@fjall/components-infrastructure 0.1.4 → 0.1.6

package/dist/lib/app.d.ts

@@ -1,6 +1,7 @@
 import { App as CdkApp } from "aws-cdk-lib";
-export default class App extends CdkApp {
+export declare class App extends CdkApp {
     private static instance;
     private constructor();
     static getInstance(): App;
 }
+export default App;

package/dist/lib/app.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.App = void 0;
 const aws_cdk_lib_1 = require("aws-cdk-lib");
 class App extends aws_cdk_lib_1.App {
     constructor() {
@@ -14,6 +15,7 @@ class App extends aws_cdk_lib_1.App {
         return App.instance;
     }
 }
-exports.default = App;
+exports.App = App;
 App.instance = null;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vbGliL2FwcC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLDZDQUE0QztBQUU1QyxNQUFxQixHQUFJLFNBQVEsaUJBQU07SUFHckM7UUFDRSxLQUFLLEVBQUUsQ0FBQztJQUNWLENBQUM7SUFFTSxNQUFNLENBQUMsV0FBVztRQUN2Qiw2REFBNkQ7UUFDN0QsK0NBQStDO1FBQy9DLElBQUksQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFO1lBQ2pCLEdBQUcsQ0FBQyxRQUFRLEdBQUcsSUFBSSxHQUFHLEVBQUUsQ0FBQztTQUMxQjtRQUVELE9BQU8sR0FBRyxDQUFDLFFBQVEsQ0FBQztJQUN0QixDQUFDOztBQWZILHNCQWdCQztBQWZnQixZQUFRLEdBQWUsSUFBSSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQXBwIGFzIENka0FwcCB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuXG5leHBvcnQgZGVmYXVsdCBjbGFzcyBBcHAgZXh0ZW5kcyBDZGtBcHAge1xuICBwcml2YXRlIHN0YXRpYyBpbnN0YW5jZTogQXBwIHwgbnVsbCA9IG51bGw7XG5cbiAgcHJpdmF0ZSBjb25zdHJ1Y3RvcigpIHtcbiAgICBzdXBlcigpO1xuICB9XG5cbiAgcHVibGljIHN0YXRpYyBnZXRJbnN0YW5jZSgpOiBBcHAge1xuICAgIC8vIERlc3BpdGUgc3VwcG9ydGluZyBtdWx0aXBsZSBzdGFja3MgeW91IGNhbiBzdGlsbCBvbmx5IGV2ZXJcbiAgICAvLyBoYXZlIGEgc2luZ2xlIEFwcGxpY2F0aW9uIHBlciBDREsgZGVwbG95bWVudFxuICAgIGlmICghQXBwLmluc3RhbmNlKSB7XG4gICAgICBBcHAuaW5zdGFuY2UgPSBuZXcgQXBwKCk7XG4gICAgfVxuXG4gICAgcmV0dXJuIEFwcC5pbnN0YW5jZTtcbiAgfVxufVxuIl19
+exports.default = App;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vbGliL2FwcC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBNEM7QUFFNUMsTUFBYSxHQUFJLFNBQVEsaUJBQU07SUFHN0I7UUFDRSxLQUFLLEVBQUUsQ0FBQztJQUNWLENBQUM7SUFFTSxNQUFNLENBQUMsV0FBVztRQUN2Qiw2REFBNkQ7UUFDN0QsK0NBQStDO1FBQy9DLElBQUksQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFO1lBQ2pCLEdBQUcsQ0FBQyxRQUFRLEdBQUcsSUFBSSxHQUFHLEVBQUUsQ0FBQztTQUMxQjtRQUVELE9BQU8sR0FBRyxDQUFDLFFBQVEsQ0FBQztJQUN0QixDQUFDOztBQWZILGtCQWdCQztBQWZnQixZQUFRLEdBQWUsSUFBSSxDQUFDO0FBZ0I3QyxrQkFBZSxHQUFHLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBcHAgYXMgQ2RrQXBwIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5cbmV4cG9ydCBjbGFzcyBBcHAgZXh0ZW5kcyBDZGtBcHAge1xuICBwcml2YXRlIHN0YXRpYyBpbnN0YW5jZTogQXBwIHwgbnVsbCA9IG51bGw7XG5cbiAgcHJpdmF0ZSBjb25zdHJ1Y3RvcigpIHtcbiAgICBzdXBlcigpO1xuICB9XG5cbiAgcHVibGljIHN0YXRpYyBnZXRJbnN0YW5jZSgpOiBBcHAge1xuICAgIC8vIERlc3BpdGUgc3VwcG9ydGluZyBtdWx0aXBsZSBzdGFja3MgeW91IGNhbiBzdGlsbCBvbmx5IGV2ZXJcbiAgICAvLyBoYXZlIGEgc2luZ2xlIEFwcGxpY2F0aW9uIHBlciBDREsgZGVwbG95bWVudFxuICAgIGlmICghQXBwLmluc3RhbmNlKSB7XG4gICAgICBBcHAuaW5zdGFuY2UgPSBuZXcgQXBwKCk7XG4gICAgfVxuXG4gICAgcmV0dXJuIEFwcC5pbnN0YW5jZTtcbiAgfVxufVxuZXhwb3J0IGRlZmF1bHQgQXBwO1xuIl19

package/dist/lib/config/aws/accountId.d.ts

@@ -0,0 +1,6 @@
+import { CfnOutput } from "aws-cdk-lib";
+import { Construct } from "constructs";
+export declare class AccountId extends Construct {
+    readonly accountId: CfnOutput;
+    constructor(scope: Construct, id: string);
+}

package/dist/lib/config/aws/accountId.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccountId = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const customResources = require("aws-cdk-lib/custom-resources");
+const constructs_1 = require("constructs");
+const awsCustomResource_1 = require("../../resources/aws/utilities/awsCustomResource");
+class AccountId extends constructs_1.Construct {
+    constructor(scope, id) {
+        super(scope, id);
+        const sts = new awsCustomResource_1.AwsCustomResource(this, "getAccountId", {
+            functionName: "getAccountId",
+            onCreate: {
+                service: "sts",
+                action: "GetCallerIdentityCommand",
+                physicalResourceId: customResources.PhysicalResourceId.of("getAccountId")
+            },
+            onUpdate: {
+                service: "sts",
+                action: "GetCallerIdentityCommand",
+                physicalResourceId: customResources.PhysicalResourceId.of("getAccountId")
+            },
+            resourceType: "Custom::getAccountId"
+        });
+        this.accountId = new aws_cdk_lib_1.CfnOutput(this, "AccountId", {
+            key: "AccountId",
+            value: sts.getResponseField("Account"),
+            exportName: "AccountId"
+        });
+    }
+}
+exports.AccountId = AccountId;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNjb3VudElkLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vbGliL2NvbmZpZy9hd3MvYWNjb3VudElkLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUF3QztBQUN4QyxnRUFBZ0U7QUFDaEUsMkNBQXVDO0FBRXZDLHVGQUFvRjtBQUVwRixNQUFhLFNBQVUsU0FBUSxzQkFBUztJQUd0QyxZQUFZLEtBQWdCLEVBQUUsRUFBVTtRQUN0QyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLE1BQU0sR0FBRyxHQUFHLElBQUkscUNBQWlCLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRTtZQUN0RCxZQUFZLEVBQUUsY0FBYztZQUM1QixRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsTUFBTSxFQUFFLDBCQUEwQjtnQkFDbEMsa0JBQWtCLEVBQ2hCLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDO2FBQ3hEO1lBQ0QsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxLQUFLO2dCQUNkLE1BQU0sRUFBRSwwQkFBMEI7Z0JBQ2xDLGtCQUFrQixFQUNoQixlQUFlLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDLGNBQWMsQ0FBQzthQUN4RDtZQUNELFlBQVksRUFBRSxzQkFBc0I7U0FDckMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFNBQVMsR0FBRyxJQUFJLHVCQUFTLENBQUMsSUFBSSxFQUFFLFdBQVcsRUFBRTtZQUNoRCxHQUFHLEVBQUUsV0FBVztZQUNoQixLQUFLLEVBQUUsR0FBRyxDQUFDLGdCQUFnQixDQUFDLFNBQVMsQ0FBQztZQUN0QyxVQUFVLEVBQUUsV0FBVztTQUN4QixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUE3QkQsOEJBNkJDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ2ZuT3V0cHV0IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgKiBhcyBjdXN0b21SZXNvdXJjZXMgZnJvbSBcImF3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXNcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5cbmltcG9ydCB7IEF3c0N1c3RvbVJlc291cmNlIH0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3MvdXRpbGl0aWVzL2F3c0N1c3RvbVJlc291cmNlXCI7XG5cbmV4cG9ydCBjbGFzcyBBY2NvdW50SWQgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgYWNjb3VudElkOiBDZm5PdXRwdXQ7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBjb25zdCBzdHMgPSBuZXcgQXdzQ3VzdG9tUmVzb3VyY2UodGhpcywgXCJnZXRBY2NvdW50SWRcIiwge1xuICAgICAgZnVuY3Rpb25OYW1lOiBcImdldEFjY291bnRJZFwiLFxuICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgc2VydmljZTogXCJzdHNcIixcbiAgICAgICAgYWN0aW9uOiBcIkdldENhbGxlcklkZW50aXR5Q29tbWFuZFwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy92My9sYXRlc3QvY2xpZW50L3N0cy9jb21tYW5kL0dldENhbGxlcklkZW50aXR5Q29tbWFuZC9cbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOlxuICAgICAgICAgIGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXCJnZXRBY2NvdW50SWRcIilcbiAgICAgIH0sXG4gICAgICBvblVwZGF0ZToge1xuICAgICAgICBzZXJ2aWNlOiBcInN0c1wiLFxuICAgICAgICBhY3Rpb246IFwiR2V0Q2FsbGVySWRlbnRpdHlDb21tYW5kXCIsIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL3YzL2xhdGVzdC9jbGllbnQvc3RzL2NvbW1hbmQvR2V0Q2FsbGVySWRlbnRpdHlDb21tYW5kL1xuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6XG4gICAgICAgICAgY3VzdG9tUmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZihcImdldEFjY291bnRJZFwiKVxuICAgICAgfSxcbiAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206OmdldEFjY291bnRJZFwiXG4gICAgfSk7XG5cbiAgICB0aGlzLmFjY291bnRJZCA9IG5ldyBDZm5PdXRwdXQodGhpcywgXCJBY2NvdW50SWRcIiwge1xuICAgICAga2V5OiBcIkFjY291bnRJZFwiLFxuICAgICAgdmFsdWU6IHN0cy5nZXRSZXNwb25zZUZpZWxkKFwiQWNjb3VudFwiKSxcbiAgICAgIGV4cG9ydE5hbWU6IFwiQWNjb3VudElkXCJcbiAgICB9KTtcbiAgfVxufVxuIl19

package/dist/lib/config/aws/cloudTrail.d.ts

@@ -0,0 +1,10 @@
+import { CfnOutput } from "aws-cdk-lib";
+import { Construct } from "constructs";
+export interface ManagementEventsTrailProps {
+    accountId: string;
+}
+export declare class ManagementEventsTrail extends Construct {
+    readonly defaultEventBusName: CfnOutput;
+    readonly defaultEventBusArn: CfnOutput;
+    constructor(scope: Construct, id: string, props: ManagementEventsTrailProps);
+}

