@fjall/components-infrastructure 0.87.20 → 0.88.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/app.d.ts +14 -18
- package/dist/lib/app.js +58 -41
- package/dist/lib/config/aws/accountId.js +1 -2
- package/dist/lib/config/aws/backupGlobalSettings.js +1 -2
- package/dist/lib/config/aws/costAllocationTags.js +3 -4
- package/dist/lib/config/aws/identityCenter.d.ts +4 -4
- package/dist/lib/config/aws/identityCenter.js +17 -63
- package/dist/lib/config/aws/identityCenterGroupMembership.js +27 -42
- package/dist/lib/config/aws/index.d.ts +0 -8
- package/dist/lib/config/aws/index.js +1 -9
- package/dist/lib/config/aws/ipamDelegateAdmin.js +1 -2
- package/dist/lib/config/aws/ipamPoolId.js +1 -2
- package/dist/lib/config/aws/organisationId.js +1 -2
- package/dist/lib/config/aws/organisationsAccess.js +1 -2
- package/dist/lib/config/aws/ramSharing.js +1 -2
- package/dist/lib/layers/layers/secrets-resolver/bin/resolve-secrets +30 -0
- package/dist/lib/layers/layers/secrets-resolver/bin/resolve-secrets.mjs +212 -0
- package/dist/lib/layers/secrets-resolver/bin/resolve-secrets +30 -0
- package/dist/lib/layers/secrets-resolver/bin/resolve-secrets.mjs +212 -0
- package/dist/lib/patterns/aws/account.d.ts +12 -0
- package/dist/lib/patterns/aws/account.js +73 -0
- package/dist/lib/patterns/aws/buildkite.js +1 -2
- package/dist/lib/patterns/aws/cdn.d.ts +5 -10
- package/dist/lib/patterns/aws/cdn.js +5 -13
- package/dist/lib/patterns/aws/compute.d.ts +20 -3
- package/dist/lib/patterns/aws/compute.js +29 -5
- package/dist/lib/patterns/aws/database.d.ts +3 -3
- package/dist/lib/patterns/aws/database.js +18 -15
- package/dist/lib/patterns/aws/index.d.ts +4 -3
- package/dist/lib/patterns/aws/index.js +6 -4
- package/dist/lib/patterns/aws/interfaces/index.d.ts +2 -1
- package/dist/lib/patterns/aws/interfaces/index.js +8 -5
- package/dist/lib/patterns/aws/interfaces/organisation.d.ts +22 -0
- package/dist/lib/patterns/aws/interfaces/organisation.js +28 -0
- package/dist/lib/patterns/aws/interfaces/pattern.d.ts +5 -5
- package/dist/lib/patterns/aws/interfaces/pattern.js +1 -1
- package/dist/lib/patterns/aws/interfaces/storage.d.ts +10 -120
- package/dist/lib/patterns/aws/interfaces/storage.js +6 -43
- package/dist/lib/patterns/aws/organisation.d.ts +38 -0
- package/dist/lib/patterns/aws/organisation.js +92 -0
- package/dist/lib/patterns/aws/organisationFactory.d.ts +20 -0
- package/dist/lib/patterns/aws/organisationFactory.js +24 -0
- package/dist/lib/patterns/aws/pattern.d.ts +1 -1
- package/dist/lib/patterns/aws/pattern.js +1 -1
- package/dist/lib/patterns/aws/payload.d.ts +6 -5
- package/dist/lib/patterns/aws/payload.js +92 -42
- package/dist/lib/patterns/aws/platform.d.ts +11 -0
- package/dist/lib/patterns/aws/platform.js +29 -0
- package/dist/lib/patterns/aws/storage.d.ts +40 -125
- package/dist/lib/patterns/aws/storage.js +63 -191
- package/dist/lib/resources/aws/compute/ec2.d.ts +1 -1
- package/dist/lib/resources/aws/compute/ec2.js +3 -4
- package/dist/lib/resources/aws/compute/ecs.d.ts +6 -9
- package/dist/lib/resources/aws/compute/ecs.js +58 -26
- package/dist/lib/resources/aws/compute/lambda.d.ts +14 -1
- package/dist/lib/resources/aws/compute/lambda.js +45 -13
- package/dist/lib/resources/aws/database/rdsAurora.d.ts +1 -0
- package/dist/lib/resources/aws/database/rdsAurora.js +16 -16
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.d.ts +1 -0
- package/dist/lib/resources/aws/database/rdsAuroraGlobal.js +14 -10
- package/dist/lib/resources/aws/database/rdsInstance.d.ts +5 -4
- package/dist/lib/resources/aws/database/rdsInstance.js +18 -7
- package/dist/lib/resources/aws/iam/identityCenter/assignment.d.ts +0 -2
- package/dist/lib/resources/aws/iam/identityCenter/assignment.js +9 -46
- package/dist/lib/resources/aws/iam/identityCenter/attachManagedPolicy.js +1 -2
- package/dist/lib/resources/aws/iam/identityCenter/group.d.ts +1 -3
- package/dist/lib/resources/aws/iam/identityCenter/group.js +7 -85
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.d.ts +1 -3
- package/dist/lib/resources/aws/iam/identityCenter/permissionSet.js +9 -96
- package/dist/lib/resources/aws/index.d.ts +1 -0
- package/dist/lib/resources/aws/index.js +2 -1
- package/dist/lib/resources/aws/logging/cloudTrail.js +7 -4
- package/dist/lib/resources/aws/networking/ipamPool.js +76 -5
- package/dist/lib/resources/aws/organisation/index.d.ts +4 -0
- package/dist/lib/resources/aws/organisation/index.js +10 -0
- package/dist/lib/resources/aws/organisation/organisation.d.ts +12 -0
- package/dist/lib/resources/aws/organisation/organisation.js +14 -0
- package/dist/lib/resources/aws/organisation/organisationAccount.d.ts +18 -0
- package/dist/lib/resources/aws/organisation/organisationAccount.js +31 -0
- package/dist/lib/resources/aws/organisation/organisationPolicy.d.ts +13 -0
- package/dist/lib/resources/aws/organisation/organisationPolicy.js +32 -0
- package/dist/lib/resources/aws/organisation/organisationalUnit.d.ts +10 -0
- package/dist/lib/resources/aws/organisation/organisationalUnit.js +9 -0
- package/dist/lib/resources/aws/secrets/kms.js +10 -7
- package/dist/lib/resources/aws/secrets/parameter.js +5 -4
- package/dist/lib/resources/aws/storage/ecr.d.ts +3 -1
- package/dist/lib/resources/aws/storage/ecr.js +3 -3
- package/dist/lib/resources/aws/storage/s3.d.ts +6 -39
- package/dist/lib/resources/aws/storage/s3.js +31 -34
- package/dist/lib/utils/capitaliseString.d.ts +12 -0
- package/dist/lib/utils/capitaliseString.js +30 -0
- package/dist/lib/utils/capitalizeString.d.ts +11 -0
- package/dist/lib/utils/capitalizeString.js +24 -1
