@fjall/components-infrastructure 0.6.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/config/aws/costAllocationTags.d.ts +9 -1
- package/dist/lib/config/aws/costAllocationTags.js +6 -17
- package/dist/lib/config/aws/identityCenter.d.ts +5 -2
- package/dist/lib/config/aws/identityCenter.js +78 -22
- package/dist/lib/patterns/aws/managedOrganisation.d.ts +2 -0
- package/dist/lib/patterns/aws/managedOrganisation.js +8 -4
- package/dist/lib/resources/aws/iam/identityCenter/assignment.d.ts +2 -2
- package/dist/lib/resources/aws/iam/identityCenter/assignment.js +17 -30
- package/dist/lib/resources/aws/iam/identityCenter/assignmentNew.d.ts +11 -0
- package/dist/lib/resources/aws/iam/identityCenter/assignmentNew.js +102 -0
- package/dist/lib/resources/aws/iam/identityCenter/attachManagedPolicy.d.ts +2 -0
- package/dist/lib/resources/aws/iam/identityCenter/attachManagedPolicy.js +17 -14
- package/dist/lib/resources/aws/iam/identityCenter/group.d.ts +2 -0
- package/dist/lib/resources/aws/iam/identityCenter/group.js +33 -24
- package/dist/lib/resources/aws/iam/identityCenter/lambda/assignmentHandler.d.ts +24 -0
- package/dist/lib/resources/aws/iam/identityCenter/lambda/assignmentHandler.js +246 -0
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.d.ts +2 -2
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.js +55 -43
- package/dist/lib/utils/getConfig.d.ts +2 -0
- package/dist/lib/utils/getConfig.js +6 -2
- package/package.json +4 -3
|
@@ -1,4 +1,12 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
|
+
export interface ICostAllocationTags {
|
|
3
|
+
TagKey: string;
|
|
4
|
+
Status: string;
|
|
5
|
+
}
|
|
6
|
+
interface CostAllocationTagsProps {
|
|
7
|
+
costAllocationTags: ICostAllocationTags[];
|
|
8
|
+
}
|
|
2
9
|
export declare class CostAllocationTags extends Construct {
|
|
3
|
-
constructor(scope: Construct, id: string);
|
|
10
|
+
constructor(scope: Construct, id: string, props: CostAllocationTagsProps);
|
|
4
11
|
}
|
|
12
|
+
export {};
|
|
@@ -4,27 +4,16 @@ exports.CostAllocationTags = void 0;
|
|
|
4
4
|
const customResources = require("aws-cdk-lib/custom-resources");
|
|
5
5
|
const constructs_1 = require("constructs");
|
|
6
6
|
const awsCustomResource_1 = require("../../resources/aws/utilities/awsCustomResource");
|
|
7
|
-
// TODO: Use an AWS CDK conditional trigger to wait for Cost Explorer to be created
|
|
8
|
-
const costAllocationTags = [
|
|
9
|
-
"aws:cloudformation:logical-id",
|
|
10
|
-
"aws:cloudformation:stack-id",
|
|
11
|
-
"aws:cloudformation:stack-name",
|
|
12
|
-
"aws:createdBy"
|
|
13
|
-
// "fjall:operations:pool"
|
|
14
|
-
// "fjall:costAllocation:environment",
|
|
15
|
-
// "fjall:costAllocation:service",
|
|
16
|
-
// "fjall:costAllocation:owner"
|
|
17
|
-
];
|
|
18
7
|
function toggleCostTag(tags, tagStatus) {
|
|
19
8
|
return tags.map((tag) => {
|
|
20
9
|
return {
|
|
21
|
-
TagKey: tag,
|
|
10
|
+
TagKey: tag.TagKey,
|
|
22
11
|
Status: tagStatus
|
|
23
12
|
};
|
|
24
13
|
});
|
|
25
14
|
}
|
|
26
15
|
class CostAllocationTags extends constructs_1.Construct {
|
|
27
|
-
constructor(scope, id) {
|
|
16
|
+
constructor(scope, id, props) {
|
|
28
17
|
super(scope, id);
|
|
29
18
|
new awsCustomResource_1.AwsCustomResource(this, "costAllocationTags", {
|
|
30
19
|
functionName: "enableCostAllocationTags",
|
|
@@ -32,7 +21,7 @@ class CostAllocationTags extends constructs_1.Construct {
|
|
|
32
21
|
service: "CostExplorer",
|
|
33
22
|
action: "updateCostAllocationTagsStatus",
|
|
34
23
|
parameters: {
|
|
35
|
-
CostAllocationTagsStatus: toggleCostTag(costAllocationTags, "Active")
|
|
24
|
+
CostAllocationTagsStatus: toggleCostTag(props.costAllocationTags, "Active")
|
|
36
25
|
},
|
|
37
26
|
physicalResourceId: customResources.PhysicalResourceId.of("enableCostAllocationTags")
|
|
38
27
|
},
|
|
@@ -40,7 +29,7 @@ class CostAllocationTags extends constructs_1.Construct {
|
|
|
40
29
|
service: "CostExplorer",
|
|
41
30
|
action: "updateCostAllocationTagsStatus",
|
|
42
31
|
parameters: {
|
|
43
|
-
CostAllocationTagsStatus: toggleCostTag(costAllocationTags, "Active")
|
|
32
|
+
CostAllocationTagsStatus: toggleCostTag(props.costAllocationTags, "Active")
|
|
44
33
|
},
|
|
45
34
|
physicalResourceId: customResources.PhysicalResourceId.of("updateCostAllocationTags")
|
|
46
35
|
},
|
|
@@ -48,7 +37,7 @@ class CostAllocationTags extends constructs_1.Construct {
|
|
|
48
37
|
service: "CostExplorer",
|
|
49
38
|
action: "updateCostAllocationTagsStatus",
|
|
50
39
|
parameters: {
|
|
51
|
-
CostAllocationTagsStatus: toggleCostTag(costAllocationTags, "Inactive")
|
|
40
|
+
CostAllocationTagsStatus: toggleCostTag(props.costAllocationTags, "Inactive")
|
|
52
41
|
}
|
|
53
42
|
},
|
|
54
43
|
resourceType: "Custom::CostAllocationTags"
|
|
@@ -56,4 +45,4 @@ class CostAllocationTags extends constructs_1.Construct {
|
|
|
56
45
|
}
|
|
57
46
|
}
|
|
58
47
|
exports.CostAllocationTags = CostAllocationTags;
|
|
59
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
48
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29zdEFsbG9jYXRpb25UYWdzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vbGliL2NvbmZpZy9hd3MvY29zdEFsbG9jYXRpb25UYWdzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLGdFQUFnRTtBQUNoRSwyQ0FBdUM7QUFFdkMsdUZBQW9GO0FBV3BGLFNBQVMsYUFBYSxDQUFDLElBQTJCLEVBQUUsU0FBaUI7SUFDbkUsT0FBTyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUU7UUFDdEIsT0FBTztZQUNMLE1BQU0sRUFBRSxHQUFHLENBQUMsTUFBTTtZQUNsQixNQUFNLEVBQUUsU0FBUztTQUNsQixDQUFDO0lBQ0osQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsTUFBYSxrQkFBbUIsU0FBUSxzQkFBUztJQUMvQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQThCO1FBQ3RFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxxQ0FBaUIsQ0FBQyxJQUFJLEVBQUUsb0JBQW9CLEVBQUU7WUFDaEQsWUFBWSxFQUFFLDBCQUEwQjtZQUN4QyxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLGNBQWM7Z0JBQ3ZCLE1BQU0sRUFBRSxnQ0FBZ0M7Z0JBQ3hDLFVBQVUsRUFBRTtvQkFDVix3QkFBd0IsRUFBRSxhQUFhLENBQ3JDLEtBQUssQ0FBQyxrQkFBa0IsRUFDeEIsUUFBUSxDQUNUO2lCQUNGO2dCQUNELGtCQUFrQixFQUFFLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQ3ZELDBCQUEwQixDQUMzQjthQUNGO1lBQ0QsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxjQUFjO2dCQUN2QixNQUFNLEVBQUUsZ0NBQWdDO2dCQUN4QyxVQUFVLEVBQUU7b0JBQ1Ysd0JBQXdCLEVBQUUsYUFBYSxDQUNyQyxLQUFLLENBQUMsa0JBQWtCLEVBQ3hCLFFBQVEsQ0FDVDtpQkFDRjtnQkFDRCxrQkFBa0IsRUFBRSxlQUFlLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUN2RCwwQkFBMEIsQ0FDM0I7YUFDRjtZQUNELFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsY0FBYztnQkFDdkIsTUFBTSxFQUFFLGdDQUFnQztnQkFDeEMsVUFBVSxFQUFFO29CQUNWLHdCQUF3QixFQUFFLGFBQWEsQ0FDckMsS0FBSyxDQUFDLGtCQUFrQixFQUN4QixVQUFVLENBQ1g7aUJBQ0Y7YUFDRjtZQUNELFlBQVksRUFBRSw0QkFBNEI7U0FDM0MsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBN0NELGdEQTZDQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGN1c3RvbVJlc291cmNlcyBmcm9tIFwiYXdzLWNkay1saWIvY3VzdG9tLXJlc291cmNlc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuaW1wb3J0IHsgQXdzQ3VzdG9tUmVzb3VyY2UgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy91dGlsaXRpZXMvYXdzQ3VzdG9tUmVzb3VyY2VcIjtcblxuZXhwb3J0IGludGVyZmFjZSBJQ29zdEFsbG9jYXRpb25UYWdzIHtcbiAgVGFnS2V5OiBzdHJpbmc7XG4gIFN0YXR1czogc3RyaW5nO1xufVxuXG5pbnRlcmZhY2UgQ29zdEFsbG9jYXRpb25UYWdzUHJvcHMge1xuICBjb3N0QWxsb2NhdGlvblRhZ3M6IElDb3N0QWxsb2NhdGlvblRhZ3NbXTtcbn1cblxuZnVuY3Rpb24gdG9nZ2xlQ29zdFRhZyh0YWdzOiBJQ29zdEFsbG9jYXRpb25UYWdzW10sIHRhZ1N0YXR1czogc3RyaW5nKSB7XG4gIHJldHVybiB0YWdzLm1hcCgodGFnKSA9PiB7XG4gICAgcmV0dXJuIHtcbiAgICAgIFRhZ0tleTogdGFnLlRhZ0tleSxcbiAgICAgIFN0YXR1czogdGFnU3RhdHVzXG4gICAgfTtcbiAgfSk7XG59XG5cbmV4cG9ydCBjbGFzcyBDb3N0QWxsb2NhdGlvblRhZ3MgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQ29zdEFsbG9jYXRpb25UYWdzUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgbmV3IEF3c0N1c3RvbVJlc291cmNlKHRoaXMsIFwiY29zdEFsbG9jYXRpb25UYWdzXCIsIHtcbiAgICAgIGZ1bmN0aW9uTmFtZTogXCJlbmFibGVDb3N0QWxsb2NhdGlvblRhZ3NcIixcbiAgICAgIG9uQ3JlYXRlOiB7XG4gICAgICAgIHNlcnZpY2U6IFwiQ29zdEV4cGxvcmVyXCIsXG4gICAgICAgIGFjdGlvbjogXCJ1cGRhdGVDb3N0QWxsb2NhdGlvblRhZ3NTdGF0dXNcIixcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIENvc3RBbGxvY2F0aW9uVGFnc1N0YXR1czogdG9nZ2xlQ29zdFRhZyhcbiAgICAgICAgICAgIHByb3BzLmNvc3RBbGxvY2F0aW9uVGFncyxcbiAgICAgICAgICAgIFwiQWN0aXZlXCJcbiAgICAgICAgICApXG4gICAgICAgIH0sXG4gICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogY3VzdG9tUmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZihcbiAgICAgICAgICBcImVuYWJsZUNvc3RBbGxvY2F0aW9uVGFnc1wiXG4gICAgICAgIClcbiAgICAgIH0sXG4gICAgICBvblVwZGF0ZToge1xuICAgICAgICBzZXJ2aWNlOiBcIkNvc3RFeHBsb3JlclwiLFxuICAgICAgICBhY3Rpb246IFwidXBkYXRlQ29zdEFsbG9jYXRpb25UYWdzU3RhdHVzXCIsXG4gICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICBDb3N0QWxsb2NhdGlvblRhZ3NTdGF0dXM6IHRvZ2dsZUNvc3RUYWcoXG4gICAgICAgICAgICBwcm9wcy5jb3N0QWxsb2NhdGlvblRhZ3MsXG4gICAgICAgICAgICBcIkFjdGl2ZVwiXG4gICAgICAgICAgKVxuICAgICAgICB9LFxuICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXG4gICAgICAgICAgXCJ1cGRhdGVDb3N0QWxsb2NhdGlvblRhZ3NcIlxuICAgICAgICApXG4gICAgICB9LFxuICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgc2VydmljZTogXCJDb3N0RXhwbG9yZXJcIixcbiAgICAgICAgYWN0aW9uOiBcInVwZGF0ZUNvc3RBbGxvY2F0aW9uVGFnc1N0YXR1c1wiLFxuICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgQ29zdEFsbG9jYXRpb25UYWdzU3RhdHVzOiB0b2dnbGVDb3N0VGFnKFxuICAgICAgICAgICAgcHJvcHMuY29zdEFsbG9jYXRpb25UYWdzLFxuICAgICAgICAgICAgXCJJbmFjdGl2ZVwiXG4gICAgICAgICAgKVxuICAgICAgICB9XG4gICAgICB9LFxuICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6Q29zdEFsbG9jYXRpb25UYWdzXCJcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
