxcbiAgICAgICAgbXVsdGlBejogZmFsc2UsXG4gICAgICAgIHBvcnQ6IHByb3BzLnBvcnQsXG4gICAgICAgIHByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93OlxuICAgICAgICAgIHByb3BzLnByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93IHx8IFwiU2F0OjEyOjMwLVNhdDoyMDozMFwiLFxuICAgICAgICBjcmVkZW50aWFsczogQ3JlZGVudGlhbHMuZnJvbVNlY3JldCh0aGlzLmRhdGFiYXNlQ3JlZGVudGlhbHMuc2VjcmV0KVxuICAgICAgfVxuICAgICk7XG4gICAgdGFnUmVzb3VyY2UodGhpcy5kYXRhYmFzZSwgcHJvcHMudGFncyk7XG4gIH1cbn1cbiJdfQ==

package/dist/lib/resources/aws/database/rdsInstance.d.ts

@@ -0,0 +1,42 @@
+import { Duration, Stack } from "aws-cdk-lib";
+import { Connections, IConnectable, InstanceType, Vpc } from "aws-cdk-lib/aws-ec2";
+import { IInstanceEngine } from "aws-cdk-lib/aws-rds";
+import { Construct } from "constructs";
+import { SecurityGroup } from "../iam";
+import { KeyValue } from "../../../types";
+import { StackBuilder } from "../awsStack";
+interface RdsProps {
+    vpc: Vpc;
+    databaseName?: string;
+    engine?: IInstanceEngine;
+    instanceType?: InstanceType;
+    maxAllocatedStorage?: number;
+    allocatedStorage?: number;
+    backupRetention?: Duration;
+    clusterIdentifier?: string;
+    monitoringInterval?: Duration;
+    preferredMaintenanceWindow?: string;
+    port?: number;
+    enablePerformanceInsights?: boolean;
+    databaseProxy?: boolean;
+    readReplica?: boolean;
+    tags: KeyValue;
+    securityGroupIds?: string[];
+}
+export default class Rds extends Stack implements IConnectable {
+    connections: Connections;
+    databaseSecurityGroup: SecurityGroup;
+    private databaseCredentials;
+    private encryptionKey;
+    private databasePerformanceInsightsKey;
+    private database;
+    private masterSecret;
+    private databaseProxy;
+    constructor(scope: Construct, id: string, props: RdsProps);
+    addDatabase(props: RdsProps): void;
+    rotateSecret(props: RdsProps): void;
+    addProxy(props: RdsProps): void;
+    addReadReplica(props: RdsProps): void;
+    static build(id: string, props: RdsProps): (sb: StackBuilder) => Construct;
+}
+export {};