- package/dist/lib/utils/getConfig.d.ts +5 -1
- package/dist/lib/utils/getConfig.js +9 -1
- package/dist/lib/utils/index.d.ts +1 -0
- package/dist/lib/utils/index.js +2 -1
- package/dist/lib/utils/resourceNaming.d.ts +22 -19
- package/dist/lib/utils/resourceNaming.js +39 -35
- package/package.json +5 -6
|
@@ -2,108 +2,21 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.PermissionSet = void 0;
|
|
4
4
|
const constructs_1 = require("constructs");
|
|
5
|
-
const
|
|
6
|
-
const awsCustomResource_1 = require("../../utilities/awsCustomResource");
|
|
7
|
-
function transformTags(tags) {
|
|
8
|
-
return tags?.map(({ key, value }) => ({ Key: key, Value: value }));
|
|
9
|
-
}
|
|
5
|
+
const aws_sso_1 = require("aws-cdk-lib/aws-sso");
|
|
10
6
|
class PermissionSet extends constructs_1.Construct {
|
|
11
7
|
constructor(scope, id, props) {
|
|
12
8
|
super(scope, id);
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
parameters: {
|
|
20
|
-
Name: props.name,
|
|
21
|
-
InstanceArn: props.instanceArn,
|
|
22
|
-
Description: props.description,
|
|
23
|
-
Tags: transformTags(props.tags)
|
|
24
|
-
},
|
|
25
|
-
physicalResourceId: customResources.PhysicalResourceId.of(permissionSetPhysicalId)
|
|
26
|
-
},
|
|
27
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
28
|
-
resources: ["*"]
|
|
29
|
-
}),
|
|
30
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
31
|
-
// role: props.role,
|
|
32
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
33
|
-
// new PolicyStatement({
|
|
34
|
-
// actions: [
|
|
35
|
-
// "sso:CreatePermissionSet",
|
|
36
|
-
// "sso:ProvisionPermissionSet",
|
|
37
|
-
// "sso:TagResource"
|
|
38
|
-
// ],
|
|
39
|
-
// resources: ["*"]
|
|
40
|
-
// })
|
|
41
|
-
// ]),
|
|
42
|
-
resourceType: "Custom::PermissionSet"
|
|
43
|
-
});
|
|
44
|
-
this.permissionSetArn = createPermissionSet.getResponseField("PermissionSet.PermissionSetArn");
|
|
45
|
-
const updatePermissionSet = new awsCustomResource_1.AwsCustomResource(this, "updatePermissionSet", {
|
|
46
|
-
functionName: `updatePermissionSet${props.name}`,
|
|
47
|
-
onUpdate: {
|
|
48
|
-
service: "sso-admin",
|
|
49
|
-
action: "UpdatePermissionSet", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sso-admin/command/UpdatePermissionSetCommand
|
|
50
|
-
parameters: {
|
|
51
|
-
InstanceArn: props.instanceArn,
|
|
52
|
-
PermissionSetArn: this.permissionSetArn,
|
|
53
|
-
Description: props.description
|
|
54
|
-
},
|
|
55
|
-
physicalResourceId: customResources.PhysicalResourceId.of(permissionSetPhysicalId)
|
|
56
|
-
},
|
|
57
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
58
|
-
resources: ["*"]
|
|
59
|
-
}),
|
|
60
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
61
|
-
// role: props.role,
|
|
62
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
63
|
-
// new PolicyStatement({
|
|
64
|
-
// actions: [
|
|
65
|
-
// "sso:UpdatePermissionSet",
|
|
66
|
-
// "sso:ProvisionPermissionSet",
|
|
67
|
-
// "sso:TagResource"
|
|
68
|
-
// ],
|
|
69
|
-
// resources: ["*"]
|
|
70
|
-
// })
|
|
71
|
-
// ]),
|
|
72
|
-
resourceType: "Custom::PermissionSet"
|
|
73
|
-
});
|
|
74
|
-
updatePermissionSet.node.addDependency(createPermissionSet);
|
|
75
|
-
const deletePermissionSet = new awsCustomResource_1.AwsCustomResource(this, "deletePermissionSet", {
|
|
76
|
-
functionName: `deletePermissionSet${props.name}`,
|
|
77
|
-
onDelete: {
|
|
78
|
-
service: "sso-admin",
|
|
79
|
-
action: "DeletePermissionSet", // https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sso-admin/command/DeletePermissionSetCommand
|
|
80
|
-
parameters: {
|
|
81
|
-
InstanceArn: props.instanceArn,
|
|
82
|
-
PermissionSetArn: this.permissionSetArn
|
|
83
|
-
}
|
|
84
|
-
},
|
|
85
|
-
policy: customResources.AwsCustomResourcePolicy.fromSdkCalls({
|
|
86
|
-
resources: ["*"]
|
|
87
|
-
}),
|
|
88
|
-
// TODO: Lock down permissions, when we're ready to troubleshoot intermittent policy errors
|
|
89
|
-
// role: props.role,
|
|
90
|
-
// policy: customResources.AwsCustomResourcePolicy.fromStatements([
|
|
91
|
-
// new PolicyStatement({
|
|
92
|
-
// actions: [
|
|
93
|
-
// "sso:UpdatePermissionSet",
|
|
94
|
-
// "sso:DeletePermissionSet",
|
|
95
|
-
// "sso:TagResource"
|
|
96
|
-
// ],
|
|
97
|
-
// resources: ["*"]
|
|
98
|
-
// })
|
|
99
|
-
// ]),
|
|
100
|
-
resourceType: "Custom::PermissionSet"
|
|
9
|
+
this.cfnPermissionSet = new aws_sso_1.CfnPermissionSet(this, "PermissionSet", {
|
|
10
|
+
name: props.name,
|
|
11
|
+
instanceArn: props.instanceArn,
|
|
12
|
+
description: props.description,
|
|
13
|
+
managedPolicies: props.managedPolicies,
|
|
14
|
+
tags: props.tags?.map((t) => ({ key: t.key, value: t.value }))
|
|
101
15
|
});
|
|
102
|
-
deletePermissionSet.node.addDependency(createPermissionSet);
|
|
103
16
|
}
|
|
104
17
|
getPermissionSetArn() {
|
|
105
|
-
return this.
|
|
18
|
+
return this.cfnPermissionSet.attrPermissionSetArn;
|
|
106
19
|
}
|
|
107
20
|
}
|
|
108
21
|
exports.PermissionSet = PermissionSet;
|
|
109