package/dist/lib/config/aws/cloudTrail.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ManagementEventsTrail = void 0;
+const constructs_1 = require("constructs");
+const cloudTrail_1 = require("../../resources/aws/logging/cloudTrail");
+class ManagementEventsTrail extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        new cloudTrail_1.Trail(this, "managementEventsTrail", {
+            bucketName: `cloudtrail-management-events-${props.accountId}`,
+            trailName: "managementEvents",
+            isMultiRegionTrail: true,
+            tags: {
+                "fjall:costAllocation:environment": "management",
+                "fjall:costAllocation:service": "managementEventsTrail",
+                "fjall:costAllocation:owner": "Fjall"
+            }
+        });
+    }
+}
+exports.ManagementEventsTrail = ManagementEventsTrail;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xvdWRUcmFpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL2xpYi9jb25maWcvYXdzL2Nsb3VkVHJhaWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsMkNBQXVDO0FBQ3ZDLHVFQUErRDtBQU0vRCxNQUFhLHFCQUFzQixTQUFRLHNCQUFTO0lBSWxELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBaUM7UUFDekUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLGtCQUFLLENBQUMsSUFBSSxFQUFFLHVCQUF1QixFQUFFO1lBQ3ZDLFVBQVUsRUFBRSxnQ0FBZ0MsS0FBSyxDQUFDLFNBQVMsRUFBRTtZQUM3RCxTQUFTLEVBQUUsa0JBQWtCO1lBQzdCLGtCQUFrQixFQUFFLElBQUk7WUFDeEIsSUFBSSxFQUFFO2dCQUNKLGtDQUFrQyxFQUFFLFlBQVk7Z0JBQ2hELDhCQUE4QixFQUFFLHVCQUF1QjtnQkFDdkQsNEJBQTRCLEVBQUUsT0FBTzthQUN0QztTQUNGLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQWxCRCxzREFrQkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZm5PdXRwdXQgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBUcmFpbCB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL2xvZ2dpbmcvY2xvdWRUcmFpbFwiO1xuXG5leHBvcnQgaW50ZXJmYWNlIE1hbmFnZW1lbnRFdmVudHNUcmFpbFByb3BzIHtcbiAgYWNjb3VudElkOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBjbGFzcyBNYW5hZ2VtZW50RXZlbnRzVHJhaWwgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgZGVmYXVsdEV2ZW50QnVzTmFtZTogQ2ZuT3V0cHV0O1xuICBwdWJsaWMgcmVhZG9ubHkgZGVmYXVsdEV2ZW50QnVzQXJuOiBDZm5PdXRwdXQ7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IE1hbmFnZW1lbnRFdmVudHNUcmFpbFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIG5ldyBUcmFpbCh0aGlzLCBcIm1hbmFnZW1lbnRFdmVudHNUcmFpbFwiLCB7XG4gICAgICBidWNrZXROYW1lOiBgY2xvdWR0cmFpbC1tYW5hZ2VtZW50LWV2ZW50cy0ke3Byb3BzLmFjY291bnRJZH1gLFxuICAgICAgdHJhaWxOYW1lOiBcIm1hbmFnZW1lbnRFdmVudHNcIixcbiAgICAgIGlzTXVsdGlSZWdpb25UcmFpbDogdHJ1ZSxcbiAgICAgIHRhZ3M6IHtcbiAgICAgICAgXCJmamFsbDpjb3N0QWxsb2NhdGlvbjplbnZpcm9ubWVudFwiOiBcIm1hbmFnZW1lbnRcIixcbiAgICAgICAgXCJmamFsbDpjb3N0QWxsb2NhdGlvbjpzZXJ2aWNlXCI6IFwibWFuYWdlbWVudEV2ZW50c1RyYWlsXCIsXG4gICAgICAgIFwiZmphbGw6Y29zdEFsbG9jYXRpb246b3duZXJcIjogXCJGamFsbFwiXG4gICAgICB9XG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==

package/dist/lib/config/aws/costAllocationTags.d.ts

@@ -0,0 +1,4 @@
+import { Construct } from "constructs";
+export declare class CostAllocationTags extends Construct {
+    constructor(scope: Construct, id: string);
+}

package/dist/lib/config/aws/costAllocationTags.js

@@ -0,0 +1,59 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CostAllocationTags = void 0;
+const customResources = require("aws-cdk-lib/custom-resources");
+const constructs_1 = require("constructs");
+const awsCustomResource_1 = require("../../resources/aws/utilities/awsCustomResource");
+// TODO: Use an AWS CDK conditional trigger to wait for Cost Explorer to be created
+const costAllocationTags = [
+    "aws:cloudformation:logical-id",
+    "aws:cloudformation:stack-id",
+    "aws:cloudformation:stack-name",
+    "aws:createdBy"
+    // "fjall:operations:pool"
+    // "fjall:costAllocation:environment",
+    // "fjall:costAllocation:service",
+    // "fjall:costAllocation:owner"
+];
+function toggleCostTag(tags, tagStatus) {
+    return tags.map((tag) => {
+        return {
+            TagKey: tag,
+            Status: tagStatus
+        };
+    });
+}
+class CostAllocationTags extends constructs_1.Construct {
+    constructor(scope, id) {
+        super(scope, id);
+        new awsCustomResource_1.AwsCustomResource(this, "costAllocationTags", {
+            functionName: "enableCostAllocationTags",
+            onCreate: {
+                service: "CostExplorer",
+                action: "updateCostAllocationTagsStatus",
+                parameters: {
+                    CostAllocationTagsStatus: toggleCostTag(costAllocationTags, "Active")
+                },
+                physicalResourceId: customResources.PhysicalResourceId.of("enableCostAllocationTags")
+            },
+            onUpdate: {
+                service: "CostExplorer",
+                action: "updateCostAllocationTagsStatus",
+                parameters: {
+                    CostAllocationTagsStatus: toggleCostTag(costAllocationTags, "Active")
+                },
+                physicalResourceId: customResources.PhysicalResourceId.of("updateCostAllocationTags")
+            },
+            onDelete: {
+                service: "CostExplorer",
+                action: "updateCostAllocationTagsStatus",
+                parameters: {
+                    CostAllocationTagsStatus: toggleCostTag(costAllocationTags, "Inactive")
+                }
+            },
+            resourceType: "Custom::CostAllocationTags"
+        });
+    }
+}
+exports.CostAllocationTags = CostAllocationTags;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29zdEFsbG9jYXRpb25UYWdzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vbGliL2NvbmZpZy9hd3MvY29zdEFsbG9jYXRpb25UYWdzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLGdFQUFnRTtBQUNoRSwyQ0FBdUM7QUFFdkMsdUZBQW9GO0FBRXBGLG1GQUFtRjtBQUNuRixNQUFNLGtCQUFrQixHQUFHO0lBQ3pCLCtCQUErQjtJQUMvQiw2QkFBNkI7SUFDN0IsK0JBQStCO0lBQy9CLGVBQWU7SUFDZiwwQkFBMEI7SUFDMUIsc0NBQXNDO0lBQ3RDLGtDQUFrQztJQUNsQywrQkFBK0I7Q0FDaEMsQ0FBQztBQUVGLFNBQVMsYUFBYSxDQUFDLElBQWMsRUFBRSxTQUFpQjtJQUN0RCxPQUFPLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRTtRQUN0QixPQUFPO1lBQ0wsTUFBTSxFQUFFLEdBQUc7WUFDWCxNQUFNLEVBQUUsU0FBUztTQUNsQixDQUFDO0lBQ0osQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsTUFBYSxrQkFBbUIsU0FBUSxzQkFBUztJQUMvQyxZQUFZLEtBQWdCLEVBQUUsRUFBVTtRQUN0QyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUkscUNBQWlCLENBQUMsSUFBSSxFQUFFLG9CQUFvQixFQUFFO1lBQ2hELFlBQVksRUFBRSwwQkFBMEI7WUFDeEMsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxjQUFjO2dCQUN2QixNQUFNLEVBQUUsZ0NBQWdDO2dCQUN4QyxVQUFVLEVBQUU7b0JBQ1Ysd0JBQXdCLEVBQUUsYUFBYSxDQUFDLGtCQUFrQixFQUFFLFFBQVEsQ0FBQztpQkFDdEU7Z0JBQ0Qsa0JBQWtCLEVBQUUsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FDdkQsMEJBQTBCLENBQzNCO2FBQ0Y7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLGNBQWM7Z0JBQ3ZCLE1BQU0sRUFBRSxnQ0FBZ0M7Z0JBQ3hDLFVBQVUsRUFBRTtvQkFDVix3QkFBd0IsRUFBRSxhQUFhLENBQUMsa0JBQWtCLEVBQUUsUUFBUSxDQUFDO2lCQUN0RTtnQkFDRCxrQkFBa0IsRUFBRSxlQUFlLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUN2RCwwQkFBMEIsQ0FDM0I7YUFDRjtZQUNELFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsY0FBYztnQkFDdkIsTUFBTSxFQUFFLGdDQUFnQztnQkFDeEMsVUFBVSxFQUFFO29CQUNWLHdCQUF3QixFQUFFLGFBQWEsQ0FDckMsa0JBQWtCLEVBQ2xCLFVBQVUsQ0FDWDtpQkFDRjthQUNGO1lBQ0QsWUFBWSxFQUFFLDRCQUE0QjtTQUMzQyxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUF2Q0QsZ0RBdUNDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY3VzdG9tUmVzb3VyY2VzIGZyb20gXCJhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuXG5pbXBvcnQgeyBBd3NDdXN0b21SZXNvdXJjZSB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL3V0aWxpdGllcy9hd3NDdXN0b21SZXNvdXJjZVwiO1xuXG4vLyBUT0RPOiBVc2UgYW4gQVdTIENESyBjb25kaXRpb25hbCB0cmlnZ2VyIHRvIHdhaXQgZm9yIENvc3QgRXhwbG9yZXIgdG8gYmUgY3JlYXRlZFxuY29uc3QgY29zdEFsbG9jYXRpb25UYWdzID0gW1xuICBcImF3czpjbG91ZGZvcm1hdGlvbjpsb2dpY2FsLWlkXCIsXG4gIFwiYXdzOmNsb3VkZm9ybWF0aW9uOnN0YWNrLWlkXCIsXG4gIFwiYXdzOmNsb3VkZm9ybWF0aW9uOnN0YWNrLW5hbWVcIixcbiAgXCJhd3M6Y3JlYXRlZEJ5XCJcbiAgLy8gXCJmamFsbDpvcGVyYXRpb25zOnBvb2xcIlxuICAvLyBcImZqYWxsOmNvc3RBbGxvY2F0aW9uOmVudmlyb25tZW50XCIsXG4gIC8vIFwiZmphbGw6Y29zdEFsbG9jYXRpb246c2VydmljZVwiLFxuICAvLyBcImZqYWxsOmNvc3RBbGxvY2F0aW9uOm93bmVyXCJcbl07XG5cbmZ1bmN0aW9uIHRvZ2dsZUNvc3RUYWcodGFnczogc3RyaW5nW10sIHRhZ1N0YXR1czogc3RyaW5nKSB7XG4gIHJldHVybiB0YWdzLm1hcCgodGFnKSA9PiB7XG4gICAgcmV0dXJuIHtcbiAgICAgIFRhZ0tleTogdGFnLFxuICAgICAgU3RhdHVzOiB0YWdTdGF0dXNcbiAgICB9O1xuICB9KTtcbn1cblxuZXhwb3J0IGNsYXNzIENvc3RBbGxvY2F0aW9uVGFncyBleHRlbmRzIENvbnN0cnVjdCB7XG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgbmV3IEF3c0N1c3RvbVJlc291cmNlKHRoaXMsIFwiY29zdEFsbG9jYXRpb25UYWdzXCIsIHtcbiAgICAgIGZ1bmN0aW9uTmFtZTogXCJlbmFibGVDb3N0QWxsb2NhdGlvblRhZ3NcIixcbiAgICAgIG9uQ3JlYXRlOiB7XG4gICAgICAgIHNlcnZpY2U6IFwiQ29zdEV4cGxvcmVyXCIsXG4gICAgICAgIGFjdGlvbjogXCJ1cGRhdGVDb3N0QWxsb2NhdGlvblRhZ3NTdGF0dXNcIixcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIENvc3RBbGxvY2F0aW9uVGFnc1N0YXR1czogdG9nZ2xlQ29zdFRhZyhjb3N0QWxsb2NhdGlvblRhZ3MsIFwiQWN0aXZlXCIpXG4gICAgICAgIH0sXG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogY3VzdG9tUmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZihcbiAgICAgICAgICBcImVuYWJsZUNvc3RBbGxvY2F0aW9uVGFnc1wiXG4gICAgICAgIClcbiAgICAgIH0sXG4gICAgICBvblVwZGF0ZToge1xuICAgICAgICBzZXJ2aWNlOiBcIkNvc3RFeHBsb3JlclwiLFxuICAgICAgICBhY3Rpb246IFwidXBkYXRlQ29zdEFsbG9jYXRpb25UYWdzU3RhdHVzXCIsXG4gICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICBDb3N0QWxsb2NhdGlvblRhZ3NTdGF0dXM6IHRvZ2dsZUNvc3RUYWcoY29zdEFsbG9jYXRpb25UYWdzLCBcIkFjdGl2ZVwiKVxuICAgICAgICB9LFxuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXG4gICAgICAgICAgXCJ1cGRhdGVDb3N0QWxsb2NhdGlvblRhZ3NcIlxuICAgICAgICApXG4gICAgICB9LFxuICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgc2VydmljZTogXCJDb3N0RXhwbG9yZXJcIixcbiAgICAgICAgYWN0aW9uOiBcInVwZGF0ZUNvc3RBbGxvY2F0aW9uVGFnc1N0YXR1c1wiLFxuICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgQ29zdEFsbG9jYXRpb25UYWdzU3RhdHVzOiB0b2dnbGVDb3N0VGFnKFxuICAgICAgICAgICAgY29zdEFsbG9jYXRpb25UYWdzLFxuICAgICAgICAgICAgXCJJbmFjdGl2ZVwiXG4gICAgICAgICAgKVxuICAgICAgICB9XG4gICAgICB9LFxuICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6Q29zdEFsbG9jYXRpb25UYWdzXCJcbiAgICB9KTtcbiAgfVxufVxuIl19

