@fjall/components-infrastructure 0.1.10 → 0.1.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/app.d.ts +2 -1
- package/dist/lib/app.js +4 -2
- package/dist/lib/config/aws/accountId.d.ts +6 -0
- package/dist/lib/config/aws/accountId.js +33 -0
- package/dist/lib/config/aws/cloudTrail.d.ts +10 -0
- package/dist/lib/config/aws/cloudTrail.js +22 -0
- package/dist/lib/config/aws/costAllocationTags.d.ts +2 -3
- package/dist/lib/config/aws/costAllocationTags.js +6 -5
- package/dist/lib/config/aws/ecrDefaultImage.d.ts +11 -0
- package/dist/lib/config/aws/ecrDefaultImage.js +127 -0
- package/dist/lib/config/aws/eventBus.d.ts +7 -0
- package/dist/lib/config/aws/eventBus.js +24 -0
- package/dist/lib/config/aws/identityCenter.d.ts +11 -3
- package/dist/lib/config/aws/identityCenter.js +24 -29
- package/dist/lib/config/aws/identityCenterUser.d.ts +16 -0
- package/dist/lib/config/aws/identityCenterUser.js +125 -0
- package/dist/lib/config/aws/index.d.ts +8 -4
- package/dist/lib/config/aws/index.js +9 -5
- package/dist/lib/config/aws/ipam.d.ts +2 -2
- package/dist/lib/config/aws/ipam.js +25 -7
- package/dist/lib/config/aws/ipamDelegateAdmin.d.ts +4 -5
- package/dist/lib/config/aws/ipamDelegateAdmin.js +9 -13
- package/dist/lib/config/aws/ipamPoolId.d.ts +10 -0
- package/dist/lib/config/aws/ipamPoolId.js +38 -0
- package/dist/lib/config/aws/organisation.d.ts +28 -0
- package/dist/lib/config/aws/organisation.js +112 -0
- package/dist/lib/config/aws/organisationId.d.ts +4 -2
- package/dist/lib/config/aws/organisationId.js +13 -7
- package/dist/lib/config/aws/ramSharing.d.ts +4 -0
- package/dist/lib/config/aws/ramSharing.js +35 -0
- package/dist/lib/patterns/aws/basicApp.d.ts +5 -4
- package/dist/lib/patterns/aws/basicApp.js +18 -18
- package/dist/lib/patterns/aws/buildkite.d.ts +40 -31
- package/dist/lib/patterns/aws/buildkite.js +74 -46
- package/dist/lib/patterns/aws/freeTierApp.d.ts +47 -0
- package/dist/lib/patterns/aws/freeTierApp.js +95 -0
- package/dist/lib/patterns/aws/hostedZone.d.ts +11 -0
- package/dist/lib/patterns/aws/hostedZone.js +73 -0
- package/dist/lib/patterns/aws/index.d.ts +3 -0
- package/dist/lib/patterns/aws/index.js +4 -1
- package/dist/lib/patterns/aws/managedAccount.d.ts +13 -0
- package/dist/lib/patterns/aws/managedAccount.js +40 -0
- package/dist/lib/patterns/aws/managedOrganisation.d.ts +14 -24
- package/dist/lib/patterns/aws/managedOrganisation.js +39 -146
- package/dist/lib/patterns/aws/managedPlatform.d.ts +13 -0
- package/dist/lib/patterns/aws/managedPlatform.js +22 -0
- package/dist/lib/patterns/aws/spotInstanceApp.d.ts +47 -0
- package/dist/lib/patterns/aws/spotInstanceApp.js +95 -0
- package/dist/lib/patterns/aws/subdomainHostedZone.d.ts +9 -0
- package/dist/lib/patterns/aws/subdomainHostedZone.js +39 -0
- package/dist/lib/resources/aws/awsStack.d.ts +2 -2
- package/dist/lib/resources/aws/awsStack.js +3 -3
- package/dist/lib/resources/aws/compute/ecs.d.ts +2 -4
- package/dist/lib/resources/aws/compute/ecs.js +10 -6
- package/dist/lib/resources/aws/compute/ecsFreeTier.d.ts +76 -0
- package/dist/lib/resources/aws/compute/ecsFreeTier.js +352 -0
- package/dist/lib/resources/aws/compute/ecsSpot.d.ts +76 -0
- package/dist/lib/resources/aws/compute/ecsSpot.js +334 -0
- package/dist/lib/resources/aws/compute/index.d.ts +2 -0
- package/dist/lib/resources/aws/compute/index.js +19 -0
- package/dist/lib/resources/aws/compute/lambda.d.ts +7 -7
- package/dist/lib/resources/aws/compute/lambda.js +8 -7
- package/dist/lib/resources/aws/database/database.d.ts +16 -0
- package/dist/lib/resources/aws/database/database.js +30 -0
- package/dist/lib/resources/aws/database/databaseFreeTier.d.ts +17 -0
- package/dist/lib/resources/aws/database/databaseFreeTier.js +31 -0
- package/dist/lib/resources/aws/database/databaseInstance.d.ts +17 -0
- package/dist/lib/resources/aws/database/databaseInstance.js +32 -0
- package/dist/lib/resources/aws/database/index.d.ts +2 -0
- package/dist/lib/resources/aws/database/index.js +19 -0
- package/dist/lib/resources/aws/database/rds.d.ts +23 -0
- package/dist/lib/resources/aws/database/rds.js +130 -0
- package/dist/lib/resources/aws/database/rdsFreeTier.d.ts +36 -0
- package/dist/lib/resources/aws/database/rdsFreeTier.js +80 -0
- package/dist/lib/resources/aws/database/rdsInstance.d.ts +42 -0
- package/dist/lib/resources/aws/database/rdsInstance.js +173 -0
- package/dist/lib/resources/aws/logging/cloudTrail.d.ts +18 -0
- package/dist/lib/resources/aws/logging/cloudTrail.js +46 -0
- package/dist/lib/resources/aws/logging/logGroup.d.ts +3 -3
- package/dist/lib/resources/aws/logging/logGroup.js +3 -3
- package/dist/lib/resources/aws/networking/index.d.ts +1 -1
- package/dist/lib/resources/aws/networking/index.js +2 -2
- package/dist/lib/resources/aws/networking/ipamPool.d.ts +16 -3
- package/dist/lib/resources/aws/networking/ipamPool.js +78 -6
- package/dist/lib/resources/aws/networking/vpc.d.ts +29 -0
- package/dist/lib/resources/aws/networking/vpc.js +66 -0
- package/dist/lib/resources/aws/secrets/alias.d.ts +5 -0
- package/dist/lib/resources/aws/secrets/alias.js +13 -0
- package/dist/lib/resources/aws/secrets/index.d.ts +5 -0
- package/dist/lib/resources/aws/secrets/index.js +22 -0
- package/dist/lib/resources/aws/secrets/kms.d.ts +14 -0
- package/dist/lib/resources/aws/secrets/kms.js +34 -0
- package/dist/lib/resources/aws/secrets/parameter.d.ts +26 -0
- package/dist/lib/resources/aws/secrets/parameter.js +100 -0
- package/dist/lib/resources/aws/secrets/secret.d.ts +24 -0
- package/dist/lib/resources/aws/secrets/secret.js +53 -0
- package/dist/lib/resources/aws/storage/ecr.d.ts +12 -0
- package/dist/lib/resources/aws/storage/ecr.js +31 -0
- package/dist/lib/resources/aws/storage/index.d.ts +2 -0
- package/dist/lib/resources/aws/storage/index.js +19 -0
- package/dist/lib/resources/aws/storage/s3.d.ts +11 -0
- package/dist/lib/resources/aws/storage/s3.js +44 -0
- package/dist/lib/resources/aws/utilities/codeBuild.d.ts +15 -0
- package/dist/lib/resources/aws/utilities/codeBuild.js +28 -0
- package/dist/lib/resources/aws/utilities/customResource.js +2 -2
- package/dist/lib/types.d.ts +3 -0
- package/dist/lib/types.js +3 -0
- package/dist/lib/utils/capitalizeString.d.ts +1 -0
- package/dist/lib/utils/capitalizeString.js +8 -0
- package/dist/lib/utils/getAccountId.d.ts +1 -1
- package/dist/lib/utils/getAccountId.js +7 -5
- package/dist/lib/utils/getAsync.d.ts +10 -0
- package/dist/lib/utils/getAsync.js +37 -0
- package/dist/lib/utils/getCidr.d.ts +8 -0
- package/dist/lib/utils/getCidr.js +42 -0
- package/dist/lib/utils/getConfig.d.ts +6 -3
- package/dist/lib/utils/getConfig.js +32 -14
- package/dist/lib/utils/stripAndCamelCase.d.ts +1 -0
- package/dist/lib/utils/stripAndCamelCase.js +17 -0
- package/dist/lib/utils/usersConfig.d.ts +7 -0
- package/dist/lib/utils/usersConfig.js +18 -0
- package/package.json +7 -3
|
@@ -0,0 +1,173 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
4
|
+
const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
|
|
5
|
+
const aws_rds_1 = require("aws-cdk-lib/aws-rds");
|
|
6
|
+
const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager");
|
|
7
|
+
const iam_1 = require("../iam");
|
|
8
|
+
const secrets_1 = require("../secrets");
|
|
9
|
+
const tagResource_1 = require("../../../utils/tagResource");
|
|
10
|
+
class Rds extends aws_cdk_lib_1.Stack {
|
|
11
|
+
constructor(scope, id, props) {
|
|
12
|
+
super(scope, id);
|
|
13
|
+
this.addDatabase(props);
|
|
14
|
+
this.rotateSecret(props);
|
|
15
|
+
if (props.databaseProxy) {
|
|
16
|
+
this.addProxy(props);
|
|
17
|
+
}
|
|
18
|
+
if (props.readReplica) {
|
|
19
|
+
this.addReadReplica(props);
|
|
20
|
+
}
|
|
21
|
+
}
|
|
22
|
+
addDatabase(props) {
|
|
23
|
+
// Database Credentials
|
|
24
|
+
this.databaseCredentials = new secrets_1.Secret(this, `${props.databaseName}Credentials`, {
|
|
25
|
+
secretName: `${props.databaseName}Credentials`,
|
|
26
|
+
generateSecretString: {
|
|
27
|
+
secretStringTemplate: JSON.stringify({
|
|
28
|
+
username: "postgres"
|
|
29
|
+
}),
|
|
30
|
+
excludePunctuation: true,
|
|
31
|
+
includeSpace: false,
|
|
32
|
+
generateStringKey: "password"
|
|
33
|
+
},
|
|
34
|
+
tags: props.tags
|
|
35
|
+
});
|
|
36
|
+
// Customer Managed Keys
|
|
37
|
+
this.encryptionKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}ClusterEncryptionKey`, {
|
|
38
|
+
aliasName: `cmk/rds/${props.databaseName}/encryptionKey`,
|
|
39
|
+
tags: props.tags
|
|
40
|
+
});
|
|
41
|
+
if (props.enablePerformanceInsights) {
|
|
42
|
+
this.databasePerformanceInsightsKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}PerformanceInsightsKey`, {
|
|
43
|
+
aliasName: `cmk/rds/${props.databaseName}/InsightsKey`,
|
|
44
|
+
tags: props.tags
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
this.databaseSecurityGroup = new iam_1.SecurityGroup(this, `${props.databaseName}SecurityGroup`, {
|
|
48
|
+
vpc: props.vpc,
|
|
49
|
+
description: `Security group that allows inbound access to the postgres cluster for ${props.databaseName}`
|
|
50
|
+
});
|
|
51
|
+
//TODO: Remove this line, that allows the proxy to connect to the database. Replace with seperated security groups