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVybWlzc2lvblNldC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9wZXJtaXNzaW9uU2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF1QztBQUN2QyxnRUFBZ0U7QUFDaEUseUVBQXNFO0FBSXRFLFNBQVMsYUFBYSxDQUFDLElBQWlCO0lBQ3RDLE9BQU8sSUFBSSxFQUFFLEdBQUcsQ0FBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLEtBQUssRUFBRSxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxLQUFLLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBQ3JFLENBQUM7QUFFRCxNQUFhLGFBQWMsU0FBUSxzQkFBUztJQUcxQyxZQUNFLEtBQWdCLEVBQ2hCLEVBQVUsRUFDVixLQU9DO1FBRUQsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixNQUFNLHVCQUF1QixHQUFHLGdCQUFnQixLQUFLLENBQUMsSUFBSSxFQUFFLENBQUM7UUFFN0QsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLHFDQUFpQixDQUMvQyxJQUFJLEVBQ0oscUJBQXFCLEVBQ3JCO1lBQ0UsWUFBWSxFQUFFLHNCQUFzQixLQUFLLENBQUMsSUFBSSxFQUFFO1lBQ2hELFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsV0FBVztnQkFDcEIsTUFBTSxFQUFFLHFCQUFxQixFQUFFLDZHQUE2RztnQkFDNUksVUFBVSxFQUFFO29CQUNWLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtvQkFDaEIsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO29CQUM5QixXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7b0JBQzlCLElBQUksRUFBRSxhQUFhLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQztpQkFDaEM7Z0JBQ0Qsa0JBQWtCLEVBQUUsZUFBZSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FDdkQsdUJBQXVCLENBQ3hCO2FBQ0Y7WUFDRCxNQUFNLEVBQUUsZUFBZSxDQUFDLHVCQUF1QixDQUFDLFlBQVksQ0FBQztnQkFDM0QsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO2FBQ2pCLENBQUM7WUFDRiwyRkFBMkY7WUFDM0Ysb0JBQW9CO1lBQ3BCLG1FQUFtRTtZQUNuRSwwQkFBMEI7WUFDMUIsaUJBQWlCO1lBQ2pCLG1DQUFtQztZQUNuQyxzQ0FBc0M7WUFDdEMsMEJBQTBCO1lBQzFCLFNBQVM7WUFDVCx1QkFBdUI7WUFDdkIsT0FBTztZQUNQLE1BQU07WUFDTixZQUFZLEVBQUUsdUJBQXVCO1NBQ3RDLENBQ0YsQ0FBQztRQUVGLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxtQkFBbUIsQ0FBQyxnQkFBZ0IsQ0FDMUQsZ0NBQWdDLENBQ2pDLENBQUM7UUFFRixNQUFNLG1CQUFtQixHQUFHLElBQUkscUNBQWlCLENBQy9DLElBQUksRUFDSixxQkFBcUIsRUFDckI7WUFDRSxZQUFZLEVBQUUsc0JBQXNCLEtBQUssQ0FBQyxJQUFJLEVBQUU7WUFDaEQsUUFBUSxFQUFFO2dCQUNSLE9BQU8sRUFBRSxXQUFXO2dCQUNwQixNQUFNLEVBQUUscUJBQXFCLEVBQUUsNkdBQTZHO2dCQUM1SSxVQUFVLEVBQUU7b0JBQ1YsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO29CQUM5QixnQkFBZ0IsRUFBRSxJQUFJLENBQUMsZ0JBQWdCO29CQUN2QyxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7aUJBQy9CO2dCQUNELGtCQUFrQixFQUFFLGVBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQ3ZELHVCQUF1QixDQUN4QjthQUNGO1lBRUQsTUFBTSxFQUFFLGVBQWUsQ0FBQyx1QkFBdUIsQ0FBQyxZQUFZLENBQUM7Z0JBQzNELFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQzthQUNqQixDQUFDO1lBQ0YsMkZBQTJGO1lBQzNGLG9CQUFvQjtZQUNwQixtRUFBbUU7WUFDbkUsMEJBQTBCO1lBQzFCLGlCQUFpQjtZQUNqQixtQ0FBbUM7WUFDbkMsc0NBQXNDO1lBQ3RDLDBCQUEwQjtZQUMxQixTQUFTO1lBQ1QsdUJBQXVCO1lBQ3ZCLE9BQU87WUFDUCxNQUFNO1lBQ04sWUFBWSxFQUFFLHVCQUF1QjtTQUN0QyxDQUNGLENBQUM7UUFDRixtQkFBbUIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLG1CQUFtQixDQUFDLENBQUM7UUFFNUQsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLHFDQUFpQixDQUMvQyxJQUFJLEVBQ0oscUJBQXFCLEVBQ3JCO1lBQ0UsWUFBWSxFQUFFLHNCQUFzQixLQUFLLENBQUMsSUFBSSxFQUFFO1lBQ2hELFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsV0FBVztnQkFDcEIsTUFBTSxFQUFFLHFCQUFxQixFQUFFLDZHQUE2RztnQkFDNUksVUFBVSxFQUFFO29CQUNWLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztvQkFDOUIsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLGdCQUFnQjtpQkFDeEM7YUFDRjtZQUNELE1BQU0sRUFBRSxlQUFlLENBQUMsdUJBQXVCLENBQUMsWUFBWSxDQUFDO2dCQUMzRCxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7YUFDakIsQ0FBQztZQUNGLDJGQUEyRjtZQUMzRixvQkFBb0I7WUFDcEIsbUVBQW1FO1lBQ25FLDBCQUEwQjtZQUMxQixpQkFBaUI7WUFDakIsbUNBQW1DO1lBQ25DLG1DQUFtQztZQUNuQywwQkFBMEI7WUFDMUIsU0FBUztZQUNULHVCQUF1QjtZQUN2QixPQUFPO1lBQ1AsTUFBTTtZQUNOLFlBQVksRUFBRSx1QkFBdUI7U0FDdEMsQ0FDRixDQUFDO1FBQ0YsbUJBQW1CLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxtQkFBbUIsQ0FBQyxDQUFDO0lBQzlELENBQUM7SUFDTSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUM7SUFDL0IsQ0FBQztDQUNGO0FBdElELHNDQXNJQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgKiBhcyBjdXN0b21SZXNvdXJjZXMgZnJvbSBcImF3cy1jZGstbGliL2N1c3RvbS1yZXNvdXJjZXNcIjtcbmltcG9ydCB7IEF3c0N1c3RvbVJlc291cmNlIH0gZnJvbSBcIi4uLy4uL3V0aWxpdGllcy9hd3NDdXN0b21SZXNvdXJjZVwiO1xuaW1wb3J0IHsgdHlwZSBLZXlWYWx1ZSB9IGZyb20gXCIuLi8uLi8uLi8uLi90eXBlc1wiO1xuaW1wb3J0IHsgdHlwZSBSb2xlIH0gZnJvbSBcIi4uXCI7XG5cbmZ1bmN0aW9uIHRyYW5zZm9ybVRhZ3ModGFncz86IEtleVZhbHVlW10pIHtcbiAgcmV0dXJuIHRhZ3M/Lm1hcCgoeyBrZXksIHZhbHVlIH0pID0+ICh7IEtleToga2V5LCBWYWx1ZTogdmFsdWUgfSkpO1xufVxuXG5leHBvcnQgY2xhc3MgUGVybWlzc2lvblNldCBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHByaXZhdGUgcGVybWlzc2lvblNldEFybjogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKFxuICAgIHNjb3BlOiBDb25zdHJ1Y3QsXG4gICAgaWQ6IHN0cmluZyxcbiAgICBwcm9wczoge1xuICAgICAgbmFtZTogc3RyaW5nO1xuICAgICAgaW5zdGFuY2VBcm46IHN0cmluZztcbiAgICAgIGRlc2NyaXB0aW9uPzogc3RyaW5nO1xuICAgICAgcm9sZTogUm9sZTtcbiAgICAgIG1hbmFnZWRQb2xpY2llcz86IHN0cmluZ1tdO1xuICAgICAgdGFncz86IEtleVZhbHVlW107XG4gICAgfVxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgcGVybWlzc2lvblNldFBoeXNpY2FsSWQgPSBgcGVybWlzc2lvblNldCR7cHJvcHMubmFtZX1gO1xuXG4gICAgY29uc3QgY3JlYXRlUGVybWlzc2lvblNldCA9IG5ldyBBd3NDdXN0b21SZXNvdXJjZShcbiAgICAgIHRoaXMsXG4gICAgICBcImNyZWF0ZVBlcm1pc3Npb25TZXRcIixcbiAgICAgIHtcbiAgICAgICAgZnVuY3Rpb25OYW1lOiBgY3JlYXRlUGVybWlzc2lvblNldCR7cHJvcHMubmFtZX1gLFxuICAgICAgICBvbkNyZWF0ZToge1xuICAgICAgICAgIHNlcnZpY2U6IFwic3NvLWFkbWluXCIsXG4gICAgICAgICAgYWN0aW9uOiBcIkNyZWF0ZVBlcm1pc3Npb25TZXRcIiwgLy8gaHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL0FXU0phdmFTY3JpcHRTREsvdjMvbGF0ZXN0L2NsaWVudC9zc28tYWRtaW4vY29tbWFuZC9DcmVhdGVQZXJtaXNzaW9uU2V0Q29tbWFuZFxuICAgICAgICAgIHBhcmFtZXRlcnM6IHtcbiAgICAgICAgICAgIE5hbWU6IHByb3BzLm5hbWUsXG4gICAgICAgICAgICBJbnN0YW5jZUFybjogcHJvcHMuaW5zdGFuY2VBcm4sXG4gICAgICAgICAgICBEZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24sXG4gICAgICAgICAgICBUYWdzOiB0cmFuc2Zvcm1UYWdzKHByb3BzLnRhZ3MpXG4gICAgICAgICAgfSxcbiAgICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXG4gICAgICAgICAgICBwZXJtaXNzaW9uU2V0UGh5c2ljYWxJZFxuICAgICAgICAgIClcbiAgICAgICAgfSxcbiAgICAgICAgcG9saWN5OiBjdXN0b21SZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVNka0NhbGxzKHtcbiAgICAgICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgICAgfSksXG4gICAgICAgIC8vIFRPRE86IExvY2sgZG93biBwZXJtaXNzaW9ucywgd2hlbiB3ZSdyZSByZWFkeSB0byB0cm91Ymxlc2hvb3QgaW50ZXJtaXR0ZW50IHBvbGljeSBlcnJvcnNcbiAgICAgICAgLy8gcm9sZTogcHJvcHMucm9sZSxcbiAgICAgICAgLy8gcG9saWN5OiBjdXN0b21SZXNvdXJjZXMuQXdzQ3VzdG9tUmVzb3VyY2VQb2xpY3kuZnJvbVN0YXRlbWVudHMoW1xuICAgICAgICAvLyAgIG5ldyBQb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICAvLyAgICAgYWN0aW9uczogW1xuICAgICAgICAvLyAgICAgICBcInNzbzpDcmVhdGVQZXJtaXNzaW9uU2V0XCIsXG4gICAgICAgIC8vICAgICAgIFwic3NvOlByb3Zpc2lvblBlcm1pc3Npb25TZXRcIixcbiAgICAgICAgLy8gICAgICAgXCJzc286VGFnUmVzb3VyY2VcIlxuICAgICAgICAvLyAgICAgXSxcbiAgICAgICAgLy8gICAgIHJlc291cmNlczogW1wiKlwiXVxuICAgICAgICAvLyAgIH0pXG4gICAgICAgIC8vIF0pLFxuICAgICAgICByZXNvdXJjZVR5cGU6IFwiQ3VzdG9tOjpQZXJtaXNzaW9uU2V0XCJcbiAgICAgIH1cbiAgICApO1xuXG4gICAgdGhpcy5wZXJtaXNzaW9uU2V0QXJuID0gY3JlYXRlUGVybWlzc2lvblNldC5nZXRSZXNwb25zZUZpZWxkKFxuICAgICAgXCJQZXJtaXNzaW9uU2V0LlBlcm1pc3Npb25TZXRBcm5cIlxuICAgICk7XG5cbiAgICBjb25zdCB1cGRhdGVQZXJtaXNzaW9uU2V0ID0gbmV3IEF3c0N1c3RvbVJlc291cmNlKFxuICAgICAgdGhpcyxcbiAgICAgIFwidXBkYXRlUGVybWlzc2lvblNldFwiLFxuICAgICAge1xuICAgICAgICBmdW5jdGlvbk5hbWU6IGB1cGRhdGVQZXJtaXNzaW9uU2V0JHtwcm9wcy5uYW1lfWAsXG4gICAgICAgIG9uVXBkYXRlOiB7XG4gICAgICAgICAgc2VydmljZTogXCJzc28tYWRtaW5cIixcbiAgICAgICAgICBhY3Rpb246IFwiVXBkYXRlUGVybWlzc2lvblNldFwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy92My9sYXRlc3QvY2xpZW50L3Nzby1hZG1pbi9jb21tYW5kL1VwZGF0ZVBlcm1pc3Npb25TZXRDb21tYW5kXG4gICAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgICAgSW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgICAgICAgUGVybWlzc2lvblNldEFybjogdGhpcy5wZXJtaXNzaW9uU2V0QXJuLFxuICAgICAgICAgICAgRGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uXG4gICAgICAgICAgfSxcbiAgICAgICAgICBwaHlzaWNhbFJlc291cmNlSWQ6IGN1c3RvbVJlc291cmNlcy5QaHlzaWNhbFJlc291cmNlSWQub2YoXG4gICAgICAgICAgICBwZXJtaXNzaW9uU2V0UGh5c2ljYWxJZFxuICAgICAgICAgIClcbiAgICAgICAgfSxcblxuICAgICAgICBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU2RrQ2FsbHMoe1xuICAgICAgICAgIHJlc291cmNlczogW1wiKlwiXVxuICAgICAgICB9KSxcbiAgICAgICAgLy8gVE9ETzogTG9jayBkb3duIHBlcm1pc3Npb25zLCB3aGVuIHdlJ3JlIHJlYWR5IHRvIHRyb3VibGVzaG9vdCBpbnRlcm1pdHRlbnQgcG9saWN5IGVycm9yc1xuICAgICAgICAvLyByb2xlOiBwcm9wcy5yb2xlLFxuICAgICAgICAvLyBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU3RhdGVtZW50cyhbXG4gICAgICAgIC8vICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIC8vICAgICBhY3Rpb25zOiBbXG4gICAgICAgIC8vICAgICAgIFwic3NvOlVwZGF0ZVBlcm1pc3Npb25TZXRcIixcbiAgICAgICAgLy8gICAgICAgXCJzc286UHJvdmlzaW9uUGVybWlzc2lvblNldFwiLFxuICAgICAgICAvLyAgICAgICBcInNzbzpUYWdSZXNvdXJjZVwiXG4gICAgICAgIC8vICAgICBdLFxuICAgICAgICAvLyAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgIC8vICAgfSlcbiAgICAgICAgLy8gXSksXG4gICAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206OlBlcm1pc3Npb25TZXRcIlxuICAgICAgfVxuICAgICk7XG4gICAgdXBkYXRlUGVybWlzc2lvblNldC5ub2RlLmFkZERlcGVuZGVuY3koY3JlYXRlUGVybWlzc2lvblNldCk7XG5cbiAgICBjb25zdCBkZWxldGVQZXJtaXNzaW9uU2V0ID0gbmV3IEF3c0N1c3RvbVJlc291cmNlKFxuICAgICAgdGhpcyxcbiAgICAgIFwiZGVsZXRlUGVybWlzc2lvblNldFwiLFxuICAgICAge1xuICAgICAgICBmdW5jdGlvbk5hbWU6IGBkZWxldGVQZXJtaXNzaW9uU2V0JHtwcm9wcy5uYW1lfWAsXG4gICAgICAgIG9uRGVsZXRlOiB7XG4gICAgICAgICAgc2VydmljZTogXCJzc28tYWRtaW5cIixcbiAgICAgICAgICBhY3Rpb246IFwiRGVsZXRlUGVybWlzc2lvblNldFwiLCAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vQVdTSmF2YVNjcmlwdFNESy92My9sYXRlc3QvY2xpZW50L3Nzby1hZG1pbi9jb21tYW5kL0RlbGV0ZVBlcm1pc3Npb25TZXRDb21tYW5kXG4gICAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgICAgSW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgICAgICAgUGVybWlzc2lvblNldEFybjogdGhpcy5wZXJtaXNzaW9uU2V0QXJuXG4gICAgICAgICAgfVxuICAgICAgICB9LFxuICAgICAgICBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU2RrQ2FsbHMoe1xuICAgICAgICAgIHJlc291cmNlczogW1wiKlwiXVxuICAgICAgICB9KSxcbiAgICAgICAgLy8gVE9ETzogTG9jayBkb3duIHBlcm1pc3Npb25zLCB3aGVuIHdlJ3JlIHJlYWR5IHRvIHRyb3VibGVzaG9vdCBpbnRlcm1pdHRlbnQgcG9saWN5IGVycm9yc1xuICAgICAgICAvLyByb2xlOiBwcm9wcy5yb2xlLFxuICAgICAgICAvLyBwb2xpY3k6IGN1c3RvbVJlc291cmNlcy5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU3RhdGVtZW50cyhbXG4gICAgICAgIC8vICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIC8vICAgICBhY3Rpb25zOiBbXG4gICAgICAgIC8vICAgICAgIFwic3NvOlVwZGF0ZVBlcm1pc3Npb25TZXRcIixcbiAgICAgICAgLy8gICAgICAgXCJzc286RGVsZXRlUGVybWlzc2lvblNldFwiLFxuICAgICAgICAvLyAgICAgICBcInNzbzpUYWdSZXNvdXJjZVwiXG4gICAgICAgIC8vICAgICBdLFxuICAgICAgICAvLyAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgIC8vICAgfSlcbiAgICAgICAgLy8gXSksXG4gICAgICAgIHJlc291cmNlVHlwZTogXCJDdXN0b206OlBlcm1pc3Npb25TZXRcIlxuICAgICAgfVxuICAgICk7XG4gICAgZGVsZXRlUGVybWlzc2lvblNldC5ub2RlLmFkZERlcGVuZGVuY3koY3JlYXRlUGVybWlzc2lvblNldCk7XG4gIH1cbiAgcHVibGljIGdldFBlcm1pc3Npb25TZXRBcm4oKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy5wZXJtaXNzaW9uU2V0QXJuO1xuICB9XG59XG4iXX0=
|
|
22