package/dist/lib/config/aws/delegateHostedZoneRole.d.ts

@@ -0,0 +1,5 @@
+import { Stack } from "aws-cdk-lib";
+import { Construct } from "constructs";
+export declare class DelegateHostedZoneRole extends Stack {
+    constructor(scope: Construct, id: string);
+}

package/dist/lib/config/aws/delegateHostedZoneRole.js

@@ -0,0 +1,77 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DelegateHostedZoneRole = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const iam_1 = require("../../resources/aws/iam");
+const aws_iam_1 = require("aws-cdk-lib/aws-iam");
+const customResources = require("aws-cdk-lib/custom-resources");
+const awsCustomResource_1 = require("../../resources/aws/utilities/awsCustomResource");
+// TODO: Automatically import when a domain is imported, updated or created
+const domains = ["Z08225072O6SFKZASVL1U"];
+class DelegateHostedZoneRole extends aws_cdk_lib_1.Stack {
+    constructor(scope, id) {
+        super(scope, id);
+        const getHostedZoneArn = (domains) => {
+            const hostedZoneArn = [];
+            for (const domain of domains) {
+                hostedZoneArn.push(`arn:aws:route53:::hostedzone/${domain}`);
+            }
+            return hostedZoneArn;
+        };
+        const listHostedZones = new awsCustomResource_1.AwsCustomResource(this, "listHostedZones", {
+            functionName: "listHostedZones",
+            onCreate: {
+                service: "route-53",
+                action: "ListHostedZonesByNameCommand",
+                physicalResourceId: customResources.PhysicalResourceId.of("listHostedZones")
+            },
+            onUpdate: {
+                service: "route-53",
+                action: "ListHostedZonesByNameCommand",
+                physicalResourceId: customResources.PhysicalResourceId.of("HostedZoneId")
+            },
+            resourceType: "Custom::ListHostedZones",
+            policy: customResources.AwsCustomResourcePolicy.fromStatements([
+                new aws_iam_1.PolicyStatement({
+                    actions: ["route53:ListHostedZonesByName"],
+                    resources: ["*"],
+                    effect: aws_iam_1.Effect.ALLOW
+                })
+            ])
+        });
+        new aws_cdk_lib_1.CfnOutput(this, "HostedZoneIds", {
+            key: "HostedZoneIds",
+            value: listHostedZones.getResponseField("HostedZoneId"),
+            exportName: "HostedZoneIds"
+        });
+        const role = new iam_1.Role(this, "DelegateHostedZoneRole", {
+            assumedBy: new aws_iam_1.OrganizationPrincipal(aws_cdk_lib_1.Fn.importValue("OrganisationId")),
+            roleName: "DelegateHostedZoneRole",
+            inlinePolicies: {
+                ["listHostedZones"]: new aws_iam_1.PolicyDocument({
+                    statements: [
+                        new aws_iam_1.PolicyStatement({
+                            actions: ["route53:ListHostedZonesByName"],
+                            resources: ["*"]
+                        })
+                    ]
+                }),
+                ["changeResourceRecordSets"]: new aws_iam_1.PolicyDocument({
+                    statements: [
+                        new aws_iam_1.PolicyStatement({
+                            actions: ["route53:ChangeResourceRecordSets"],
+                            resources: getHostedZoneArn(domains)
+                        })
+                    ]
+                })
+            }
+        });
+        new aws_cdk_lib_1.CfnOutput(this, "DelegateHostedZoneRoleArn", {
+            key: "DelegateHostedZoneRoleArn",
+            value: role.roleArn,
+            exportName: "DelegateHostedZoneRoleArn"
+        });
+    }
+}
+exports.DelegateHostedZoneRole = DelegateHostedZoneRole;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGVsZWdhdGVIb3N0ZWRab25lUm9sZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL2xpYi9jb25maWcvYXdzL2RlbGVnYXRlSG9zdGVkWm9uZVJvbGUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQW1EO0FBRW5ELGlEQUErQztBQUMvQyxpREFLNkI7QUFDN0IsZ0VBQWdFO0FBQ2hFLHVGQUFvRjtBQUVwRiwyRUFBMkU7QUFDM0UsTUFBTSxPQUFPLEdBQUcsQ0FBQyx1QkFBdUIsQ0FBQyxDQUFDO0FBRTFDLE1BQWEsc0JBQXVCLFNBQVEsbUJBQUs7SUFDL0MsWUFBWSxLQUFnQixFQUFFLEVBQVU7UUFDdEMsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLGdCQUFnQixHQUFHLENBQUMsT0FBaUIsRUFBRSxFQUFFO1lBQzdDLE1BQU0sYUFBYSxHQUFhLEVBQUUsQ0FBQztZQUVuQyxLQUFLLE1BQU0sTUFBTSxJQUFJLE9BQU8sRUFBRTtnQkFDNUIsYUFBYSxDQUFDLElBQUksQ0FBQyxnQ0FBZ0MsTUFBTSxFQUFFLENBQUMsQ0FBQzthQUM5RDtZQUNELE9BQU8sYUFBYSxDQUFDO1FBQ3ZCLENBQUMsQ0FBQztRQUVGLE1BQU0sZUFBZSxHQUFHLElBQUkscUNBQWlCLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFO1lBQ3JFLFlBQVksRUFBRSxpQkFBaUI7WUFDL0IsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxVQUFVO2dCQUNuQixNQUFNLEVBQUUsOEJBQThCO2dCQUN0QyxrQkFBa0IsRUFDaEIsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQyxpQkFBaUIsQ0FBQzthQUMzRDtZQUNELFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsVUFBVTtnQkFDbkIsTUFBTSxFQUFFLDhCQUE4QjtnQkFDdEMsa0JBQWtCLEVBQ2hCLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsY0FBYyxDQUFDO2FBQ3hEO1lBQ0QsWUFBWSxFQUFFLHlCQUF5QjtZQUN2QyxNQUFNLEVBQUUsZUFBZSxDQUFDLHVCQUF1QixDQUFDLGNBQWMsQ0FBQztnQkFDN0QsSUFBSSx5QkFBZSxDQUFDO29CQUNsQixPQUFPLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQztvQkFDMUMsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO29CQUNoQixNQUFNLEVBQUUsZ0JBQU0sQ0FBQyxLQUFLO2lCQUNyQixDQUFDO2FBQ0gsQ0FBQztTQUNILENBQUMsQ0FBQztRQUVILElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsZUFBZSxFQUFFO1lBQ25DLEdBQUcsRUFBRSxlQUFlO1lBQ3BCLEtBQUssRUFBRSxlQUFlLENBQUMsZ0JBQWdCLENBQUMsY0FBYyxDQUFDO1lBQ3ZELFVBQVUsRUFBRSxlQUFlO1NBQzVCLENBQUMsQ0FBQztRQUVILE1BQU0sSUFBSSxHQUFHLElBQUksVUFBSSxDQUFDLElBQUksRUFBRSx3QkFBd0IsRUFBRTtZQUNwRCxTQUFTLEVBQUUsSUFBSSwrQkFBcUIsQ0FBQyxnQkFBRSxDQUFDLFdBQVcsQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFDO1lBQ3RFLFFBQVEsRUFBRSx3QkFBd0I7WUFDbEMsY0FBYyxFQUFFO2dCQUNkLENBQUMsaUJBQWlCLENBQUMsRUFBRSxJQUFJLHdCQUFjLENBQUM7b0JBQ3RDLFVBQVUsRUFBRTt3QkFDVixJQUFJLHlCQUFlLENBQUM7NEJBQ2xCLE9BQU8sRUFBRSxDQUFDLCtCQUErQixDQUFDOzRCQUMxQyxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7eUJBQ2pCLENBQUM7cUJBQ0g7aUJBQ0YsQ0FBQztnQkFDRixDQUFDLDBCQUEwQixDQUFDLEVBQUUsSUFBSSx3QkFBYyxDQUFDO29CQUMvQyxVQUFVLEVBQUU7d0JBQ1YsSUFBSSx5QkFBZSxDQUFDOzRCQUNsQixPQUFPLEVBQUUsQ0FBQyxrQ0FBa0MsQ0FBQzs0QkFDN0MsU0FBUyxFQUFFLGdCQUFnQixDQUFDLE9BQU8sQ0FBQzt5QkFDckMsQ0FBQztxQkFDSDtpQkFDRixDQUFDO2FBQ0g7U0FDRixDQUFDLENBQUM7UUFFSCxJQUFJLHVCQUFTLENBQUMsSUFBSSxFQUFFLDJCQUEyQixFQUFFO1lBQy9DLEdBQUcsRUFBRSwyQkFBMkI7WUFDaEMsS0FBSyxFQUFFLElBQUksQ0FBQyxPQUFPO1lBQ25CLFVBQVUsRUFBRSwyQkFBMkI7U0FDeEMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBeEVELHdEQXdFQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENmbk91dHB1dCwgRm4sIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgUm9sZSB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL2lhbVwiO1xuaW1wb3J0IHtcbiAgRWZmZWN0LFxuICBPcmdhbml6YXRpb25QcmluY2lwYWwsXG4gIFBvbGljeURvY3VtZW50LFxuICBQb2xpY3lTdGF0ZW1lbnRcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIjtcbmltcG9ydCAqIGFzIGN1c3RvbVJlc291cmNlcyBmcm9tIFwiYXdzLWNkay1saWIvY3VzdG9tLXJlc291cmNlc1wiO1xuaW1wb3J0IHsgQXdzQ3VzdG9tUmVzb3VyY2UgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy91dGlsaXRpZXMvYXdzQ3VzdG9tUmVzb3VyY2VcIjtcblxuLy8gVE9ETzogQXV0b21hdGljYWxseSBpbXBvcnQgd2hlbiBhIGRvbWFpbiBpcyBpbXBvcnRlZCwgdXBkYXRlZCBvciBjcmVhdGVkXG5jb25zdCBkb21haW5zID0gW1wiWjA4MjI1MDcyTzZTRktaQVNWTDFVXCJdO1xuXG5leHBvcnQgY2xhc3MgRGVsZWdhdGVIb3N0ZWRab25lUm9sZSBleHRlbmRzIFN0YWNrIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBjb25zdCBnZXRIb3N0ZWRab25lQXJuID0gKGRvbWFpbnM6IHN0cmluZ1tdKSA9PiB7XG4gICAgICBjb25zdCBob3N0ZWRab25lQXJuOiBzdHJpbmdbXSA9IFtdO1xuXG4gICAgICBmb3IgKGNvbnN0IGRvbWFpbiBvZiBkb21haW5zKSB7XG4gICAgICAgIGhvc3RlZFpvbmVBcm4ucHVzaChgYXJuOmF3czpyb3V0ZTUzOjo6aG9zdGVkem9uZS8ke2RvbWFpbn1gKTtcbiAgICAgIH1cbiAgICAgIHJldHVybiBob3N0ZWRab25lQXJuO1xuICAgIH07XG5cbiAgICBjb25zdCBsaXN0SG9zdGVkWm9uZXMgPSBuZXcgQXdzQ3VzdG9tUmVzb3VyY2UodGhpcywgXCJsaXN0SG9zdGVkWm9uZXNcIiwge1xuICAgICAgZnVuY3Rpb25OYW1lOiBcImxpc3RIb3N0ZWRab25lc1wiLFxuICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgc2VydmljZTogXCJyb3V0ZS01M1wiLFxuICAgICAgICBhY3Rpb246IFwiTGlzdEhvc3RlZFpvbmVzQnlOYW1lQ29tbWFuZFwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy9sYXRlc3QvQVdTL1JvdXRlNTMuaHRtbCNsaXN0SG9zdGVkWm9uZXMtcHJvcGVydHlcbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOlxuICAgICAgICAgIGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXCJsaXN0SG9zdGVkWm9uZXNcIilcbiAgICAgIH0sXG4gICAgICBvblVwZGF0ZToge1xuICAgICAgICBzZXJ2aWNlOiBcInJvdXRlLTUzXCIsXG4gICAgICAgIGFjdGlvbjogXCJMaXN0SG9zdGVkWm9uZXNCeU5hbWVDb21tYW5kXCIsIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL2xhdGVzdC9BV1MvUm91dGU1My5odG1sI2xpc3RIb3N0ZWRab25lcy1wcm9wZXJ0eVxuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6XG4gICAgICAgICAgY3VzdG9tUmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZihcIkhvc3RlZFpvbmVJZFwiKVxuICAgICAgfSxcbiAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206Okxpc3RIb3N0ZWRab25lc1wiLFxuICAgICAgcG9saWN5OiBjdXN0b21SZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVN0YXRlbWVudHMoW1xuICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXCJyb3V0ZTUzOkxpc3RIb3N0ZWRab25lc0J5TmFtZVwiXSxcbiAgICAgICAgICByZXNvdXJjZXM6IFtcIipcIl0sXG4gICAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1dcbiAgICAgICAgfSlcbiAgICAgIF0pXG4gICAgfSk7XG5cbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIFwiSG9zdGVkWm9uZUlkc1wiLCB7XG4gICAgICBrZXk6IFwiSG9zdGVkWm9uZUlkc1wiLFxuICAgICAgdmFsdWU6IGxpc3RIb3N0ZWRab25lcy5nZXRSZXNwb25zZUZpZWxkKFwiSG9zdGVkWm9uZUlkXCIpLFxuICAgICAgZXhwb3J0TmFtZTogXCJIb3N0ZWRab25lSWRzXCJcbiAgICB9KTtcblxuICAgIGNvbnN0IHJvbGUgPSBuZXcgUm9sZSh0aGlzLCBcIkRlbGVnYXRlSG9zdGVkWm9uZVJvbGVcIiwge1xuICAgICAgYXNzdW1lZEJ5OiBuZXcgT3JnYW5pemF0aW9uUHJpbmNpcGFsKEZuLmltcG9ydFZhbHVlKFwiT3JnYW5pc2F0aW9uSWRcIikpLCAvLyBUT0RPOiBTb3VyY2UgZnJvbSBsb2NhbCBjb25maWcsIHJhdGhlciB0aGFuIGRlcGxveWluZyBpbiBlYWNoIHJlZ2lvblxuICAgICAgcm9sZU5hbWU6IFwiRGVsZWdhdGVIb3N0ZWRab25lUm9sZVwiLFxuICAgICAgaW5saW5lUG9saWNpZXM6IHtcbiAgICAgICAgW1wibGlzdEhvc3RlZFpvbmVzXCJdOiBuZXcgUG9saWN5RG9jdW1lbnQoe1xuICAgICAgICAgIHN0YXRlbWVudHM6IFtcbiAgICAgICAgICAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAgICAgICBhY3Rpb25zOiBbXCJyb3V0ZTUzOkxpc3RIb3N0ZWRab25lc0J5TmFtZVwiXSxcbiAgICAgICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgICAgICB9KVxuICAgICAgICAgIF1cbiAgICAgICAgfSksXG4gICAgICAgIFtcImNoYW5nZVJlc291cmNlUmVjb3JkU2V0c1wiXTogbmV3IFBvbGljeURvY3VtZW50KHtcbiAgICAgICAgICBzdGF0ZW1lbnRzOiBbXG4gICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICAgICAgYWN0aW9uczogW1wicm91dGU1MzpDaGFuZ2VSZXNvdXJjZVJlY29yZFNldHNcIl0sXG4gICAgICAgICAgICAgIHJlc291cmNlczogZ2V0SG9zdGVkWm9uZUFybihkb21haW5zKVxuICAgICAgICAgICAgfSlcbiAgICAgICAgICBdXG4gICAgICAgIH0pXG4gICAgICB9XG4gICAgfSk7XG5cbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIFwiRGVsZWdhdGVIb3N0ZWRab25lUm9sZUFyblwiLCB7XG4gICAgICBrZXk6IFwiRGVsZWdhdGVIb3N0ZWRab25lUm9sZUFyblwiLFxuICAgICAgdmFsdWU6IHJvbGUucm9sZUFybixcbiAgICAgIGV4cG9ydE5hbWU6IFwiRGVsZWdhdGVIb3N0ZWRab25lUm9sZUFyblwiXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==