|
|
52
|
+
this.databaseSecurityGroup.addIngressRule(this.databaseSecurityGroup, aws_ec2_1.Port.tcp(5432));
|
|
53
|
+
this.connections = this.databaseSecurityGroup.connections;
|
|
54
|
+
// Database Cluster
|
|
55
|
+
this.database = new aws_rds_1.DatabaseInstance(this, `${props.databaseName}Database`, {
|
|
56
|
+
vpc: props.vpc,
|
|
57
|
+
vpcSubnets: {
|
|
58
|
+
subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS
|
|
59
|
+
},
|
|
60
|
+
securityGroups: [this.databaseSecurityGroup],
|
|
61
|
+
engine: props.engine ||
|
|
62
|
+
aws_rds_1.DatabaseInstanceEngine.postgres({
|
|
63
|
+
version: aws_rds_1.PostgresEngineVersion.VER_16_3
|
|
64
|
+
}),
|
|
65
|
+
allocatedStorage: props.allocatedStorage,
|
|
66
|
+
backupRetention: props.backupRetention || aws_cdk_lib_1.Duration.days(14),
|
|
67
|
+
storageEncrypted: true,
|
|
68
|
+
storageEncryptionKey: this.encryptionKey.key,
|
|
69
|
+
storageType: aws_rds_1.StorageType.GP3,
|
|
70
|
+
caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1,
|
|
71
|
+
removalPolicy: aws_cdk_lib_1.RemovalPolicy.SNAPSHOT,
|
|
72
|
+
deleteAutomatedBackups: false,
|
|
73
|
+
enablePerformanceInsights: props.enablePerformanceInsights,
|
|
74
|
+
performanceInsightEncryptionKey: props.enablePerformanceInsights
|
|
75
|
+
? this.databasePerformanceInsightsKey.key
|
|
76
|
+
: undefined,
|
|
77
|
+
databaseName: props.databaseName,
|
|
78
|
+
instanceIdentifier: props.databaseName,
|
|
79
|
+
instanceType: props.instanceType ||
|
|
80
|
+
aws_ec2_1.InstanceType.of(aws_ec2_1.InstanceClass.STANDARD7_GRAVITON, aws_ec2_1.InstanceSize.LARGE),
|
|
81
|
+
maxAllocatedStorage: props.maxAllocatedStorage || 500,
|
|
82
|
+
monitoringInterval: props.monitoringInterval || aws_cdk_lib_1.Duration.minutes(1),
|
|
83
|
+
multiAz: true,
|
|
84
|
+
port: props.port,
|
|
85
|
+
preferredMaintenanceWindow: props.preferredMaintenanceWindow || "Sat:12:30-Sat:20:30",
|
|
86
|
+
credentials: aws_rds_1.Credentials.fromSecret(this.databaseCredentials.secret)
|
|
87
|
+
});
|
|
88
|
+
(0, tagResource_1.default)(this.database, props.tags);
|
|
89
|
+
}
|
|
90
|
+
rotateSecret(props) {
|
|
91
|
+
// Rotate the Secret every 30 days
|
|
92
|
+
this.masterSecret = new secrets_1.Secret(this, `${props.databaseName}MasterSecret`, {
|
|
93
|
+
secretName: `${props.databaseName}MasterSecret`,
|
|
94
|
+
tags: props.tags
|
|
95
|
+
});
|
|
96
|
+
new aws_secretsmanager_1.SecretRotation(this, `${props.databaseName}SecretRotation`, {
|
|
97
|
+
application: new aws_secretsmanager_1.SecretRotationApplication("SecretsManagerRDSPostgreSQLRotationMultiUser", "1.1.367", {
|
|
98
|
+
isMultiUser: true
|
|
99
|
+
}),
|
|
100
|
+
secret: this.databaseCredentials.secret,
|
|
101
|
+
masterSecret: this.masterSecret.secret,
|
|
102
|
+
target: this.database,
|
|
103
|
+
vpc: this.database.vpc
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
addProxy(props) {
|
|
107
|
+
this.databaseProxy = new aws_rds_1.DatabaseProxy(this, `${props.databaseName}DatabaseProxy`, {
|
|
108
|
+
proxyTarget: aws_rds_1.ProxyTarget.fromInstance(this.database),
|
|
109
|
+
secrets: [this.databaseCredentials.secret],
|
|
110
|
+
// TODO: Create a new security group, and remove the line that allows the proxy to connect to the database
|
|
111
|
+
securityGroups: [this.databaseSecurityGroup],
|
|
112
|
+
vpc: props.vpc,
|
|
113
|
+
vpcSubnets: {
|
|
114
|
+
subnetType: aws_ec2_1.SubnetType.PUBLIC
|
|
115
|
+
}
|
|
116
|
+
});
|
|
117
|
+
new aws_cdk_lib_1.CfnOutput(this, `${props.databaseName}ProxyEndpointOutput`, {
|
|
118
|
+
key: `${props.databaseName}ProxyEndpoint`,
|
|
119
|
+
exportName: `${props.databaseName}ProxyEndpoint`,
|
|
120
|
+
value: this.databaseProxy.endpoint
|
|
121
|
+
});
|
|
122
|
+
}
|
|
123
|
+
addReadReplica(props) {
|
|
124
|
+
const readReplicaPerformanceInsightsKey = new secrets_1.CustomerManagedKey(this, `${props.databaseName}ReadReplicaReaderInsightsKey`, {
|
|
125
|
+
aliasName: `cmk/rds/${props.databaseName}/ReadReplicaInsightsKey`,
|
|
126
|
+
tags: props.tags
|
|
127
|
+
});
|
|
128
|
+
new aws_rds_1.DatabaseInstanceReadReplica(this, `${props.databaseName}ReadReplica`, {
|
|
129
|
+
sourceDatabaseInstance: this.database,
|
|
130
|
+
vpc: props.vpc,
|
|
131
|
+
vpcSubnets: {
|
|
132
|
+
subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS
|
|
133
|
+
},
|
|
134
|
+
securityGroups: [this.databaseSecurityGroup],
|
|
135
|
+
allocatedStorage: props.allocatedStorage,
|
|
136
|
+
backupRetention: props.backupRetention || aws_cdk_lib_1.Duration.days(14),
|
|
137
|
+
storageEncrypted: true,
|
|
138
|
+
storageEncryptionKey: this.encryptionKey.key,
|
|
139
|
+
storageType: aws_rds_1.StorageType.GP3,
|
|
140
|
+
caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1,
|
|
141
|
+
removalPolicy: aws_cdk_lib_1.RemovalPolicy.SNAPSHOT,
|
|
142
|
+
deleteAutomatedBackups: false,
|
|
143
|
+
enablePerformanceInsights: props.enablePerformanceInsights,
|
|
144
|
+
performanceInsightEncryptionKey: props.enablePerformanceInsights
|
|
145
|
+
? readReplicaPerformanceInsightsKey.key
|
|
146
|
+
: undefined,
|
|
147
|
+
instanceIdentifier: `${props.databaseName}`,
|
|
148
|
+
instanceType: props.instanceType ||
|
|
149
|
+
aws_ec2_1.InstanceType.of(aws_ec2_1.InstanceClass.STANDARD7_GRAVITON, aws_ec2_1.InstanceSize.LARGE),
|
|
150
|
+
maxAllocatedStorage: props.maxAllocatedStorage || 500,
|
|
151
|
+
monitoringInterval: props.monitoringInterval || aws_cdk_lib_1.Duration.minutes(1),
|
|
152
|
+
multiAz: true,
|
|
153
|
+
port: props.port,
|
|
154
|
+
preferredMaintenanceWindow: props.preferredMaintenanceWindow || "Sat:12:30-Sat:20:30"
|
|
155
|
+
});
|
|
156
|
+
}
|
|
157
|
+
static build(id, props) {
|
|
158
|
+
return (sb) => {
|
|
159
|
+
const newProps = {
|
|
160
|
+
...props,
|
|
161
|
+
...{
|
|
162
|
+
vpc: sb.getNetwork() || props?.vpc,
|
|
163
|
+
securityGroupIds: props?.securityGroupIds ?? [],
|
|
164
|
+
databaseName: props.databaseName || `${id.replace("Rds", "")}`,
|
|
165
|
+
tags: props.tags
|
|
166
|
+
}
|
|
167
|
+
};
|
|
168
|
+
return new this(sb.getStack(), id, newProps);
|
|
169
|
+
};
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
exports.default = Rds;
|
|
173
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmRzSW5zdGFuY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9kYXRhYmFzZS9yZHNJbnN0YW5jZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDZDQUF3RTtBQUN4RSxpREFTNkI7QUFDN0IsaURBVzZCO0FBQzdCLHVFQUd3QztBQUV4QyxnQ0FBdUM7QUFDdkMsd0NBQXdEO0FBR3hELDREQUFxRDtBQXNCckQsTUFBcUIsR0FBSSxTQUFRLG1CQUFLO0lBV3BDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBZTtRQUN2RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksQ0FBQyxXQUFXLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDeEIsSUFBSSxDQUFDLFlBQVksQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUV6QixJQUFJLEtBQUssQ0FBQyxhQUFhLEVBQUU7WUFDdkIsSUFBSSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztTQUN0QjtRQUVELElBQUksS0FBSyxDQUFDLFdBQVcsRUFBRTtZQUNyQixJQUFJLENBQUMsY0FBYyxDQUFDLEtBQUssQ0FBQyxDQUFDO1NBQzVCO0lBQ0gsQ0FBQztJQUVELFdBQVcsQ0FBQyxLQUFlO1FBQ3pCLHVCQUF1QjtRQUN2QixJQUFJLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxnQkFBTSxDQUNuQyxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxhQUFhLEVBQ2xDO1lBQ0UsVUFBVSxFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksYUFBYTtZQUM5QyxvQkFBb0IsRUFBRTtnQkFDcEIsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQztvQkFDbkMsUUFBUSxFQUFFLFVBQVU7aUJBQ3JCLENBQUM7Z0JBQ0Ysa0JBQWtCLEVBQUUsSUFBSTtnQkFDeEIsWUFBWSxFQUFFLEtBQUs7Z0JBQ25CLGlCQUFpQixFQUFFLFVBQVU7YUFDOUI7WUFDRCxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7U0FDakIsQ0FDRixDQUFDO1FBRUYsd0JBQXdCO1FBQ3hCLElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSw0QkFBa0IsQ0FDekMsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksc0JBQXNCLEVBQzNDO1lBQ0UsU0FBUyxFQUFFLFdBQVcsS0FBSyxDQUFDLFlBQVksZ0JBQWdCO1lBQ3hELElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtTQUNqQixDQUNGLENBQUM7UUFFRixJQUFJLEtBQUssQ0FBQyx5QkFBeUIsRUFBRTtZQUNuQyxJQUFJLENBQUMsOEJBQThCLEdBQUcsSUFBSSw0QkFBa0IsQ0FDMUQsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksd0JBQXdCLEVBQzdDO2dCQUNFLFNBQVMsRUFBRSxXQUFXLEtBQUssQ0FBQyxZQUFZLGNBQWM7Z0JBQ3RELElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNqQixDQUNGLENBQUM7U0FDSDtRQUVELElBQUksQ0FBQyxxQkFBcUIsR0FBRyxJQUFJLG1CQUFhLENBQzVDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLGVBQWUsRUFDcEM7WUFDRSxHQUFHLEVBQUUsS0FBSyxDQUFDLEdBQUc7WUFDZCxXQUFXLEVBQUUseUVBQXlFLEtBQUssQ0FBQyxZQUFZLEVBQUU7U0FDM0csQ0FDRixDQUFDO1FBRUYsa0hBQWtIO1FBQ2xILElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxjQUFjLENBQ3ZDLElBQUksQ0FBQyxxQkFBcUIsRUFDMUIsY0FBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FDZixDQUFDO1FBRUYsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMscUJBQXFCLENBQUMsV0FBVyxDQUFDO1FBRTFELG1CQUFtQjtRQUNuQixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksMEJBQWdCLENBQ2xDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLFVBQVUsRUFDL0I7WUFDRSxHQUFHLEVBQUUsS0FBSyxDQUFDLEdBQUc7WUFDZCxVQUFVLEVBQUU7Z0JBQ1YsVUFBVSxFQUFFLG9CQUFVLENBQUMsbUJBQW1CO2FBQzNDO1lBQ0QsY0FBYyxFQUFFLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDO1lBQzVDLE1BQU0sRUFDSixLQUFLLENBQUMsTUFBTTtnQkFDWixnQ0FBc0IsQ0FBQyxRQUFRLENBQUM7b0JBQzlCLE9BQU8sRUFBRSwrQkFBcUIsQ0FBQyxRQUFRO2lCQUN4QyxDQUFDO1lBQ0osZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtZQUN4QyxlQUFlLEVBQUUsS0FBSyxDQUFDLGVBQWUsSUFBSSxzQkFBUSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDM0QsZ0JBQWdCLEVBQUUsSUFBSTtZQUN0QixvQkFBb0IsRUFBRSxJQUFJLENBQUMsYUFBYSxDQUFDLEdBQUc7WUFDNUMsV0FBVyxFQUFFLHFCQUFXLENBQUMsR0FBRztZQUM1QixhQUFhLEVBQUUsdUJBQWEsQ0FBQyxpQkFBaUI7WUFDOUMsYUFBYSxFQUFFLDJCQUFhLENBQUMsUUFBUTtZQUNyQyxzQkFBc0IsRUFBRSxLQUFLO1lBQzdCLHlCQUF5QixFQUFFLEtBQUssQ0FBQyx5QkFBeUI7WUFDMUQsK0JBQStCLEVBQUUsS0FBSyxDQUFDLHlCQUF5QjtnQkFDOUQsQ0FBQyxDQUFDLElBQUksQ0FBQyw4QkFBOEIsQ0FBQyxHQUFHO2dCQUN6QyxDQUFDLENBQUMsU0FBUztZQUNiLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWTtZQUNoQyxrQkFBa0IsRUFBRSxLQUFLLENBQUMsWUFBWTtZQUN0QyxZQUFZLEVBQ1YsS0FBSyxDQUFDLFlBQVk7Z0JBQ2xCLHNCQUFZLENBQUMsRUFBRSxDQUFDLHVCQUFhLENBQUMsa0JBQWtCLEVBQUUsc0JBQVksQ0FBQyxLQUFLLENBQUM7WUFDdkUsbUJBQW1CLEVBQUUsS0FBSyxDQUFDLG1CQUFtQixJQUFJLEdBQUc7WUFDckQsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLHNCQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztZQUNuRSxPQUFPLEVBQUUsSUFBSTtZQUNiLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtZQUNoQiwwQkFBMEIsRUFDeEIsS0FBSyxDQUFDLDBCQUEwQixJQUFJLHFCQUFxQjtZQUMzRCxXQUFXLEVBQUUscUJBQVcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sQ0FBQztTQUNyRSxDQUNGLENBQUM7UUFDRixJQUFBLHFCQUFXLEVBQUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVELFlBQVksQ0FBQyxLQUFlO1FBQzFCLGtDQUFrQztRQUNsQyxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksZ0JBQU0sQ0FBQyxJQUFJLEVBQUUsR0FBRyxLQUFLLENBQUMsWUFBWSxjQUFjLEVBQUU7WUFDeEUsVUFBVSxFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksY0FBYztZQUMvQyxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7U0FDakIsQ0FBQyxDQUFDO1FBRUgsSUFBSSxtQ0FBYyxDQUFDLElBQUksRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGdCQUFnQixFQUFFO1lBQzlELFdBQVcsRUFBRSxJQUFJLDhDQUF5QixDQUN4Qyw4Q0FBOEMsRUFDOUMsU0FBUyxFQUNUO2dCQUNFLFdBQVcsRUFBRSxJQUFJO2FBQ2xCLENBQ0Y7WUFDRCxNQUFNLEVBQUUsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU07WUFDdkMsWUFBWSxFQUFFLElBQUksQ0FBQyxZQUFZLENBQUMsTUFBTTtZQUN0QyxNQUFNLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDckIsR0FBRyxFQUFFLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRztTQUN2QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsUUFBUSxDQUFDLEtBQWU7UUFDdEIsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLHVCQUFhLENBQ3BDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLGVBQWUsRUFDcEM7WUFDRSxXQUFXLEVBQUUscUJBQVcsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQztZQUNwRCxPQUFPLEVBQUUsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsTUFBTSxDQUFDO1lBQzFDLDBHQUEwRztZQUMxRyxjQUFjLEVBQUUsQ0FBQyxJQUFJLENBQUMscUJBQXFCLENBQUM7WUFDNUMsR0FBRyxFQUFFLEtBQUssQ0FBQyxHQUFHO1lBQ2QsVUFBVSxFQUFFO2dCQUNWLFVBQVUsRUFBRSxvQkFBVSxDQUFDLE1BQU07YUFDOUI7U0FDRixDQUNGLENBQUM7UUFFRixJQUFJLHVCQUFTLENBQUMsSUFBSSxFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVkscUJBQXFCLEVBQUU7WUFDOUQsR0FBRyxFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksZUFBZTtZQUN6QyxVQUFVLEVBQUUsR0FBRyxLQUFLLENBQUMsWUFBWSxlQUFlO1lBQ2hELEtBQUssRUFBRSxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVE7U0FDbkMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELGNBQWMsQ0FBQyxLQUFlO1FBQzVCLE1BQU0saUNBQWlDLEdBQUcsSUFBSSw0QkFBa0IsQ0FDOUQsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksOEJBQThCLEVBQ25EO1lBQ0UsU0FBUyxFQUFFLFdBQVcsS0FBSyxDQUFDLFlBQVkseUJBQXlCO1lBQ2pFLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtTQUNqQixDQUNGLENBQUM7UUFFRixJQUFJLHFDQUEyQixDQUFDLElBQUksRUFBRSxHQUFHLEtBQUssQ0FBQyxZQUFZLGFBQWEsRUFBRTtZQUN4RSxzQkFBc0IsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUNyQyxHQUFHLEVBQUUsS0FBSyxDQUFDLEdBQUc7WUFDZCxVQUFVLEVBQUU7Z0JBQ1YsVUFBVSxFQUFFLG9CQUFVLENBQUMsbUJBQW1CO2FBQzNDO1lBQ0QsY0FBYyxFQUFFLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDO1lBQzVDLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxnQkFBZ0I7WUFDeEMsZUFBZSxFQUFFLEtBQUssQ0FBQyxlQUFlLElBQUksc0JBQVEsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQzNELGdCQUFnQixFQUFFLElBQUk7WUFDdEIsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLGFBQWEsQ0FBQyxHQUFHO1lBQzVDLFdBQVcsRUFBRSxxQkFBVyxDQUFDLEdBQUc7WUFDNUIsYUFBYSxFQUFFLHVCQUFhLENBQUMsaUJBQWlCO1lBQzlDLGFBQWEsRUFBRSwyQkFBYSxDQUFDLFFBQVE7WUFDckMsc0JBQXNCLEVBQUUsS0FBSztZQUM3Qix5QkFBeUIsRUFBRSxLQUFLLENBQUMseUJBQXlCO1lBQzFELCtCQUErQixFQUFFLEtBQUssQ0FBQyx5QkFBeUI7Z0JBQzlELENBQUMsQ0FBQyxpQ0FBaUMsQ0FBQyxHQUFHO2dCQUN2QyxDQUFDLENBQUMsU0FBUztZQUNiLGtCQUFrQixFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksRUFBRTtZQUMzQyxZQUFZLEVBQ1YsS0FBSyxDQUFDLFlBQVk7Z0JBQ2xCLHNCQUFZLENBQUMsRUFBRSxDQUFDLHVCQUFhLENBQUMsa0JBQWtCLEVBQUUsc0JBQVksQ0FBQyxLQUFLLENBQUM7WUFDdkUsbUJBQW1CLEVBQUUsS0FBSyxDQUFDLG1CQUFtQixJQUFJLEdBQUc7WUFDckQsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLHNCQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztZQUNuRSxPQUFPLEVBQUUsSUFBSTtZQUNiLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtZQUNoQiwwQkFBMEIsRUFDeEIsS0FBSyxDQUFDLDBCQUEwQixJQUFJLHFCQUFxQjtTQUM1RCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFVLEVBQUUsS0FBZTtRQUN0QyxPQUFPLENBQUMsRUFBZ0IsRUFBRSxFQUFFO1lBQzFCLE1BQU0sUUFBUSxHQUFhO2dCQUN6QixHQUFHLEtBQUs7Z0JBQ1IsR0FBRztvQkFDRCxHQUFHLEVBQUcsRUFBRSxDQUFDLFVBQVUsRUFBVSxJQUFJLEtBQUssRUFBRSxHQUFHO29CQUMzQyxnQkFBZ0IsRUFBRSxLQUFLLEVBQUUsZ0JBQWdCLElBQUksRUFBRTtvQkFDL0MsWUFBWSxFQUFFLEtBQUssQ0FBQyxZQUFZLElBQUksR0FBRyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsRUFBRTtvQkFDOUQsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO2lCQUNqQjthQUNGLENBQUM7WUFFRixPQUFPLElBQUksSUFBSSxDQUFDLEVBQUUsQ0FBQyxRQUFRLEVBQUUsRUFBRSxFQUFFLEVBQUUsUUFBUSxDQUFDLENBQUM7UUFDL0MsQ0FBQyxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBck9ELHNCQXFPQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENmbk91dHB1dCwgRHVyYXRpb24sIFJlbW92YWxQb2xpY3ksIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQge1xuICBDb25uZWN0aW9ucyxcbiAgSUNvbm5lY3RhYmxlLFxuICBJbnN0YW5jZUNsYXNzLFxuICBJbnN0YW5jZVNpemUsXG4gIEluc3RhbmNlVHlwZSxcbiAgUG9ydCxcbiAgU3VibmV0VHlwZSxcbiAgVnBjXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtZWMyXCI7XG5pbXBvcnQge1xuICBDYUNlcnRpZmljYXRlLFxuICBDcmVkZW50aWFscyxcbiAgRGF0YWJhc2VJbnN0YW5jZSxcbiAgRGF0YWJhc2VJbnN0YW5jZUVuZ2luZSxcbiAgRGF0YWJhc2VJbnN0YW5jZVJlYWRSZXBsaWNhLFxuICBEYXRhYmFzZVByb3h5LFxuICBJSW5zdGFuY2VFbmdpbmUsXG4gIFBvc3RncmVzRW5naW5lVmVyc2lvbixcbiAgUHJveHlUYXJnZXQsXG4gIFN0b3JhZ2VUeXBlXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtcmRzXCI7XG5pbXBvcnQge1xuICBTZWNyZXRSb3RhdGlvbixcbiAgU2VjcmV0Um90YXRpb25BcHBsaWNhdGlvblxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgU2VjdXJpdHlHcm91cCB9IGZyb20gXCIuLi9pYW1cIjtcbmltcG9ydCB7IEN1c3RvbWVyTWFuYWdlZEtleSwgU2VjcmV0IH0gZnJvbSBcIi4uL3NlY3JldHNcIjtcbmltcG9ydCB7IEtleVZhbHVlIH0gZnJvbSBcIi4uLy4uLy4uL3R5cGVzXCI7XG5pbXBvcnQgeyBTdGFja0J1aWxkZXIgfSBmcm9tIFwiLi4vYXdzU3RhY2tcIjtcbmltcG9ydCB0YWdSZXNvdXJjZSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvdGFnUmVzb3VyY2VcIjtcblxuaW50ZXJmYWNlIFJkc1Byb3BzIHtcbiAgdnBjOiBWcGM7XG4gIGRhdGFiYXNlTmFtZT86IHN0cmluZztcbiAgZW5naW5lPzogSUluc3RhbmNlRW5naW5lO1xuICBpbnN0YW5jZVR5cGU/OiBJbnN0YW5jZVR5cGU7XG4gIG1heEFsbG9jYXRlZFN0b3JhZ2U/OiBudW1iZXI7XG4gIGFsbG9jYXRlZFN0b3JhZ2U/OiBudW1iZXI7XG4gIGJhY2t1cFJldGVudGlvbj86IER1cmF0aW9uO1xuICBjbHVzdGVySWRlbnRpZmllcj86IHN0cmluZztcbiAgbW9uaXRvcmluZ0ludGVydmFsPzogRHVyYXRpb247XG4gIHByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93Pzogc3RyaW5nO1xuICBwb3J0PzogbnVtYmVyO1xuICBlbmFibGVQZXJmb3JtYW5jZUluc2lnaHRzPzogYm9vbGVhbjtcbiAgZGF0YWJhc2VQcm94eT86IGJvb2xlYW47XG4gIC8vIFRPRE86IFRoZSBiZWxvdyBjb3VsZCBiZSBhIG51bWJlciwgdGhlbiBpdCBzY2FsZXMgYmFzZWQgb24gdGhlIGFtb3VudFxuICByZWFkUmVwbGljYT86IGJvb2xlYW47XG4gIHRhZ3M6IEtleVZhbHVlO1xuICBzZWN1cml0eUdyb3VwSWRzPzogc3RyaW5nW107XG59XG5cbmV4cG9ydCBkZWZhdWx0IGNsYXNzIFJkcyBleHRlbmRzIFN0YWNrIGltcGxlbWVudHMgSUNvbm5lY3RhYmxlIHtcbiAgcHVibGljIGNvbm5lY3Rpb25zOiBDb25uZWN0aW9ucztcbiAgcHVibGljIGRhdGFiYXNlU2VjdXJpdHlHcm91cDogU2VjdXJpdHlHcm91cDtcblxuICBwcml2YXRlIGRhdGFiYXNlQ3JlZGVudGlhbHM6IFNlY3JldDtcbiAgcHJpdmF0ZSBlbmNyeXB0aW9uS2V5OiBDdXN0b21lck1hbmFnZWRLZXk7XG4gIHByaXZhdGUgZGF0YWJhc2VQZXJmb3JtYW5jZUluc2lnaHRzS2V5OiBDdXN0b21lck1hbmFnZWRLZXk7XG4gIHByaXZhdGUgZGF0YWJhc2U6IERhdGFiYXNlSW5zdGFuY2U7XG4gIHByaXZhdGUgbWFzdGVyU2VjcmV0OiBTZWNyZXQ7XG4gIHByaXZhdGUgZGF0YWJhc2VQcm94eTogRGF0YWJhc2VQcm94eTtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogUmRzUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5hZGREYXRhYmFzZShwcm9wcyk7XG4gICAgdGhpcy5yb3RhdGVTZWNyZXQocHJvcHMpO1xuXG4gICAgaWYgKHByb3BzLmRhdGFiYXNlUHJveHkpIHtcbiAgICAgIHRoaXMuYWRkUHJveHkocHJvcHMpO1xuICAgIH1cblxuICAgIGlmIChwcm9wcy5yZWFkUmVwbGljYSkge1xuICAgICAgdGhpcy5hZGRSZWFkUmVwbGljYShwcm9wcyk7XG4gICAgfVxuICB9XG5cbiAgYWRkRGF0YWJhc2UocHJvcHM6IFJkc1Byb3BzKSB7XG4gICAgLy8gRGF0YWJhc2UgQ3JlZGVudGlhbHNcbiAgICB0aGlzLmRhdGFiYXNlQ3JlZGVudGlhbHMgPSBuZXcgU2VjcmV0KFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1DcmVkZW50aWFsc2AsXG4gICAgICB7XG4gICAgICAgIHNlY3JldE5hbWU6IGAke3Byb3BzLmRhdGFiYXNlTmFtZX1DcmVkZW50aWFsc2AsXG4gICAgICAgIGdlbmVyYXRlU2VjcmV0U3RyaW5nOiB7XG4gICAgICAgICAgc2VjcmV0U3RyaW5nVGVtcGxhdGU6IEpTT04uc3RyaW5naWZ5KHtcbiAgICAgICAgICAgIHVzZXJuYW1lOiBcInBvc3RncmVzXCJcbiAgICAgICAgICB9KSxcbiAgICAgICAgICBleGNsdWRlUHVuY3R1YXRpb246IHRydWUsXG4gICAgICAgICAgaW5jbHVkZVNwYWNlOiBmYWxzZSxcbiAgICAgICAgICBnZW5lcmF0ZVN0cmluZ0tleTogXCJwYXNzd29yZFwiXG4gICAgICAgIH0sXG4gICAgICAgIHRhZ3M6IHByb3BzLnRhZ3NcbiAgICAgIH1cbiAgICApO1xuXG4gICAgLy8gQ3VzdG9tZXIgTWFuYWdlZCBLZXlzXG4gICAgdGhpcy5lbmNyeXB0aW9uS2V5ID0gbmV3IEN1c3RvbWVyTWFuYWdlZEtleShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9Q2x1c3RlckVuY3J5cHRpb25LZXlgLFxuICAgICAge1xuICAgICAgICBhbGlhc05hbWU6IGBjbWsvcmRzLyR7cHJvcHMuZGF0YWJhc2VOYW1lfS9lbmNyeXB0aW9uS2V5YCxcbiAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgfVxuICAgICk7XG5cbiAgICBpZiAocHJvcHMuZW5hYmxlUGVyZm9ybWFuY2VJbnNpZ2h0cykge1xuICAgICAgdGhpcy5kYXRhYmFzZVBlcmZvcm1hbmNlSW5zaWdodHNLZXkgPSBuZXcgQ3VzdG9tZXJNYW5hZ2VkS2V5KFxuICAgICAgICB0aGlzLFxuICAgICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UGVyZm9ybWFuY2VJbnNpZ2h0c0tleWAsXG4gICAgICAgIHtcbiAgICAgICAgICBhbGlhc05hbWU6IGBjbWsvcmRzLyR7cHJvcHMuZGF0YWJhc2VOYW1lfS9JbnNpZ2h0c0tleWAsXG4gICAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgICB9XG4gICAgICApO1xuICAgIH1cblxuICAgIHRoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwID0gbmV3IFNlY3VyaXR5R3JvdXAoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVNlY3VyaXR5R3JvdXBgLFxuICAgICAge1xuICAgICAgICB2cGM6IHByb3BzLnZwYyxcbiAgICAgICAgZGVzY3JpcHRpb246IGBTZWN1cml0eSBncm91cCB0aGF0IGFsbG93cyBpbmJvdW5kIGFjY2VzcyB0byB0aGUgcG9zdGdyZXMgY2x1c3RlciBmb3IgJHtwcm9wcy5kYXRhYmFzZU5hbWV9YFxuICAgICAgfVxuICAgICk7XG5cbiAgICAvL1RPRE86IFJlbW92ZSB0aGlzIGxpbmUsIHRoYXQgYWxsb3dzIHRoZSBwcm94eSB0byBjb25uZWN0IHRvIHRoZSBkYXRhYmFzZS4gUmVwbGFjZSB3aXRoIHNlcGVyYXRlZCBzZWN1cml0eSBncm91cHNcbiAgICB0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cC5hZGRJbmdyZXNzUnVsZShcbiAgICAgIHRoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwLFxuICAgICAgUG9ydC50Y3AoNTQzMilcbiAgICApO1xuXG4gICAgdGhpcy5jb25uZWN0aW9ucyA9IHRoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwLmNvbm5lY3Rpb25zO1xuXG4gICAgLy8gRGF0YWJhc2UgQ2x1c3RlclxuICAgIHRoaXMuZGF0YWJhc2UgPSBuZXcgRGF0YWJhc2VJbnN0YW5jZShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9RGF0YWJhc2VgLFxuICAgICAge1xuICAgICAgICB2cGM6IHByb3BzLnZwYyxcbiAgICAgICAgdnBjU3VibmV0czoge1xuICAgICAgICAgIHN1Ym5ldFR5cGU6IFN1Ym5ldFR5cGUuUFJJVkFURV9XSVRIX0VHUkVTU1xuICAgICAgICB9LFxuICAgICAgICBzZWN1cml0eUdyb3VwczogW3RoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwXSxcbiAgICAgICAgZW5naW5lOlxuICAgICAgICAgIHByb3BzLmVuZ2luZSB8fFxuICAgICAgICAgIERhdGFiYXNlSW5zdGFuY2VFbmdpbmUucG9zdGdyZXMoe1xuICAgICAgICAgICAgdmVyc2lvbjogUG9zdGdyZXNFbmdpbmVWZXJzaW9uLlZFUl8xNl8zXG4gICAgICAgICAgfSksXG4gICAgICAgIGFsbG9jYXRlZFN0b3JhZ2U6IHByb3BzLmFsbG9jYXRlZFN0b3JhZ2UsXG4gICAgICAgIGJhY2t1cFJldGVudGlvbjogcHJvcHMuYmFja3VwUmV0ZW50aW9uIHx8IER1cmF0aW9uLmRheXMoMTQpLFxuICAgICAgICBzdG9yYWdlRW5jcnlwdGVkOiB0cnVlLFxuICAgICAgICBzdG9yYWdlRW5jcnlwdGlvbktleTogdGhpcy5lbmNyeXB0aW9uS2V5LmtleSxcbiAgICAgICAgc3RvcmFnZVR5cGU6IFN0b3JhZ2VUeXBlLkdQMyxcbiAgICAgICAgY2FDZXJ0aWZpY2F0ZTogQ2FDZXJ0aWZpY2F0ZS5SRFNfQ0FfUlNBNDA5Nl9HMSxcbiAgICAgICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5TTkFQU0hPVCxcbiAgICAgICAgZGVsZXRlQXV0b21hdGVkQmFja3VwczogZmFsc2UsXG4gICAgICAgIGVuYWJsZVBlcmZvcm1hbmNlSW5zaWdodHM6IHByb3BzLmVuYWJsZVBlcmZvcm1hbmNlSW5zaWdodHMsXG4gICAgICAgIHBlcmZvcm1hbmNlSW5zaWdodEVuY3J5cHRpb25LZXk6IHByb3BzLmVuYWJsZVBlcmZvcm1hbmNlSW5zaWdodHNcbiAgICAgICAgICA/IHRoaXMuZGF0YWJhc2VQZXJmb3JtYW5jZUluc2lnaHRzS2V5LmtleVxuICAgICAgICAgIDogdW5kZWZpbmVkLFxuICAgICAgICBkYXRhYmFzZU5hbWU6IHByb3BzLmRhdGFiYXNlTmFtZSxcbiAgICAgICAgaW5zdGFuY2VJZGVudGlmaWVyOiBwcm9wcy5kYXRhYmFzZU5hbWUsXG4gICAgICAgIGluc3RhbmNlVHlwZTpcbiAgICAgICAgICBwcm9wcy5pbnN0YW5jZVR5cGUgfHxcbiAgICAgICAgICBJbnN0YW5jZVR5cGUub2YoSW5zdGFuY2VDbGFzcy5TVEFOREFSRDdfR1JBVklUT04sIEluc3RhbmNlU2l6ZS5MQVJHRSksXG4gICAgICAgIG1heEFsbG9jYXRlZFN0b3JhZ2U6IHByb3BzLm1heEFsbG9jYXRlZFN0b3JhZ2UgfHwgNTAwLFxuICAgICAgICBtb25pdG9yaW5nSW50ZXJ2YWw6IHByb3BzLm1vbml0b3JpbmdJbnRlcnZhbCB8fCBEdXJhdGlvbi5taW51dGVzKDEpLFxuICAgICAgICBtdWx0aUF6OiB0cnVlLFxuICAgICAgICBwb3J0OiBwcm9wcy5wb3J0LFxuICAgICAgICBwcmVmZXJyZWRNYWludGVuYW5jZVdpbmRvdzpcbiAgICAgICAgICBwcm9wcy5wcmVmZXJyZWRNYWludGVuYW5jZVdpbmRvdyB8fCBcIlNhdDoxMjozMC1TYXQ6MjA6MzBcIixcbiAgICAgICAgY3JlZGVudGlhbHM6IENyZWRlbnRpYWxzLmZyb21TZWNyZXQodGhpcy5kYXRhYmFzZUNyZWRlbnRpYWxzLnNlY3JldClcbiAgICAgIH1cbiAgICApO1xuICAgIHRhZ1Jlc291cmNlKHRoaXMuZGF0YWJhc2UsIHByb3BzLnRhZ3MpO1xuICB9XG5cbiAgcm90YXRlU2VjcmV0KHByb3BzOiBSZHNQcm9wcykge1xuICAgIC8vIFJvdGF0ZSB0aGUgU2VjcmV0IGV2ZXJ5IDMwIGRheXNcbiAgICB0aGlzLm1hc3RlclNlY3JldCA9IG5ldyBTZWNyZXQodGhpcywgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfU1hc3RlclNlY3JldGAsIHtcbiAgICAgIHNlY3JldE5hbWU6IGAke3Byb3BzLmRhdGFiYXNlTmFtZX1NYXN0ZXJTZWNyZXRgLFxuICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgIH0pO1xuXG4gICAgbmV3IFNlY3JldFJvdGF0aW9uKHRoaXMsIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1TZWNyZXRSb3RhdGlvbmAsIHtcbiAgICAgIGFwcGxpY2F0aW9uOiBuZXcgU2VjcmV0Um90YXRpb25BcHBsaWNhdGlvbihcbiAgICAgICAgXCJTZWNyZXRzTWFuYWdlclJEU1Bvc3RncmVTUUxSb3RhdGlvbk11bHRpVXNlclwiLFxuICAgICAgICBcIjEuMS4zNjdcIixcbiAgICAgICAge1xuICAgICAgICAgIGlzTXVsdGlVc2VyOiB0cnVlXG4gICAgICAgIH1cbiAgICAgICksXG4gICAgICBzZWNyZXQ6IHRoaXMuZGF0YWJhc2VDcmVkZW50aWFscy5zZWNyZXQsXG4gICAgICBtYXN0ZXJTZWNyZXQ6IHRoaXMubWFzdGVyU2VjcmV0LnNlY3JldCxcbiAgICAgIHRhcmdldDogdGhpcy5kYXRhYmFzZSxcbiAgICAgIHZwYzogdGhpcy5kYXRhYmFzZS52cGNcbiAgICB9KTtcbiAgfVxuXG4gIGFkZFByb3h5KHByb3BzOiBSZHNQcm9wcykge1xuICAgIHRoaXMuZGF0YWJhc2VQcm94eSA9IG5ldyBEYXRhYmFzZVByb3h5KFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EYXRhYmFzZVByb3h5YCxcbiAgICAgIHtcbiAgICAgICAgcHJveHlUYXJnZXQ6IFByb3h5VGFyZ2V0LmZyb21JbnN0YW5jZSh0aGlzLmRhdGFiYXNlKSxcbiAgICAgICAgc2VjcmV0czogW3RoaXMuZGF0YWJhc2VDcmVkZW50aWFscy5zZWNyZXRdLFxuICAgICAgICAvLyBUT0RPOiBDcmVhdGUgYSBuZXcgc2VjdXJpdHkgZ3JvdXAsIGFuZCByZW1vdmUgdGhlIGxpbmUgdGhhdCBhbGxvd3MgdGhlIHByb3h5IHRvIGNvbm5lY3QgdG8gdGhlIGRhdGFiYXNlXG4gICAgICAgIHNlY3VyaXR5R3JvdXBzOiBbdGhpcy5kYXRhYmFzZVNlY3VyaXR5R3JvdXBdLFxuICAgICAgICB2cGM6IHByb3BzLnZwYyxcbiAgICAgICAgdnBjU3VibmV0czoge1xuICAgICAgICAgIHN1Ym5ldFR5cGU6IFN1Ym5ldFR5cGUuUFVCTElDXG4gICAgICAgIH1cbiAgICAgIH1cbiAgICApO1xuXG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UHJveHlFbmRwb2ludE91dHB1dGAsIHtcbiAgICAgIGtleTogYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVByb3h5RW5kcG9pbnRgLFxuICAgICAgZXhwb3J0TmFtZTogYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVByb3h5RW5kcG9pbnRgLFxuICAgICAgdmFsdWU6IHRoaXMuZGF0YWJhc2VQcm94eS5lbmRwb2ludFxuICAgIH0pO1xuICB9XG5cbiAgYWRkUmVhZFJlcGxpY2EocHJvcHM6IFJkc1Byb3BzKSB7XG4gICAgY29uc3QgcmVhZFJlcGxpY2FQZXJmb3JtYW5jZUluc2lnaHRzS2V5ID0gbmV3IEN1c3RvbWVyTWFuYWdlZEtleShcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UmVhZFJlcGxpY2FSZWFkZXJJbnNpZ2h0c0tleWAsXG4gICAgICB7XG4gICAgICAgIGFsaWFzTmFtZTogYGNtay9yZHMvJHtwcm9wcy5kYXRhYmFzZU5hbWV9L1JlYWRSZXBsaWNhSW5zaWdodHNLZXlgLFxuICAgICAgICB0YWdzOiBwcm9wcy50YWdzXG4gICAgICB9XG4gICAgKTtcblxuICAgIG5ldyBEYXRhYmFzZUluc3RhbmNlUmVhZFJlcGxpY2EodGhpcywgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVJlYWRSZXBsaWNhYCwge1xuICAgICAgc291cmNlRGF0YWJhc2VJbnN0YW5jZTogdGhpcy5kYXRhYmFzZSxcbiAgICAgIHZwYzogcHJvcHMudnBjLFxuICAgICAgdnBjU3VibmV0czoge1xuICAgICAgICBzdWJuZXRUeXBlOiBTdWJuZXRUeXBlLlBSSVZBVEVfV0lUSF9FR1JFU1NcbiAgICAgIH0sXG4gICAgICBzZWN1cml0eUdyb3VwczogW3RoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwXSxcbiAgICAgIGFsbG9jYXRlZFN0b3JhZ2U6IHByb3BzLmFsbG9jYXRlZFN0b3JhZ2UsXG4gICAgICBiYWNrdXBSZXRlbnRpb246IHByb3BzLmJhY2t1cFJldGVudGlvbiB8fCBEdXJhdGlvbi5kYXlzKDE0KSxcbiAgICAgIHN0b3JhZ2VFbmNyeXB0ZWQ6IHRydWUsXG4gICAgICBzdG9yYWdlRW5jcnlwdGlvbktleTogdGhpcy5lbmNyeXB0aW9uS2V5LmtleSxcbiAgICAgIHN0b3JhZ2VUeXBlOiBTdG9yYWdlVHlwZS5HUDMsXG4gICAgICBjYUNlcnRpZmljYXRlOiBDYUNlcnRpZmljYXRlLlJEU19DQV9SU0E0MDk2X0cxLFxuICAgICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5TTkFQU0hPVCxcbiAgICAgIGRlbGV0ZUF1dG9tYXRlZEJhY2t1cHM6IGZhbHNlLFxuICAgICAgZW5hYmxlUGVyZm9ybWFuY2VJbnNpZ2h0czogcHJvcHMuZW5hYmxlUGVyZm9ybWFuY2VJbnNpZ2h0cyxcbiAgICAgIHBlcmZvcm1hbmNlSW5zaWdodEVuY3J5cHRpb25LZXk6IHByb3BzLmVuYWJsZVBlcmZvcm1hbmNlSW5zaWdodHNcbiAgICAgICAgPyByZWFkUmVwbGljYVBlcmZvcm1hbmNlSW5zaWdodHNLZXkua2V5XG4gICAgICAgIDogdW5kZWZpbmVkLFxuICAgICAgaW5zdGFuY2VJZGVudGlmaWVyOiBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9YCxcbiAgICAgIGluc3RhbmNlVHlwZTpcbiAgICAgICAgcHJvcHMuaW5zdGFuY2VUeXBlIHx8XG4gICAgICAgIEluc3RhbmNlVHlwZS5vZihJbnN0YW5jZUNsYXNzLlNUQU5EQVJEN19HUkFWSVRPTiwgSW5zdGFuY2VTaXplLkxBUkdFKSxcbiAgICAgIG1heEFsbG9jYXRlZFN0b3JhZ2U6IHByb3BzLm1heEFsbG9jYXRlZFN0b3JhZ2UgfHwgNTAwLFxuICAgICAgbW9uaXRvcmluZ0ludGVydmFsOiBwcm9wcy5tb25pdG9yaW5nSW50ZXJ2YWwgfHwgRHVyYXRpb24ubWludXRlcygxKSxcbiAgICAgIG11bHRpQXo6IHRydWUsXG4gICAgICBwb3J0OiBwcm9wcy5wb3J0LFxuICAgICAgcHJlZmVycmVkTWFpbnRlbmFuY2VXaW5kb3c6XG4gICAgICAgIHByb3BzLnByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93IHx8IFwiU2F0OjEyOjMwLVNhdDoyMDozMFwiXG4gICAgfSk7XG4gIH1cblxuICBzdGF0aWMgYnVpbGQoaWQ6IHN0cmluZywgcHJvcHM6IFJkc1Byb3BzKTogKHNiOiBTdGFja0J1aWxkZXIpID0+IENvbnN0cnVjdCB7XG4gICAgcmV0dXJuIChzYjogU3RhY2tCdWlsZGVyKSA9PiB7XG4gICAgICBjb25zdCBuZXdQcm9wczogUmRzUHJvcHMgPSB7XG4gICAgICAgIC4uLnByb3BzLFxuICAgICAgICAuLi57XG4gICAgICAgICAgdnBjOiAoc2IuZ2V0TmV0d29yaygpIGFzIFZwYykgfHwgcHJvcHM/LnZwYyxcbiAgICAgICAgICBzZWN1cml0eUdyb3VwSWRzOiBwcm9wcz8uc2VjdXJpdHlHcm91cElkcyA/PyBbXSxcbiAgICAgICAgICBkYXRhYmFzZU5hbWU6IHByb3BzLmRhdGFiYXNlTmFtZSB8fCBgJHtpZC5yZXBsYWNlKFwiUmRzXCIsIFwiXCIpfWAsXG4gICAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgICB9XG4gICAgICB9O1xuXG4gICAgICByZXR1cm4gbmV3IHRoaXMoc2IuZ2V0U3RhY2soKSwgaWQsIG5ld1Byb3BzKTtcbiAgICB9O1xuICB9XG59XG4iXX0=