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVybWlzc2lvblNldC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2lhbS9pZGVudGl0eUNlbnRlci9wZXJtaXNzaW9uU2V0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDJDQUF1QztBQUN2QyxpREFBdUQ7QUFHdkQsTUFBYSxhQUFjLFNBQVEsc0JBQVM7SUFHMUMsWUFDRSxLQUFnQixFQUNoQixFQUFVLEVBQ1YsS0FNQztRQUVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLGdCQUFnQixHQUFHLElBQUksMEJBQWdCLENBQUMsSUFBSSxFQUFFLGVBQWUsRUFBRTtZQUNsRSxJQUFJLEVBQUUsS0FBSyxDQUFDLElBQUk7WUFDaEIsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO1lBQzlCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixlQUFlLEVBQUUsS0FBSyxDQUFDLGVBQWU7WUFDdEMsSUFBSSxFQUFFLEtBQUssQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLEVBQUUsR0FBRyxFQUFFLENBQUMsQ0FBQyxHQUFHLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDO1NBQy9ELENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTSxtQkFBbUI7UUFDeEIsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsb0JBQW9CLENBQUM7SUFDcEQsQ0FBQztDQUNGO0FBNUJELHNDQTRCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQgeyBDZm5QZXJtaXNzaW9uU2V0IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zc29cIjtcbmltcG9ydCB7IHR5cGUgS2V5VmFsdWUgfSBmcm9tIFwiLi4vLi4vLi4vLi4vdHlwZXNcIjtcblxuZXhwb3J0IGNsYXNzIFBlcm1pc3Npb25TZXQgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwcml2YXRlIGNmblBlcm1pc3Npb25TZXQ6IENmblBlcm1pc3Npb25TZXQ7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IENvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiB7XG4gICAgICBuYW1lOiBzdHJpbmc7XG4gICAgICBpbnN0YW5jZUFybjogc3RyaW5nO1xuICAgICAgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG4gICAgICBtYW5hZ2VkUG9saWNpZXM/OiBzdHJpbmdbXTtcbiAgICAgIHRhZ3M/OiBLZXlWYWx1ZVtdO1xuICAgIH1cbiAgKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMuY2ZuUGVybWlzc2lvblNldCA9IG5ldyBDZm5QZXJtaXNzaW9uU2V0KHRoaXMsIFwiUGVybWlzc2lvblNldFwiLCB7XG4gICAgICBuYW1lOiBwcm9wcy5uYW1lLFxuICAgICAgaW5zdGFuY2VBcm46IHByb3BzLmluc3RhbmNlQXJuLFxuICAgICAgZGVzY3JpcHRpb246IHByb3BzLmRlc2NyaXB0aW9uLFxuICAgICAgbWFuYWdlZFBvbGljaWVzOiBwcm9wcy5tYW5hZ2VkUG9saWNpZXMsXG4gICAgICB0YWdzOiBwcm9wcy50YWdzPy5tYXAoKHQpID0+ICh7IGtleTogdC5rZXksIHZhbHVlOiB0LnZhbHVlIH0pKVxuICAgIH0pO1xuICB9XG5cbiAgcHVibGljIGdldFBlcm1pc3Npb25TZXRBcm4oKTogc3RyaW5nIHtcbiAgICByZXR1cm4gdGhpcy5jZm5QZXJtaXNzaW9uU2V0LmF0dHJQZXJtaXNzaW9uU2V0QXJuO1xuICB9XG59XG4iXX0=
|
|
@@ -21,4 +21,5 @@ __exportStar(require("./backup"), exports);
|
|
|
21
21
|
__exportStar(require("./monitoring"), exports);
|
|
22
22
|
__exportStar(require("./cdn"), exports);
|
|
23
23
|
__exportStar(require("./messaging"), exports);
|
|
24
|
-
|
|
24
|
+
__exportStar(require("./organisation"), exports);
|
|
25
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7Ozs7Ozs7O0FBQUEsK0NBQTZCO0FBQzdCLDRDQUEwQjtBQUMxQix5Q0FBdUI7QUFDdkIsMkNBQXlCO0FBQ3pCLCtDQUE2QjtBQUM3Qix3Q0FBc0I7QUFDdEIsOENBQTRCO0FBQzVCLGlEQUErQiIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gXCIuL25ldHdvcmtpbmdcIjtcbmV4cG9ydCAqIGZyb20gXCIuL3N0b3JhZ2VcIjtcbmV4cG9ydCAqIGZyb20gXCIuL2Jhc2VcIjtcbmV4cG9ydCAqIGZyb20gXCIuL2JhY2t1cFwiO1xuZXhwb3J0ICogZnJvbSBcIi4vbW9uaXRvcmluZ1wiO1xuZXhwb3J0ICogZnJvbSBcIi4vY2RuXCI7XG5leHBvcnQgKiBmcm9tIFwiLi9tZXNzYWdpbmdcIjtcbmV4cG9ydCAqIGZyb20gXCIuL29yZ2FuaXNhdGlvblwiO1xuIl19
|
|
@@ -14,14 +14,17 @@ class Trail extends constructs_1.Construct {
|
|
|
14
14
|
const encryptionKey = new secrets_1.CustomerManagedKey(this, `${id}CloudTrailEncryptionKey`, {
|
|
15
15
|
aliasName: `cmk/cloudtrail/${id}/encryptionKey`
|
|
16
16
|
});
|
|
17
|
-
this.bucket = new storage_1.S3Bucket(this, `${id}
|
|
17
|
+
this.bucket = new storage_1.S3Bucket(this, `${id}CloudTrailBucket`, {
|
|
18
18
|
bucketName: props.bucketName,
|
|
19
19
|
bucketKeyEnabled: true,
|
|
20
20
|
encryption: aws_s3_1.BucketEncryption.KMS,
|
|
21
|
-
encryptionKey: encryptionKey.key
|
|
21
|
+
encryptionKey: encryptionKey.key,
|
|
22
|
+
versioned: false,
|
|
23
|
+
removalPolicy: aws_cdk_lib_1.RemovalPolicy.RETAIN,
|
|
24
|
+
lifecycleRules: [{ expiration: aws_cdk_lib_1.Duration.days(365), enabled: true }]
|
|
22
25
|
});
|
|
23
26
|
this.bucket.grantReadWrite(new aws_iam_1.ServicePrincipal("cloudtrail.amazonaws.com"));
|
|
24
|
-
this.trail = new CloudTrail.Trail(this, `${id}
|
|
27
|
+
this.trail = new CloudTrail.Trail(this, `${id}CloudTrail`, {
|
|
25
28
|
...props,
|
|
26
29
|
bucket: this.bucket,
|
|
27
30
|
trailName: props.trailName || `${id}Trail`,
|
|
@@ -39,4 +42,4 @@ class TrailStack extends aws_cdk_lib_1.Stack {
|
|
|
39
42
|
}
|
|
40
43
|
}
|
|
41
44
|
exports.TrailStack = TrailStack;
|
|
42
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xvdWRUcmFpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2xvZ2dpbmcvY2xvdWRUcmFpbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBNkQ7QUFDN0QseURBQXlEO0FBQ3pELDJDQUF1QztBQUN2Qyx3Q0FBZ0Q7QUFDaEQsd0NBQXNDO0FBQ3RDLCtDQUFzRDtBQUN0RCxpREFBdUQ7QUFNdkQsTUFBYSxLQUFNLFNBQVEsc0JBQVM7SUFJbEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFzQjtRQUM5RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLE1BQU0sYUFBYSxHQUFHLElBQUksNEJBQWtCLENBQzFDLElBQUksRUFDSixHQUFHLEVBQUUseUJBQXlCLEVBQzlCO1lBQ0UsU0FBUyxFQUFFLGtCQUFrQixFQUFFLGdCQUFnQjtTQUNoRCxDQUNGLENBQUM7UUFFRixJQUFJLENBQUMsTUFBTSxHQUFHLElBQUksa0JBQVEsQ0FBQyxJQUFJLEVBQUUsR0FBRyxFQUFFLGtCQUFrQixFQUFFO1lBQ3hELFVBQVUsRUFBRSxLQUFLLENBQUMsVUFBVTtZQUM1QixnQkFBZ0IsRUFBRSxJQUFJO1lBQ3RCLFVBQVUsRUFBRSx5QkFBZ0IsQ0FBQyxHQUFHO1lBQ2hDLGFBQWEsRUFBRSxhQUFhLENBQUMsR0FBRztZQUNoQyxTQUFTLEVBQUUsS0FBSztZQUNoQixhQUFhLEVBQUUsMkJBQWEsQ0FBQyxNQUFNO1lBQ25DLGNBQWMsRUFBRSxDQUFDLEVBQUUsVUFBVSxFQUFFLHNCQUFRLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztTQUNwRSxDQUFDLENBQUM7UUFDSCxJQUFJLENBQUMsTUFBTSxDQUFDLGNBQWMsQ0FDeEIsSUFBSSwwQkFBZ0IsQ0FBQywwQkFBMEIsQ0FBQyxDQUNqRCxDQUFDO1FBRUYsSUFBSSxDQUFDLEtBQUssR0FBRyxJQUFJLFVBQVUsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxZQUFZLEVBQUU7WUFDekQsR0FBRyxLQUFLO1lBQ1IsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO1lBQ25CLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUyxJQUFJLEdBQUcsRUFBRSxPQUFPO1lBQzFDLGFBQWEsRUFBRSxhQUFhLENBQUMsR0FBRztTQUNqQyxDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFuQ0Qsc0JBbUNDO0FBRUQsTUFBYSxVQUFXLFNBQVEsbUJBQUs7SUFDbkMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUFzQjtRQUM5RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksS0FBSyxDQUFDLElBQUksRUFBRSxFQUFFLEVBQUU7WUFDbEIsR0FBRyxLQUFLO1NBQ1QsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBUkQsZ0NBUUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBEdXJhdGlvbiwgUmVtb3ZhbFBvbGljeSwgU3RhY2sgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCAqIGFzIENsb3VkVHJhaWwgZnJvbSBcImF3cy1jZGstbGliL2F3cy1jbG91ZHRyYWlsXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgQ3VzdG9tZXJNYW5hZ2VkS2V5IH0gZnJvbSBcIi4uL3NlY3JldHNcIjtcbmltcG9ydCB7IFMzQnVja2V0IH0gZnJvbSBcIi4uL3N0b3JhZ2VcIjtcbmltcG9ydCB7IEJ1Y2tldEVuY3J5cHRpb24gfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXMzXCI7XG5pbXBvcnQgeyBTZXJ2aWNlUHJpbmNpcGFsIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIjtcblxuaW50ZXJmYWNlIENsb3VkVHJhaWxQcm9wcyBleHRlbmRzIENsb3VkVHJhaWwuVHJhaWxQcm9wcyB7XG4gIGJ1Y2tldE5hbWU6IHN0cmluZztcbn1cblxuZXhwb3J0IGNsYXNzIFRyYWlsIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHRyYWlsOiBDbG91ZFRyYWlsLlRyYWlsO1xuICBwdWJsaWMgcmVhZG9ubHkgYnVja2V0OiBTM0J1Y2tldDtcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQ2xvdWRUcmFpbFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGNvbnN0IGVuY3J5cHRpb25LZXkgPSBuZXcgQ3VzdG9tZXJNYW5hZ2VkS2V5KFxuICAgICAgdGhpcyxcbiAgICAgIGAke2lkfUNsb3VkVHJhaWxFbmNyeXB0aW9uS2V5YCxcbiAgICAgIHtcbiAgICAgICAgYWxpYXNOYW1lOiBgY21rL2Nsb3VkdHJhaWwvJHtpZH0vZW5jcnlwdGlvbktleWBcbiAgICAgIH1cbiAgICApO1xuXG4gICAgdGhpcy5idWNrZXQgPSBuZXcgUzNCdWNrZXQodGhpcywgYCR7aWR9Q2xvdWRUcmFpbEJ1Y2tldGAsIHtcbiAgICAgIGJ1Y2tldE5hbWU6IHByb3BzLmJ1Y2tldE5hbWUsXG4gICAgICBidWNrZXRLZXlFbmFibGVkOiB0cnVlLFxuICAgICAgZW5jcnlwdGlvbjogQnVja2V0RW5jcnlwdGlvbi5LTVMsXG4gICAgICBlbmNyeXB0aW9uS2V5OiBlbmNyeXB0aW9uS2V5LmtleSxcbiAgICAgIHZlcnNpb25lZDogZmFsc2UsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LlJFVEFJTixcbiAgICAgIGxpZmVjeWNsZVJ1bGVzOiBbeyBleHBpcmF0aW9uOiBEdXJhdGlvbi5kYXlzKDM2NSksIGVuYWJsZWQ6IHRydWUgfV1cbiAgICB9KTtcbiAgICB0aGlzLmJ1Y2tldC5ncmFudFJlYWRXcml0ZShcbiAgICAgIG5ldyBTZXJ2aWNlUHJpbmNpcGFsKFwiY2xvdWR0cmFpbC5hbWF6b25hd3MuY29tXCIpXG4gICAgKTtcblxuICAgIHRoaXMudHJhaWwgPSBuZXcgQ2xvdWRUcmFpbC5UcmFpbCh0aGlzLCBgJHtpZH1DbG91ZFRyYWlsYCwge1xuICAgICAgLi4ucHJvcHMsXG4gICAgICBidWNrZXQ6IHRoaXMuYnVja2V0LFxuICAgICAgdHJhaWxOYW1lOiBwcm9wcy50cmFpbE5hbWUgfHwgYCR7aWR9VHJhaWxgLFxuICAgICAgZW5jcnlwdGlvbktleTogZW5jcnlwdGlvbktleS5rZXlcbiAgICB9KTtcbiAgfVxufVxuXG5leHBvcnQgY2xhc3MgVHJhaWxTdGFjayBleHRlbmRzIFN0YWNrIHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IENsb3VkVHJhaWxQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICBuZXcgVHJhaWwodGhpcywgaWQsIHtcbiAgICAgIC4uLnByb3BzXG4gICAgfSk7XG4gIH1cbn1cbiJdfQ==
|
|
@@ -4,7 +4,10 @@ exports.IpamPoolStack = exports.IpamPool = void 0;
|
|
|
4
4
|
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
5
|
const constructs_1 = require("constructs");
|
|
6
6
|
const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
|
|
7
|
+
const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
|
|
8
|
+
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
|
|
7
9
|
const resourceShare_1 = require("../utilities/resourceShare");
|
|
10
|
+
const customResource_1 = require("../utilities/customResource");
|
|
8
11
|
const getAccountId_1 = require("../../../utils/getAccountId");
|
|
9
12
|
const validationLogger_1 = require("../../../utils/validationLogger");
|
|
10
13
|
class IpamPool extends constructs_1.Construct {
|
|
@@ -81,8 +84,14 @@ class IpamPool extends constructs_1.Construct {
|
|
|
81
84
|
ipamPoolId: regionalPool.attrIpamPoolId,
|
|
82
85
|
netmaskLength: 10 // Each region gets a /10 (4,194,304 IPs)
|
|
83
86
|
});
|
|
84
|
-
// Create account pools under each regional pool
|
|
85
|
-
|
|
87
|
+
// Create account pools under each regional pool.
|
|
88
|
+
// IPAM enforces a low concurrent-mutation limit (not publicly documented).
|
|
89
|
+
// Batch account pools so each batch depends on the previous batch
|
|
90
|
+
// completing, limiting concurrent IPAM pool mutations.
|
|
91
|
+
const IPAM_CONCURRENCY_LIMIT = 2;
|
|
92
|
+
const batches = [];
|
|
93
|
+
for (let i = 0; i < organisationAccounts.length; i++) {
|
|
94
|
+
const account = organisationAccounts[i];
|
|
86
95
|
const accountId = (0, getAccountId_1.default)(account);
|
|
87
96
|
const ipamPool = new aws_ec2_1.CfnIPAMPool(this, `${account}IpamPool${regionSuffix}`, {
|
|
88
97
|
description: `${account} - IPAM pool - ${region}`,
|
|
@@ -111,10 +120,72 @@ class IpamPool extends constructs_1.Construct {
|
|
|
111
120
|
});
|
|
112
121
|
// Ensure the account pool is created after the regional CIDR allocation
|
|
113
122
|
ipamPool.node.addDependency(regionalCidrAllocation);
|
|
123
|
+
// Each batch of IPAM_CONCURRENCY_LIMIT pools depends on ALL pools
|
|
124
|
+
// from the previous batch, so the next batch only starts once the
|
|
125
|
+
// entire previous batch has completed.
|
|
126
|
+
const batchIndex = Math.floor(i / IPAM_CONCURRENCY_LIMIT);
|
|
127
|
+
if (batchIndex > 0) {
|
|
128
|
+
for (const previousPool of batches[batchIndex - 1]) {
|
|
129
|
+
ipamPool.node.addDependency(previousPool);
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
if (!batches[batchIndex])
|
|
133
|
+
batches[batchIndex] = [];
|
|
134
|
+
batches[batchIndex].push(ipamPool);
|
|
114
135
|
const cidrAllocation = new aws_ec2_1.CfnIPAMPoolCidr(this, `${account}PoolCidr${provisionedNetmaskLength}${regionSuffix}`, {
|
|
115
136
|
ipamPoolId: ipamPool.attrIpamPoolId,
|
|
116
137
|
netmaskLength: provisionedNetmaskLength
|
|
117
138
|
});
|
|
139
|
+
// On stack deletion, VPC allocations (not managed by CloudFormation)
|
|
140
|
+
// block CIDR deprovisioning. This custom resource releases them first.