package/dist/lib/config/aws/ecrDefaultImage.d.ts

@@ -0,0 +1,11 @@
+import { Construct } from "constructs";
+import { StackProps } from "aws-cdk-lib";
+interface EcrDefaultImageProps extends StackProps {
+    region: string;
+    accountId: string;
+    eventBusArn: string;
+}
+export declare class EcrDefaultImage extends Construct {
+    constructor(scope: Construct, id: string, props: EcrDefaultImageProps);
+}
+export {};

package/dist/lib/config/aws/ecrDefaultImage.js

@@ -0,0 +1,127 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EcrDefaultImage = void 0;
+const constructs_1 = require("constructs");
+const codeBuild_1 = require("../../resources/aws/utilities/codeBuild");
+const aws_codebuild_1 = require("aws-cdk-lib/aws-codebuild");
+const logGroup_1 = require("../../resources/aws/logging/logGroup");
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const role_1 = require("../../resources/aws/iam/role");
+const aws_iam_1 = require("aws-cdk-lib/aws-iam");
+const aws_events_1 = require("aws-cdk-lib/aws-events");
+const Targets = require("aws-cdk-lib/aws-events-targets");
+const aws_stepfunctions_tasks_1 = require("aws-cdk-lib/aws-stepfunctions-tasks");
+const aws_stepfunctions_1 = require("aws-cdk-lib/aws-stepfunctions");
+class EcrDefaultImage extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        const logGroup = new logGroup_1.LogGroup(this, `logGroup`, {
+            logGroupName: `/vpc/codebuild/${id}/`,
+            removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY
+        });
+        const ecrDefaultImageRole = new role_1.Role(this, "ecrDefaultImageRole", {
+            roleName: `ecrDefaultImageRole`,
+            description: "Role to push default ECR images into new repositories",
+            assumedBy: new aws_iam_1.ServicePrincipal("codebuild.amazonaws.com"),
+            inlinePolicies: {
+                ["pushEcrImage"]: new aws_iam_1.PolicyDocument({
+                    statements: [
+                        new aws_iam_1.PolicyStatement({
+                            actions: [
+                                "ecr:CompleteLayerUpload",
+                                "ecr:GetAuthorizationToken",
+                                "ecr:UploadLayerPart",
+                                "ecr:InitiateLayerUpload",
+                                "ecr:BatchCheckLayerAvailability",
+                                "ecr:PutImage"
+                            ],
+                            resources: ["*"]
+                        })
+                    ]
+                }),
+                ["writeLogs"]: new aws_iam_1.PolicyDocument({
+                    statements: [
+                        new aws_iam_1.PolicyStatement({
+                            actions: [
+                                "logs:CreateLogGroup",
+                                "logs:CreateLogStream",
+                                "logs:PutLogEvents"
+                            ],
+                            resources: [logGroup.logGroupArn]
+                        })
+                    ]
+                })
+            }
+        });
+        const codeBuildProject = new codeBuild_1.CodeBuildProject(this, "codeBuildProject", {
+            description: "Build and push the default ECR image to new repositories",
+            projectName: "ecrDefaultImage",
+            buildSpec: aws_codebuild_1.BuildSpec.fromObject({
+                version: 0.2,
+                phases: {
+                    build: {
+                        commands: [
+                            "docker pull fjall/ecrdefaultimage:latest",
+                            "docker tag fjall/ecrdefaultimage:latest $ECR_REPOSITORY:latest",
+                            `aws ecr get-login-password --region ${props.region} | docker login --username AWS --password-stdin ${props.accountId}.dkr.ecr.${props.region}.amazonaws.com`,
+                            "docker push $ECR_REPOSITORY:latest"
+                        ]
+                    }
+                }
+            }),
+            logging: {
+                cloudWatch: {
+                    logGroup: logGroup
+                }
+            },
+            role: ecrDefaultImageRole,
+            tags: {
+                "fjall:costAllocation:environment": "management",
+                "fjall:costAllocation:service": "ecrDefaultImage",
+                "fjall:costAllocation:owner": "Fjall"
+            }
+        });
+        new aws_stepfunctions_tasks_1.CodeBuildStartBuild(this, "codeBuildTask", {
+            project: codeBuildProject.project,
+            inputPath: aws_stepfunctions_1.JsonPath.stringAt("$.source"),
+            environmentVariablesOverride: {
+                ECR_REPOSITORY: {
+                    type: aws_codebuild_1.BuildEnvironmentVariableType.PLAINTEXT,
+                    value: aws_stepfunctions_1.JsonPath.stringAt("$.source")
+                }
+            }
+        });
+        const eventInputMapping = {
+            repositoryUri: aws_events_1.EventField.fromPath("$.detail.responseElements.repository.repositoryUri")
+        };
+        const eventInputTemplate = {
+            environmentVariablesOverride: [
+                {
+                    name: "ECR_REPOSITORY",
+                    value: eventInputMapping.repositoryUri
+                }
+            ]
+        };
+        new aws_events_1.Rule(this, "ecrCreationRule", {
+            ruleName: "ecrCreationRule",
+            description: "Trigger the default ECR image build when a new repository is created",
+            enabled: true,
+            eventBus: aws_events_1.EventBus.fromEventBusArn(this, "defaultEventBus", props.eventBusArn),
+            eventPattern: {
+                source: ["aws.ecr"],
+                detailType: ["AWS API Call via CloudTrail"],
+                detail: {
+                    eventSource: ["ecr.amazonaws.com"],
+                    eventName: ["CreateRepository"]
+                }
+            },
+            targets: [
+                new Targets.CodeBuildProject(codeBuildProject.project, {
+                    event: aws_events_1.RuleTargetInput.fromObject(eventInputTemplate)
+                })
+            ]
+        });
+    }
+}
+exports.EcrDefaultImage = EcrDefaultImage;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZWNyRGVmYXVsdEltYWdlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vbGliL2NvbmZpZy9hd3MvZWNyRGVmYXVsdEltYWdlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF1QztBQUN2Qyx1RUFBMkU7QUFDM0UsNkRBR21DO0FBQ25DLG1FQUFnRTtBQUNoRSw2Q0FBd0Q7QUFDeEQsdURBQW9EO0FBQ3BELGlEQUk2QjtBQUM3Qix1REFLZ0M7QUFDaEMsMERBQTBEO0FBQzFELGlGQUEwRTtBQUMxRSxxRUFBeUQ7QUFRekQsTUFBYSxlQUFnQixTQUFRLHNCQUFTO0lBQzVDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBMkI7UUFDbkUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLFFBQVEsR0FBRyxJQUFJLG1CQUFRLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtZQUM5QyxZQUFZLEVBQUUsa0JBQWtCLEVBQUUsR0FBRztZQUNyQyxhQUFhLEVBQUUsMkJBQWEsQ0FBQyxPQUFPO1NBQ3JDLENBQUMsQ0FBQztRQUVILE1BQU0sbUJBQW1CLEdBQUcsSUFBSSxXQUFJLENBQUMsSUFBSSxFQUFFLHFCQUFxQixFQUFFO1lBQ2hFLFFBQVEsRUFBRSxxQkFBcUI7WUFDL0IsV0FBVyxFQUFFLHVEQUF1RDtZQUNwRSxTQUFTLEVBQUUsSUFBSSwwQkFBZ0IsQ0FBQyx5QkFBeUIsQ0FBQztZQUMxRCxjQUFjLEVBQUU7Z0JBQ2QsQ0FBQyxjQUFjLENBQUMsRUFBRSxJQUFJLHdCQUFjLENBQUM7b0JBQ25DLFVBQVUsRUFBRTt3QkFDVixJQUFJLHlCQUFlLENBQUM7NEJBQ2xCLE9BQU8sRUFBRTtnQ0FDUCx5QkFBeUI7Z0NBQ3pCLDJCQUEyQjtnQ0FDM0IscUJBQXFCO2dDQUNyQix5QkFBeUI7Z0NBQ3pCLGlDQUFpQztnQ0FDakMsY0FBYzs2QkFDZjs0QkFDRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7eUJBQ2pCLENBQUM7cUJBQ0g7aUJBQ0YsQ0FBQztnQkFDRixDQUFDLFdBQVcsQ0FBQyxFQUFFLElBQUksd0JBQWMsQ0FBQztvQkFDaEMsVUFBVSxFQUFFO3dCQUNWLElBQUkseUJBQWUsQ0FBQzs0QkFDbEIsT0FBTyxFQUFFO2dDQUNQLHFCQUFxQjtnQ0FDckIsc0JBQXNCO2dDQUN0QixtQkFBbUI7NkJBQ3BCOzRCQUNELFNBQVMsRUFBRSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUM7eUJBQ2xDLENBQUM7cUJBQ0g7aUJBQ0YsQ0FBQzthQUNIO1NBQ0YsQ0FBQyxDQUFDO1FBRUgsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLDRCQUFnQixDQUFDLElBQUksRUFBRSxrQkFBa0IsRUFBRTtZQUN0RSxXQUFXLEVBQUUsMERBQTBEO1lBQ3ZFLFdBQVcsRUFBRSxpQkFBaUI7WUFDOUIsU0FBUyxFQUFFLHlCQUFTLENBQUMsVUFBVSxDQUFDO2dCQUM5QixPQUFPLEVBQUUsR0FBRztnQkFDWixNQUFNLEVBQUU7b0JBQ04sS0FBSyxFQUFFO3dCQUNMLFFBQVEsRUFBRTs0QkFDUiwwQ0FBMEM7NEJBQzFDLGdFQUFnRTs0QkFDaEUsdUNBQXVDLEtBQUssQ0FBQyxNQUFNLG1EQUFtRCxLQUFLLENBQUMsU0FBUyxZQUFZLEtBQUssQ0FBQyxNQUFNLGdCQUFnQjs0QkFDN0osb0NBQW9DO3lCQUNyQztxQkFDRjtpQkFDRjthQUNGLENBQUM7WUFDRixPQUFPLEVBQUU7Z0JBQ1AsVUFBVSxFQUFFO29CQUNWLFFBQVEsRUFBRSxRQUFRO2lCQUNuQjthQUNGO1lBQ0QsSUFBSSxFQUFFLG1CQUFtQjtZQUN6QixJQUFJLEVBQUU7Z0JBQ0osa0NBQWtDLEVBQUUsWUFBWTtnQkFDaEQsOEJBQThCLEVBQUUsaUJBQWlCO2dCQUNqRCw0QkFBNEIsRUFBRSxPQUFPO2FBQ3RDO1NBQ0YsQ0FBQyxDQUFDO1FBRUgsSUFBSSw2Q0FBbUIsQ0FBQyxJQUFJLEVBQUUsZUFBZSxFQUFFO1lBQzdDLE9BQU8sRUFBRSxnQkFBZ0IsQ0FBQyxPQUFPO1lBQ2pDLFNBQVMsRUFBRSw0QkFBUSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUM7WUFDeEMsNEJBQTRCLEVBQUU7Z0JBQzVCLGNBQWMsRUFBRTtvQkFDZCxJQUFJLEVBQUUsNENBQTRCLENBQUMsU0FBUztvQkFDNUMsS0FBSyxFQUFFLDRCQUFRLENBQUMsUUFBUSxDQUFDLFVBQVUsQ0FBQztpQkFDckM7YUFDRjtTQUNGLENBQUMsQ0FBQztRQUVILE1BQU0saUJBQWlCLEdBQUc7WUFDeEIsYUFBYSxFQUFFLHVCQUFVLENBQUMsUUFBUSxDQUNoQyxvREFBb0QsQ0FDckQ7U0FDRixDQUFDO1FBRUYsTUFBTSxrQkFBa0IsR0FBRztZQUN6Qiw0QkFBNEIsRUFBRTtnQkFDNUI7b0JBQ0UsSUFBSSxFQUFFLGdCQUFnQjtvQkFDdEIsS0FBSyxFQUFFLGlCQUFpQixDQUFDLGFBQWE7aUJBQ3ZDO2FBQ0Y7U0FDRixDQUFDO1FBRUYsSUFBSSxpQkFBSSxDQUFDLElBQUksRUFBRSxpQkFBaUIsRUFBRTtZQUNoQyxRQUFRLEVBQUUsaUJBQWlCO1lBQzNCLFdBQVcsRUFDVCxzRUFBc0U7WUFDeEUsT0FBTyxFQUFFLElBQUk7WUFDYixRQUFRLEVBQUUscUJBQVEsQ0FBQyxlQUFlLENBQ2hDLElBQUksRUFDSixpQkFBaUIsRUFDakIsS0FBSyxDQUFDLFdBQVcsQ0FDbEI7WUFDRCxZQUFZLEVBQUU7Z0JBQ1osTUFBTSxFQUFFLENBQUMsU0FBUyxDQUFDO2dCQUNuQixVQUFVLEVBQUUsQ0FBQyw2QkFBNkIsQ0FBQztnQkFDM0MsTUFBTSxFQUFFO29CQUNOLFdBQVcsRUFBRSxDQUFDLG1CQUFtQixDQUFDO29CQUNsQyxTQUFTLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQztpQkFDaEM7YUFDRjtZQUNELE9BQU8sRUFBRTtnQkFDUCxJQUFJLE9BQU8sQ0FBQyxnQkFBZ0IsQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLEVBQUU7b0JBQ3JELEtBQUssRUFBRSw0QkFBZSxDQUFDLFVBQVUsQ0FBQyxrQkFBa0IsQ0FBQztpQkFDdEQsQ0FBQzthQUNIO1NBQ0YsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBNUhELDBDQTRIQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBDb2RlQnVpbGRQcm9qZWN0IH0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3MvdXRpbGl0aWVzL2NvZGVCdWlsZFwiO1xuaW1wb3J0IHtcbiAgQnVpbGRFbnZpcm9ubWVudFZhcmlhYmxlVHlwZSxcbiAgQnVpbGRTcGVjXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtY29kZWJ1aWxkXCI7XG5pbXBvcnQgeyBMb2dHcm91cCB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL2xvZ2dpbmcvbG9nR3JvdXBcIjtcbmltcG9ydCB7IFJlbW92YWxQb2xpY3ksIFN0YWNrUHJvcHMgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IFJvbGUgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy9pYW0vcm9sZVwiO1xuaW1wb3J0IHtcbiAgUG9saWN5RG9jdW1lbnQsXG4gIFBvbGljeVN0YXRlbWVudCxcbiAgU2VydmljZVByaW5jaXBhbFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuaW1wb3J0IHtcbiAgRXZlbnRCdXMsXG4gIEV2ZW50RmllbGQsXG4gIFJ1bGUsXG4gIFJ1bGVUYXJnZXRJbnB1dFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50c1wiO1xuaW1wb3J0ICogYXMgVGFyZ2V0cyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50cy10YXJnZXRzXCI7XG5pbXBvcnQgeyBDb2RlQnVpbGRTdGFydEJ1aWxkIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zdGVwZnVuY3Rpb25zLXRhc2tzXCI7XG5pbXBvcnQgeyBKc29uUGF0aCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtc3RlcGZ1bmN0aW9uc1wiO1xuXG5pbnRlcmZhY2UgRWNyRGVmYXVsdEltYWdlUHJvcHMgZXh0ZW5kcyBTdGFja1Byb3BzIHtcbiAgcmVnaW9uOiBzdHJpbmc7XG4gIGFjY291bnRJZDogc3RyaW5nO1xuICBldmVudEJ1c0Fybjogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgRWNyRGVmYXVsdEltYWdlIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEVjckRlZmF1bHRJbWFnZVByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGNvbnN0IGxvZ0dyb3VwID0gbmV3IExvZ0dyb3VwKHRoaXMsIGBsb2dHcm91cGAsIHtcbiAgICAgIGxvZ0dyb3VwTmFtZTogYC92cGMvY29kZWJ1aWxkLyR7aWR9L2AsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LkRFU1RST1lcbiAgICB9KTtcblxuICAgIGNvbnN0IGVjckRlZmF1bHRJbWFnZVJvbGUgPSBuZXcgUm9sZSh0aGlzLCBcImVjckRlZmF1bHRJbWFnZVJvbGVcIiwge1xuICAgICAgcm9sZU5hbWU6IGBlY3JEZWZhdWx0SW1hZ2VSb2xlYCxcbiAgICAgIGRlc2NyaXB0aW9uOiBcIlJvbGUgdG8gcHVzaCBkZWZhdWx0IEVDUiBpbWFnZXMgaW50byBuZXcgcmVwb3NpdG9yaWVzXCIsXG4gICAgICBhc3N1bWVkQnk6IG5ldyBTZXJ2aWNlUHJpbmNpcGFsKFwiY29kZWJ1aWxkLmFtYXpvbmF3cy5jb21cIiksXG4gICAgICBpbmxpbmVQb2xpY2llczoge1xuICAgICAgICBbXCJwdXNoRWNySW1hZ2VcIl06IG5ldyBQb2xpY3lEb2N1bWVudCh7XG4gICAgICAgICAgc3RhdGVtZW50czogW1xuICAgICAgICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgICAgIGFjdGlvbnM6IFtcbiAgICAgICAgICAgICAgICBcImVjcjpDb21wbGV0ZUxheWVyVXBsb2FkXCIsXG4gICAgICAgICAgICAgICAgXCJlY3I6R2V0QXV0aG9yaXphdGlvblRva2VuXCIsXG4gICAgICAgICAgICAgICAgXCJlY3I6VXBsb2FkTGF5ZXJQYXJ0XCIsXG4gICAgICAgICAgICAgICAgXCJlY3I6SW5pdGlhdGVMYXllclVwbG9hZFwiLFxuICAgICAgICAgICAgICAgIFwiZWNyOkJhdGNoQ2hlY2tMYXllckF2YWlsYWJpbGl0eVwiLFxuICAgICAgICAgICAgICAgIFwiZWNyOlB1dEltYWdlXCJcbiAgICAgICAgICAgICAgXSxcbiAgICAgICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgICAgICB9KVxuICAgICAgICAgIF1cbiAgICAgICAgfSksXG4gICAgICAgIFtcIndyaXRlTG9nc1wiXTogbmV3IFBvbGljeURvY3VtZW50KHtcbiAgICAgICAgICBzdGF0ZW1lbnRzOiBbXG4gICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICAgICAgYWN0aW9uczogW1xuICAgICAgICAgICAgICAgIFwibG9nczpDcmVhdGVMb2dHcm91cFwiLFxuICAgICAgICAgICAgICAgIFwibG9nczpDcmVhdGVMb2dTdHJlYW1cIixcbiAgICAgICAgICAgICAgICBcImxvZ3M6UHV0TG9nRXZlbnRzXCJcbiAgICAgICAgICAgICAgXSxcbiAgICAgICAgICAgICAgcmVzb3VyY2VzOiBbbG9nR3JvdXAubG9nR3JvdXBBcm5dXG4gICAgICAgICAgICB9KVxuICAgICAgICAgIF1cbiAgICAgICAgfSlcbiAgICAgIH1cbiAgICB9KTtcblxuICAgIGNvbnN0IGNvZGVCdWlsZFByb2plY3QgPSBuZXcgQ29kZUJ1aWxkUHJvamVjdCh0aGlzLCBcImNvZGVCdWlsZFByb2plY3RcIiwge1xuICAgICAgZGVzY3JpcHRpb246IFwiQnVpbGQgYW5kIHB1c2ggdGhlIGRlZmF1bHQgRUNSIGltYWdlIHRvIG5ldyByZXBvc2l0b3JpZXNcIixcbiAgICAgIHByb2plY3ROYW1lOiBcImVjckRlZmF1bHRJbWFnZVwiLFxuICAgICAgYnVpbGRTcGVjOiBCdWlsZFNwZWMuZnJvbU9iamVjdCh7XG4gICAgICAgIHZlcnNpb246IDAuMixcbiAgICAgICAgcGhhc2VzOiB7XG4gICAgICAgICAgYnVpbGQ6IHtcbiAgICAgICAgICAgIGNvbW1hbmRzOiBbXG4gICAgICAgICAgICAgIFwiZG9ja2VyIHB1bGwgZmphbGwvZWNyZGVmYXVsdGltYWdlOmxhdGVzdFwiLFxuICAgICAgICAgICAgICBcImRvY2tlciB0YWcgZmphbGwvZWNyZGVmYXVsdGltYWdlOmxhdGVzdCAkRUNSX1JFUE9TSVRPUlk6bGF0ZXN0XCIsXG4gICAgICAgICAgICAgIGBhd3MgZWNyIGdldC1sb2dpbi1wYXNzd29yZCAtLXJlZ2lvbiAke3Byb3BzLnJlZ2lvbn0gfCBkb2NrZXIgbG9naW4gLS11c2VybmFtZSBBV1MgLS1wYXNzd29yZC1zdGRpbiAke3Byb3BzLmFjY291bnRJZH0uZGtyLmVjci4ke3Byb3BzLnJlZ2lvbn0uYW1hem9uYXdzLmNvbWAsXG4gICAgICAgICAgICAgIFwiZG9ja2VyIHB1c2ggJEVDUl9SRVBPU0lUT1JZOmxhdGVzdFwiXG4gICAgICAgICAgICBdXG4gICAgICAgICAgfVxuICAgICAgICB9XG4gICAgICB9KSxcbiAgICAgIGxvZ2dpbmc6IHtcbiAgICAgICAgY2xvdWRXYXRjaDoge1xuICAgICAgICAgIGxvZ0dyb3VwOiBsb2dHcm91cFxuICAgICAgICB9XG4gICAgICB9LFxuICAgICAgcm9sZTogZWNyRGVmYXVsdEltYWdlUm9sZSxcbiAgICAgIHRhZ3M6IHtcbiAgICAgICAgXCJmamFsbDpjb3N0QWxsb2NhdGlvbjplbnZpcm9ubWVudFwiOiBcIm1hbmFnZW1lbnRcIixcbiAgICAgICAgXCJmamFsbDpjb3N0QWxsb2NhdGlvbjpzZXJ2aWNlXCI6IFwiZWNyRGVmYXVsdEltYWdlXCIsXG4gICAgICAgIFwiZmphbGw6Y29zdEFsbG9jYXRpb246b3duZXJcIjogXCJGamFsbFwiXG4gICAgICB9XG4gICAgfSk7XG5cbiAgICBuZXcgQ29kZUJ1aWxkU3RhcnRCdWlsZCh0aGlzLCBcImNvZGVCdWlsZFRhc2tcIiwge1xuICAgICAgcHJvamVjdDogY29kZUJ1aWxkUHJvamVjdC5wcm9qZWN0LFxuICAgICAgaW5wdXRQYXRoOiBKc29uUGF0aC5zdHJpbmdBdChcIiQuc291cmNlXCIpLFxuICAgICAgZW52aXJvbm1lbnRWYXJpYWJsZXNPdmVycmlkZToge1xuICAgICAgICBFQ1JfUkVQT1NJVE9SWToge1xuICAgICAgICAgIHR5cGU6IEJ1aWxkRW52aXJvbm1lbnRWYXJpYWJsZVR5cGUuUExBSU5URVhULFxuICAgICAgICAgIHZhbHVlOiBKc29uUGF0aC5zdHJpbmdBdChcIiQuc291cmNlXCIpXG4gICAgICAgIH1cbiAgICAgIH1cbiAgICB9KTtcblxuICAgIGNvbnN0IGV2ZW50SW5wdXRNYXBwaW5nID0ge1xuICAgICAgcmVwb3NpdG9yeVVyaTogRXZlbnRGaWVsZC5mcm9tUGF0aChcbiAgICAgICAgXCIkLmRldGFpbC5yZXNwb25zZUVsZW1lbnRzLnJlcG9zaXRvcnkucmVwb3NpdG9yeVVyaVwiXG4gICAgICApXG4gICAgfTtcblxuICAgIGNvbnN0IGV2ZW50SW5wdXRUZW1wbGF0ZSA9IHtcbiAgICAgIGVudmlyb25tZW50VmFyaWFibGVzT3ZlcnJpZGU6IFtcbiAgICAgICAge1xuICAgICAgICAgIG5hbWU6IFwiRUNSX1JFUE9TSVRPUllcIixcbiAgICAgICAgICB2YWx1ZTogZXZlbnRJbnB1dE1hcHBpbmcucmVwb3NpdG9yeVVyaVxuICAgICAgICB9XG4gICAgICBdXG4gICAgfTtcblxuICAgIG5ldyBSdWxlKHRoaXMsIFwiZWNyQ3JlYXRpb25SdWxlXCIsIHtcbiAgICAgIHJ1bGVOYW1lOiBcImVjckNyZWF0aW9uUnVsZVwiLFxuICAgICAgZGVzY3JpcHRpb246XG4gICAgICAgIFwiVHJpZ2dlciB0aGUgZGVmYXVsdCBFQ1IgaW1hZ2UgYnVpbGQgd2hlbiBhIG5ldyByZXBvc2l0b3J5IGlzIGNyZWF0ZWRcIixcbiAgICAgIGVuYWJsZWQ6IHRydWUsXG4gICAgICBldmVudEJ1czogRXZlbnRCdXMuZnJvbUV2ZW50QnVzQXJuKFxuICAgICAgICB0aGlzLFxuICAgICAgICBcImRlZmF1bHRFdmVudEJ1c1wiLFxuICAgICAgICBwcm9wcy5ldmVudEJ1c0FyblxuICAgICAgKSxcbiAgICAgIGV2ZW50UGF0dGVybjoge1xuICAgICAgICBzb3VyY2U6IFtcImF3cy5lY3JcIl0sXG4gICAgICAgIGRldGFpbFR5cGU6IFtcIkFXUyBBUEkgQ2FsbCB2aWEgQ2xvdWRUcmFpbFwiXSxcbiAgICAgICAgZGV0YWlsOiB7XG4gICAgICAgICAgZXZlbnRTb3VyY2U6IFtcImVjci5hbWF6b25hd3MuY29tXCJdLFxuICAgICAgICAgIGV2ZW50TmFtZTogW1wiQ3JlYXRlUmVwb3NpdG9yeVwiXVxuICAgICAgICB9XG4gICAgICB9LFxuICAgICAgdGFyZ2V0czogW1xuICAgICAgICBuZXcgVGFyZ2V0cy5Db2RlQnVpbGRQcm9qZWN0KGNvZGVCdWlsZFByb2plY3QucHJvamVjdCwge1xuICAgICAgICAgIGV2ZW50OiBSdWxlVGFyZ2V0SW5wdXQuZnJvbU9iamVjdChldmVudElucHV0VGVtcGxhdGUpXG4gICAgICAgIH0pXG4gICAgICBdXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==