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { Stack } from "aws-cdk-lib";
|
|
2
|
+
import * as CloudTrail from "aws-cdk-lib/aws-cloudtrail";
|
|
3
|
+
import { Construct } from "constructs";
|
|
4
|
+
import { KeyValue } from "../../../types";
|
|
5
|
+
import { S3Bucket } from "../storage";
|
|
6
|
+
interface CloudTrailProps extends CloudTrail.TrailProps {
|
|
7
|
+
bucketName: string;
|
|
8
|
+
tags: KeyValue;
|
|
9
|
+
}
|
|
10
|
+
export declare class Trail extends Construct {
|
|
11
|
+
readonly trail: CloudTrail.Trail;
|
|
12
|
+
readonly bucket: S3Bucket;
|
|
13
|
+
constructor(scope: Construct, id: string, props: CloudTrailProps);
|
|
14
|
+
}
|
|
15
|
+
export declare class TrailStack extends Stack {
|
|
16
|
+
constructor(scope: Construct, id: string, props: CloudTrailProps);
|
|
17
|
+
}
|
|
18
|
+
export {};
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.TrailStack = exports.Trail = void 0;
|
|
4
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
+
const CloudTrail = require("aws-cdk-lib/aws-cloudtrail");
|
|
6
|
+
const constructs_1 = require("constructs");
|
|
7
|
+
const secrets_1 = require("../secrets");
|
|
8
|
+
const tagResource_1 = require("../../../utils/tagResource");
|
|
9
|
+
const storage_1 = require("../storage");
|
|
10
|
+
const aws_s3_1 = require("aws-cdk-lib/aws-s3");
|
|
11
|
+
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
|
|
12
|
+
class Trail extends constructs_1.Construct {
|
|
13
|
+
constructor(scope, id, props) {
|
|
14
|
+
super(scope, id);
|
|
15
|
+
const encryptionKey = new secrets_1.CustomerManagedKey(this, `${id}CloudTrailEncryptionKey`, {
|
|
16
|
+
aliasName: `cmk/cloudtrail/${id}/encryptionKey`,
|
|
17
|
+
tags: props.tags
|
|
18
|
+
});
|
|
19
|
+
this.bucket = new storage_1.S3Bucket(this, `${id}cloudTrailBucket`, {
|
|
20
|
+
bucketName: props.bucketName,
|
|
21
|
+
bucketKeyEnabled: true,
|
|
22
|
+
encryption: aws_s3_1.BucketEncryption.KMS,
|
|
23
|
+
encryptionKey: encryptionKey.key
|
|
24
|
+
});
|
|
25
|
+
(0, tagResource_1.default)(this.bucket, props.tags);
|
|
26
|
+
this.bucket.grantReadWrite(new aws_iam_1.ServicePrincipal("cloudtrail.amazonaws.com"));
|
|
27
|
+
this.trail = new CloudTrail.Trail(this, `${id}cloudTrail`, {
|
|
28
|
+
...props,
|
|
29
|
+
bucket: this.bucket,
|
|
30
|
+
trailName: props.trailName || `${id}Trail`,
|
|
31
|
+
encryptionKey: encryptionKey.key
|
|
32
|
+
});
|
|
33
|
+
(0, tagResource_1.default)(this.trail, props.tags);
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
exports.Trail = Trail;
|
|
37
|
+
class TrailStack extends aws_cdk_lib_1.Stack {
|
|
38
|
+
constructor(scope, id, props) {
|
|
39
|
+
super(scope, id);
|
|
40
|
+
new Trail(this, id, {
|
|
41
|
+
...props
|
|
42
|
+
});
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
exports.TrailStack = TrailStack;
|
|
46
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xvdWRUcmFpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2xvZ2dpbmcvY2xvdWRUcmFpbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBb0M7QUFDcEMseURBQXlEO0FBQ3pELDJDQUF1QztBQUN2Qyx3Q0FBZ0Q7QUFDaEQsNERBQXFEO0FBRXJELHdDQUFzQztBQUN0QywrQ0FBc0Q7QUFDdEQsaURBQXVEO0FBT3ZELE1BQWEsS0FBTSxTQUFRLHNCQUFTO0lBSWxDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBc0I7UUFDOUQsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLGFBQWEsR0FBRyxJQUFJLDRCQUFrQixDQUMxQyxJQUFJLEVBQ0osR0FBRyxFQUFFLHlCQUF5QixFQUM5QjtZQUNFLFNBQVMsRUFBRSxrQkFBa0IsRUFBRSxnQkFBZ0I7WUFDL0MsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJO1NBQ2pCLENBQ0YsQ0FBQztRQUVGLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxrQkFBUSxDQUFDLElBQUksRUFBRSxHQUFHLEVBQUUsa0JBQWtCLEVBQUU7WUFDeEQsVUFBVSxFQUFFLEtBQUssQ0FBQyxVQUFVO1lBQzVCLGdCQUFnQixFQUFFLElBQUk7WUFDdEIsVUFBVSxFQUFFLHlCQUFnQixDQUFDLEdBQUc7WUFDaEMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxHQUFHO1NBQ2pDLENBQUMsQ0FBQztRQUNILElBQUEscUJBQVcsRUFBQyxJQUFJLENBQUMsTUFBTSxFQUFFLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNyQyxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsQ0FDeEIsSUFBSSwwQkFBZ0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUNqRCxDQUFDO1FBRUYsSUFBSSxDQUFDLEtBQUssR0FBRyxJQUFJLFVBQVUsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxZQUFZLEVBQUU7WUFDekQsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO1lBQ25CLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUyxJQUFJLEdBQUcsRUFBRSxPQUFPO1lBQzFDLGFBQWEsRUFBRSxhQUFhLENBQUMsR0FBRztTQUNqQyxDQUFDLENBQUM7UUFDSCxJQUFBLHFCQUFXLEVBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDdEMsQ0FBQztDQUNGO0FBbkNELHNCQW1DQztBQUVELE1BQWEsVUFBVyxTQUFRLG1CQUFLO0lBQ25DLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBc0I7UUFDOUQsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLEtBQUssQ0FBQyxJQUFJLEVBQUUsRUFBRSxFQUFFO1lBQ2xCLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQVJELGdDQVFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgU3RhY2sgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCAqIGFzIENsb3VkVHJhaWwgZnJvbSBcImF3cy1jZGstbGliL2F3cy1jbG91ZHRyYWlsXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgQ3VzdG9tZXJNYW5hZ2VkS2V5IH0gZnJvbSBcIi4uL3NlY3JldHNcIjtcbmltcG9ydCB0YWdSZXNvdXJjZSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvdGFnUmVzb3VyY2VcIjtcbmltcG9ydCB7IEtleVZhbHVlIH0gZnJvbSBcIi4uLy4uLy4uL3R5cGVzXCI7XG5pbXBvcnQgeyBTM0J1Y2tldCB9IGZyb20gXCIuLi9zdG9yYWdlXCI7XG5pbXBvcnQgeyBCdWNrZXRFbmNyeXB0aW9uIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zM1wiO1xuaW1wb3J0IHsgU2VydmljZVByaW5jaXBhbCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5cbmludGVyZmFjZSBDbG91ZFRyYWlsUHJvcHMgZXh0ZW5kcyBDbG91ZFRyYWlsLlRyYWlsUHJvcHMge1xuICBidWNrZXROYW1lOiBzdHJpbmc7XG4gIHRhZ3M6IEtleVZhbHVlO1xufVxuXG5leHBvcnQgY2xhc3MgVHJhaWwgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgdHJhaWw6IENsb3VkVHJhaWwuVHJhaWw7XG4gIHB1YmxpYyByZWFkb25seSBidWNrZXQ6IFMzQnVja2V0O1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBDbG91ZFRyYWlsUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgZW5jcnlwdGlvbktleSA9IG5ldyBDdXN0b21lck1hbmFnZWRLZXkoXG4gICAgICB0aGlzLFxuICAgICAgYCR7aWR9Q2xvdWRUcmFpbEVuY3J5cHRpb25LZXlgLFxuICAgICAge1xuICAgICAgICBhbGlhc05hbWU6IGBjbWsvY2xvdWR0cmFpbC8ke2lkfS9lbmNyeXB0aW9uS2V5YCxcbiAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgfVxuICAgICk7XG5cbiAgICB0aGlzLmJ1Y2tldCA9IG5ldyBTM0J1Y2tldCh0aGlzLCBgJHtpZH1jbG91ZFRyYWlsQnVja2V0YCwge1xuICAgICAgYnVja2V0TmFtZTogcHJvcHMuYnVja2V0TmFtZSxcbiAgICAgIGJ1Y2tldEtleUVuYWJsZWQ6IHRydWUsXG4gICAgICBlbmNyeXB0aW9uOiBCdWNrZXRFbmNyeXB0aW9uLktNUyxcbiAgICAgIGVuY3J5cHRpb25LZXk6IGVuY3J5cHRpb25LZXkua2V5XG4gICAgfSk7XG4gICAgdGFnUmVzb3VyY2UodGhpcy5idWNrZXQsIHByb3BzLnRhZ3MpO1xuICAgIHRoaXMuYnVja2V0LmdyYW50UmVhZFdyaXRlKFxuICAgICAgbmV3IFNlcnZpY2VQcmluY2lwYWwoXCJjbG91ZHRyYWlsLmFtYXpvbmF3cy5jb21cIilcbiAgICApO1xuXG4gICAgdGhpcy50cmFpbCA9IG5ldyBDbG91ZFRyYWlsLlRyYWlsKHRoaXMsIGAke2lkfWNsb3VkVHJhaWxgLCB7XG4gICAgICAuLi5wcm9wcyxcbiAgICAgIGJ1Y2tldDogdGhpcy5idWNrZXQsXG4gICAgICB0cmFpbE5hbWU6IHByb3BzLnRyYWlsTmFtZSB8fCBgJHtpZH1UcmFpbGAsXG4gICAgICBlbmNyeXB0aW9uS2V5OiBlbmNyeXB0aW9uS2V5LmtleVxuICAgIH0pO1xuICAgIHRhZ1Jlc291cmNlKHRoaXMudHJhaWwsIHByb3BzLnRhZ3MpO1xuICB9XG59XG5cbmV4cG9ydCBjbGFzcyBUcmFpbFN0YWNrIGV4dGVuZHMgU3RhY2sge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQ2xvdWRUcmFpbFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIG5ldyBUcmFpbCh0aGlzLCBpZCwge1xuICAgICAgLi4ucHJvcHNcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import { Stack, StackProps } from "aws-cdk-lib";
|
|
2
|
-
import * as
|
|
2
|
+
import * as Logs from "aws-cdk-lib/aws-logs";
|
|
3
3
|
import { Construct } from "constructs";
|
|
4
4
|
interface LogGroupStackProps extends StackProps {
|
|
5
5
|
logGroupName: string;
|
|
6
6
|
}
|
|
7
|
-
export declare class LogGroup extends
|
|
8
|
-
constructor(scope: Construct, id: string, props?:
|
|
7
|
+
export declare class LogGroup extends Logs.LogGroup {
|
|
8
|
+
constructor(scope: Construct, id: string, props?: Logs.LogGroupProps);
|
|
9
9
|
}
|
|
10
10
|
export declare class LogGroupStack extends Stack {
|
|
11
11
|
constructor(scope: Construct, id: string, props: LogGroupStackProps);
|
|
@@ -2,8 +2,8 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.LogGroupStack = exports.LogGroup = void 0;
|
|
4
4
|
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
-
const
|
|
6
|
-
class LogGroup extends
|
|
5
|
+
const Logs = require("aws-cdk-lib/aws-logs");
|
|
6
|
+
class LogGroup extends Logs.LogGroup {
|
|
7
7
|
constructor(scope, id, props) {
|
|
8
8
|
super(scope, id, {
|
|
9
9
|
...props // https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_logs.LogGroup
|
|
@@ -20,4 +20,4 @@ class LogGroupStack extends aws_cdk_lib_1.Stack {
|
|
|
20
20
|
}
|
|
21
21
|
}
|
|
22
22
|
exports.LogGroupStack = LogGroupStack;
|
|
23
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
23