|
+
import { NestedStack, NestedStackProps } from "aws-cdk-lib";
|
|
2
3
|
import { KeyValue } from "../../types";
|
|
3
|
-
interface IdentityCenterProps {
|
|
4
|
+
interface IdentityCenterProps extends NestedStackProps {
|
|
4
5
|
accounts: KeyValue;
|
|
5
6
|
tags?: KeyValue[];
|
|
6
7
|
}
|
|
@@ -8,10 +9,12 @@ export interface PermissionSetConfig {
|
|
|
8
9
|
Policy: string;
|
|
9
10
|
Description?: string;
|
|
10
11
|
}
|
|
11
|
-
export declare class IdentityCenter extends
|
|
12
|
+
export declare class IdentityCenter extends NestedStack {
|
|
12
13
|
identityStoreId: string;
|
|
13
14
|
identityCenterArn: string;
|
|
15
|
+
private identityCenterIamRole;
|
|
14
16
|
constructor(scope: Construct, id: string, props: IdentityCenterProps);
|
|
17
|
+
createIdentityCenterIamRole(): void;
|
|
15
18
|
listIdentityCenterInstance(): void;
|
|
16
19
|
createPermissionSet(props: IdentityCenterProps): void;
|
|
17
20
|
}
|
|
@@ -2,13 +2,16 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.IdentityCenter = void 0;
|
|
4
4
|
const customResources = require("aws-cdk-lib/custom-resources");
|
|
5
|
-
const constructs_1 = require("constructs");
|
|
6
5
|
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
|
|
6
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
7
7
|
const cfnOutput_1 = require("../../resources/aws/utilities/cfnOutput");
|
|
8
8
|
const awsCustomResource_1 = require("../../resources/aws/utilities/awsCustomResource");
|
|
9
9
|
const stripAndCamelCase_1 = require("../../utils/stripAndCamelCase");
|
|
10
10
|
const identityCenter_1 = require("../../resources/aws/iam/identityCenter");
|
|
11
11
|
const attachManagedPolicy_1 = require("../../resources/aws/iam/identityCenter/attachManagedPolicy");
|
|
12
|
+
const cdk_time_sleep_1 = require("cdk-time-sleep");
|
|
13
|
+
const aws_cdk_lib_2 = require("aws-cdk-lib");
|
|
14
|
+
const iam_1 = require("../../resources/aws/iam");
|
|
12
15
|
const defaultPermissionSets = {
|
|
13
16
|
AdministratorAccess: {
|
|
14
17
|
Policy: "arn:aws:iam::aws:policy/AdministratorAccess",
|
|
@@ -23,12 +26,48 @@ const defaultPermissionSets = {
|
|
|
23
26
|
Description: "Permission set for associated Billing policy"
|
|
24
27
|
}
|
|
25
28
|
};
|
|
26
|
-
class IdentityCenter extends
|
|
29
|
+
class IdentityCenter extends aws_cdk_lib_1.NestedStack {
|
|
27
30
|
constructor(scope, id, props) {
|
|
28
|
-
super(scope, id);
|
|
31
|
+
super(scope, id, props);
|
|
32
|
+
this.createIdentityCenterIamRole();
|
|
29
33
|
this.listIdentityCenterInstance();
|
|
30
34
|
this.createPermissionSet(props);
|
|
31
35
|
}
|
|
36
|
+
createIdentityCenterIamRole() {
|
|
37
|
+
// Remove this role, or update permissions when we're ready to troubleshoot intermittent policy errors
|
|
38
|
+
this.identityCenterIamRole = new iam_1.Role(this, "IdentityCenterCustomResourceRole", {
|
|
39
|
+
assumedBy: new aws_iam_1.ServicePrincipal("lambda.amazonaws.com"),
|
|
40
|
+
description: "Shared role for all Identity Center AwsCustomResources",
|
|
41
|
+
managedPolicies: [
|
|
42
|
+
iam_1.ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaBasicExecutionRole"),
|
|
43
|
+
iam_1.ManagedPolicy.fromAwsManagedPolicyName("AWSSSOMasterAccountAdministrator")
|
|
44
|
+
],
|
|
45
|
+
inlinePolicies: {
|
|
46
|
+
IdentityCenterCustomResourcePolicy: new aws_iam_1.PolicyDocument({
|
|
47
|
+
statements: [
|
|
48
|
+
new aws_iam_1.PolicyStatement({
|
|
49
|
+
actions: ["sso:*", "iam:*"],
|
|
50
|
+
resources: ["*"]
|
|
51
|
+
})
|
|
52
|
+
]
|
|
53
|
+
})
|
|
54
|
+
}
|
|
55
|
+
});
|
|
56
|
+
// Remove this role, or update permissions when we're ready to troubleshoot intermittent policy errors
|
|
57
|
+
// const cfnRole = this.identityCenterIamRole.node.defaultChild as CfnRole;
|
|
58
|
+
// cfnRole.addPropertyOverride("AssumeRolePolicyDocument", {
|
|
59
|
+
// Version: "2012-10-17",
|
|
60
|
+
// Statement: [
|
|
61
|
+
// {
|
|
62
|
+
// Effect: "Allow",
|
|
63
|
+
// Principal: {
|
|
64
|
+
// AWS: "*"
|
|
65
|
+
// },
|
|
66
|
+
// Action: "sts:AssumeRole"
|
|
67
|
+
// }
|
|
68
|
+
// ]
|
|
69
|
+
// });
|
|
70
|
+
}
|
|
32
71
|
listIdentityCenterInstance() {
|
|
33
72
|
const customResource = new awsCustomResource_1.AwsCustomResource(this, "listIdentityCenterInstance", {
|
|
34
73
|
functionName: "listIdentityCenterInstance",
|
|
@@ -40,12 +79,17 @@ class IdentityCenter extends constructs_1.Construct {
|
|
|
40
79
|
},
|
|
41
80
|
physicalResourceId: customResources.PhysicalResourceId.of("listIdentityCenterInstance")
|
|
42
81
|
},
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
82
|
+
role: this.identityCenterIamRole,
|
|
83
|
+
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
84
|
+
// policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
85
|
+
// resources: ["*"]
|
|
86
|
+
// }),
|
|
87
|
+
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
88
|
+
// new PolicyStatement({
|
|
89
|
+
// actions: ["sso:ListInstances"],
|
|
90
|
+
// resources: ["*"]
|
|
91
|
+
// })
|
|
92
|
+
// ]),
|
|
49
93
|
resourceType: "Custom::IamIdentityCenter"
|
|
50
94
|
});
|
|
51
95
|
this.identityCenterArn = customResource.getResponseField("Instances.0.InstanceArn");
|
|
@@ -64,25 +108,30 @@ class IdentityCenter extends constructs_1.Construct {
|
|
|
64
108
|
createPermissionSet(props) {
|
|
65
109
|
// Create permission sets
|
|
66
110
|
for (const [name, config] of Object.entries(defaultPermissionSets)) {
|
|
111
|
+
// Create Groups
|
|
112
|
+
const group = new identityCenter_1.Group(this, `${name}Group`, {
|
|
113
|
+
displayName: name,
|
|
114
|
+
identityStoreId: this.identityStoreId,
|
|
115
|
+
description: `Group for associated ${name} permission set`,
|
|
116
|
+
role: this.identityCenterIamRole
|
|
117
|
+
});
|
|
67
118
|
const permissionSet = new identityCenter_1.PermissionSet(this, `PermissionSet${name}`, {
|
|
68
119
|
name: name,
|
|
69
120
|
instanceArn: this.identityCenterArn,
|
|
70
121
|
description: config.Description,
|
|
122
|
+
role: this.identityCenterIamRole,
|
|
71
123
|
tags: props.tags
|
|
72
124
|
});
|
|
125
|
+
permissionSet.node.addDependency(group);
|
|
73
126
|
// Attach Policies to Permission Sets
|
|
74
|
-
new attachManagedPolicy_1.AttachManagedPolicy(this, `AttachManagedPolicy${name}`, {
|
|
127
|
+
const attachManagedPolicy = new attachManagedPolicy_1.AttachManagedPolicy(this, `AttachManagedPolicy${name}`, {
|
|
75
128
|
instanceArn: this.identityCenterArn,
|
|
76
129
|
permissionSet: name,
|
|
77
130
|
permissionSetArn: permissionSet.getPermissionSetArn(),
|
|
78
|
-
managedPolicyArn: config.Policy
|
|
79
|
-
|
|
80
|
-
// Create Groups
|
|
81
|
-
const group = new identityCenter_1.Group(this, `${permissionSet}Group`, {
|
|
82
|
-
displayName: name,
|
|
83
|
-
identityStoreId: this.identityStoreId,
|
|
84
|
-
description: `Group for associated ${permissionSet} permission set`
|
|
131
|
+
managedPolicyArn: config.Policy,
|
|
132
|
+
role: this.identityCenterIamRole
|
|
85
133
|
});
|
|
134
|
+
attachManagedPolicy.node.addDependency(permissionSet);
|
|
86
135
|
new cfnOutput_1.CfnOutput(this, `${name}GroupId`, {
|
|
87
136
|
key: `${name}GroupId`,
|
|
88
137