package/dist/lib/config/aws/eventBus.d.ts

@@ -0,0 +1,7 @@
+import { CfnOutput } from "aws-cdk-lib";
+import { Construct } from "constructs";
+export declare class DefaultEventBus extends Construct {
+    readonly defaultEventBusName: CfnOutput;
+    readonly defaultEventBusArn: CfnOutput;
+    constructor(scope: Construct, id: string);
+}

package/dist/lib/config/aws/eventBus.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DefaultEventBus = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const Events = require("aws-cdk-lib/aws-events");
+const constructs_1 = require("constructs");
+class DefaultEventBus extends constructs_1.Construct {
+    constructor(scope, id) {
+        super(scope, id);
+        const eventBridge = Events.EventBus.fromEventBusName(this, "defaultEventBus", "default");
+        this.defaultEventBusName = new aws_cdk_lib_1.CfnOutput(this, "defaultEventBusName", {
+            key: `defaultEventBusName`,
+            value: eventBridge.eventBusName,
+            exportName: "defaultEventBusName"
+        });
+        this.defaultEventBusArn = new aws_cdk_lib_1.CfnOutput(this, "defaultEventBusArn", {
+            key: `defaultEventBusArn`,
+            value: eventBridge.eventBusArn,
+            exportName: "defaultEventBusArn"
+        });
+    }
+}
+exports.DefaultEventBus = DefaultEventBus;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXZlbnRCdXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9saWIvY29uZmlnL2F3cy9ldmVudEJ1cy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBd0M7QUFDeEMsaURBQWlEO0FBQ2pELDJDQUF1QztBQUV2QyxNQUFhLGVBQWdCLFNBQVEsc0JBQVM7SUFJNUMsWUFBWSxLQUFnQixFQUFFLEVBQVU7UUFDdEMsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLFdBQVcsR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLGdCQUFnQixDQUNsRCxJQUFJLEVBQ0osaUJBQWlCLEVBQ2pCLFNBQVMsQ0FDVixDQUFDO1FBRUYsSUFBSSxDQUFDLG1CQUFtQixHQUFHLElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUscUJBQXFCLEVBQUU7WUFDcEUsR0FBRyxFQUFFLHFCQUFxQjtZQUMxQixLQUFLLEVBQUUsV0FBVyxDQUFDLFlBQVk7WUFDL0IsVUFBVSxFQUFFLHFCQUFxQjtTQUNsQyxDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsa0JBQWtCLEdBQUcsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxvQkFBb0IsRUFBRTtZQUNsRSxHQUFHLEVBQUUsb0JBQW9CO1lBQ3pCLEtBQUssRUFBRSxXQUFXLENBQUMsV0FBVztZQUM5QixVQUFVLEVBQUUsb0JBQW9CO1NBQ2pDLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQXpCRCwwQ0F5QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZm5PdXRwdXQgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCAqIGFzIEV2ZW50cyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50c1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuZXhwb3J0IGNsYXNzIERlZmF1bHRFdmVudEJ1cyBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBkZWZhdWx0RXZlbnRCdXNOYW1lOiBDZm5PdXRwdXQ7XG4gIHB1YmxpYyByZWFkb25seSBkZWZhdWx0RXZlbnRCdXNBcm46IENmbk91dHB1dDtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGNvbnN0IGV2ZW50QnJpZGdlID0gRXZlbnRzLkV2ZW50QnVzLmZyb21FdmVudEJ1c05hbWUoXG4gICAgICB0aGlzLFxuICAgICAgXCJkZWZhdWx0RXZlbnRCdXNcIixcbiAgICAgIFwiZGVmYXVsdFwiXG4gICAgKTtcblxuICAgIHRoaXMuZGVmYXVsdEV2ZW50QnVzTmFtZSA9IG5ldyBDZm5PdXRwdXQodGhpcywgXCJkZWZhdWx0RXZlbnRCdXNOYW1lXCIsIHtcbiAgICAgIGtleTogYGRlZmF1bHRFdmVudEJ1c05hbWVgLFxuICAgICAgdmFsdWU6IGV2ZW50QnJpZGdlLmV2ZW50QnVzTmFtZSxcbiAgICAgIGV4cG9ydE5hbWU6IFwiZGVmYXVsdEV2ZW50QnVzTmFtZVwiXG4gICAgfSk7XG5cbiAgICB0aGlzLmRlZmF1bHRFdmVudEJ1c0FybiA9IG5ldyBDZm5PdXRwdXQodGhpcywgXCJkZWZhdWx0RXZlbnRCdXNBcm5cIiwge1xuICAgICAga2V5OiBgZGVmYXVsdEV2ZW50QnVzQXJuYCxcbiAgICAgIHZhbHVlOiBldmVudEJyaWRnZS5ldmVudEJ1c0FybixcbiAgICAgIGV4cG9ydE5hbWU6IFwiZGVmYXVsdEV2ZW50QnVzQXJuXCJcbiAgICB9KTtcbiAgfVxufVxuIl19