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG9nR3JvdXAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9sb2dnaW5nL2xvZ0dyb3VwLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUFnRDtBQUNoRCw2Q0FBNkM7QUFPN0MsTUFBYSxRQUFTLFNBQVEsSUFBSSxDQUFDLFFBQVE7SUFDekMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUEwQjtRQUNsRSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLEdBQUcsS0FBSyxDQUFDLDRFQUE0RTtTQUN0RixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFORCw0QkFNQztBQUVELE1BQWEsYUFBYyxTQUFRLG1CQUFLO0lBQ3RDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBeUI7UUFDakUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFFeEIsSUFBSSxRQUFRLENBQUMsSUFBSSxFQUFFLEVBQUUsRUFBRTtZQUNyQixZQUFZLEVBQUUsS0FBSyxDQUFDLFlBQVk7U0FDakMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBUkQsc0NBUUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBTdGFjaywgU3RhY2tQcm9wcyB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0ICogYXMgTG9ncyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxvZ3NcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5cbmludGVyZmFjZSBMb2dHcm91cFN0YWNrUHJvcHMgZXh0ZW5kcyBTdGFja1Byb3BzIHtcbiAgbG9nR3JvdXBOYW1lOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBjbGFzcyBMb2dHcm91cCBleHRlbmRzIExvZ3MuTG9nR3JvdXAge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wcz86IExvZ3MuTG9nR3JvdXBQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgLi4ucHJvcHMgLy8gaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL2Nkay9hcGkvdjIvZG9jcy9hd3MtY2RrLWxpYi5hd3NfbG9ncy5Mb2dHcm91cFxuICAgIH0pO1xuICB9XG59XG5cbmV4cG9ydCBjbGFzcyBMb2dHcm91cFN0YWNrIGV4dGVuZHMgU3RhY2sge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogTG9nR3JvdXBTdGFja1Byb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG5cbiAgICBuZXcgTG9nR3JvdXAodGhpcywgaWQsIHtcbiAgICAgIGxvZ0dyb3VwTmFtZTogcHJvcHMubG9nR3JvdXBOYW1lXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==
|
|
@@ -14,7 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("
|
|
17
|
+
__exportStar(require("../../../patterns/aws/hostedZone"), exports);
|
|
18
18
|
__exportStar(require("./ipam"), exports);
|
|
19
19
|
__exportStar(require("./ipamPool"), exports);
|
|
20
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
20
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9uZXR3b3JraW5nL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxtRUFBaUQ7QUFDakQseUNBQXVCO0FBQ3ZCLDZDQUEyQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuLi8uLi8uLi9wYXR0ZXJucy9hd3MvaG9zdGVkWm9uZVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vaXBhbVwiO1xuZXhwb3J0ICogZnJvbSBcIi4vaXBhbVBvb2xcIjtcbiJdfQ==
|
|
@@ -1,5 +1,18 @@
|
|
|
1
|
+
import { StackProps, Stack } from "aws-cdk-lib";
|
|
1
2
|
import { Construct } from "constructs";
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
3
|
+
export interface IpamPoolProps extends StackProps {
|
|
4
|
+
orgAccounts: string[];
|
|
5
|
+
ipamScope?: string;
|
|
6
|
+
region: string;
|
|
5
7
|
}
|
|
8
|
+
interface IpamPoolStackProps extends StackProps {
|
|
9
|
+
orgAccounts: string[];
|
|
10
|
+
region: string;
|
|
11
|
+
}
|
|
12
|
+
export declare class IpamPool extends Construct {
|
|
13
|
+
constructor(scope: Construct, id: string, props: IpamPoolProps);
|
|
14
|
+
}
|
|
15
|
+
export declare class IpamPoolStack extends Stack {
|
|
16
|
+
constructor(scope: Construct, id: string, props: IpamPoolStackProps);
|
|
17
|
+
}
|
|
18
|
+
export {};
|
|
@@ -1,13 +1,85 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.IpamPool = void 0;
|
|
3
|
+
exports.IpamPoolStack = exports.IpamPool = void 0;
|
|
4
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
+
const constructs_1 = require("constructs");
|
|
4
6
|
const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
|
|
5
|
-
|
|
7
|
+
const getCidr_1 = require("../../../utils/getCidr");
|
|
8
|
+
const resourceShare_1 = require("../utilities/resourceShare");
|
|
9
|
+
const getAccountId_1 = require("../../../utils/getAccountId");
|
|
10
|
+
const stripAndCamelCase_1 = require("../../../utils/stripAndCamelCase");
|
|
11
|
+
class IpamPool extends constructs_1.Construct {
|
|
6
12
|
constructor(scope, id, props) {
|
|
7
|
-
super(scope, id
|
|
8
|
-
|
|
9
|
-
|
|
13
|
+
super(scope, id);
|
|
14
|
+
// Get the default IPAM scope ID from props, or CFN import
|
|
15
|
+
const IpamPrivateDefaultScopeId = props.ipamScope || aws_cdk_lib_1.Fn.importValue("IpamPrivateDefaultScopeId");
|
|
16
|
+
// Prioritise region from props, then from env
|
|
17
|
+
const region = props.region;
|
|
18
|
+
const organisationAccounts = props.orgAccounts.map((account) => account.toLowerCase());
|
|
19
|
+
for (const account of organisationAccounts) {
|
|
20
|
+
const cidrBlock = new getCidr_1.default();
|
|
21
|
+
const freeCidrBlock = cidrBlock.getCidrBlock();
|
|
22
|
+
cidrBlock.updateState(freeCidrBlock, false);
|
|
23
|
+
const accountName = (0, stripAndCamelCase_1.stripAndCamelCase)(account);
|
|
24
|
+
const ipamPool = new aws_ec2_1.CfnIPAMPool(this, `${account}IpamPool${freeCidrBlock}`, {
|
|
25
|
+
description: `${account} - IPAM pool - ${region} - ${freeCidrBlock}`,
|
|
26
|
+
addressFamily: "ipv4",
|
|
27
|
+
ipamScopeId: IpamPrivateDefaultScopeId,
|
|
28
|
+
locale: region,
|
|
29
|
+
allocationResourceTags: [
|
|
30
|
+
{
|
|
31
|
+
key: "fjall:operations:pool",
|
|
32
|
+
value: `${account}`
|
|
33
|
+
}
|
|
34
|
+
],
|
|
35
|
+
autoImport: true,
|
|
36
|
+
provisionedCidrs: [{ cidr: freeCidrBlock }],
|
|
37
|
+
tags: [
|
|
38
|
+
{
|
|
39
|
+
key: "fjall:operations:pool",
|
|
40
|
+
value: "top-level"
|
|
41
|
+
},
|
|
42
|
+
{
|
|
43
|
+
key: "fjall:costAllocation:account",
|
|
44
|
+
value: `${account}`
|
|
45
|
+
}
|
|
46
|
+
]
|
|
47
|
+
});
|
|
48
|
+
new resourceShare_1.ResourceShare(this, `${account}${region}IpamResourceShare`, {
|
|
49
|
+
name: `${account}IpamResourceShare.${region}`,
|
|
50
|
+
allowExternalPrincipals: false,
|
|
51
|
+
// TODO: getAccountId expects environment as argument
|
|
52
|
+
principals: [(0, getAccountId_1.default)(account)],
|
|
53
|
+
resourceArns: [ipamPool.attrArn],
|
|
54
|
+
tags: [
|
|
55
|
+
{
|
|
56
|
+
key: "fjall:costAllocation:account",
|
|
57
|
+
value: `${account}`
|
|
58
|
+
}
|
|
59
|
+
]
|
|
60
|
+
});
|
|
61
|
+
new aws_cdk_lib_1.CfnOutput(this, `${accountName}IpamPoolId`, {
|
|
62
|
+
key: `${accountName}IpamPoolId`,
|
|
63
|
+
value: ipamPool.attrIpamPoolId,
|
|
64
|
+
exportName: `${accountName}IpamPoolId`
|
|
65
|
+
});
|
|
66
|
+
new aws_cdk_lib_1.CfnOutput(this, `${accountName}IpamPoolArn`, {
|
|
67
|
+
key: `${accountName}IpamPoolArn`,
|
|
68
|
+
value: ipamPool.attrArn,
|
|
69
|
+
exportName: `${accountName}IpamPoolArn`
|
|
70
|
+
});
|
|
71
|
+
}
|
|
10
72
|
}
|
|
11
73
|
}
|
|
12
74
|
exports.IpamPool = IpamPool;
|
|
13
|
-
|
|
75
|
+
class IpamPoolStack extends aws_cdk_lib_1.Stack {
|
|
76
|
+
constructor(scope, id, props) {
|
|
77
|
+
super(scope, id);
|
|
78
|
+
new IpamPool(this, "IpamPool", {
|
|
79
|
+
orgAccounts: props.orgAccounts,
|
|
80
|
+
region: props.region
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
exports.IpamPoolStack = IpamPoolStack;
|
|
85
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaXBhbVBvb2wuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9uZXR3b3JraW5nL2lwYW1Qb29sLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUErRDtBQUMvRCwyQ0FBdUM7QUFDdkMsaURBQW1FO0FBQ25FLG9EQUErQztBQUMvQyw4REFBMkQ7QUFDM0QsOERBQXVEO0FBQ3ZELHdFQUFxRTtBQWFyRSxNQUFhLFFBQVMsU0FBUSxzQkFBUztJQUNyQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQW9CO1FBQzVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsMERBQTBEO1FBQzFELE1BQU0seUJBQXlCLEdBQzdCLEtBQUssQ0FBQyxTQUFTLElBQUksZ0JBQUUsQ0FBQyxXQUFXLENBQUMsMkJBQTJCLENBQUMsQ0FBQztRQUNqRSw4Q0FBOEM7UUFDOUMsTUFBTSxNQUFNLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQztRQUU1QixNQUFNLG9CQUFvQixHQUFHLEtBQUssQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FDN0QsT0FBTyxDQUFDLFdBQVcsRUFBRSxDQUN0QixDQUFDO1FBRUYsS0FBSyxNQUFNLE9BQU8sSUFBSSxvQkFBb0IsRUFBRTtZQUMxQyxNQUFNLFNBQVMsR0FBRyxJQUFJLGlCQUFTLEVBQUUsQ0FBQztZQUNsQyxNQUFNLGFBQWEsR0FBRyxTQUFTLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDL0MsU0FBUyxDQUFDLFdBQVcsQ0FBQyxhQUFhLEVBQUUsS0FBSyxDQUFDLENBQUM7WUFFNUMsTUFBTSxXQUFXLEdBQUcsSUFBQSxxQ0FBaUIsRUFBQyxPQUFPLENBQUMsQ0FBQztZQUUvQyxNQUFNLFFBQVEsR0FBRyxJQUFJLHFCQUFhLENBQ2hDLElBQUksRUFDSixHQUFHLE9BQU8sV0FBVyxhQUFhLEVBQUUsRUFDcEM7Z0JBQ0UsV0FBVyxFQUFFLEdBQUcsT0FBTyxrQkFBa0IsTUFBTSxNQUFNLGFBQWEsRUFBRTtnQkFDcEUsYUFBYSxFQUFFLE1BQU07Z0JBQ3JCLFdBQVcsRUFBRSx5QkFBeUI7Z0JBQ3RDLE1BQU0sRUFBRSxNQUFNO2dCQUNkLHNCQUFzQixFQUFFO29CQUN0Qjt3QkFDRSxHQUFHLEVBQUUsdUJBQXVCO3dCQUM1QixLQUFLLEVBQUUsR0FBRyxPQUFPLEVBQUU7cUJBQ3BCO2lCQUNGO2dCQUNELFVBQVUsRUFBRSxJQUFJO2dCQUNoQixnQkFBZ0IsRUFBRSxDQUFDLEVBQUUsSUFBSSxFQUFFLGFBQWEsRUFBRSxDQUFDO2dCQUMzQyxJQUFJLEVBQUU7b0JBQ0o7d0JBQ0UsR0FBRyxFQUFFLHVCQUF1Qjt3QkFDNUIsS0FBSyxFQUFFLFdBQVc7cUJBQ25CO29CQUNEO3dCQUNFLEdBQUcsRUFBRSw4QkFBOEI7d0JBQ25DLEtBQUssRUFBRSxHQUFHLE9BQU8sRUFBRTtxQkFDcEI7aUJBQ0Y7YUFDRixDQUNGLENBQUM7WUFFRixJQUFJLDZCQUFhLENBQUMsSUFBSSxFQUFFLEdBQUcsT0FBTyxHQUFHLE1BQU0sbUJBQW1CLEVBQUU7Z0JBQzlELElBQUksRUFBRSxHQUFHLE9BQU8scUJBQXFCLE1BQU0sRUFBRTtnQkFDN0MsdUJBQXVCLEVBQUUsS0FBSztnQkFDOUIscURBQXFEO2dCQUNyRCxVQUFVLEVBQUUsQ0FBQyxJQUFBLHNCQUFZLEVBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ25DLFlBQVksRUFBRSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUM7Z0JBQ2hDLElBQUksRUFBRTtvQkFDSjt3QkFDRSxHQUFHLEVBQUUsOEJBQThCO3dCQUNuQyxLQUFLLEVBQUUsR0FBRyxPQUFPLEVBQUU7cUJBQ3BCO2lCQUNGO2FBQ0YsQ0FBQyxDQUFDO1lBRUgsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLFdBQVcsWUFBWSxFQUFFO2dCQUM5QyxHQUFHLEVBQUUsR0FBRyxXQUFXLFlBQVk7Z0JBQy9CLEtBQUssRUFBRSxRQUFRLENBQUMsY0FBYztnQkFDOUIsVUFBVSxFQUFFLEdBQUcsV0FBVyxZQUFZO2FBQ3ZDLENBQUMsQ0FBQztZQUVILElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxXQUFXLGFBQWEsRUFBRTtnQkFDL0MsR0FBRyxFQUFFLEdBQUcsV0FBVyxhQUFhO2dCQUNoQyxLQUFLLEVBQUUsUUFBUSxDQUFDLE9BQU87Z0JBQ3ZCLFVBQVUsRUFBRSxHQUFHLFdBQVcsYUFBYTthQUN4QyxDQUFDLENBQUM7U0FDSjtJQUNILENBQUM7Q0FDRjtBQTdFRCw0QkE2RUM7QUFFRCxNQUFhLGFBQWMsU0FBUSxtQkFBSztJQUN0QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQXlCO1FBQ2pFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxRQUFRLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtZQUM3QixXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNO1NBQ3JCLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQVRELHNDQVNDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgRm4sIENmbk91dHB1dCwgU3RhY2tQcm9wcywgU3RhY2sgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBDZm5JUEFNUG9vbCBhcyBJcGFtUG9vbENsYXNzIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzJcIjtcbmltcG9ydCBDaWRyQmxvY2sgZnJvbSBcIi4uLy4uLy4uL3V0aWxzL2dldENpZHJcIjtcbmltcG9ydCB7IFJlc291cmNlU2hhcmUgfSBmcm9tIFwiLi4vdXRpbGl0aWVzL3Jlc291cmNlU2hhcmVcIjtcbmltcG9ydCBnZXRBY2NvdW50SWQgZnJvbSBcIi4uLy4uLy4uL3V0aWxzL2dldEFjY291bnRJZFwiO1xuaW1wb3J0IHsgc3RyaXBBbmRDYW1lbENhc2UgfSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvc3RyaXBBbmRDYW1lbENhc2VcIjtcblxuZXhwb3J0IGludGVyZmFjZSBJcGFtUG9vbFByb3BzIGV4dGVuZHMgU3RhY2tQcm9wcyB7XG4gIG9yZ0FjY291bnRzOiBzdHJpbmdbXTtcbiAgaXBhbVNjb3BlPzogc3RyaW5nO1xuICByZWdpb246IHN0cmluZztcbn1cblxuaW50ZXJmYWNlIElwYW1Qb29sU3RhY2tQcm9wcyBleHRlbmRzIFN0YWNrUHJvcHMge1xuICBvcmdBY2NvdW50czogc3RyaW5nW107XG4gIHJlZ2lvbjogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgSXBhbVBvb2wgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogSXBhbVBvb2xQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICAvLyBHZXQgdGhlIGRlZmF1bHQgSVBBTSBzY29wZSBJRCBmcm9tIHByb3BzLCBvciBDRk4gaW1wb3J0XG4gICAgY29uc3QgSXBhbVByaXZhdGVEZWZhdWx0U2NvcGVJZCA9XG4gICAgICBwcm9wcy5pcGFtU2NvcGUgfHwgRm4uaW1wb3J0VmFsdWUoXCJJcGFtUHJpdmF0ZURlZmF1bHRTY29wZUlkXCIpO1xuICAgIC8vIFByaW9yaXRpc2UgcmVnaW9uIGZyb20gcHJvcHMsIHRoZW4gZnJvbSBlbnZcbiAgICBjb25zdCByZWdpb24gPSBwcm9wcy5yZWdpb247XG5cbiAgICBjb25zdCBvcmdhbmlzYXRpb25BY2NvdW50cyA9IHByb3BzLm9yZ0FjY291bnRzLm1hcCgoYWNjb3VudCkgPT5cbiAgICAgIGFjY291bnQudG9Mb3dlckNhc2UoKVxuICAgICk7XG5cbiAgICBmb3IgKGNvbnN0IGFjY291bnQgb2Ygb3JnYW5pc2F0aW9uQWNjb3VudHMpIHtcbiAgICAgIGNvbnN0IGNpZHJCbG9jayA9IG5ldyBDaWRyQmxvY2soKTtcbiAgICAgIGNvbnN0IGZyZWVDaWRyQmxvY2sgPSBjaWRyQmxvY2suZ2V0Q2lkckJsb2NrKCk7XG4gICAgICBjaWRyQmxvY2sudXBkYXRlU3RhdGUoZnJlZUNpZHJCbG9jaywgZmFsc2UpO1xuXG4gICAgICBjb25zdCBhY2NvdW50TmFtZSA9IHN0cmlwQW5kQ2FtZWxDYXNlKGFjY291bnQpO1xuXG4gICAgICBjb25zdCBpcGFtUG9vbCA9IG5ldyBJcGFtUG9vbENsYXNzKFxuICAgICAgICB0aGlzLFxuICAgICAgICBgJHthY2NvdW50fUlwYW1Qb29sJHtmcmVlQ2lkckJsb2NrfWAsXG4gICAgICAgIHtcbiAgICAgICAgICBkZXNjcmlwdGlvbjogYCR7YWNjb3VudH0gLSBJUEFNIHBvb2wgLSAke3JlZ2lvbn0gLSAke2ZyZWVDaWRyQmxvY2t9YCxcbiAgICAgICAgICBhZGRyZXNzRmFtaWx5OiBcImlwdjRcIixcbiAgICAgICAgICBpcGFtU2NvcGVJZDogSXBhbVByaXZhdGVEZWZhdWx0U2NvcGVJZCxcbiAgICAgICAgICBsb2NhbGU6IHJlZ2lvbixcbiAgICAgICAgICBhbGxvY2F0aW9uUmVzb3VyY2VUYWdzOiBbXG4gICAgICAgICAgICB7XG4gICAgICAgICAgICAgIGtleTogXCJmamFsbDpvcGVyYXRpb25zOnBvb2xcIixcbiAgICAgICAgICAgICAgdmFsdWU6IGAke2FjY291bnR9YFxuICAgICAgICAgICAgfVxuICAgICAgICAgIF0sXG4gICAgICAgICAgYXV0b0ltcG9ydDogdHJ1ZSxcbiAgICAgICAgICBwcm92aXNpb25lZENpZHJzOiBbeyBjaWRyOiBmcmVlQ2lkckJsb2NrIH1dLFxuICAgICAgICAgIHRhZ3M6IFtcbiAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAga2V5OiBcImZqYWxsOm9wZXJhdGlvbnM6cG9vbFwiLFxuICAgICAgICAgICAgICB2YWx1ZTogXCJ0b3AtbGV2ZWxcIlxuICAgICAgICAgICAgfSxcbiAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAga2V5OiBcImZqYWxsOmNvc3RBbGxvY2F0aW9uOmFjY291bnRcIixcbiAgICAgICAgICAgICAgdmFsdWU6IGAke2FjY291bnR9YFxuICAgICAgICAgICAgfVxuICAgICAgICAgIF1cbiAgICAgICAgfVxuICAgICAgKTtcblxuICAgICAgbmV3IFJlc291cmNlU2hhcmUodGhpcywgYCR7YWNjb3VudH0ke3JlZ2lvbn1JcGFtUmVzb3VyY2VTaGFyZWAsIHtcbiAgICAgICAgbmFtZTogYCR7YWNjb3VudH1JcGFtUmVzb3VyY2VTaGFyZS4ke3JlZ2lvbn1gLFxuICAgICAgICBhbGxvd0V4dGVybmFsUHJpbmNpcGFsczogZmFsc2UsXG4gICAgICAgIC8vIFRPRE86IGdldEFjY291bnRJZCBleHBlY3RzIGVudmlyb25tZW50IGFzIGFyZ3VtZW50XG4gICAgICAgIHByaW5jaXBhbHM6IFtnZXRBY2NvdW50SWQoYWNjb3VudCldLFxuICAgICAgICByZXNvdXJjZUFybnM6IFtpcGFtUG9vbC5hdHRyQXJuXSxcbiAgICAgICAgdGFnczogW1xuICAgICAgICAgIHtcbiAgICAgICAgICAgIGtleTogXCJmamFsbDpjb3N0QWxsb2NhdGlvbjphY2NvdW50XCIsXG4gICAgICAgICAgICB2YWx1ZTogYCR7YWNjb3VudH1gXG4gICAgICAgICAgfVxuICAgICAgICBdXG4gICAgICB9KTtcblxuICAgICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHthY2NvdW50TmFtZX1JcGFtUG9vbElkYCwge1xuICAgICAgICBrZXk6IGAke2FjY291bnROYW1lfUlwYW1Qb29sSWRgLFxuICAgICAgICB2YWx1ZTogaXBhbVBvb2wuYXR0cklwYW1Qb29sSWQsXG4gICAgICAgIGV4cG9ydE5hbWU6IGAke2FjY291bnROYW1lfUlwYW1Qb29sSWRgXG4gICAgICB9KTtcblxuICAgICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHthY2NvdW50TmFtZX1JcGFtUG9vbEFybmAsIHtcbiAgICAgICAga2V5OiBgJHthY2NvdW50TmFtZX1JcGFtUG9vbEFybmAsXG4gICAgICAgIHZhbHVlOiBpcGFtUG9vbC5hdHRyQXJuLFxuICAgICAgICBleHBvcnROYW1lOiBgJHthY2NvdW50TmFtZX1JcGFtUG9vbEFybmBcbiAgICAgIH0pO1xuICAgIH1cbiAgfVxufVxuXG5leHBvcnQgY2xhc3MgSXBhbVBvb2xTdGFjayBleHRlbmRzIFN0YWNrIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IElwYW1Qb29sU3RhY2tQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBuZXcgSXBhbVBvb2wodGhpcywgXCJJcGFtUG9vbFwiLCB7XG4gICAgICBvcmdBY2NvdW50czogcHJvcHMub3JnQWNjb3VudHMsXG4gICAgICByZWdpb246IHByb3BzLnJlZ2lvblxuICAgIH0pO1xuICB9XG59XG4iXX0=
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import { Construct } from "constructs";
|
|
2
|
+
import * as ec2 from "aws-cdk-lib/aws-ec2";
|
|
3
|
+
import { StackBuilder } from "../awsStack";
|
|
4
|
+
import { KeyValue } from "../../../types";
|
|
5
|
+
interface VpcProps extends ec2.VpcProps {
|
|
6
|
+
accountName?: string;
|
|
7
|
+
region?: string;
|
|
8
|
+
availabilityZones?: string[];
|
|
9
|
+
ipv4IpamPoolId?: string;
|
|
10
|
+
tags: KeyValue;
|
|
11
|
+
}
|
|
12
|
+
export declare class Vpc extends ec2.Vpc {
|
|
13
|
+
constructor(scope: Construct, id: string, props?: VpcProps);
|
|
14
|
+
static availabilityZones(scope: Construct): string[];
|
|
15
|
+
static ipAddresses(scope: Construct, props?: VpcProps): ec2.IIpAddresses | undefined;
|
|
16
|
+
static build(id: string, props?: VpcProps): (sb: StackBuilder) => Construct;
|
|
17
|
+
/**
|
|
18
|
+
* Imports a pre-existing VPC Resource into your Stack
|
|
19
|
+
*
|
|
20
|
+
* Before using an import method ensure you have set the account and region props
|
|
21
|
+
* when creating your AwsStack.
|
|
22
|
+
*
|
|
23
|
+
* @param id
|
|
24
|
+
* @param vpcStackName
|
|
25
|
+
* @returns
|
|
26
|
+
*/
|
|
27
|
+
static import(id: string, vpcStackName: string): (sb: StackBuilder) => Construct;
|
|
28
|
+
}
|
|
29
|
+
export {};
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Vpc = void 0;
|
|
4
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
+
const ec2 = require("aws-cdk-lib/aws-ec2");
|
|
6
|
+
const logGroup_1 = require("../logging/logGroup");
|
|
7
|
+
const stripAndCamelCase_1 = require("../../../utils/stripAndCamelCase");
|
|
8
|
+
class Vpc extends ec2.Vpc {
|
|
9
|
+
constructor(scope, id, props) {
|
|
10
|
+
super(scope, `vpc-${id}`, {
|
|
11
|
+
...props,
|
|
12
|
+
vpcName: `vpc-${id}`,
|
|
13
|
+
availabilityZones: Vpc.availabilityZones(scope),
|
|
14
|
+
flowLogs: {
|
|
15
|
+
[`${id}VpcFlowLogs`]: {
|
|
16
|
+
destination: ec2.FlowLogDestination.toCloudWatchLogs(new logGroup_1.LogGroup(scope, `${id}FlowLogGroup`, {
|
|
17
|
+
logGroupName: `/vpc/flowlogs/vpc-${id}/`,
|
|
18
|
+
removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY
|
|
19
|
+
}))
|
|
20
|
+
}
|
|
21
|
+
},
|
|
22
|
+
ipAddresses: Vpc.ipAddresses(scope, props)
|
|
23
|
+
});
|
|
24
|
+
// Required for the VPC to use the IPAM Pool to provsion IP addresses
|
|
25
|
+
aws_cdk_lib_1.Tags.of(this).add("fjall:operations:pool", `${props?.accountName || "noPool"}`);
|
|
26
|
+
}
|
|
27
|
+
static availabilityZones(scope) {
|
|
28
|
+
return aws_cdk_lib_1.Stack.of(scope).availabilityZones.slice(0, 3);
|
|
29
|
+
}
|
|
30
|
+
static ipAddresses(scope, props) {
|
|
31
|
+
const ipv4IpamPoolId = props?.ipv4IpamPoolId ||
|
|
32
|
+
aws_cdk_lib_1.Fn.importValue(`${(0, stripAndCamelCase_1.stripAndCamelCase)(props?.accountName || "noPool")}IpamPoolId`);
|
|
33
|
+
// Default to unspecified ipAddresses if unable to read from stack output
|
|
34
|
+
if (!ipv4IpamPoolId)
|
|
35
|
+
return undefined;
|
|
36
|
+
return ec2.IpAddresses.awsIpamAllocation({
|
|
37
|
+
ipv4IpamPoolId: ipv4IpamPoolId,
|
|
38
|
+
ipv4NetmaskLength: 20,
|
|
39
|
+
defaultSubnetIpv4NetmaskLength: 23
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
static build(id, props) {
|
|
43
|
+
return (sb) => {
|
|
44
|
+
return new this(sb.getStack(), id, props);
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Imports a pre-existing VPC Resource into your Stack
|
|
49
|
+
*
|
|
50
|
+
* Before using an import method ensure you have set the account and region props
|
|
51
|
+
* when creating your AwsStack.
|
|
52
|
+
*
|
|
53
|
+
* @param id
|
|
54
|
+
* @param vpcStackName
|
|
55
|
+
* @returns
|
|
56
|
+
*/
|
|
57
|
+
static import(id, vpcStackName) {
|
|
58
|
+
return (sb) => {
|
|
59
|
+
return ec2.Vpc.fromLookup(sb.getStack(), id, {
|
|
60
|
+
vpcName: `${vpcStackName}/${id}`
|
|
61
|
+
});
|
|
62
|
+
};
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
exports.Vpc = Vpc;
|
|
66
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidnBjLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3MvbmV0d29ya2luZy92cGMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsNkNBQTZEO0FBQzdELDJDQUEyQztBQUczQyxrREFBK0M7QUFFL0Msd0VBQXFFO0FBVXJFLE1BQWEsR0FBSSxTQUFRLEdBQUcsQ0FBQyxHQUFHO0lBQzlCLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBZ0I7UUFDeEQsS0FBSyxDQUFDLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRSxFQUFFO1lBQ3hCLEdBQUcsS0FBSztZQUNSLE9BQU8sRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNwQixpQkFBaUIsRUFBRSxHQUFHLENBQUMsaUJBQWlCLENBQUMsS0FBSyxDQUFDO1lBQy9DLFFBQVEsRUFBRTtnQkFDUixDQUFDLEdBQUcsRUFBRSxhQUFhLENBQUMsRUFBRTtvQkFDcEIsV0FBVyxFQUFFLEdBQUcsQ0FBQyxrQkFBa0IsQ0FBQyxnQkFBZ0IsQ0FDbEQsSUFBSSxtQkFBUSxDQUFDLEtBQUssRUFBRSxHQUFHLEVBQUUsY0FBYyxFQUFFO3dCQUN2QyxZQUFZLEVBQUUscUJBQXFCLEVBQUUsR0FBRzt3QkFDeEMsYUFBYSxFQUFFLDJCQUFhLENBQUMsT0FBTztxQkFDckMsQ0FBQyxDQUNIO2lCQUNGO2FBQ0Y7WUFDRCxXQUFXLEVBQUUsR0FBRyxDQUFDLFdBQVcsQ0FBQyxLQUFLLEVBQUUsS0FBSyxDQUFDO1NBQzNDLENBQUMsQ0FBQztRQUVILHFFQUFxRTtRQUNyRSxrQkFBSSxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxHQUFHLENBQ2YsdUJBQXVCLEVBQ3ZCLEdBQUcsS0FBSyxFQUFFLFdBQVcsSUFBSSxRQUFRLEVBQUUsQ0FDcEMsQ0FBQztJQUNKLENBQUM7SUFFRCxNQUFNLENBQUMsaUJBQWlCLENBQUMsS0FBZ0I7UUFDdkMsT0FBTyxtQkFBSyxDQUFDLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRCxNQUFNLENBQUMsV0FBVyxDQUFDLEtBQWdCLEVBQUUsS0FBZ0I7UUFDbkQsTUFBTSxjQUFjLEdBQ2xCLEtBQUssRUFBRSxjQUFjO1lBQ3JCLGdCQUFFLENBQUMsV0FBVyxDQUNaLEdBQUcsSUFBQSxxQ0FBaUIsRUFBQyxLQUFLLEVBQUUsV0FBVyxJQUFJLFFBQVEsQ0FBQyxZQUFZLENBQ2pFLENBQUM7UUFFSix5RUFBeUU7UUFDekUsSUFBSSxDQUFDLGNBQWM7WUFBRSxPQUFPLFNBQVMsQ0FBQztRQUV0QyxPQUFPLEdBQUcsQ0FBQyxXQUFXLENBQUMsaUJBQWlCLENBQUM7WUFDdkMsY0FBYyxFQUFFLGNBQWM7WUFDOUIsaUJBQWlCLEVBQUUsRUFBRTtZQUNyQiw4QkFBOEIsRUFBRSxFQUFFO1NBQ25DLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxNQUFNLENBQUMsS0FBSyxDQUFDLEVBQVUsRUFBRSxLQUFnQjtRQUN2QyxPQUFPLENBQUMsRUFBZ0IsRUFBRSxFQUFFO1lBQzFCLE9BQU8sSUFBSSxJQUFJLENBQUMsRUFBRSxDQUFDLFFBQVEsRUFBRSxFQUFFLEVBQUUsRUFBRSxLQUFLLENBQUMsQ0FBQztRQUM1QyxDQUFDLENBQUM7SUFDSixDQUFDO0lBQ0Q7Ozs7Ozs7OztPQVNHO0lBQ0gsTUFBTSxDQUFDLE1BQU0sQ0FDWCxFQUFVLEVBQ1YsWUFBb0I7UUFFcEIsT0FBTyxDQUFDLEVBQWdCLEVBQUUsRUFBRTtZQUMxQixPQUFPLEdBQUcsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxRQUFRLEVBQUUsRUFBRSxFQUFFLEVBQUU7Z0JBQzNDLE9BQU8sRUFBRSxHQUFHLFlBQVksSUFBSSxFQUFFLEVBQUU7YUFDakMsQ0FBQyxDQUFDO1FBQ0wsQ0FBQyxDQUFDO0lBQ0osQ0FBQztDQUNGO0FBeEVELGtCQXdFQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBUYWdzLCBSZW1vdmFsUG9saWN5LCBTdGFjaywgRm4gfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCAqIGFzIGVjMiBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjMlwiO1xuXG5pbXBvcnQgeyBTdGFja0J1aWxkZXIgfSBmcm9tIFwiLi4vYXdzU3RhY2tcIjtcbmltcG9ydCB7IExvZ0dyb3VwIH0gZnJvbSBcIi4uL2xvZ2dpbmcvbG9nR3JvdXBcIjtcbmltcG9ydCB7IEtleVZhbHVlIH0gZnJvbSBcIi4uLy4uLy4uL3R5cGVzXCI7XG5pbXBvcnQgeyBzdHJpcEFuZENhbWVsQ2FzZSB9IGZyb20gXCIuLi8uLi8uLi91dGlscy9zdHJpcEFuZENhbWVsQ2FzZVwiO1xuXG5pbnRlcmZhY2UgVnBjUHJvcHMgZXh0ZW5kcyBlYzIuVnBjUHJvcHMge1xuICBhY2NvdW50TmFtZT86IHN0cmluZztcbiAgcmVnaW9uPzogc3RyaW5nO1xuICBhdmFpbGFiaWxpdHlab25lcz86IHN0cmluZ1tdO1xuICBpcHY0SXBhbVBvb2xJZD86IHN0cmluZztcbiAgdGFnczogS2V5VmFsdWU7XG59XG5cbmV4cG9ydCBjbGFzcyBWcGMgZXh0ZW5kcyBlYzIuVnBjIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM/OiBWcGNQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBgdnBjLSR7aWR9YCwge1xuICAgICAgLi4ucHJvcHMsXG4gICAgICB2cGNOYW1lOiBgdnBjLSR7aWR9YCxcbiAgICAgIGF2YWlsYWJpbGl0eVpvbmVzOiBWcGMuYXZhaWxhYmlsaXR5Wm9uZXMoc2NvcGUpLFxuICAgICAgZmxvd0xvZ3M6IHtcbiAgICAgICAgW2Ake2lkfVZwY0Zsb3dMb2dzYF06IHtcbiAgICAgICAgICBkZXN0aW5hdGlvbjogZWMyLkZsb3dMb2dEZXN0aW5hdGlvbi50b0Nsb3VkV2F0Y2hMb2dzKFxuICAgICAgICAgICAgbmV3IExvZ0dyb3VwKHNjb3BlLCBgJHtpZH1GbG93TG9nR3JvdXBgLCB7XG4gICAgICAgICAgICAgIGxvZ0dyb3VwTmFtZTogYC92cGMvZmxvd2xvZ3MvdnBjLSR7aWR9L2AsXG4gICAgICAgICAgICAgIHJlbW92YWxQb2xpY3k6IFJlbW92YWxQb2xpY3kuREVTVFJPWVxuICAgICAgICAgICAgfSlcbiAgICAgICAgICApXG4gICAgICAgIH1cbiAgICAgIH0sXG4gICAgICBpcEFkZHJlc3NlczogVnBjLmlwQWRkcmVzc2VzKHNjb3BlLCBwcm9wcylcbiAgICB9KTtcblxuICAgIC8vIFJlcXVpcmVkIGZvciB0aGUgVlBDIHRvIHVzZSB0aGUgSVBBTSBQb29sIHRvIHByb3ZzaW9uIElQIGFkZHJlc3Nlc1xuICAgIFRhZ3Mub2YodGhpcykuYWRkKFxuICAgICAgXCJmamFsbDpvcGVyYXRpb25zOnBvb2xcIixcbiAgICAgIGAke3Byb3BzPy5hY2NvdW50TmFtZSB8fCBcIm5vUG9vbFwifWBcbiAgICApO1xuICB9XG5cbiAgc3RhdGljIGF2YWlsYWJpbGl0eVpvbmVzKHNjb3BlOiBDb25zdHJ1Y3QpIHtcbiAgICByZXR1cm4gU3RhY2sub2Yoc2NvcGUpLmF2YWlsYWJpbGl0eVpvbmVzLnNsaWNlKDAsIDMpO1xuICB9XG5cbiAgc3RhdGljIGlwQWRkcmVzc2VzKHNjb3BlOiBDb25zdHJ1Y3QsIHByb3BzPzogVnBjUHJvcHMpIHtcbiAgICBjb25zdCBpcHY0SXBhbVBvb2xJZCA9XG4gICAgICBwcm9wcz8uaXB2NElwYW1Qb29sSWQgfHxcbiAgICAgIEZuLmltcG9ydFZhbHVlKFxuICAgICAgICBgJHtzdHJpcEFuZENhbWVsQ2FzZShwcm9wcz8uYWNjb3VudE5hbWUgfHwgXCJub1Bvb2xcIil9SXBhbVBvb2xJZGBcbiAgICAgICk7XG5cbiAgICAvLyBEZWZhdWx0IHRvIHVuc3BlY2lmaWVkIGlwQWRkcmVzc2VzIGlmIHVuYWJsZSB0byByZWFkIGZyb20gc3RhY2sgb3V0cHV0XG4gICAgaWYgKCFpcHY0SXBhbVBvb2xJZCkgcmV0dXJuIHVuZGVmaW5lZDtcblxuICAgIHJldHVybiBlYzIuSXBBZGRyZXNzZXMuYXdzSXBhbUFsbG9jYXRpb24oe1xuICAgICAgaXB2NElwYW1Qb29sSWQ6IGlwdjRJcGFtUG9vbElkLFxuICAgICAgaXB2NE5ldG1hc2tMZW5ndGg6IDIwLFxuICAgICAgZGVmYXVsdFN1Ym5ldElwdjROZXRtYXNrTGVuZ3RoOiAyM1xuICAgIH0pO1xuICB9XG5cbiAgc3RhdGljIGJ1aWxkKGlkOiBzdHJpbmcsIHByb3BzPzogVnBjUHJvcHMpOiAoc2I6IFN0YWNrQnVpbGRlcikgPT4gQ29uc3RydWN0IHtcbiAgICByZXR1cm4gKHNiOiBTdGFja0J1aWxkZXIpID0+IHtcbiAgICAgIHJldHVybiBuZXcgdGhpcyhzYi5nZXRTdGFjaygpLCBpZCwgcHJvcHMpO1xuICAgIH07XG4gIH1cbiAgLyoqXG4gICAqIEltcG9ydHMgYSBwcmUtZXhpc3RpbmcgVlBDIFJlc291cmNlIGludG8geW91ciBTdGFja1xuICAgKlxuICAgKiBCZWZvcmUgdXNpbmcgYW4gaW1wb3J0IG1ldGhvZCBlbnN1cmUgeW91IGhhdmUgc2V0IHRoZSBhY2NvdW50IGFuZCByZWdpb24gcHJvcHNcbiAgICogIHdoZW4gY3JlYXRpbmcgeW91ciBBd3NTdGFjay5cbiAgICpcbiAgICogQHBhcmFtIGlkXG4gICAqIEBwYXJhbSB2cGNTdGFja05hbWVcbiAgICogQHJldHVybnNcbiAgICovXG4gIHN0YXRpYyBpbXBvcnQoXG4gICAgaWQ6IHN0cmluZyxcbiAgICB2cGNTdGFja05hbWU6IHN0cmluZ1xuICApOiAoc2I6IFN0YWNrQnVpbGRlcikgPT4gQ29uc3RydWN0IHtcbiAgICByZXR1cm4gKHNiOiBTdGFja0J1aWxkZXIpID0+IHtcbiAgICAgIHJldHVybiBlYzIuVnBjLmZyb21Mb29rdXAoc2IuZ2V0U3RhY2soKSwgaWQsIHtcbiAgICAgICAgdnBjTmFtZTogYCR7dnBjU3RhY2tOYW1lfS8ke2lkfWBcbiAgICAgIH0pO1xuICAgIH07XG4gIH1cbn1cbiJdfQ==
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Alias = void 0;
|
|
4
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
+
class Alias extends aws_cdk_lib_1.aws_kms.Alias {
|
|
6
|
+
constructor(scope, id, props) {
|
|
7
|
+
super(scope, id, {
|
|
8
|
+
...props
|
|
9
|
+
});
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
exports.Alias = Alias;
|
|
13
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWxpYXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9zZWNyZXRzL2FsaWFzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLDZDQUE2QztBQUU3QyxNQUFhLEtBQU0sU0FBUSxxQkFBRyxDQUFDLEtBQUs7SUFDbEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFxQjtRQUM3RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsRUFBRTtZQUNmLEdBQUcsS0FBSztTQUNULENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQU5ELHNCQU1DIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IGF3c19rbXMgYXMga21zIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5cbmV4cG9ydCBjbGFzcyBBbGlhcyBleHRlbmRzIGttcy5BbGlhcyB7XG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBrbXMuQWxpYXNQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCwge1xuICAgICAgLi4ucHJvcHNcbiAgICB9KTtcbiAgfVxufVxuIl19
|