|
value: group.getGroupId(),
|
|
@@ -90,18 +139,25 @@ class IdentityCenter extends constructs_1.Construct {
|
|
|
90
139
|
});
|
|
91
140
|
// Assign Groups to AWS Accounts
|
|
92
141
|
for (const [accountName, accountId] of Object.entries(props.accounts)) {
|
|
93
|
-
|
|
142
|
+
const permissionSetArn = permissionSet.getPermissionSetArn();
|
|
143
|
+
const groupId = group.getGroupId();
|
|
144
|
+
const assignment = new identityCenter_1.Assignment(this, `${(0, stripAndCamelCase_1.stripAndCamelCase)(accountName)}${permissionSet}Association`, {
|
|
94
145
|
instanceArn: this.identityCenterArn,
|
|
95
|
-
permissionSetArn:
|
|
146
|
+
permissionSetArn: permissionSetArn,
|
|
96
147
|
principalType: "GROUP",
|
|
97
|
-
principalId:
|
|
148
|
+
principalId: groupId,
|
|
98
149
|
targetType: "AWS_ACCOUNT",
|
|
99
150
|
targetId: accountId,
|
|
100
|
-
|
|
151
|
+
role: this.identityCenterIamRole
|
|
152
|
+
});
|
|
153
|
+
const sleep = new cdk_time_sleep_1.TimeSleep(this, `${(0, stripAndCamelCase_1.stripAndCamelCase)(accountName)}${permissionSet}assignmentSleep`, {
|
|
154
|
+
destroyDuration: aws_cdk_lib_2.Duration.seconds(60)
|
|
101
155
|
});
|
|
156
|
+
sleep.node.addDependency(attachManagedPolicy);
|
|
157
|
+
assignment.node.addDependency(sleep);
|
|
102
158
|
}
|
|
103
159
|
}
|
|
104
160
|
}
|
|
105
161
|
}
|
|
106
162
|
exports.IdentityCenter = IdentityCenter;
|
|
107
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRlbnRpdHlDZW50ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9saWIvY29uZmlnL2F3cy9pZGVudGl0eUNlbnRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxnRUFBZ0U7QUFDaEUsMkNBQXVDO0FBQ3ZDLGlEQUFzRDtBQUN0RCx1RUFBb0U7QUFDcEUsdUZBQW9GO0FBRXBGLHFFQUFrRTtBQUNsRSwyRUFJZ0Q7QUFDaEQsb0dBQWlHO0FBWWpHLE1BQU0scUJBQXFCLEdBQXdDO0lBQ2pFLG1CQUFtQixFQUFFO1FBQ25CLE1BQU0sRUFBRSw2Q0FBNkM7UUFDckQsV0FBVyxFQUFFLDBEQUEwRDtLQUN4RTtJQUNELGNBQWMsRUFBRTtRQUNkLE1BQU0sRUFBRSx3Q0FBd0M7UUFDaEQsV0FBVyxFQUFFLHFEQUFxRDtLQUNuRTtJQUNELE9BQU8sRUFBRTtRQUNQLE1BQU0sRUFBRSxrREFBa0Q7UUFDMUQsV0FBVyxFQUFFLDhDQUE4QztLQUM1RDtDQUNGLENBQUM7QUFFRixNQUFhLGNBQWUsU0FBUSxzQkFBUztJQUkzQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQTBCO1FBQ2xFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLDBCQUEwQixFQUFFLENBQUM7UUFDbEMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQ2xDLENBQUM7SUFFRCwwQkFBMEI7UUFDeEIsTUFBTSxjQUFjLEdBQUcsSUFBSSxxQ0FBaUIsQ0FDMUMsSUFBSSxFQUNKLDRCQUE0QixFQUM1QjtZQUNFLFlBQVksRUFBRSw0QkFBNEI7WUFDMUMsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxXQUFXO2dCQUNwQixNQUFNLEVBQUUsc0JBQXNCO2dCQUM5QixVQUFVLEVBQUU7b0JBQ1YsVUFBVSxFQUFFLENBQUM7aUJBQ2Q7Z0JBQ0Qsa0JBQWtCLEVBQUUsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FDdkQsNEJBQTRCLENBQzdCO2FBQ0Y7WUFDRCxNQUFNLEVBQUUsZUFBZSxDQUFDLHVCQUF1QixDQUFDLGNBQWMsQ0FBQztnQkFDN0QsSUFBSSx5QkFBZSxDQUFDO29CQUNsQixPQUFPLEVBQUUsQ0FBQyxtQkFBbUIsQ0FBQztvQkFDOUIsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO2lCQUNqQixDQUFDO2FBQ0gsQ0FBQztZQUNGLFlBQVksRUFBRSwyQkFBMkI7U0FDMUMsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLGlCQUFpQixHQUFHLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDdEQseUJBQXlCLENBQzFCLENBQUM7UUFDRixJQUFJLENBQUMsZUFBZSxHQUFHLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDcEQsNkJBQTZCLENBQzlCLENBQUM7UUFDRixJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLG1CQUFtQixFQUFFO1lBQ3ZDLEdBQUcsRUFBRSxtQkFBbUI7WUFDeEIsS0FBSyxFQUFFLElBQUksQ0FBQyxpQkFBaUI7WUFDN0IsVUFBVSxFQUFFLG1CQUFtQjtTQUNoQyxDQUFDLENBQUM7UUFDSCxJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFO1lBQ3JDLEdBQUcsRUFBRSxpQkFBaUI7WUFDdEIsS0FBSyxFQUFFLElBQUksQ0FBQyxlQUFlO1lBQzNCLFVBQVUsRUFBRSxpQkFBaUI7U0FDOUIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELG1CQUFtQixDQUFDLEtBQTBCO1FBQzVDLHlCQUF5QjtRQUN6QixLQUFLLE1BQU0sQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBQyxFQUFFLENBQUM7WUFDbkUsTUFBTSxhQUFhLEdBQUcsSUFBSSw4QkFBYSxDQUFDLElBQUksRUFBRSxnQkFBZ0IsSUFBSSxFQUFFLEVBQUU7Z0JBQ3BFLElBQUksRUFBRSxJQUFJO2dCQUNWLFdBQVcsRUFBRSxJQUFJLENBQUMsaUJBQWlCO2dCQUNuQyxXQUFXLEVBQUUsTUFBTSxDQUFDLFdBQVc7Z0JBQy9CLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTthQUNqQixDQUFDLENBQUM7WUFFSCxxQ0FBcUM7WUFDckMsSUFBSSx5Q0FBbUIsQ0FBQyxJQUFJLEVBQUUsc0JBQXNCLElBQUksRUFBRSxFQUFFO2dCQUMxRCxXQUFXLEVBQUUsSUFBSSxDQUFDLGlCQUFpQjtnQkFDbkMsYUFBYSxFQUFFLElBQUk7Z0JBQ25CLGdCQUFnQixFQUFFLGFBQWEsQ0FBQyxtQkFBbUIsRUFBRTtnQkFDckQsZ0JBQWdCLEVBQUUsTUFBTSxDQUFDLE1BQU07YUFDaEMsQ0FBQyxDQUFDO1lBRUgsZ0JBQWdCO1lBQ2hCLE1BQU0sS0FBSyxHQUFHLElBQUksc0JBQUssQ0FBQyxJQUFJLEVBQUUsR0FBRyxhQUFhLE9BQU8sRUFBRTtnQkFDckQsV0FBVyxFQUFFLElBQUk7Z0JBQ2pCLGVBQWUsRUFBRSxJQUFJLENBQUMsZUFBZTtnQkFDckMsV0FBVyxFQUFFLHdCQUF3QixhQUFhLGlCQUFpQjthQUNwRSxDQUFDLENBQUM7WUFFSCxJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLEdBQUcsSUFBSSxTQUFTLEVBQUU7Z0JBQ3BDLEdBQUcsRUFBRSxHQUFHLElBQUksU0FBUztnQkFDckIsS0FBSyxFQUFFLEtBQUssQ0FBQyxVQUFVLEVBQUU7Z0JBQ3pCLFVBQVUsRUFBRSxHQUFHLElBQUksU0FBUzthQUM3QixDQUFDLENBQUM7WUFFSCxnQ0FBZ0M7WUFDaEMsS0FBSyxNQUFNLENBQUMsV0FBVyxFQUFFLFNBQVMsQ0FBQyxJQUFJLE1BQU0sQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7Z0JBQ3RFLElBQUksMkJBQVUsQ0FDWixJQUFJLEVBQ0osR0FBRyxJQUFBLHFDQUFpQixFQUFDLFdBQVcsQ0FBQyxHQUFHLGFBQWEsYUFBYSxFQUM5RDtvQkFDRSxXQUFXLEVBQUUsSUFBSSxDQUFDLGlCQUFpQjtvQkFDbkMsZ0JBQWdCLEVBQUUsYUFBYSxDQUFDLG1CQUFtQixFQUFFO29CQUNyRCxhQUFhLEVBQUUsT0FBTztvQkFDdEIsV0FBVyxFQUFFLEtBQUssQ0FBQyxVQUFVLEVBQUU7b0JBQy9CLFVBQVUsRUFBRSxhQUFhO29CQUN6QixRQUFRLEVBQUUsU0FBUztvQkFDbkIsVUFBVSxFQUFFLGFBQWEsQ0FBQyxtQkFBbUI7aUJBQzlDLENBQ0YsQ0FBQztZQUNKLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztDQUNGO0FBeEdELHdDQXdHQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGN1c3RvbVJlc291cmNlcyBmcm9tIFwiYXdzLWNkay1saWIvY3VzdG9tLXJlc291cmNlc1wiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IFBvbGljeVN0YXRlbWVudCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5pbXBvcnQgeyBDZm5PdXRwdXQgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy91dGlsaXRpZXMvY2ZuT3V0cHV0XCI7XG5pbXBvcnQgeyBBd3NDdXN0b21SZXNvdXJjZSB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL3V0aWxpdGllcy9hd3NDdXN0b21SZXNvdXJjZVwiO1xuaW1wb3J0IHsgS2V5VmFsdWUgfSBmcm9tIFwiLi4vLi4vdHlwZXNcIjtcbmltcG9ydCB7IHN0cmlwQW5kQ2FtZWxDYXNlIH0gZnJvbSBcIi4uLy4uL3V0aWxzL3N0cmlwQW5kQ2FtZWxDYXNlXCI7XG5pbXBvcnQge1xuICBHcm91cCxcbiAgUGVybWlzc2lvblNldCxcbiAgQXNzaWdubWVudFxufSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy9pYW0vaWRlbnRpdHlDZW50ZXJcIjtcbmltcG9ydCB7IEF0dGFjaE1hbmFnZWRQb2xpY3kgfSBmcm9tIFwiLi4vLi4vcmVzb3VyY2VzL2F3cy9pYW0vaWRlbnRpdHlDZW50ZXIvYXR0YWNoTWFuYWdlZFBvbGljeVwiO1xuXG5pbnRlcmZhY2UgSWRlbnRpdHlDZW50ZXJQcm9wcyB7XG4gIGFjY291bnRzOiBLZXlWYWx1ZTtcbiAgdGFncz86IEtleVZhbHVlW107XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUGVybWlzc2lvblNldENvbmZpZyB7XG4gIFBvbGljeTogc3RyaW5nO1xuICBEZXNjcmlwdGlvbj86IHN0cmluZztcbn1cblxuY29uc3QgZGVmYXVsdFBlcm1pc3Npb25TZXRzOiBSZWNvcmQ8c3RyaW5nLCBQZXJtaXNzaW9uU2V0Q29uZmlnPiA9IHtcbiAgQWRtaW5pc3RyYXRvckFjY2Vzczoge1xuICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9BZG1pbmlzdHJhdG9yQWNjZXNzXCIsXG4gICAgRGVzY3JpcHRpb246IFwiUGVybWlzc2lvbiBzZXQgZm9yIGFzc29jaWF0ZWQgQWRtaW5pc3RyYXRvckFjY2VzcyBwb2xpY3lcIlxuICB9LFxuICBSZWFkT25seUFjY2Vzczoge1xuICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9SZWFkT25seUFjY2Vzc1wiLFxuICAgIERlc2NyaXB0aW9uOiBcIlBlcm1pc3Npb24gc2V0IGZvciBhc3NvY2lhdGVkIFJlYWRPbmx5QWNjZXNzIHBvbGljeVwiXG4gIH0sXG4gIEJpbGxpbmc6IHtcbiAgICBQb2xpY3k6IFwiYXJuOmF3czppYW06OmF3czpwb2xpY3kvQVdTQmlsbGluZ1JlYWRPbmx5QWNjZXNzXCIsXG4gICAgRGVzY3JpcHRpb246IFwiUGVybWlzc2lvbiBzZXQgZm9yIGFzc29jaWF0ZWQgQmlsbGluZyBwb2xpY3lcIlxuICB9XG59O1xuXG5leHBvcnQgY2xhc3MgSWRlbnRpdHlDZW50ZXIgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwdWJsaWMgaWRlbnRpdHlTdG9yZUlkOiBzdHJpbmc7XG4gIHB1YmxpYyBpZGVudGl0eUNlbnRlckFybjogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBJZGVudGl0eUNlbnRlclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMubGlzdElkZW50aXR5Q2VudGVySW5zdGFuY2UoKTtcbiAgICB0aGlzLmNyZWF0ZVBlcm1pc3Npb25TZXQocHJvcHMpO1xuICB9XG5cbiAgbGlzdElkZW50aXR5Q2VudGVySW5zdGFuY2UoKSB7XG4gICAgY29uc3QgY3VzdG9tUmVzb3VyY2UgPSBuZXcgQXdzQ3VzdG9tUmVzb3VyY2UoXG4gICAgICB0aGlzLFxuICAgICAgXCJsaXN0SWRlbnRpdHlDZW50ZXJJbnN0YW5jZVwiLFxuICAgICAge1xuICAgICAgICBmdW5jdGlvbk5hbWU6IFwibGlzdElkZW50aXR5Q2VudGVySW5zdGFuY2VcIixcbiAgICAgICAgb25DcmVhdGU6IHtcbiAgICAgICAgICBzZXJ2aWNlOiBcInNzby1hZG1pblwiLFxuICAgICAgICAgIGFjdGlvbjogXCJMaXN0SW5zdGFuY2VzQ29tbWFuZFwiLFxuICAgICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICAgIE1heFJlc3VsdHM6IDFcbiAgICAgICAgICB9LFxuICAgICAgICAgIHBoeXNpY2FsUmVzb3VyY2VJZDogY3VzdG9tUmVzb3VyY2VzLlBoeXNpY2FsUmVzb3VyY2VJZC5vZihcbiAgICAgICAgICAgIFwibGlzdElkZW50aXR5Q2VudGVySW5zdGFuY2VcIlxuICAgICAgICAgIClcbiAgICAgICAgfSxcbiAgICAgICAgcG9saWN5OiBjdXN0b21SZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVN0YXRlbWVudHMoW1xuICAgICAgICAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAgICAgYWN0aW9uczogW1wic3NvOkxpc3RJbnN0YW5jZXNcIl0sXG4gICAgICAgICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgICAgICB9KVxuICAgICAgICBdKSxcbiAgICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6SWFtSWRlbnRpdHlDZW50ZXJcIlxuICAgICAgfVxuICAgICk7XG5cbiAgICB0aGlzLmlkZW50aXR5Q2VudGVyQXJuID0gY3VzdG9tUmVzb3VyY2UuZ2V0UmVzcG9uc2VGaWVsZChcbiAgICAgIFwiSW5zdGFuY2VzLjAuSW5zdGFuY2VBcm5cIlxuICAgICk7XG4gICAgdGhpcy5pZGVudGl0eVN0b3JlSWQgPSBjdXN0b21SZXNvdXJjZS5nZXRSZXNwb25zZUZpZWxkKFxuICAgICAgXCJJbnN0YW5jZXMuMC5JZGVudGl0eVN0b3JlSWRcIlxuICAgICk7XG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBcImlkZW50aXR5Q2VudGVyQXJuXCIsIHtcbiAgICAgIGtleTogXCJpZGVudGl0eUNlbnRlckFyblwiLFxuICAgICAgdmFsdWU6IHRoaXMuaWRlbnRpdHlDZW50ZXJBcm4sXG4gICAgICBleHBvcnROYW1lOiBcImlkZW50aXR5Q2VudGVyQXJuXCJcbiAgICB9KTtcbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIFwiaWRlbnRpdHlTdG9yZUlkXCIsIHtcbiAgICAgIGtleTogXCJpZGVudGl0eVN0b3JlSURcIixcbiAgICAgIHZhbHVlOiB0aGlzLmlkZW50aXR5U3RvcmVJZCxcbiAgICAgIGV4cG9ydE5hbWU6IFwiaWRlbnRpdHlTdG9yZUlkXCJcbiAgICB9KTtcbiAgfVxuXG4gIGNyZWF0ZVBlcm1pc3Npb25TZXQocHJvcHM6IElkZW50aXR5Q2VudGVyUHJvcHMpIHtcbiAgICAvLyBDcmVhdGUgcGVybWlzc2lvbiBzZXRzXG4gICAgZm9yIChjb25zdCBbbmFtZSwgY29uZmlnXSBvZiBPYmplY3QuZW50cmllcyhkZWZhdWx0UGVybWlzc2lvblNldHMpKSB7XG4gICAgICBjb25zdCBwZXJtaXNzaW9uU2V0ID0gbmV3IFBlcm1pc3Npb25TZXQodGhpcywgYFBlcm1pc3Npb25TZXQke25hbWV9YCwge1xuICAgICAgICBuYW1lOiBuYW1lLFxuICAgICAgICBpbnN0YW5jZUFybjogdGhpcy5pZGVudGl0eUNlbnRlckFybixcbiAgICAgICAgZGVzY3JpcHRpb246IGNvbmZpZy5EZXNjcmlwdGlvbixcbiAgICAgICAgdGFnczogcHJvcHMudGFnc1xuICAgICAgfSk7XG5cbiAgICAgIC8vIEF0dGFjaCBQb2xpY2llcyB0byBQZXJtaXNzaW9uIFNldHNcbiAgICAgIG5ldyBBdHRhY2hNYW5hZ2VkUG9saWN5KHRoaXMsIGBBdHRhY2hNYW5hZ2VkUG9saWN5JHtuYW1lfWAsIHtcbiAgICAgICAgaW5zdGFuY2VBcm46IHRoaXMuaWRlbnRpdHlDZW50ZXJBcm4sXG4gICAgICAgIHBlcm1pc3Npb25TZXQ6IG5hbWUsXG4gICAgICAgIHBlcm1pc3Npb25TZXRBcm46IHBlcm1pc3Npb25TZXQuZ2V0UGVybWlzc2lvblNldEFybigpLFxuICAgICAgICBtYW5hZ2VkUG9saWN5QXJuOiBjb25maWcuUG9saWN5XG4gICAgICB9KTtcblxuICAgICAgLy8gQ3JlYXRlIEdyb3Vwc1xuICAgICAgY29uc3QgZ3JvdXAgPSBuZXcgR3JvdXAodGhpcywgYCR7cGVybWlzc2lvblNldH1Hcm91cGAsIHtcbiAgICAgICAgZGlzcGxheU5hbWU6IG5hbWUsXG4gICAgICAgIGlkZW50aXR5U3RvcmVJZDogdGhpcy5pZGVudGl0eVN0b3JlSWQsXG4gICAgICAgIGRlc2NyaXB0aW9uOiBgR3JvdXAgZm9yIGFzc29jaWF0ZWQgJHtwZXJtaXNzaW9uU2V0fSBwZXJtaXNzaW9uIHNldGBcbiAgICAgIH0pO1xuXG4gICAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGAke25hbWV9R3JvdXBJZGAsIHtcbiAgICAgICAga2V5OiBgJHtuYW1lfUdyb3VwSWRgLFxuICAgICAgICB2YWx1ZTogZ3JvdXAuZ2V0R3JvdXBJZCgpLFxuICAgICAgICBleHBvcnROYW1lOiBgJHtuYW1lfUdyb3VwSWRgXG4gICAgICB9KTtcblxuICAgICAgLy8gQXNzaWduIEdyb3VwcyB0byBBV1MgQWNjb3VudHNcbiAgICAgIGZvciAoY29uc3QgW2FjY291bnROYW1lLCBhY2NvdW50SWRdIG9mIE9iamVjdC5lbnRyaWVzKHByb3BzLmFjY291bnRzKSkge1xuICAgICAgICBuZXcgQXNzaWdubWVudChcbiAgICAgICAgICB0aGlzLFxuICAgICAgICAgIGAke3N0cmlwQW5kQ2FtZWxDYXNlKGFjY291bnROYW1lKX0ke3Blcm1pc3Npb25TZXR9QXNzb2NpYXRpb25gLFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIGluc3RhbmNlQXJuOiB0aGlzLmlkZW50aXR5Q2VudGVyQXJuLFxuICAgICAgICAgICAgcGVybWlzc2lvblNldEFybjogcGVybWlzc2lvblNldC5nZXRQZXJtaXNzaW9uU2V0QXJuKCksXG4gICAgICAgICAgICBwcmluY2lwYWxUeXBlOiBcIkdST1VQXCIsXG4gICAgICAgICAgICBwcmluY2lwYWxJZDogZ3JvdXAuZ2V0R3JvdXBJZCgpLFxuICAgICAgICAgICAgdGFyZ2V0VHlwZTogXCJBV1NfQUNDT1VOVFwiLFxuICAgICAgICAgICAgdGFyZ2V0SWQ6IGFjY291bnRJZCxcbiAgICAgICAgICAgIGRlcGVuZGVuY3k6IHBlcm1pc3Npb25TZXQuZGVsZXRlUGVybWlzc2lvblNldFxuICAgICAgICAgIH1cbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9XG4gIH1cbn1cbiJdfQ==
|
|
163
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaWRlbnRpdHlDZW50ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9saWIvY29uZmlnL2F3cy9pZGVudGl0eUNlbnRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxnRUFBZ0U7QUFFaEUsaURBSzZCO0FBQzdCLDZDQUE0RDtBQUM1RCx1RUFBb0U7QUFDcEUsdUZBQW9GO0FBRXBGLHFFQUFrRTtBQUNsRSwyRUFJZ0Q7QUFDaEQsb0dBQWlHO0FBQ2pHLG1EQUEyQztBQUMzQyw2Q0FBdUM7QUFDdkMsaURBQThEO0FBWTlELE1BQU0scUJBQXFCLEdBQXdDO0lBQ2pFLG1CQUFtQixFQUFFO1FBQ25CLE1BQU0sRUFBRSw2Q0FBNkM7UUFDckQsV0FBVyxFQUFFLDBEQUEwRDtLQUN4RTtJQUNELGNBQWMsRUFBRTtRQUNkLE1BQU0sRUFBRSx3Q0FBd0M7UUFDaEQsV0FBVyxFQUFFLHFEQUFxRDtLQUNuRTtJQUNELE9BQU8sRUFBRTtRQUNQLE1BQU0sRUFBRSxrREFBa0Q7UUFDMUQsV0FBVyxFQUFFLDhDQUE4QztLQUM1RDtDQUNGLENBQUM7QUFFRixNQUFhLGNBQWUsU0FBUSx5QkFBVztJQUs3QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQTBCO1FBQ2xFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBRXhCLElBQUksQ0FBQywyQkFBMkIsRUFBRSxDQUFDO1FBQ25DLElBQUksQ0FBQywwQkFBMEIsRUFBRSxDQUFDO1FBQ2xDLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxLQUFLLENBQUMsQ0FBQztJQUNsQyxDQUFDO0lBRUQsMkJBQTJCO1FBQ3pCLHNHQUFzRztRQUN0RyxJQUFJLENBQUMscUJBQXFCLEdBQUcsSUFBSSxVQUFJLENBQ25DLElBQUksRUFDSixrQ0FBa0MsRUFDbEM7WUFDRSxTQUFTLEVBQUUsSUFBSSwwQkFBZ0IsQ0FBQyxzQkFBc0IsQ0FBQztZQUN2RCxXQUFXLEVBQUUsd0RBQXdEO1lBQ3JFLGVBQWUsRUFBRTtnQkFDZixtQkFBYSxDQUFDLHdCQUF3QixDQUNwQywwQ0FBMEMsQ0FDM0M7Z0JBQ0QsbUJBQWEsQ0FBQyx3QkFBd0IsQ0FDcEMsa0NBQWtDLENBQ25DO2FBQ0Y7WUFDRCxjQUFjLEVBQUU7Z0JBQ2Qsa0NBQWtDLEVBQUUsSUFBSSx3QkFBYyxDQUFDO29CQUNyRCxVQUFVLEVBQUU7d0JBQ1YsSUFBSSx5QkFBZSxDQUFDOzRCQUNsQixPQUFPLEVBQUUsQ0FBQyxPQUFPLEVBQUUsT0FBTyxDQUFDOzRCQUMzQixTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7eUJBQ2pCLENBQUM7cUJBQ0g7aUJBQ0YsQ0FBQzthQUNIO1NBQ0YsQ0FDRixDQUFDO1FBQ0Ysc0dBQXNHO1FBQ3RHLDJFQUEyRTtRQUMzRSw0REFBNEQ7UUFDNUQsMkJBQTJCO1FBQzNCLGlCQUFpQjtRQUNqQixRQUFRO1FBQ1IseUJBQXlCO1FBQ3pCLHFCQUFxQjtRQUNyQixtQkFBbUI7UUFDbkIsV0FBVztRQUNYLGlDQUFpQztRQUNqQyxRQUFRO1FBQ1IsTUFBTTtRQUNOLE1BQU07SUFDUixDQUFDO0lBRUQsMEJBQTBCO1FBQ3hCLE1BQU0sY0FBYyxHQUFHLElBQUkscUNBQWlCLENBQzFDLElBQUksRUFDSiw0QkFBNEIsRUFDNUI7WUFDRSxZQUFZLEVBQUUsNEJBQTRCO1lBQzFDLFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsV0FBVztnQkFDcEIsTUFBTSxFQUFFLHNCQUFzQjtnQkFDOUIsVUFBVSxFQUFFO29CQUNWLFVBQVUsRUFBRSxDQUFDO2lCQUNkO2dCQUNELGtCQUFrQixFQUFFLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQ3ZELDRCQUE0QixDQUM3QjthQUNGO1lBQ0QsSUFBSSxFQUFFLElBQUksQ0FBQyxxQkFBcUI7WUFDaEMsMkZBQTJGO1lBQzNGLGlFQUFpRTtZQUNqRSxxQkFBcUI7WUFDckIsTUFBTTtZQUNOLG1FQUFtRTtZQUNuRSwwQkFBMEI7WUFDMUIsc0NBQXNDO1lBQ3RDLHVCQUF1QjtZQUN2QixPQUFPO1lBQ1AsTUFBTTtZQUNOLFlBQVksRUFBRSwyQkFBMkI7U0FDMUMsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLGlCQUFpQixHQUFHLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDdEQseUJBQXlCLENBQzFCLENBQUM7UUFDRixJQUFJLENBQUMsZUFBZSxHQUFHLGNBQWMsQ0FBQyxnQkFBZ0IsQ0FDcEQsNkJBQTZCLENBQzlCLENBQUM7UUFDRixJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLG1CQUFtQixFQUFFO1lBQ3ZDLEdBQUcsRUFBRSxtQkFBbUI7WUFDeEIsS0FBSyxFQUFFLElBQUksQ0FBQyxpQkFBaUI7WUFDN0IsVUFBVSxFQUFFLG1CQUFtQjtTQUNoQyxDQUFDLENBQUM7UUFDSCxJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLGlCQUFpQixFQUFFO1lBQ3JDLEdBQUcsRUFBRSxpQkFBaUI7WUFDdEIsS0FBSyxFQUFFLElBQUksQ0FBQyxlQUFlO1lBQzNCLFVBQVUsRUFBRSxpQkFBaUI7U0FDOUIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELG1CQUFtQixDQUFDLEtBQTBCO1FBQzVDLHlCQUF5QjtRQUN6QixLQUFLLE1BQU0sQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxxQkFBcUIsQ0FBQyxFQUFFLENBQUM7WUFDbkUsZ0JBQWdCO1lBQ2hCLE1BQU0sS0FBSyxHQUFHLElBQUksc0JBQUssQ0FBQyxJQUFJLEVBQUUsR0FBRyxJQUFJLE9BQU8sRUFBRTtnQkFDNUMsV0FBVyxFQUFFLElBQUk7Z0JBQ2pCLGVBQWUsRUFBRSxJQUFJLENBQUMsZUFBZTtnQkFDckMsV0FBVyxFQUFFLHdCQUF3QixJQUFJLGlCQUFpQjtnQkFDMUQsSUFBSSxFQUFFLElBQUksQ0FBQyxxQkFBcUI7YUFDakMsQ0FBQyxDQUFDO1lBRUgsTUFBTSxhQUFhLEdBQUcsSUFBSSw4QkFBYSxDQUFDLElBQUksRUFBRSxnQkFBZ0IsSUFBSSxFQUFFLEVBQUU7Z0JBQ3BFLElBQUksRUFBRSxJQUFJO2dCQUNWLFdBQVcsRUFBRSxJQUFJLENBQUMsaUJBQWlCO2dCQUNuQyxXQUFXLEVBQUUsTUFBTSxDQUFDLFdBQVc7Z0JBQy9CLElBQUksRUFBRSxJQUFJLENBQUMscUJBQXFCO2dCQUNoQyxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7YUFDakIsQ0FBQyxDQUFDO1lBQ0gsYUFBYSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7WUFFeEMscUNBQXFDO1lBQ3JDLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSx5Q0FBbUIsQ0FDakQsSUFBSSxFQUNKLHNCQUFzQixJQUFJLEVBQUUsRUFDNUI7Z0JBQ0UsV0FBVyxFQUFFLElBQUksQ0FBQyxpQkFBaUI7Z0JBQ25DLGFBQWEsRUFBRSxJQUFJO2dCQUNuQixnQkFBZ0IsRUFBRSxhQUFhLENBQUMsbUJBQW1CLEVBQUU7Z0JBQ3JELGdCQUFnQixFQUFFLE1BQU0sQ0FBQyxNQUFNO2dCQUMvQixJQUFJLEVBQUUsSUFBSSxDQUFDLHFCQUFxQjthQUNqQyxDQUNGLENBQUM7WUFDRixtQkFBbUIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQyxDQUFDO1lBRXRELElBQUkscUJBQVMsQ0FBQyxJQUFJLEVBQUUsR0FBRyxJQUFJLFNBQVMsRUFBRTtnQkFDcEMsR0FBRyxFQUFFLEdBQUcsSUFBSSxTQUFTO2dCQUNyQixLQUFLLEVBQUUsS0FBSyxDQUFDLFVBQVUsRUFBRTtnQkFDekIsVUFBVSxFQUFFLEdBQUcsSUFBSSxTQUFTO2FBQzdCLENBQUMsQ0FBQztZQUVILGdDQUFnQztZQUNoQyxLQUFLLE1BQU0sQ0FBQyxXQUFXLEVBQUUsU0FBUyxDQUFDLElBQUksTUFBTSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztnQkFDdEUsTUFBTSxnQkFBZ0IsR0FBRyxhQUFhLENBQUMsbUJBQW1CLEVBQUUsQ0FBQztnQkFDN0QsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLFVBQVUsRUFBRSxDQUFDO2dCQUNuQyxNQUFNLFVBQVUsR0FBRyxJQUFJLDJCQUFVLENBQy9CLElBQUksRUFDSixHQUFHLElBQUEscUNBQWlCLEVBQUMsV0FBVyxDQUFDLEdBQUcsYUFBYSxhQUFhLEVBQzlEO29CQUNFLFdBQVcsRUFBRSxJQUFJLENBQUMsaUJBQWlCO29CQUNuQyxnQkFBZ0IsRUFBRSxnQkFBZ0I7b0JBQ2xDLGFBQWEsRUFBRSxPQUFPO29CQUN0QixXQUFXLEVBQUUsT0FBTztvQkFDcEIsVUFBVSxFQUFFLGFBQWE7b0JBQ3pCLFFBQVEsRUFBRSxTQUFTO29CQUNuQixJQUFJLEVBQUUsSUFBSSxDQUFDLHFCQUFxQjtpQkFDakMsQ0FDRixDQUFDO2dCQUVGLE1BQU0sS0FBSyxHQUFHLElBQUksMEJBQVMsQ0FDekIsSUFBSSxFQUNKLEdBQUcsSUFBQSxxQ0FBaUIsRUFBQyxXQUFXLENBQUMsR0FBRyxhQUFhLGlCQUFpQixFQUNsRTtvQkFDRSxlQUFlLEVBQUUsc0JBQVEsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2lCQUN0QyxDQUNGLENBQUM7Z0JBQ0YsS0FBSyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsbUJBQW1CLENBQUMsQ0FBQztnQkFDOUMsVUFBVSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDdkMsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUFoTEQsd0NBZ0xDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY3VzdG9tUmVzb3VyY2VzIGZyb20gXCJhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHtcbiAgQ2ZuUm9sZSxcbiAgUG9saWN5RG9jdW1lbnQsXG4gIFBvbGljeVN0YXRlbWVudCxcbiAgU2VydmljZVByaW5jaXBhbFxufSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuaW1wb3J0IHsgTmVzdGVkU3RhY2ssIE5lc3RlZFN0YWNrUHJvcHMgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENmbk91dHB1dCB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL3V0aWxpdGllcy9jZm5PdXRwdXRcIjtcbmltcG9ydCB7IEF3c0N1c3RvbVJlc291cmNlIH0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3MvdXRpbGl0aWVzL2F3c0N1c3RvbVJlc291cmNlXCI7XG5pbXBvcnQgeyBLZXlWYWx1ZSB9IGZyb20gXCIuLi8uLi90eXBlc1wiO1xuaW1wb3J0IHsgc3RyaXBBbmRDYW1lbENhc2UgfSBmcm9tIFwiLi4vLi4vdXRpbHMvc3RyaXBBbmRDYW1lbENhc2VcIjtcbmltcG9ydCB7XG4gIEdyb3VwLFxuICBQZXJtaXNzaW9uU2V0LFxuICBBc3NpZ25tZW50XG59IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlclwiO1xuaW1wb3J0IHsgQXR0YWNoTWFuYWdlZFBvbGljeSB9IGZyb20gXCIuLi8uLi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9hdHRhY2hNYW5hZ2VkUG9saWN5XCI7XG5pbXBvcnQgeyBUaW1lU2xlZXAgfSBmcm9tIFwiY2RrLXRpbWUtc2xlZXBcIjtcbmltcG9ydCB7IER1cmF0aW9uIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBNYW5hZ2VkUG9saWN5LCBSb2xlIH0gZnJvbSBcIi4uLy4uL3Jlc291cmNlcy9hd3MvaWFtXCI7XG5cbmludGVyZmFjZSBJZGVudGl0eUNlbnRlclByb3BzIGV4dGVuZHMgTmVzdGVkU3RhY2tQcm9wcyB7XG4gIGFjY291bnRzOiBLZXlWYWx1ZTtcbiAgdGFncz86IEtleVZhbHVlW107XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUGVybWlzc2lvblNldENvbmZpZyB7XG4gIFBvbGljeTogc3RyaW5nO1xuICBEZXNjcmlwdGlvbj86IHN0cmluZztcbn1cblxuY29uc3QgZGVmYXVsdFBlcm1pc3Npb25TZXRzOiBSZWNvcmQ8c3RyaW5nLCBQZXJtaXNzaW9uU2V0Q29uZmlnPiA9IHtcbiAgQWRtaW5pc3RyYXRvckFjY2Vzczoge1xuICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9BZG1pbmlzdHJhdG9yQWNjZXNzXCIsXG4gICAgRGVzY3JpcHRpb246IFwiUGVybWlzc2lvbiBzZXQgZm9yIGFzc29jaWF0ZWQgQWRtaW5pc3RyYXRvckFjY2VzcyBwb2xpY3lcIlxuICB9LFxuICBSZWFkT25seUFjY2Vzczoge1xuICAgIFBvbGljeTogXCJhcm46YXdzOmlhbTo6YXdzOnBvbGljeS9SZWFkT25seUFjY2Vzc1wiLFxuICAgIERlc2NyaXB0aW9uOiBcIlBlcm1pc3Npb24gc2V0IGZvciBhc3NvY2lhdGVkIFJlYWRPbmx5QWNjZXNzIHBvbGljeVwiXG4gIH0sXG4gIEJpbGxpbmc6IHtcbiAgICBQb2xpY3k6IFwiYXJuOmF3czppYW06OmF3czpwb2xpY3kvQVdTQmlsbGluZ1JlYWRPbmx5QWNjZXNzXCIsXG4gICAgRGVzY3JpcHRpb246IFwiUGVybWlzc2lvbiBzZXQgZm9yIGFzc29jaWF0ZWQgQmlsbGluZyBwb2xpY3lcIlxuICB9XG59O1xuXG5leHBvcnQgY2xhc3MgSWRlbnRpdHlDZW50ZXIgZXh0ZW5kcyBOZXN0ZWRTdGFjayB7XG4gIHB1YmxpYyBpZGVudGl0eVN0b3JlSWQ6IHN0cmluZztcbiAgcHVibGljIGlkZW50aXR5Q2VudGVyQXJuOiBzdHJpbmc7XG4gIHByaXZhdGUgaWRlbnRpdHlDZW50ZXJJYW1Sb2xlOiBSb2xlO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBJZGVudGl0eUNlbnRlclByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkLCBwcm9wcyk7XG5cbiAgICB0aGlzLmNyZWF0ZUlkZW50aXR5Q2VudGVySWFtUm9sZSgpO1xuICAgIHRoaXMubGlzdElkZW50aXR5Q2VudGVySW5zdGFuY2UoKTtcbiAgICB0aGlzLmNyZWF0ZVBlcm1pc3Npb25TZXQocHJvcHMpO1xuICB9XG5cbiAgY3JlYXRlSWRlbnRpdHlDZW50ZXJJYW1Sb2xlKCkge1xuICAgIC8vIFJlbW92ZSB0aGlzIHJvbGUsIG9yIHVwZGF0ZSBwZXJtaXNzaW9ucyB3aGVuIHdlJ3JlIHJlYWR5IHRvIHRyb3VibGVzaG9vdCBpbnRlcm1pdHRlbnQgcG9saWN5IGVycm9yc1xuICAgIHRoaXMuaWRlbnRpdHlDZW50ZXJJYW1Sb2xlID0gbmV3IFJvbGUoXG4gICAgICB0aGlzLFxuICAgICAgXCJJZGVudGl0eUNlbnRlckN1c3RvbVJlc291cmNlUm9sZVwiLFxuICAgICAge1xuICAgICAgICBhc3N1bWVkQnk6IG5ldyBTZXJ2aWNlUHJpbmNpcGFsKFwibGFtYmRhLmFtYXpvbmF3cy5jb21cIiksXG4gICAgICAgIGRlc2NyaXB0aW9uOiBcIlNoYXJlZCByb2xlIGZvciBhbGwgSWRlbnRpdHkgQ2VudGVyIEF3c0N1c3RvbVJlc291cmNlc1wiLFxuICAgICAgICBtYW5hZ2VkUG9saWNpZXM6IFtcbiAgICAgICAgICBNYW5hZ2VkUG9saWN5LmZyb21Bd3NNYW5hZ2VkUG9saWN5TmFtZShcbiAgICAgICAgICAgIFwic2VydmljZS1yb2xlL0FXU0xhbWJkYUJhc2ljRXhlY3V0aW9uUm9sZVwiXG4gICAgICAgICAgKSxcbiAgICAgICAgICBNYW5hZ2VkUG9saWN5LmZyb21Bd3NNYW5hZ2VkUG9saWN5TmFtZShcbiAgICAgICAgICAgIFwiQVdTU1NPTWFzdGVyQWNjb3VudEFkbWluaXN0cmF0b3JcIlxuICAgICAgICAgIClcbiAgICAgICAgXSxcbiAgICAgICAgaW5saW5lUG9saWNpZXM6IHtcbiAgICAgICAgICBJZGVudGl0eUNlbnRlckN1c3RvbVJlc291cmNlUG9saWN5OiBuZXcgUG9saWN5RG9jdW1lbnQoe1xuICAgICAgICAgICAgc3RhdGVtZW50czogW1xuICAgICAgICAgICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICAgICAgICBhY3Rpb25zOiBbXCJzc286KlwiLCBcImlhbToqXCJdLFxuICAgICAgICAgICAgICAgIHJlc291cmNlczogW1wiKlwiXVxuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgXVxuICAgICAgICAgIH0pXG4gICAgICAgIH1cbiAgICAgIH1cbiAgICApO1xuICAgIC8vIFJlbW92ZSB0aGlzIHJvbGUsIG9yIHVwZGF0ZSBwZXJtaXNzaW9ucyB3aGVuIHdlJ3JlIHJlYWR5IHRvIHRyb3VibGVzaG9vdCBpbnRlcm1pdHRlbnQgcG9saWN5IGVycm9yc1xuICAgIC8vIGNvbnN0IGNmblJvbGUgPSB0aGlzLmlkZW50aXR5Q2VudGVySWFtUm9sZS5ub2RlLmRlZmF1bHRDaGlsZCBhcyBDZm5Sb2xlO1xuICAgIC8vIGNmblJvbGUuYWRkUHJvcGVydHlPdmVycmlkZShcIkFzc3VtZVJvbGVQb2xpY3lEb2N1bWVudFwiLCB7XG4gICAgLy8gICBWZXJzaW9uOiBcIjIwMTItMTAtMTdcIixcbiAgICAvLyAgIFN0YXRlbWVudDogW1xuICAgIC8vICAgICB7XG4gICAgLy8gICAgICAgRWZmZWN0OiBcIkFsbG93XCIsXG4gICAgLy8gICAgICAgUHJpbmNpcGFsOiB7XG4gICAgLy8gICAgICAgICBBV1M6IFwiKlwiXG4gICAgLy8gICAgICAgfSxcbiAgICAvLyAgICAgICBBY3Rpb246IFwic3RzOkFzc3VtZVJvbGVcIlxuICAgIC8vICAgICB9XG4gICAgLy8gICBdXG4gICAgLy8gfSk7XG4gIH1cblxuICBsaXN0SWRlbnRpdHlDZW50ZXJJbnN0YW5jZSgpIHtcbiAgICBjb25zdCBjdXN0b21SZXNvdXJjZSA9IG5ldyBBd3NDdXN0b21SZXNvdXJjZShcbiAgICAgIHRoaXMsXG4gICAgICBcImxpc3RJZGVudGl0eUNlbnRlckluc3RhbmNlXCIsXG4gICAgICB7XG4gICAgICAgIGZ1bmN0aW9uTmFtZTogXCJsaXN0SWRlbnRpdHlDZW50ZXJJbnN0YW5jZVwiLFxuICAgICAgICBvbkNyZWF0ZToge1xuICAgICAgICAgIHNlcnZpY2U6IFwic3NvLWFkbWluXCIsXG4gICAgICAgICAgYWN0aW9uOiBcIkxpc3RJbnN0YW5jZXNDb21tYW5kXCIsXG4gICAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgICAgTWF4UmVzdWx0czogMVxuICAgICAgICAgIH0sXG4gICAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBjdXN0b21SZXNvdXJjZXMuUGh5c2ljYWxSZXNvdXJjZUlkLm9mKFxuICAgICAgICAgICAgXCJsaXN0SWRlbnRpdHlDZW50ZXJJbnN0YW5jZVwiXG4gICAgICAgICAgKVxuICAgICAgICB9LFxuICAgICAgICByb2xlOiB0aGlzLmlkZW50aXR5Q2VudGVySWFtUm9sZSxcbiAgICAgICAgLy8gVE9ETzogTG9jayBkb3duIHBlcm1pc3Npb25zLCB3aGVuIHdlJ3JlIHJlYWR5IHRvIHRyb3VibGVzaG9vdCBpbnRlcm1pdHRlbnQgcG9saWN5IGVycm9yc1xuICAgICAgICAvLyBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU2RrQ2FsbHMoe1xuICAgICAgICAvLyAgIHJlc291cmNlczogW1wiKlwiXVxuICAgICAgICAvLyB9KSxcbiAgICAgICAgLy8gcG9saWN5OiBjdXN0b21SZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVN0YXRlbWVudHMoW1xuICAgICAgICAvLyAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAvLyAgICAgYWN0aW9uczogW1wic3NvOkxpc3RJbnN0YW5jZXNcIl0sXG4gICAgICAgIC8vICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgICAgLy8gICB9KVxuICAgICAgICAvLyBdKSxcbiAgICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6SWFtSWRlbnRpdHlDZW50ZXJcIlxuICAgICAgfVxuICAgICk7XG5cbiAgICB0aGlzLmlkZW50aXR5Q2VudGVyQXJuID0gY3VzdG9tUmVzb3VyY2UuZ2V0UmVzcG9uc2VGaWVsZChcbiAgICAgIFwiSW5zdGFuY2VzLjAuSW5zdGFuY2VBcm5cIlxuICAgICk7XG4gICAgdGhpcy5pZGVudGl0eVN0b3JlSWQgPSBjdXN0b21SZXNvdXJjZS5nZXRSZXNwb25zZUZpZWxkKFxuICAgICAgXCJJbnN0YW5jZXMuMC5JZGVudGl0eVN0b3JlSWRcIlxuICAgICk7XG4gICAgbmV3IENmbk91dHB1dCh0aGlzLCBcImlkZW50aXR5Q2VudGVyQXJuXCIsIHtcbiAgICAgIGtleTogXCJpZGVudGl0eUNlbnRlckFyblwiLFxuICAgICAgdmFsdWU6IHRoaXMuaWRlbnRpdHlDZW50ZXJBcm4sXG4gICAgICBleHBvcnROYW1lOiBcImlkZW50aXR5Q2VudGVyQXJuXCJcbiAgICB9KTtcbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIFwiaWRlbnRpdHlTdG9yZUlkXCIsIHtcbiAgICAgIGtleTogXCJpZGVudGl0eVN0b3JlSURcIixcbiAgICAgIHZhbHVlOiB0aGlzLmlkZW50aXR5U3RvcmVJZCxcbiAgICAgIGV4cG9ydE5hbWU6IFwiaWRlbnRpdHlTdG9yZUlkXCJcbiAgICB9KTtcbiAgfVxuXG4gIGNyZWF0ZVBlcm1pc3Npb25TZXQocHJvcHM6IElkZW50aXR5Q2VudGVyUHJvcHMpIHtcbiAgICAvLyBDcmVhdGUgcGVybWlzc2lvbiBzZXRzXG4gICAgZm9yIChjb25zdCBbbmFtZSwgY29uZmlnXSBvZiBPYmplY3QuZW50cmllcyhkZWZhdWx0UGVybWlzc2lvblNldHMpKSB7XG4gICAgICAvLyBDcmVhdGUgR3JvdXBzXG4gICAgICBjb25zdCBncm91cCA9IG5ldyBHcm91cCh0aGlzLCBgJHtuYW1lfUdyb3VwYCwge1xuICAgICAgICBkaXNwbGF5TmFtZTogbmFtZSxcbiAgICAgICAgaWRlbnRpdHlTdG9yZUlkOiB0aGlzLmlkZW50aXR5U3RvcmVJZCxcbiAgICAgICAgZGVzY3JpcHRpb246IGBHcm91cCBmb3IgYXNzb2NpYXRlZCAke25hbWV9IHBlcm1pc3Npb24gc2V0YCxcbiAgICAgICAgcm9sZTogdGhpcy5pZGVudGl0eUNlbnRlcklhbVJvbGVcbiAgICAgIH0pO1xuXG4gICAgICBjb25zdCBwZXJtaXNzaW9uU2V0ID0gbmV3IFBlcm1pc3Npb25TZXQodGhpcywgYFBlcm1pc3Npb25TZXQke25hbWV9YCwge1xuICAgICAgICBuYW1lOiBuYW1lLFxuICAgICAgICBpbnN0YW5jZUFybjogdGhpcy5pZGVudGl0eUNlbnRlckFybixcbiAgICAgICAgZGVzY3JpcHRpb246IGNvbmZpZy5EZXNjcmlwdGlvbixcbiAgICAgICAgcm9sZTogdGhpcy5pZGVudGl0eUNlbnRlcklhbVJvbGUsXG4gICAgICAgIHRhZ3M6IHByb3BzLnRhZ3NcbiAgICAgIH0pO1xuICAgICAgcGVybWlzc2lvblNldC5ub2RlLmFkZERlcGVuZGVuY3koZ3JvdXApO1xuXG4gICAgICAvLyBBdHRhY2ggUG9saWNpZXMgdG8gUGVybWlzc2lvbiBTZXRzXG4gICAgICBjb25zdCBhdHRhY2hNYW5hZ2VkUG9saWN5ID0gbmV3IEF0dGFjaE1hbmFnZWRQb2xpY3koXG4gICAgICAgIHRoaXMsXG4gICAgICAgIGBBdHRhY2hNYW5hZ2VkUG9saWN5JHtuYW1lfWAsXG4gICAgICAgIHtcbiAgICAgICAgICBpbnN0YW5jZUFybjogdGhpcy5pZGVudGl0eUNlbnRlckFybixcbiAgICAgICAgICBwZXJtaXNzaW9uU2V0OiBuYW1lLFxuICAgICAgICAgIHBlcm1pc3Npb25TZXRBcm46IHBlcm1pc3Npb25TZXQuZ2V0UGVybWlzc2lvblNldEFybigpLFxuICAgICAgICAgIG1hbmFnZWRQb2xpY3lBcm46IGNvbmZpZy5Qb2xpY3ksXG4gICAgICAgICAgcm9sZTogdGhpcy5pZGVudGl0eUNlbnRlcklhbVJvbGVcbiAgICAgICAgfVxuICAgICAgKTtcbiAgICAgIGF0dGFjaE1hbmFnZWRQb2xpY3kubm9kZS5hZGREZXBlbmRlbmN5KHBlcm1pc3Npb25TZXQpO1xuXG4gICAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGAke25hbWV9R3JvdXBJZGAsIHtcbiAgICAgICAga2V5OiBgJHtuYW1lfUdyb3VwSWRgLFxuICAgICAgICB2YWx1ZTogZ3JvdXAuZ2V0R3JvdXBJZCgpLFxuICAgICAgICBleHBvcnROYW1lOiBgJHtuYW1lfUdyb3VwSWRgXG4gICAgICB9KTtcblxuICAgICAgLy8gQXNzaWduIEdyb3VwcyB0byBBV1MgQWNjb3VudHNcbiAgICAgIGZvciAoY29uc3QgW2FjY291bnROYW1lLCBhY2NvdW50SWRdIG9mIE9iamVjdC5lbnRyaWVzKHByb3BzLmFjY291bnRzKSkge1xuICAgICAgICBjb25zdCBwZXJtaXNzaW9uU2V0QXJuID0gcGVybWlzc2lvblNldC5nZXRQZXJtaXNzaW9uU2V0QXJuKCk7XG4gICAgICAgIGNvbnN0IGdyb3VwSWQgPSBncm91cC5nZXRHcm91cElkKCk7XG4gICAgICAgIGNvbnN0IGFzc2lnbm1lbnQgPSBuZXcgQXNzaWdubWVudChcbiAgICAgICAgICB0aGlzLFxuICAgICAgICAgIGAke3N0cmlwQW5kQ2FtZWxDYXNlKGFjY291bnROYW1lKX0ke3Blcm1pc3Npb25TZXR9QXNzb2NpYXRpb25gLFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIGluc3RhbmNlQXJuOiB0aGlzLmlkZW50aXR5Q2VudGVyQXJuLFxuICAgICAgICAgICAgcGVybWlzc2lvblNldEFybjogcGVybWlzc2lvblNldEFybixcbiAgICAgICAgICAgIHByaW5jaXBhbFR5cGU6IFwiR1JPVVBcIixcbiAgICAgICAgICAgIHByaW5jaXBhbElkOiBncm91cElkLFxuICAgICAgICAgICAgdGFyZ2V0VHlwZTogXCJBV1NfQUNDT1VOVFwiLFxuICAgICAgICAgICAgdGFyZ2V0SWQ6IGFjY291bnRJZCxcbiAgICAgICAgICAgIHJvbGU6IHRoaXMuaWRlbnRpdHlDZW50ZXJJYW1Sb2xlXG4gICAgICAgICAgfVxuICAgICAgICApO1xuXG4gICAgICAgIGNvbnN0IHNsZWVwID0gbmV3IFRpbWVTbGVlcChcbiAgICAgICAgICB0aGlzLFxuICAgICAgICAgIGAke3N0cmlwQW5kQ2FtZWxDYXNlKGFjY291bnROYW1lKX0ke3Blcm1pc3Npb25TZXR9YXNzaWdubWVudFNsZWVwYCxcbiAgICAgICAgICB7XG4gICAgICAgICAgICBkZXN0cm95RHVyYXRpb246IER1cmF0aW9uLnNlY29uZHMoNjApXG4gICAgICAgICAgfVxuICAgICAgICApO1xuICAgICAgICBzbGVlcC5ub2RlLmFkZERlcGVuZGVuY3koYXR0YWNoTWFuYWdlZFBvbGljeSk7XG4gICAgICAgIGFzc2lnbm1lbnQubm9kZS5hZGREZXBlbmRlbmN5KHNsZWVwKTtcbiAgICAgIH1cbiAgICB9XG4gIH1cbn1cbiJdfQ==
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { Environment, Stack, StackProps } from "aws-cdk-lib";
|
|
2
|
+
import { ICostAllocationTags } from "../../config/aws/costAllocationTags";
|
|
2
3
|
import { Account } from "@aws-sdk/client-organizations";
|
|
3
4
|
type ExtendedStackProps = Omit<StackProps, "env"> & {
|
|
4
5
|
env: Required<Pick<Environment, "region" | "account">> & Partial<Omit<Environment, "region" | "account">>;
|
|
@@ -9,6 +10,7 @@ interface ManagedOrganisationProps extends ExtendedStackProps {
|
|
|
9
10
|
platformAccount: string;
|
|
10
11
|
orgEmail: string;
|
|
11
12
|
existingAccounts?: Account[];
|
|
13
|
+
costAllocationTags: ICostAllocationTags[];
|
|
12
14
|
identityCenter?: boolean;
|
|
13
15
|
}
|
|
14
16
|
export declare class ManagedOrganisation extends Stack {
|
|
@@ -39,7 +39,7 @@ class ManagedOrganisation extends aws_cdk_lib_1.Stack {
|
|
|
39
39
|
this.setupIpamDelegation(orgAccounts, props);
|
|
40
40
|
this.enableRamSharing();
|
|
41
41
|
this.enableTrustedAccess(props);
|
|
42
|
-
this.enableCostAllocationTags();
|
|
42
|
+
this.enableCostAllocationTags(props);
|
|
43
43
|
this.setupIdentityCenter(orgAccounts, props);
|
|
44
44
|
}
|
|
45
45
|
setupIpamDelegation(orgAccounts, props) {
|
|
@@ -56,8 +56,12 @@ class ManagedOrganisation extends aws_cdk_lib_1.Stack {
|
|
|
56
56
|
region: props.env.region
|
|
57
57
|
});
|
|
58
58
|
}
|
|
59
|
-
enableCostAllocationTags() {
|
|
60
|
-
|
|
59
|
+
enableCostAllocationTags(props) {
|
|
60
|
+
if (props.costAllocationTags.length > 0) {
|
|
61
|
+
new costAllocationTags_1.CostAllocationTags(this, "CostAllocationTags", {
|
|
62
|
+
costAllocationTags: props.costAllocationTags
|
|
63
|
+
});
|
|
64
|
+
}
|
|
61
65
|
}
|
|
62
66
|
setupIdentityCenter(orgAccounts, props) {
|
|
63
67
|
if (props.identityCenter) {
|
|
@@ -68,4 +72,4 @@ class ManagedOrganisation extends aws_cdk_lib_1.Stack {
|
|
|
68
72
|
}
|
|
69
73
|
}
|
|
70
74
|
exports.ManagedOrganisation = ManagedOrganisation;
|
|
71
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
75
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWFuYWdlZE9yZ2FuaXNhdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL2xpYi9wYXR0ZXJucy9hd3MvbWFuYWdlZE9yZ2FuaXNhdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBNkQ7QUFFN0QsbUNBQTRCO0FBRTVCLG9FQUFpRTtBQUNqRSwwRUFBdUU7QUFDdkUsNERBQXlEO0FBQ3pELDRFQUc2QztBQUM3QyxnRUFBeUQ7QUFFekQsOEVBQW1GO0FBaUJuRixNQUFhLG1CQUFvQixTQUFRLG1CQUFLO0lBRzVDLFlBQVksRUFBVSxFQUFFLEtBQStCO1FBQ3JELEtBQUssQ0FBQyxhQUFHLENBQUMsV0FBVyxFQUFFLEVBQUUsRUFBRSxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ3BDLElBQUksQ0FBQyx1QkFBdUIsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNwQyxJQUFJLENBQUMsa0JBQWtCLENBQUMsRUFBRSxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ25DLElBQUksQ0FBQyx5QkFBeUIsQ0FBQztZQUM3QixHQUFHLEtBQUs7WUFDUixjQUFjLEVBQUUsS0FBSyxDQUFDLGNBQWMsSUFBSSxJQUFJO1NBQzdDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyx1QkFBdUIsQ0FBQyxLQUErQjtRQUM3RCxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxFQUFFLENBQUM7WUFDdkQsTUFBTSxJQUFJLEtBQUssQ0FDYixxQkFDRSxLQUFLLENBQUMsZUFDUix5REFBeUQsS0FBSyxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQzdFLElBQUksQ0FDTCxFQUFFLENBQ0osQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRU8sa0JBQWtCLENBQUMsRUFBVSxFQUFFLEtBQStCO1FBQ3BFLElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSxzQkFBWSxDQUFDLElBQUksRUFBRSxFQUFFLEVBQUU7WUFDN0MsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtZQUN4QyxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsZUFBZSxFQUFFLEtBQUssQ0FBQyxlQUFlO1lBQ3RDLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtZQUN4QixHQUFHLEVBQUUsS0FBSyxDQUFDLEdBQUc7WUFDZCxnQkFBZ0IsRUFBRSxLQUFLLENBQUMsZ0JBQWdCO1NBQ3pDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyx5QkFBeUIsQ0FBQyxLQUErQjtRQUMvRCxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBRXBELElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxXQUFXLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFDN0MsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7UUFDeEIsSUFBSSxDQUFDLG1CQUFtQixDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ2hDLElBQUksQ0FBQyx3QkFBd0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNyQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsV0FBVyxFQUFFLEtBQUssQ0FBQyxDQUFDO0lBQy9DLENBQUM7SUFFTyxtQkFBbUIsQ0FDekIsV0FBbUMsRUFDbkMsS0FBK0I7UUFFL0IsSUFBSSxxQ0FBaUIsQ0FBQyxJQUFJLEVBQUUsbUJBQW1CLEVBQUU7WUFDL0MsU0FBUyxFQUFFLFdBQVcsQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDO1NBQzlDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyxnQkFBZ0I7UUFDdEIsSUFBSSx1QkFBVSxDQUFDLElBQUksRUFBRSxZQUFZLENBQUMsQ0FBQztJQUNyQyxDQUFDO0lBRU8sbUJBQW1CLENBQUMsS0FBK0I7UUFDekQsSUFBSSxpREFBMkIsQ0FBQyxJQUFJLEVBQUUsNkJBQTZCLEVBQUU7WUFDbkUsT0FBTyxFQUFFLEtBQUssQ0FBQyxHQUFHLENBQUMsT0FBTztZQUMxQixNQUFNLEVBQUUsS0FBSyxDQUFDLEdBQUcsQ0FBQyxNQUFNO1NBQ3pCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyx3QkFBd0IsQ0FBQyxLQUErQjtRQUM5RCxJQUFJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDeEMsSUFBSSx1Q0FBa0IsQ0FBQyxJQUFJLEVBQUUsb0JBQW9CLEVBQUU7Z0JBQ2pELGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0I7YUFDN0MsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7SUFFTyxtQkFBbUIsQ0FDekIsV0FBbUMsRUFDbkMsS0FBK0I7UUFFL0IsSUFBSSxLQUFLLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDekIsSUFBSSwrQkFBYyxDQUFDLElBQUksRUFBRSxnQkFBZ0IsRUFBRTtnQkFDekMsUUFBUSxFQUFFLFdBQVc7YUFDdEIsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztJQUNILENBQUM7Q0FDRjtBQXBGRCxrREFvRkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBFbnZpcm9ubWVudCwgU3RhY2ssIFN0YWNrUHJvcHMgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcblxuaW1wb3J0IEFwcCBmcm9tIFwiLi4vLi4vYXBwXCI7XG5cbmltcG9ydCB7IElkZW50aXR5Q2VudGVyIH0gZnJvbSBcIi4uLy4uL2NvbmZpZy9hd3MvaWRlbnRpdHlDZW50ZXJcIjtcbmltcG9ydCB7IElwYW1EZWxlZ2F0ZUFkbWluIH0gZnJvbSBcIi4uLy4uL2NvbmZpZy9hd3MvaXBhbURlbGVnYXRlQWRtaW5cIjtcbmltcG9ydCB7IFJhbVNoYXJpbmcgfSBmcm9tIFwiLi4vLi4vY29uZmlnL2F3cy9yYW1TaGFyaW5nXCI7XG5pbXBvcnQge1xuICBDb3N0QWxsb2NhdGlvblRhZ3MsXG4gIElDb3N0QWxsb2NhdGlvblRhZ3Ncbn0gZnJvbSBcIi4uLy4uL2NvbmZpZy9hd3MvY29zdEFsbG9jYXRpb25UYWdzXCI7XG5pbXBvcnQgT3JnYW5pc2F0aW9uIGZyb20gXCIuLi8uLi9jb25maWcvYXdzL29yZ2FuaXNhdGlvblwiO1xuaW1wb3J0IHsgQWNjb3VudCB9IGZyb20gXCJAYXdzLXNkay9jbGllbnQtb3JnYW5pemF0aW9uc1wiO1xuaW1wb3J0IHsgQWN0aXZhdGVPcmdhbmlzYXRpb25zQWNjZXNzIH0gZnJvbSBcIi4uLy4uL2NvbmZpZy9hd3Mvb3JnYW5pc2F0aW9uc0FjY2Vzc1wiO1xuXG50eXBlIEV4dGVuZGVkU3RhY2tQcm9wcyA9IE9taXQ8U3RhY2tQcm9wcywgXCJlbnZcIj4gJiB7XG4gIGVudjogUmVxdWlyZWQ8UGljazxFbnZpcm9ubWVudCwgXCJyZWdpb25cIiB8IFwiYWNjb3VudFwiPj4gJlxuICAgIFBhcnRpYWw8T21pdDxFbnZpcm9ubWVudCwgXCJyZWdpb25cIiB8IFwiYWNjb3VudFwiPj47XG59O1xuXG5pbnRlcmZhY2UgTWFuYWdlZE9yZ2FuaXNhdGlvblByb3BzIGV4dGVuZHMgRXh0ZW5kZWRTdGFja1Byb3BzIHtcbiAgb3JnYW5pc2F0aW9uTmFtZTogc3RyaW5nO1xuICBvcmdBY2NvdW50czogc3RyaW5nW107XG4gIHBsYXRmb3JtQWNjb3VudDogc3RyaW5nO1xuICBvcmdFbWFpbDogc3RyaW5nO1xuICBleGlzdGluZ0FjY291bnRzPzogQWNjb3VudFtdO1xuICBjb3N0QWxsb2NhdGlvblRhZ3M6IElDb3N0QWxsb2NhdGlvblRhZ3NbXTtcbiAgaWRlbnRpdHlDZW50ZXI/OiBib29sZWFuO1xufVxuXG5leHBvcnQgY2xhc3MgTWFuYWdlZE9yZ2FuaXNhdGlvbiBleHRlbmRzIFN0YWNrIHtcbiAgcHJpdmF0ZSBvcmdhbmlzYXRpb246IE9yZ2FuaXNhdGlvbjtcblxuICBjb25zdHJ1Y3RvcihpZDogc3RyaW5nLCBwcm9wczogTWFuYWdlZE9yZ2FuaXNhdGlvblByb3BzKSB7XG4gICAgc3VwZXIoQXBwLmdldEluc3RhbmNlKCksIGlkLCBwcm9wcyk7XG4gICAgdGhpcy52YWxpZGF0ZVBsYXRmb3JtQWNjb3VudChwcm9wcyk7XG4gICAgdGhpcy5jcmVhdGVPcmdhbmlzYXRpb24oaWQsIHByb3BzKTtcbiAgICB0aGlzLnNldHVwT3JnYW5pc2F0aW9uRmVhdHVyZXMoe1xuICAgICAgLi4ucHJvcHMsXG4gICAgICBpZGVudGl0eUNlbnRlcjogcHJvcHMuaWRlbnRpdHlDZW50ZXIgPz8gdHJ1ZVxuICAgIH0pO1xuICB9XG5cbiAgcHJpdmF0ZSB2YWxpZGF0ZVBsYXRmb3JtQWNjb3VudChwcm9wczogTWFuYWdlZE9yZ2FuaXNhdGlvblByb3BzKSB7XG4gICAgaWYgKCFwcm9wcy5vcmdBY2NvdW50cy5pbmNsdWRlcyhwcm9wcy5wbGF0Zm9ybUFjY291bnQpKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgICAgIGBQbGF0Zm9ybSBhY2NvdW50IFwiJHtcbiAgICAgICAgICBwcm9wcy5wbGF0Zm9ybUFjY291bnRcbiAgICAgICAgfVwiIGlzIG5vdCBsaXN0ZWQgaW4gYWNjb3VudCBuYW1lcy4gVmFsaWQgYWNjb3VudHMgYXJlOiAke3Byb3BzLm9yZ0FjY291bnRzLmpvaW4oXG4gICAgICAgICAgXCIsIFwiXG4gICAgICAgICl9YFxuICAgICAgKTtcbiAgICB9XG4gIH1cblxuICBwcml2YXRlIGNyZWF0ZU9yZ2FuaXNhdGlvbihpZDogc3RyaW5nLCBwcm9wczogTWFuYWdlZE9yZ2FuaXNhdGlvblByb3BzKSB7XG4gICAgdGhpcy5vcmdhbmlzYXRpb24gPSBuZXcgT3JnYW5pc2F0aW9uKHRoaXMsIGlkLCB7XG4gICAgICBvcmdhbmlzYXRpb25OYW1lOiBwcm9wcy5vcmdhbmlzYXRpb25OYW1lLFxuICAgICAgb3JnQWNjb3VudHM6IHByb3BzLm9yZ0FjY291bnRzLFxuICAgICAgcGxhdGZvcm1BY2NvdW50OiBwcm9wcy5wbGF0Zm9ybUFjY291bnQsXG4gICAgICBvcmdFbWFpbDogcHJvcHMub3JnRW1haWwsXG4gICAgICBlbnY6IHByb3BzLmVudixcbiAgICAgIGV4aXN0aW5nQWNjb3VudHM6IHByb3BzLmV4aXN0aW5nQWNjb3VudHNcbiAgICB9KTtcbiAgfVxuXG4gIHByaXZhdGUgc2V0dXBPcmdhbmlzYXRpb25GZWF0dXJlcyhwcm9wczogTWFuYWdlZE9yZ2FuaXNhdGlvblByb3BzKSB7XG4gICAgY29uc3Qgb3JnQWNjb3VudHMgPSB0aGlzLm9yZ2FuaXNhdGlvbi5nZXRBY2NvdW50cygpO1xuXG4gICAgdGhpcy5zZXR1cElwYW1EZWxlZ2F0aW9uKG9yZ0FjY291bnRzLCBwcm9wcyk7XG4gICAgdGhpcy5lbmFibGVSYW1TaGFyaW5nKCk7XG4gICAgdGhpcy5lbmFibGVUcnVzdGVkQWNjZXNzKHByb3BzKTtcbiAgICB0aGlzLmVuYWJsZUNvc3RBbGxvY2F0aW9uVGFncyhwcm9wcyk7XG4gICAgdGhpcy5zZXR1cElkZW50aXR5Q2VudGVyKG9yZ0FjY291bnRzLCBwcm9wcyk7XG4gIH1cblxuICBwcml2YXRlIHNldHVwSXBhbURlbGVnYXRpb24oXG4gICAgb3JnQWNjb3VudHM6IFJlY29yZDxzdHJpbmcsIHN0cmluZz4sXG4gICAgcHJvcHM6IE1hbmFnZWRPcmdhbmlzYXRpb25Qcm9wc1xuICApIHtcbiAgICBuZXcgSXBhbURlbGVnYXRlQWRtaW4odGhpcywgXCJJcGFtRGVsZWdhdGVBZG1pblwiLCB7XG4gICAgICBhY2NvdW50SWQ6IG9yZ0FjY291bnRzW3Byb3BzLnBsYXRmb3JtQWNjb3VudF1cbiAgICB9KTtcbiAgfVxuXG4gIHByaXZhdGUgZW5hYmxlUmFtU2hhcmluZygpIHtcbiAgICBuZXcgUmFtU2hhcmluZyh0aGlzLCBcIlJhbVNoYXJpbmdcIik7XG4gIH1cblxuICBwcml2YXRlIGVuYWJsZVRydXN0ZWRBY2Nlc3MocHJvcHM6IE1hbmFnZWRPcmdhbmlzYXRpb25Qcm9wcykge1xuICAgIG5ldyBBY3RpdmF0ZU9yZ2FuaXNhdGlvbnNBY2Nlc3ModGhpcywgXCJBY3RpdmF0ZU9yZ2FuaXNhdGlvbnNBY2Nlc3NcIiwge1xuICAgICAgYWNjb3VudDogcHJvcHMuZW52LmFjY291bnQsXG4gICAgICByZWdpb246IHByb3BzLmVudi5yZWdpb25cbiAgICB9KTtcbiAgfVxuXG4gIHByaXZhdGUgZW5hYmxlQ29zdEFsbG9jYXRpb25UYWdzKHByb3BzOiBNYW5hZ2VkT3JnYW5pc2F0aW9uUHJvcHMpIHtcbiAgICBpZiAocHJvcHMuY29zdEFsbG9jYXRpb25UYWdzLmxlbmd0aCA+IDApIHtcbiAgICAgIG5ldyBDb3N0QWxsb2NhdGlvblRhZ3ModGhpcywgXCJDb3N0QWxsb2NhdGlvblRhZ3NcIiwge1xuICAgICAgICBjb3N0QWxsb2NhdGlvblRhZ3M6IHByb3BzLmNvc3RBbGxvY2F0aW9uVGFnc1xuICAgICAgfSk7XG4gICAgfVxuICB9XG5cbiAgcHJpdmF0ZSBzZXR1cElkZW50aXR5Q2VudGVyKFxuICAgIG9yZ0FjY291bnRzOiBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+LFxuICAgIHByb3BzOiBNYW5hZ2VkT3JnYW5pc2F0aW9uUHJvcHNcbiAgKSB7XG4gICAgaWYgKHByb3BzLmlkZW50aXR5Q2VudGVyKSB7XG4gICAgICBuZXcgSWRlbnRpdHlDZW50ZXIodGhpcywgXCJJZGVudGl0eUNlbnRlclwiLCB7XG4gICAgICAgIGFjY291bnRzOiBvcmdBY2NvdW50c1xuICAgICAgfSk7XG4gICAgfVxuICB9XG59XG4iXX0=
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
|
-
import {
|
|
2
|
+
import { Role } from "..";
|
|
3
3
|
export declare class Assignment extends Construct {
|
|
4
4
|
constructor(scope: Construct, id: string, props: {
|
|
5
5
|
instanceArn: string;
|
|
@@ -8,6 +8,6 @@ export declare class Assignment extends Construct {
|
|
|
8
8
|
principalId: string;
|
|
9
9
|
targetType: string;
|
|
10
10
|
targetId: string;
|
|
11
|
-
|
|
11
|
+
role: Role;
|
|
12
12
|
});
|
|
13
13
|
}
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.Assignment = void 0;
|
|
4
|
-
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
|
|
5
4
|
const constructs_1 = require("constructs");
|
|
6
5
|
const customResources = require("aws-cdk-lib/custom-resources");
|
|
7
6
|
const awsCustomResource_1 = require("../../utilities/awsCustomResource");
|
|
@@ -9,7 +8,7 @@ class Assignment extends constructs_1.Construct {
|
|
|
9
8
|
constructor(scope, id, props) {
|
|
10
9
|
super(scope, id);
|
|
11
10
|
const physicalId = `assignment${props.permissionSetArn}to${props.principalId}`;
|
|
12
|
-
const assignment = new awsCustomResource_1.AwsCustomResource(this,
|
|
11
|
+
const assignment = new awsCustomResource_1.AwsCustomResource(this, `assignment`, {
|
|
13
12
|
functionName: physicalId,
|
|
14
13
|
onCreate: {
|
|
15
14
|
service: "sso-admin",
|
|
@@ -24,19 +23,6 @@ class Assignment extends constructs_1.Construct {
|
|
|
24
23
|
},
|
|
25
24
|
physicalResourceId: customResources.PhysicalResourceId.of(physicalId)
|
|
26
25
|
},
|
|
27
|
-
onUpdate: {
|
|
28
|
-
service: "sso-admin",
|
|
29
|
-
action: "UpdateAccountAssignment", // TODO: This is not a valid action
|
|
30
|
-
parameters: {
|
|
31
|
-
InstanceArn: props.instanceArn,
|
|
32
|
-
TargetId: props.targetId,
|
|
33
|
-
TargetType: props.targetType,
|
|
34
|
-
PermissionSetArn: props.permissionSetArn,
|
|
35
|
-
PrincipalType: props.principalType,
|
|
36
|
-
PrincipalId: props.principalId
|
|
37
|
-
},
|
|
38
|
-
physicalResourceId: customResources.PhysicalResourceId.of(physicalId)
|
|
39
|
-
},
|
|
40
26
|
onDelete: {
|
|
41
27
|
service: "sso-admin",
|
|
42
28
|
action: "DeleteAccountAssignment", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sso-admin/command/DeleteAccountAssignmentCommand
|
|
@@ -49,22 +35,23 @@ class Assignment extends constructs_1.Construct {
|
|
|
49
35
|
PrincipalId: props.principalId
|
|
50
36
|
}
|
|
51
37
|
},
|
|
52
|
-
policy: customResources.AwsCustomResourcePolicy.