package/dist/lib/config/aws/identityCenter.d.ts

@@ -0,0 +1,13 @@
+import { Construct } from "constructs";
+import { Group } from "../../resources/aws/iam/identityCenter/group";
+import { Accounts } from "../../patterns/aws/managedOrganisation";
+interface IdentityCenterProps {
+    accounts: Accounts;
+}
+export declare class IdentityCenter extends Construct {
+    identityStoreId: string;
+    identityCenterArn: string;
+    identityCenterGroups: Group[];
+    constructor(scope: Construct, id: string, props: IdentityCenterProps);
+}
+export {};

package/dist/lib/config/aws/identityCenter.js

@@ -0,0 +1,102 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IdentityCenter = void 0;
+const customResources = require("aws-cdk-lib/custom-resources");
+const constructs_1 = require("constructs");
+const cfnOutput_1 = require("../../resources/aws/utilities/cfnOutput");
+const awsCustomResource_1 = require("../../resources/aws/utilities/awsCustomResource");
+const group_1 = require("../../resources/aws/iam/identityCenter/group");
+const aws_iam_1 = require("aws-cdk-lib/aws-iam");
+const permissionSet_1 = require("../../resources/aws/iam/identityCenter/permissionSet");
+const assignment_1 = require("../../resources/aws/iam/identityCenter/assignment");
+const stripAndCamelCase_1 = require("../../utils/stripAndCamelCase");
+class IdentityCenter extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.identityCenterGroups = [];
+        // TODO: Should only use this if no groups are provided by the end user
+        const defaultPermissionSets = {
+            AdministratorAccess: {
+                Policy: "arn:aws:iam::aws:policy/AdministratorAccess"
+            },
+            Billing: {
+                Policy: "arn:aws:iam::aws:policy/job-function/Billing"
+            },
+            ReadOnlyAccess: {
+                Policy: "arn:aws:iam::aws:policy/ReadOnlyAccess"
+            },
+            SystemAdministrator: {
+                Policy: "arn:aws:iam::aws:policy/job-function/SystemAdministrator"
+            }
+        };
+        const customResource = new awsCustomResource_1.AwsCustomResource(this, "listIdentityCenterInstance", {
+            functionName: "listIdentityCenterInstance",
+            onCreate: {
+                service: "sso-admin",
+                action: "ListInstancesCommand",
+                parameters: {
+                    MaxResults: 1
+                },
+                physicalResourceId: customResources.PhysicalResourceId.of("listIdentityCenterInstance")
+            },
+            policy: customResources.AwsCustomResourcePolicy.fromStatements([
+                new aws_iam_1.PolicyStatement({
+                    actions: ["sso:ListInstances"],
+                    resources: ["*"]
+                })
+            ]),
+            resourceType: "Custom::IamIdentityCenter"
+        });
+        this.identityCenterArn = customResource.getResponseField("Instances.0.InstanceArn");
+        this.identityStoreId = customResource.getResponseField("Instances.0.IdentityStoreId");
+        new cfnOutput_1.CfnOutput(this, "identityCenterArn", {
+            key: "identityCenterArn",
+            value: this.identityCenterArn,
+            exportName: "identityCenterArn"
+        });
+        new cfnOutput_1.CfnOutput(this, "identityStoreId", {
+            key: "identityStoreID",
+            value: this.identityStoreId,
+            exportName: "identityStoreId"
+        });
+        for (const [permissionSet, permissionSetAssociation] of Object.entries(defaultPermissionSets)) {
+            const permSet = new permissionSet_1.PermissionSet(this, `${permissionSet}PermissionSet`, {
+                name: permissionSet,
+                instanceArn: this.identityCenterArn,
+                description: `Permission set for associated ${permissionSet} policy`,
+                managedPolicies: [permissionSetAssociation.Policy],
+                tags: [
+                    {
+                        key: "fjall:costAllocation:environment",
+                        value: "management"
+                    }
+                ]
+            });
+            const group = new group_1.Group(this, `${permissionSet}Group`, {
+                displayName: permissionSet,
+                identityStoreId: this.identityStoreId,
+                description: `Group for associated ${permissionSet} permission set`
+            });
+            this.identityCenterGroups.push(group);
+            new cfnOutput_1.CfnOutput(this, `${permissionSet}GroupId`, {
+                key: `${permissionSet}GroupId`,
+                value: group.attrGroupId,
+                exportName: `${permissionSet}GroupId`
+            });
+            for (const [accountName, accountId] of Object.entries(props.accounts)) {
+                if (!accountId)
+                    continue;
+                new assignment_1.Assignment(this, `${(0, stripAndCamelCase_1.stripAndCamelCase)(accountName)}${permissionSet}Association`, {
+                    instanceArn: this.identityCenterArn,
+                    permissionSetArn: permSet.attrPermissionSetArn,
+                    principalType: "GROUP",
+                    principalId: group.attrGroupId,
+                    targetType: "AWS_ACCOUNT",
+                    targetId: accountId
+                });
+            }
+        }
+    }
+}
+exports.IdentityCenter = IdentityCenter;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRlbnRpdHlDZW50ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9saWIvY29uZmlnL2F3cy9pZGVudGl0eUNlbnRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxnRUFBZ0U7QUFDaEUsMkNBQXVDO0FBRXZDLHVFQUFvRTtBQUNwRSx1RkFBb0Y7QUFDcEYsd0VBQXFFO0FBQ3JFLGlEQUFzRDtBQUN0RCx3RkFBcUY7QUFDckYsa0ZBQStFO0FBRS9FLHFFQUFrRTtBQUtsRSxNQUFhLGNBQWUsU0FBUSxzQkFBUztJQUszQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQTBCO1FBQ2xFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFIWix5QkFBb0IsR0FBWSxFQUFFLENBQUM7UUFLeEMsdUVBQXVFO1FBQ3ZFLE1BQU0scUJBQXFCLEdBQUc7WUFDNUIsbUJBQW1CLEVBQUU7Z0JBQ25CLE1BQU0sRUFBRSw2Q0FBNkM7YUFDdEQ7WUFDRCxPQUFPLEVBQUU7Z0JBQ1AsTUFBTSxFQUFFLDhDQUE4QzthQUN2RDtZQUNELGNBQWMsRUFBRTtnQkFDZCxNQUFNLEVBQUUsd0NBQXdDO2FBQ2pEO1lBQ0QsbUJBQW1CLEVBQUU7Z0JBQ25CLE1BQU0sRUFBRSwwREFBMEQ7YUFDbkU7U0FDRixDQUFDO1FBRUYsTUFBTSxjQUFjLEdBQUcsSUFBSSxxQ0FBaUIsQ0FDMUMsSUFBSSxFQUNKLDRCQUE0QixFQUM1QjtZQUNFLFlBQVksRUFBRSw0QkFBNEI7WUFDMUMsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxXQUFXO2dCQUNwQixNQUFNLEVBQUUsc0JBQXNCO2dCQUM5QixVQUFVLEVBQUU7b0JBQ1YsVUFBVSxFQUFFLENBQUM7aUJBQ2Q7Z0JBQ0Qsa0JBQWtCLEVBQUUsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FDdkQsNEJBQTRCLENBQzdCO2FBQ0Y7WUFDRCxNQUFNLEVBQUUsZUFBZSxDQUFDLHVCQUF1QixDQUFDLGNBQWMsQ0FBQztnQkFDN0QsSUFBSSx5QkFBZSxDQUFDO29CQUNsQixPQUFPLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQztvQkFDOUIsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO2lCQUNqQixDQUFDO2FBQ0gsQ0FBQztZQUNGLFlBQVksRUFBRSwyQkFBMkI7U0FDMUMsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLGlCQUFpQixHQUFHLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDdEQseUJBQXlCLENBQzFCLENBQUM7UUFDRixJQUFJLENBQUMsZUFBZSxHQUFHLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDcEQsNkJBQTZCLENBQzlCLENBQUM7UUFDRixJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLG1CQUFtQixFQUFFO1lBQ3ZDLEdBQUcsRUFBRSxtQkFBbUI7WUFDeEIsS0FBSyxFQUFFLElBQUksQ0FBQyxpQkFBaUI7WUFDN0IsVUFBVSxFQUFFLG1CQUFtQjtTQUNoQyxDQUFDLENBQUM7UUFDSCxJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFO1lBQ3JDLEdBQUcsRUFBRSxpQkFBaUI7WUFDdEIsS0FBSyxFQUFFLElBQUksQ0FBQyxlQUFlO1lBQzNCLFVBQVUsRUFBRSxpQkFBaUI7U0FDOUIsQ0FBQyxDQUFDO1FBRUgsS0FBSyxNQUFNLENBQUMsYUFBYSxFQUFFLHdCQUF3QixDQUFDLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