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
38
|
+
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
39
|
+
resources: ["*"]
|
|
40
|
+
}),
|
|
41
|
+
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
42
|
+
// role: props.role,
|
|
43
|
+
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
44
|
+
// new PolicyStatement({
|
|
45
|
+
// actions: [
|
|
46
|
+
// "sso:CreateAccountAssignment",
|
|
47
|
+
// "sso:DeleteAccountAssignment"
|
|
48
|
+
// ],
|
|
49
|
+
// resources: ["*"]
|
|
50
|
+
// })
|
|
51
|
+
// ]),
|
|
52
|
+
resourceType: "Custom::SSOAccountAssignment"
|
|
63
53
|
});
|
|
64
|
-
if (props.dependency) {
|
|
65
|
-
assignment.node.addDependency(props.dependency);
|
|
66
|
-
}
|
|
67
54
|
}
|
|
68
55
|
}
|
|
69
56
|
exports.Assignment = Assignment;
|
|
70
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
57
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXNzaWdubWVudC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9hc3NpZ25tZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUNBLDJDQUF1QztBQUN2QyxnRUFBZ0U7QUFDaEUseUVBQXNFO0FBR3RFLE1BQWEsVUFBVyxTQUFRLHNCQUFTO0lBQ3ZDLFlBQ0UsS0FBZ0IsRUFDaEIsRUFBVSxFQUNWLEtBUUM7UUFFRCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLE1BQU0sVUFBVSxHQUFHLGFBQWEsS0FBSyxDQUFDLGdCQUFnQixLQUFLLEtBQUssQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUUvRSxNQUFNLFVBQVUsR0FBRyxJQUFJLHFDQUFpQixDQUFDLElBQUksRUFBRSxZQUFZLEVBQUU7WUFDM0QsWUFBWSxFQUFFLFVBQVU7WUFDeEIsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxXQUFXO2dCQUNwQixNQUFNLEVBQUUseUJBQXlCLEVBQUUsaUhBQWlIO2dCQUNwSixVQUFVLEVBQUU7b0JBQ1YsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO29CQUM5QixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7b0JBQ3hCLFVBQVUsRUFBRSxLQUFLLENBQUMsVUFBVTtvQkFDNUIsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtvQkFDeEMsYUFBYSxFQUFFLEtBQUssQ0FBQyxhQUFhO29CQUNsQyxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7aUJBQy9CO2dCQUNELGtCQUFrQixFQUFFLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDO2FBQ3RFO1lBQ0QsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxXQUFXO2dCQUNwQixNQUFNLEVBQUUseUJBQXlCLEVBQUUsaUhBQWlIO2dCQUNwSixVQUFVLEVBQUU7b0JBQ1YsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO29CQUM5QixRQUFRLEVBQUUsS0FBSyxDQUFDLFFBQVE7b0JBQ3hCLFVBQVUsRUFBRSxLQUFLLENBQUMsVUFBVTtvQkFDNUIsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtvQkFDeEMsYUFBYSxFQUFFLEtBQUssQ0FBQyxhQUFhO29CQUNsQyxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7aUJBQy9CO2FBQ0Y7WUFDRCxNQUFNLEVBQUUsZUFBZSxDQUFDLHVCQUF1QixDQUFDLFlBQVksQ0FBQztnQkFDM0QsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO2FBQ2pCLENBQUM7WUFDRiwyRkFBMkY7WUFDM0Ysb0JBQW9CO1lBQ3BCLG1FQUFtRTtZQUNuRSwwQkFBMEI7WUFDMUIsaUJBQWlCO1lBQ2pCLHVDQUF1QztZQUN2QyxzQ0FBc0M7WUFDdEMsU0FBUztZQUNULHVCQUF1QjtZQUN2QixPQUFPO1lBQ1AsTUFBTTtZQUNOLFlBQVksRUFBRSw4QkFBOEI7U0FDN0MsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBOURELGdDQThEQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IFBvbGljeVN0YXRlbWVudCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0ICogYXMgY3VzdG9tUmVzb3VyY2VzIGZyb20gXCJhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzXCI7XG5pbXBvcnQgeyBBd3NDdXN0b21SZXNvdXJjZSB9IGZyb20gXCIuLi8uLi91dGlsaXRpZXMvYXdzQ3VzdG9tUmVzb3VyY2VcIjtcbmltcG9ydCB7IFJvbGUgfSBmcm9tIFwiLi5cIjtcblxuZXhwb3J0IGNsYXNzIEFzc2lnbm1lbnQgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBjb25zdHJ1Y3RvcihcbiAgICBzY29wZTogQ29uc3RydWN0LFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJvcHM6IHtcbiAgICAgIGluc3RhbmNlQXJuOiBzdHJpbmc7XG4gICAgICBwZXJtaXNzaW9uU2V0QXJuOiBzdHJpbmc7XG4gICAgICBwcmluY2lwYWxUeXBlOiBzdHJpbmc7XG4gICAgICBwcmluY2lwYWxJZDogc3RyaW5nO1xuICAgICAgdGFyZ2V0VHlwZTogc3RyaW5nO1xuICAgICAgdGFyZ2V0SWQ6IHN0cmluZztcbiAgICAgIHJvbGU6IFJvbGU7XG4gICAgfVxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgcGh5c2ljYWxJZCA9IGBhc3NpZ25tZW50JHtwcm9wcy5wZXJtaXNzaW9uU2V0QXJufXRvJHtwcm9wcy5wcmluY2lwYWxJZH1gO1xuXG4gICAgY29uc3QgYXNzaWdubWVudCA9IG5ldyBBd3NDdXN0b21SZXNvdXJjZSh0aGlzLCBgYXNzaWdubWVudGAsIHtcbiAgICAgIGZ1bmN0aW9uTmFtZTogcGh5c2ljYWxJZCxcbiAgICAgIG9uQ3JlYXRlOiB7XG4gICAgICAgIHNlcnZpY2U6IFwic3NvLWFkbWluXCIsXG4gICAgICAgIGFjdGlvbjogXCJDcmVhdGVBY2NvdW50QXNzaWdubWVudFwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy92My9sYXRlc3QvY2xpZW50L3Nzby1hZG1pbi9jb21tYW5kL0NyZWF0ZUFjY291bnRBc3NpZ25tZW50Q29tbWFuZFxuICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgSW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgICAgIFRhcmdldElkOiBwcm9wcy50YXJnZXRJZCxcbiAgICAgICAgICBUYXJnZXRUeXBlOiBwcm9wcy50YXJnZXRUeXBlLFxuICAgICAgICAgIFBlcm1pc3Npb25TZXRBcm46IHByb3BzLnBlcm1pc3Npb25TZXRBcm4sXG4gICAgICAgICAgUHJpbmNpcGFsVHlwZTogcHJvcHMucHJpbmNpcGFsVHlwZSxcbiAgICAgICAgICBQcmluY2lwYWxJZDogcHJvcHMucHJpbmNpcGFsSWRcbiAgICAgICAgfSxcbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBjdXN0b21SZXNvdXJjZXMuUGh5c2ljYWxSZXNvdXJjZUlkLm9mKHBoeXNpY2FsSWQpXG4gICAgICB9LFxuICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgc2VydmljZTogXCJzc28tYWRtaW5cIixcbiAgICAgICAgYWN0aW9uOiBcIkRlbGV0ZUFjY291bnRBc3NpZ25tZW50XCIsIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NKYXZhU2NyaXB0U0RLL3YzL2xhdGVzdC9jbGllbnQvc3NvLWFkbWluL2NvbW1hbmQvRGVsZXRlQWNjb3VudEFzc2lnbm1lbnRDb21tYW5kXG4gICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICBJbnN0YW5jZUFybjogcHJvcHMuaW5zdGFuY2VBcm4sXG4gICAgICAgICAgVGFyZ2V0SWQ6IHByb3BzLnRhcmdldElkLFxuICAgICAgICAgIFRhcmdldFR5cGU6IHByb3BzLnRhcmdldFR5cGUsXG4gICAgICAgICAgUGVybWlzc2lvblNldEFybjogcHJvcHMucGVybWlzc2lvblNldEFybixcbiAgICAgICAgICBQcmluY2lwYWxUeXBlOiBwcm9wcy5wcmluY2lwYWxUeXBlLFxuICAgICAgICAgIFByaW5jaXBhbElkOiBwcm9wcy5wcmluY2lwYWxJZFxuICAgICAgICB9XG4gICAgICB9LFxuICAgICAgcG9saWN5OiBjdXN0b21SZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVNka0NhbGxzKHtcbiAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICB9KSxcbiAgICAgIC8vIFRPRE86IExvY2sgZG93biBwZXJtaXNzaW9ucywgd2hlbiB3ZSdyZSByZWFkeSB0byB0cm91Ymxlc2hvb3QgaW50ZXJtaXR0ZW50IHBvbGljeSBlcnJvcnNcbiAgICAgIC8vIHJvbGU6IHByb3BzLnJvbGUsXG4gICAgICAvLyBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU3RhdGVtZW50cyhbXG4gICAgICAvLyAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgLy8gICAgIGFjdGlvbnM6IFtcbiAgICAgIC8vICAgICAgIFwic3NvOkNyZWF0ZUFjY291bnRBc3NpZ25tZW50XCIsXG4gICAgICAvLyAgICAgICBcInNzbzpEZWxldGVBY2NvdW50QXNzaWdubWVudFwiXG4gICAgICAvLyAgICAgXSxcbiAgICAgIC8vICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgIC8vICAgfSlcbiAgICAgIC8vIF0pLFxuICAgICAgcmVzb3VyY2VUeXBlOiBcIkN1c3RvbTo6U1NPQWNjb3VudEFzc2lnbm1lbnRcIlxuICAgIH0pO1xuICB9XG59XG4iXX0=
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Construct } from "constructs";
|
|
2
|
+
export declare class AssignmentNew extends Construct {
|
|
3
|
+
constructor(scope: Construct, id: string, props: {
|
|
4
|
+
instanceArn: string;
|
|
5
|
+
permissionSetArn: string;
|
|
6
|
+
principalType: string;
|
|
7
|
+
principalId: string;
|
|
8
|
+
targetType: string;
|
|
9
|
+
targetId: string;
|
|
10
|
+
});
|
|
11
|
+
}
|