FDcEUscUJBQXFCLENBQ3RCLEVBQUU7WUFDRCxNQUFNLE9BQU8sR0FBRyxJQUFJLDZCQUFhLENBQUMsSUFBSSxFQUFFLEdBQUcsYUFBYSxlQUFlLEVBQUU7Z0JBQ3ZFLElBQUksRUFBRSxhQUFhO2dCQUNuQixXQUFXLEVBQUUsSUFBSSxDQUFDLGlCQUFpQjtnQkFDbkMsV0FBVyxFQUFFLGlDQUFpQyxhQUFhLFNBQVM7Z0JBQ3BFLGVBQWUsRUFBRSxDQUFDLHdCQUF3QixDQUFDLE1BQU0sQ0FBQztnQkFDbEQsSUFBSSxFQUFFO29CQUNKO3dCQUNFLEdBQUcsRUFBRSxrQ0FBa0M7d0JBQ3ZDLEtBQUssRUFBRSxZQUFZO3FCQUNwQjtpQkFDRjthQUNGLENBQUMsQ0FBQztZQUVILE1BQU0sS0FBSyxHQUFHLElBQUksYUFBSyxDQUFDLElBQUksRUFBRSxHQUFHLGFBQWEsT0FBTyxFQUFFO2dCQUNyRCxXQUFXLEVBQUUsYUFBYTtnQkFDMUIsZUFBZSxFQUFFLElBQUksQ0FBQyxlQUFlO2dCQUNyQyxXQUFXLEVBQUUsd0JBQXdCLGFBQWEsaUJBQWlCO2FBQ3BFLENBQUMsQ0FBQztZQUNILElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7WUFFdEMsSUFBSSxxQkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLGFBQWEsU0FBUyxFQUFFO2dCQUM3QyxHQUFHLEVBQUUsR0FBRyxhQUFhLFNBQVM7Z0JBQzlCLEtBQUssRUFBRSxLQUFLLENBQUMsV0FBVztnQkFDeEIsVUFBVSxFQUFFLEdBQUcsYUFBYSxTQUFTO2FBQ3RDLENBQUMsQ0FBQztZQUVILEtBQUssTUFBTSxDQUFDLFdBQVcsRUFBRSxTQUFTLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQyxRQUFRLENBQUMsRUFBRTtnQkFDckUsSUFBSSxDQUFDLFNBQVM7b0JBQUUsU0FBUztnQkFFekIsSUFBSSx1QkFBVSxDQUNaLElBQUksRUFDSixHQUFHLElBQUEscUNBQWlCLEVBQUMsV0FBVyxDQUFDLEdBQUcsYUFBYSxhQUFhLEVBQzlEO29CQUNFLFdBQVcsRUFBRSxJQUFJLENBQUMsaUJBQWlCO29CQUNuQyxnQkFBZ0IsRUFBRSxPQUFPLENBQUMsb0JBQW9CO29CQUM5QyxhQUFhLEVBQUUsT0FBTztvQkFDdEIsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO29CQUM5QixVQUFVLEVBQUUsYUFBYTtvQkFDekIsUUFBUSxFQUFFLFNBQVM7aUJBQ3BCLENBQ0YsQ0FBQzthQUNIO1NBQ0Y7SUFDSCxDQUFDO0NBQ0Y7QUFqSEQsd0NBaUhDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY3VzdG9tUmVzb3VyY2VzIGZyb20gXCJhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuXG5pbXBvcnQgeyBDZm5PdXRwdXQgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy91dGlsaXRpZXMvY2ZuT3V0cHV0XCI7XG5pbXBvcnQgeyBBd3NDdXN0b21SZXNvdXJjZSB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL3V0aWxpdGllcy9hd3NDdXN0b21SZXNvdXJjZVwiO1xuaW1wb3J0IHsgR3JvdXAgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy9pYW0vaWRlbnRpdHlDZW50ZXIvZ3JvdXBcIjtcbmltcG9ydCB7IFBvbGljeVN0YXRlbWVudCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5pbXBvcnQgeyBQZXJtaXNzaW9uU2V0IH0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3MvaWFtL2lkZW50aXR5Q2VudGVyL3Blcm1pc3Npb25TZXRcIjtcbmltcG9ydCB7IEFzc2lnbm1lbnQgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy9pYW0vaWRlbnRpdHlDZW50ZXIvYXNzaWdubWVudFwiO1xuaW1wb3J0IHsgQWNjb3VudHMgfSBmcm9tIFwiLi4vLi4vcGF0dGVybnMvYXdzL21hbmFnZWRPcmdhbmlzYXRpb25cIjtcbmltcG9ydCB7IHN0cmlwQW5kQ2FtZWxDYXNlIH0gZnJvbSBcIi4uLy4uL3V0aWxzL3N0cmlwQW5kQ2FtZWxDYXNlXCI7XG5cbmludGVyZmFjZSBJZGVudGl0eUNlbnRlclByb3BzIHtcbiAgYWNjb3VudHM6IEFjY291bnRzO1xufVxuZXhwb3J0IGNsYXNzIElkZW50aXR5Q2VudGVyIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIGlkZW50aXR5U3RvcmVJZDogc3RyaW5nO1xuICBwdWJsaWMgaWRlbnRpdHlDZW50ZXJBcm46IHN0cmluZztcbiAgcHVibGljIGlkZW50aXR5Q2VudGVyR3JvdXBzOiBHcm91cFtdID0gW107XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IElkZW50aXR5Q2VudGVyUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgLy8gVE9ETzogU2hvdWxkIG9ubHkgdXNlIHRoaXMgaWYgbm8gZ3JvdXBzIGFyZSBwcm92aWRlZCBieSB0aGUgZW5kIHVzZXJcbiAgICBjb25zdCBkZWZhdWx0UGVybWlzc2lvblNldHMgPSB7XG4gICAgICBBZG1pbmlzdHJhdG9yQWNjZXNzOiB7XG4gICAgICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9BZG1pbmlzdHJhdG9yQWNjZXNzXCJcbiAgICAgIH0sXG4gICAgICBCaWxsaW5nOiB7XG4gICAgICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9qb2ItZnVuY3Rpb24vQmlsbGluZ1wiXG4gICAgICB9LFxuICAgICAgUmVhZE9ubHlBY2Nlc3M6IHtcbiAgICAgICAgUG9saWN5OiBcImFybjphd3M6aWFtOjphd3M6cG9saWN5L1JlYWRPbmx5QWNjZXNzXCJcbiAgICAgIH0sXG4gICAgICBTeXN0ZW1BZG1pbmlzdHJhdG9yOiB7XG4gICAgICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9qb2ItZnVuY3Rpb24vU3lzdGVtQWRtaW5pc3RyYXRvclwiXG4gICAgICB9XG4gICAgfTtcblxuICAgIGNvbnN0IGN1c3RvbVJlc291cmNlID0gbmV3IEF3c0N1c3RvbVJlc291cmNlKFxuICAgICAgdGhpcyxcbiAgICAgIFwibGlzdElkZW50aXR5Q2VudGVySW5zdGFuY2VcIixcbiAgICAgIHtcbiAgICAgICAgZnVuY3Rpb25OYW1lOiBcImxpc3RJZGVudGl0eUNlbnRlckluc3RhbmNlXCIsXG4gICAgICAgIG9uQ3JlYXRlOiB7XG4gICAgICAgICAgc2VydmljZTogXCJzc28tYWRtaW5cIixcbiAgICAgICAgICBhY3Rpb246IFwiTGlzdEluc3RhbmNlc0NvbW1hbmRcIixcbiAgICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgICBNYXhSZXN1bHRzOiAxXG4gICAgICAgICAgfSxcbiAgICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXG4gICAgICAgICAgICBcImxpc3RJZGVudGl0eUNlbnRlckluc3RhbmNlXCJcbiAgICAgICAgICApXG4gICAgICAgIH0sXG4gICAgICAgIHBvbGljeTogY3VzdG9tUmVzb3VyY2VzLkF3c0N1c3RvbVJlc291cmNlUG9saWN5LmZyb21TdGF0ZW1lbnRzKFtcbiAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICAgIGFjdGlvbnM6IFtcInNzbzpMaXN0SW5zdGFuY2VzXCJdLFxuICAgICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgICAgfSlcbiAgICAgICAgXSksXG4gICAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206OklhbUlkZW50aXR5Q2VudGVyXCJcbiAgICAgIH1cbiAgICApO1xuXG4gICAgdGhpcy5pZGVudGl0eUNlbnRlckFybiA9IGN1c3RvbVJlc291cmNlLmdldFJlc3BvbnNlRmllbGQoXG4gICAgICBcIkluc3RhbmNlcy4wLkluc3RhbmNlQXJuXCJcbiAgICApO1xuICAgIHRoaXMuaWRlbnRpdHlTdG9yZUlkID0gY3VzdG9tUmVzb3VyY2UuZ2V0UmVzcG9uc2VGaWVsZChcbiAgICAgIFwiSW5zdGFuY2VzLjAuSWRlbnRpdHlTdG9yZUlkXCJcbiAgICApO1xuICAgIG5ldyBDZm5PdXRwdXQodGhpcywgXCJpZGVudGl0eUNlbnRlckFyblwiLCB7XG4gICAgICBrZXk6IFwiaWRlbnRpdHlDZW50ZXJBcm5cIixcbiAgICAgIHZhbHVlOiB0aGlzLmlkZW50aXR5Q2VudGVyQXJuLFxuICAgICAgZXhwb3J0TmFtZTogXCJpZGVudGl0eUNlbnRlckFyblwiXG4gICAgfSk7XG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBcImlkZW50aXR5U3RvcmVJZFwiLCB7XG4gICAgICBrZXk6IFwiaWRlbnRpdHlTdG9yZUlEXCIsXG4gICAgICB2YWx1ZTogdGhpcy5pZGVudGl0eVN0b3JlSWQsXG4gICAgICBleHBvcnROYW1lOiBcImlkZW50aXR5U3RvcmVJZFwiXG4gICAgfSk7XG5cbiAgICBmb3IgKGNvbnN0IFtwZXJtaXNzaW9uU2V0LCBwZXJtaXNzaW9uU2V0QXNzb2NpYXRpb25dIG9mIE9iamVjdC5lbnRyaWVzKFxuICAgICAgZGVmYXVsdFBlcm1pc3Npb25TZXRzXG4gICAgKSkge1xuICAgICAgY29uc3QgcGVybVNldCA9IG5ldyBQZXJtaXNzaW9uU2V0KHRoaXMsIGAke3Blcm1pc3Npb25TZXR9UGVybWlzc2lvblNldGAsIHtcbiAgICAgICAgbmFtZTogcGVybWlzc2lvblNldCxcbiAgICAgICAgaW5zdGFuY2VBcm46IHRoaXMuaWRlbnRpdHlDZW50ZXJBcm4sXG4gICAgICAgIGRlc2NyaXB0aW9uOiBgUGVybWlzc2lvbiBzZXQgZm9yIGFzc29jaWF0ZWQgJHtwZXJtaXNzaW9uU2V0fSBwb2xpY3lgLFxuICAgICAgICBtYW5hZ2VkUG9saWNpZXM6IFtwZXJtaXNzaW9uU2V0QXNzb2NpYXRpb24uUG9saWN5XSxcbiAgICAgICAgdGFnczogW1xuICAgICAgICAgIHtcbiAgICAgICAgICAgIGtleTogXCJmamFsbDpjb3N0QWxsb2NhdGlvbjplbnZpcm9ubWVudFwiLFxuICAgICAgICAgICAgdmFsdWU6IFwibWFuYWdlbWVudFwiXG4gICAgICAgICAgfVxuICAgICAgICBdXG4gICAgICB9KTtcblxuICAgICAgY29uc3QgZ3JvdXAgPSBuZXcgR3JvdXAodGhpcywgYCR7cGVybWlzc2lvblNldH1Hcm91cGAsIHtcbiAgICAgICAgZGlzcGxheU5hbWU6IHBlcm1pc3Npb25TZXQsXG4gICAgICAgIGlkZW50aXR5U3RvcmVJZDogdGhpcy5pZGVudGl0eVN0b3JlSWQsXG4gICAgICAgIGRlc2NyaXB0aW9uOiBgR3JvdXAgZm9yIGFzc29jaWF0ZWQgJHtwZXJtaXNzaW9uU2V0fSBwZXJtaXNzaW9uIHNldGBcbiAgICAgIH0pO1xuICAgICAgdGhpcy5pZGVudGl0eUNlbnRlckdyb3Vwcy5wdXNoKGdyb3VwKTtcblxuICAgICAgbmV3IENmbk91dHB1dCh0aGlzLCBgJHtwZXJtaXNzaW9uU2V0fUdyb3VwSWRgLCB7XG4gICAgICAgIGtleTogYCR7cGVybWlzc2lvblNldH1Hcm91cElkYCxcbiAgICAgICAgdmFsdWU6IGdyb3VwLmF0dHJHcm91cElkLFxuICAgICAgICBleHBvcnROYW1lOiBgJHtwZXJtaXNzaW9uU2V0fUdyb3VwSWRgXG4gICAgICB9KTtcblxuICAgICAgZm9yIChjb25zdCBbYWNjb3VudE5hbWUsIGFjY291bnRJZF0gb2YgT2JqZWN0LmVudHJpZXMocHJvcHMuYWNjb3VudHMpKSB7XG4gICAgICAgIGlmICghYWNjb3VudElkKSBjb250aW51ZTtcblxuICAgICAgICBuZXcgQXNzaWdubWVudChcbiAgICAgICAgICB0aGlzLFxuICAgICAgICAgIGAke3N0cmlwQW5kQ2FtZWxDYXNlKGFjY291bnROYW1lKX0ke3Blcm1pc3Npb25TZXR9QXNzb2NpYXRpb25gLFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIGluc3RhbmNlQXJuOiB0aGlzLmlkZW50aXR5Q2VudGVyQXJuLFxuICAgICAgICAgICAgcGVybWlzc2lvblNldEFybjogcGVybVNldC5hdHRyUGVybWlzc2lvblNldEFybixcbiAgICAgICAgICAgIHByaW5jaXBhbFR5cGU6IFwiR1JPVVBcIixcbiAgICAgICAgICAgIHByaW5jaXBhbElkOiBncm91cC5hdHRyR3JvdXBJZCxcbiAgICAgICAgICAgIHRhcmdldFR5cGU6IFwiQVdTX0FDQ09VTlRcIixcbiAgICAgICAgICAgIHRhcmdldElkOiBhY2NvdW50SWRcbiAgICAgICAgICB9XG4gICAgICAgICk7XG4gICAgICB9XG4gICAgfVxuICB9XG59XG4iXX0=