|
|
141
|
+
const allocationCleanup = new customResource_1.CustomResource(this, `${account}IpamCleanup${regionSuffix}`, {
|
|
142
|
+
runtime: aws_lambda_1.Runtime.NODEJS_22_X,
|
|
143
|
+
timeout: aws_cdk_lib_1.Duration.minutes(5),
|
|
144
|
+
lambdaDescription: `${account} IPAM pool allocation cleanup - ${region}`,
|
|
145
|
+
properties: {
|
|
146
|
+
IpamPoolId: ipamPool.attrIpamPoolId
|
|
147
|
+
},
|
|
148
|
+
inlinePolicy: [
|
|
149
|
+
new aws_iam_1.PolicyStatement({
|
|
150
|
+
effect: aws_iam_1.Effect.ALLOW,
|
|
151
|
+
actions: [
|
|
152
|
+
"ec2:GetIpamPoolAllocations",
|
|
153
|
+
"ec2:ReleaseIpamPoolAllocation"
|
|
154
|
+
],
|
|
155
|
+
resources: ["*"]
|
|
156
|
+
})
|
|
157
|
+
],
|
|
158
|
+
inlineCode: `
|
|
159
|
+
const { EC2Client, GetIpamPoolAllocationsCommand, ReleaseIpamPoolAllocationCommand } = require('@aws-sdk/client-ec2');
|
|
160
|
+
|
|
161
|
+
exports.handler = async (event) => {
|
|
162
|
+
const physicalResourceId = event.PhysicalResourceId || event.LogicalResourceId || 'ipam-pool-cleanup';
|
|
163
|
+
if (event.RequestType !== 'Delete') {
|
|
164
|
+
return { PhysicalResourceId: physicalResourceId };
|
|
165
|
+
}
|
|
166
|
+
const poolId = event.ResourceProperties.IpamPoolId;
|
|
167
|
+
const ec2 = new EC2Client({});
|
|
168
|
+
let nextToken;
|
|
169
|
+
do {
|
|
170
|
+
const res = await ec2.send(new GetIpamPoolAllocationsCommand({
|
|
171
|
+
IpamPoolId: poolId, ...(nextToken && { NextToken: nextToken })
|
|
172
|
+
}));
|
|
173
|
+
for (const alloc of (res.IpamPoolAllocations || [])) {
|
|
174
|
+
if (alloc.ResourceType === 'ipam-pool') continue;
|
|
175
|
+
try {
|
|
176
|
+
await ec2.send(new ReleaseIpamPoolAllocationCommand({
|
|
177
|
+
IpamPoolId: poolId,
|
|
178
|
+
Cidr: alloc.Cidr,
|
|
179
|
+
IpamPoolAllocationId: alloc.IpamPoolAllocationId
|
|
180
|
+
}));
|
|
181
|
+
} catch (e) { console.log('Release failed (may already be released):', e.message); }
|
|
182
|
+
}
|
|
183
|
+
nextToken = res.NextToken;
|
|
184
|
+
} while (nextToken);
|
|
185
|
+
return { PhysicalResourceId: physicalResourceId };
|
|
186
|
+
};`
|
|
187
|
+
});
|
|
188
|
+
allocationCleanup.node.addDependency(cidrAllocation);
|
|
118
189
|
// Share the pool with the target account so that VPCs can allocate
|
|
119
190
|
const share = new resourceShare_1.ResourceShare(this, `${account}IpamResourceShare${regionSuffix}`, {
|
|
120
191
|
name: `${account}IpamResourceShare.${region}`,
|
|
@@ -128,8 +199,8 @@ class IpamPool extends constructs_1.Construct {
|
|
|
128
199
|
}
|
|
129
200
|
]
|
|
130
201
|
});
|
|
131
|
-
//
|
|
132
|
-
share.node.addDependency(
|
|
202
|
+
// Delete order: share → cleanup (releases VPC allocations) → cidrAllocation → pool
|
|
203
|
+
share.node.addDependency(allocationCleanup.resource);
|
|
133
204
|
// Expose the pool ID for cross-stack usage (e.g. VPC allocations)
|
|
134
205
|
new aws_cdk_lib_1.CfnOutput(this, `IpamPoolId${accountId}${regionSuffix}`, {
|
|
135
206
|
key: `IpamPoolId${accountId}${regionSuffix}`,
|
|
@@ -156,4 +227,4 @@ class IpamPoolStack extends aws_cdk_lib_1.Stack {
|
|
|
156
227
|
}
|
|
157
228
|
}
|
|
158
229
|
exports.IpamPoolStack = IpamPoolStack;
|
|
159
|
-
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaXBhbVBvb2wuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9uZXR3b3JraW5nL2lwYW1Qb29sLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUFvRTtBQUNwRSwyQ0FBdUM7QUFDdkMsaURBRzZCO0FBQzdCLDhEQUEyRDtBQUMzRCw4REFBdUQ7QUFDdkQsc0VBQThEO0FBeUI5RCxNQUFhLFFBQVMsU0FBUSxzQkFBUztJQUNyQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQW9CO1FBQzVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsMERBQTBEO1FBQzFELE1BQU0seUJBQXlCLEdBQzdCLEtBQUssQ0FBQyxTQUFTLElBQUksZ0JBQUUsQ0FBQyxXQUFXLENBQUMsMkJBQTJCLENBQUMsQ0FBQztRQUVqRSxNQUFNLE9BQU8sR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDO1FBQzlCLElBQUksQ0FBQyxPQUFPLElBQUksT0FBTyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUNyQyxNQUFNLElBQUksS0FBSyxDQUFDLHNEQUFzRCxDQUFDLENBQUM7UUFDMUUsQ0FBQztRQUVELE1BQU0sb0JBQW9CLEdBQUcsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUM3RCxPQUFPLENBQUMsV0FBVyxFQUFFLENBQ3RCLENBQUM7UUFFRix1REFBdUQ7UUFDdkQsTUFBTSxvQkFBb0IsR0FBRyxLQUFLLENBQUMsOEJBQThCLElBQUksRUFBRSxDQUFDO1FBQ3hFLE1BQU0sd0JBQXdCLEdBQUcsS0FBSyxDQUFDLHdCQUF3QixJQUFJLEVBQUUsQ0FBQztRQUV0RSxrRkFBa0Y7UUFDbEYsSUFBSSxvQkFBb0IsR0FBRyxFQUFFLElBQUksb0JBQW9CLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDM0QsTUFBTSxJQUFJLEtBQUssQ0FDYixtRkFBbUYsb0JBQW9CLEVBQUUsQ0FDMUcsQ0FBQztRQUNKLENBQUM7UUFFRCwrQ0FBK0M7UUFDL0MsSUFBSSx3QkFBd0IsR0FBRyxFQUFFLElBQUksd0JBQXdCLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDbkUsTUFBTSxJQUFJLEtBQUssQ0FDYiw2RUFBNkUsd0JBQXdCLEVBQUUsQ0FDeEcsQ0FBQztRQUNKLENBQUM7UUFFRCx5RUFBeUU7UUFDekUsSUFBSSxvQkFBb0IsR0FBRyx3QkFBd0IsRUFBRSxDQUFDO1lBQ3BELDhCQUFXLENBQUMsSUFBSSxDQUNkLHNDQUFzQyxvQkFBb0IsaURBQWlELHdCQUF3QixLQUFLO2dCQUN0SSxpRUFBaUUsQ0FDcEUsQ0FBQztRQUNKLENBQUM7UUFFRCxpQkFBaUI7UUFDakIsTUFBTSxRQUFRLEdBQUcsSUFBSSxxQkFBYSxDQUFDLElBQUksRUFBRSxrQkFBa0IsRUFBRTtZQUMzRCxXQUFXLEVBQUUseUJBQXlCO1lBQ3RDLGFBQWEsRUFBRSxNQUFNO1lBQ3JCLFdBQVcsRUFBRSx5QkFBeUI7WUFDdEMsZ0JBQWdCLEVBQUU7Z0JBQ2hCLEVBQUUsSUFBSSxFQUFFLFlBQVksRUFBRTtnQkFDdEIsRUFBRSxJQUFJLEVBQUUsZUFBZSxFQUFFO2dCQUN6QixFQUFFLElBQUksRUFBRSxnQkFBZ0IsRUFBRTthQUMzQjtZQUNELFVBQVUsRUFBRSxJQUFJO1lBQ2hCLElBQUksRUFBRTtnQkFDSjtvQkFDRSxHQUFHLEVBQUUsdUJBQXVCO29CQUM1QixLQUFLLEVBQUUsV0FBVztpQkFDbkI7Z0JBQ0Q7b0JBQ0UsR0FBRyxFQUFFLGtDQUFrQztvQkFDdkMsS0FBSyxFQUFFLFlBQVk7aUJBQ3BCO2FBQ0Y7U0FDRixDQUFDLENBQUM7UUFFSCxxREFBcUQ7UUFDckQsS0FBSyxNQUFNLE1BQU0sSUFBSSxPQUFPLEVBQUUsQ0FBQztZQUM3QixNQUFNLFlBQVksR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztZQUU5QyxrREFBa0Q7WUFDbEQsTUFBTSxZQUFZLEdBQUcsSUFBSSxxQkFBYSxDQUNwQyxJQUFJLEVBQ0osZUFBZSxZQUFZLEVBQUUsRUFDN0I7Z0JBQ0UsV0FBVyxFQUFFLHdCQUF3QixNQUFNLEVBQUU7Z0JBQzdDLGFBQWEsRUFBRSxNQUFNO2dCQUNyQixXQUFXLEVBQUUseUJBQXlCO2dCQUN0QyxNQUFNLEVBQUUsTUFBTTtnQkFDZCxnQkFBZ0IsRUFBRSxRQUFRLENBQUMsY0FBYztnQkFDekMsVUFBVSxFQUFFLElBQUk7Z0JBQ2hCLElBQUksRUFBRTtvQkFDSjt3QkFDRSxHQUFHLEVBQUUsdUJBQXVCO3dCQUM1QixLQUFLLEVBQUUsWUFBWSxNQUFNLEVBQUU7cUJBQzVCO29CQUNEO3dCQUNFLEdBQUcsRUFBRSxrQ0FBa0M7d0JBQ3ZDLEtBQUssRUFBRSxZQUFZO3FCQUNwQjtpQkFDRjthQUNGLENBQ0YsQ0FBQztZQUVGLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSx5QkFBZSxDQUNoRCxJQUFJLEVBQ0osbUJBQW1CLFlBQVksRUFBRSxFQUNqQztnQkFDRSxVQUFVLEVBQUUsWUFBWSxDQUFDLGNBQWM7Z0JBQ3ZDLGFBQWEsRUFBRSxFQUFFLENBQUMseUNBQXlDO2FBQzVELENBQ0YsQ0FBQztZQUVGLGdEQUFnRDtZQUNoRCxLQUFLLE1BQU0sT0FBTyxJQUFJLG9CQUFvQixFQUFFLENBQUM7Z0JBQzNDLE1BQU0sU0FBUyxHQUFHLElBQUEsc0JBQVksRUFBQyxPQUFPLENBQUMsQ0FBQztnQkFFeEMsTUFBTSxRQUFRLEdBQUcsSUFBSSxxQkFBYSxDQUNoQyxJQUFJLEVBQ0osR0FBRyxPQUFPLFdBQVcsWUFBWSxFQUFFLEVBQ25DO29CQUNFLFdBQVcsRUFBRSxHQUFHLE9BQU8sa0JBQWtCLE1BQU0sRUFBRTtvQkFDakQsYUFBYSxFQUFFLE1BQU07b0JBQ3JCLFdBQVcsRUFBRSx5QkFBeUI7b0JBQ3RDLE1BQU0sRUFBRSxNQUFNO29CQUNkLGdCQUFnQixFQUFFLFlBQVksQ0FBQyxjQUFjO29CQUM3Qyw4QkFBOEIsRUFBRSxvQkFBb0I7b0JBQ3BELHNCQUFzQixFQUFFO3dCQUN0Qjs0QkFDRSxHQUFHLEVBQUUsdUJBQXVCOzRCQUM1QixLQUFLLEVBQUUsR0FBRyxTQUFTLElBQUksTUFBTSxFQUFFO3lCQUNoQztxQkFDRjtvQkFDRCxVQUFVLEVBQUUsSUFBSTtvQkFDaEIsSUFBSSxFQUFFO3dCQUNKOzRCQUNFLEdBQUcsRUFBRSx1QkFBdUI7NEJBQzVCLEtBQUssRUFBRSxHQUFHLFNBQVMsSUFBSSxNQUFNLEVBQUU7eUJBQ2hDO3dCQUNEOzRCQUNFLEdBQUcsRUFBRSxrQ0FBa0M7NEJBQ3ZDLEtBQUssRUFBRSxPQUFPO3lCQUNmO3FCQUNGO2lCQUNGLENBQ0YsQ0FBQztnQkFFRix3RUFBd0U7Z0JBQ3hFLFFBQVEsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLHNCQUFzQixDQUFDLENBQUM7Z0JBRXBELE1BQU0sY0FBYyxHQUFHLElBQUkseUJBQWUsQ0FDeEMsSUFBSSxFQUNKLEdBQUcsT0FBTyxXQUFXLHdCQUF3QixHQUFHLFlBQVksRUFBRSxFQUM5RDtvQkFDRSxVQUFVLEVBQUUsUUFBUSxDQUFDLGNBQWM7b0JBQ25DLGFBQWEsRUFBRSx3QkFBd0I7aUJBQ3hDLENBQ0YsQ0FBQztnQkFFRixtRUFBbUU7Z0JBQ25FLE1BQU0sS0FBSyxHQUFHLElBQUksNkJBQWEsQ0FDN0IsSUFBSSxFQUNKLEdBQUcsT0FBTyxvQkFBb0IsWUFBWSxFQUFFLEVBQzVDO29CQUNFLElBQUksRUFBRSxHQUFHLE9BQU8scUJBQXFCLE1BQU0sRUFBRTtvQkFDN0MsdUJBQXVCLEVBQUUsS0FBSztvQkFDOUIsVUFBVSxFQUFFLENBQUMsU0FBUyxDQUFDO29CQUN2QixZQUFZLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDO29CQUNoQyxJQUFJLEVBQUU7d0JBQ0o7NEJBQ0UsR0FBRyxFQUFFLGtDQUFrQzs0QkFDdkMsS0FBSyxFQUFFLFlBQVk7eUJBQ3BCO3FCQUNGO2lCQUNGLENBQ0YsQ0FBQztnQkFFRixpRUFBaUU7Z0JBQ2pFLEtBQUssQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGNBQWMsQ0FBQyxDQUFDO2dCQUV6QyxrRUFBa0U7Z0JBQ2xFLElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsYUFBYSxTQUFTLEdBQUcsWUFBWSxFQUFFLEVBQUU7b0JBQzNELEdBQUcsRUFBRSxhQUFhLFNBQVMsR0FBRyxZQUFZLEVBQUU7b0JBQzVDLEtBQUssRUFBRSxRQUFRLENBQUMsY0FBYztvQkFDOUIsVUFBVSxFQUFFLGFBQWEsU0FBUyxHQUFHLFlBQVksRUFBRTtpQkFDcEQsQ0FBQyxDQUFDO2dCQUVILElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsY0FBYyxTQUFTLEdBQUcsWUFBWSxFQUFFLEVBQUU7b0JBQzVELEdBQUcsRUFBRSxjQUFjLFNBQVMsR0FBRyxZQUFZLEVBQUU7b0JBQzdDLEtBQUssRUFBRSxRQUFRLENBQUMsT0FBTztvQkFDdkIsVUFBVSxFQUFFLGNBQWMsU0FBUyxHQUFHLFlBQVksRUFBRTtpQkFDckQsQ0FBQyxDQUFDO1lBQ0wsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUF6TEQsNEJBeUxDO0FBRUQsTUFBYSxhQUFjLFNBQVEsbUJBQUs7SUFDdEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUF5QjtRQUNqRSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksUUFBUSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDN0IsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO1lBQzlCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztTQUN2QixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFURCxzQ0FTQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENmbk91dHB1dCwgRm4sIHR5cGUgU3RhY2tQcm9wcywgU3RhY2sgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5pbXBvcnQge1xuICBDZm5JUEFNUG9vbCBhcyBJcGFtUG9vbENsYXNzLFxuICBDZm5JUEFNUG9vbENpZHJcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzJcIjtcbmltcG9ydCB7IFJlc291cmNlU2hhcmUgfSBmcm9tIFwiLi4vdXRpbGl0aWVzL3Jlc291cmNlU2hhcmVcIjtcbmltcG9ydCBnZXRBY2NvdW50SWQgZnJvbSBcIi4uLy4uLy4uL3V0aWxzL2dldEFjY291bnRJZFwiO1xuaW1wb3J0IHsgRmphbGxMb2dnZXIgfSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvdmFsaWRhdGlvbkxvZ2dlclwiO1xuXG5leHBvcnQgaW50ZXJmYWNlIElwYW1Qb29sUHJvcHMgZXh0ZW5kcyBTdGFja1Byb3BzIHtcbiAgb3JnQWNjb3VudHM6IHN0cmluZ1tdO1xuICBpcGFtU2NvcGU/OiBzdHJpbmc7XG4gIHJlZ2lvbnM6IHN0cmluZ1tdO1xuICAvKipcbiAgICogVGhlIG5ldG1hc2sgbGVuZ3RoICgvQ0lEUikgZWFjaCBjaGlsZCBJUEFNIHBvb2wgc2hvdWxkIHJlY2VpdmUuXG4gICAqIENvbnRyb2xzIHRoZSBzaXplIG9mIENJRFIgYmxvY2tzIGF1dG9tYXRpY2FsbHkgYWxsb2NhdGVkIHRvIFZQQ3MgZnJvbSB0aGUgcG9vbC5cbiAgICogQWNjZXB0ZWQgcmFuZ2U6IC8xNiAoNjUsNTM2IElQcykg4oCTIC8yOCAoMTYgSVBzKS4gRGVmYXVsdHMgdG8gLzIwICg0LDA5NiBJUHMpLlxuICAgKi9cbiAgYWxsb2NhdGlvbkRlZmF1bHROZXRtYXNrTGVuZ3RoPzogbnVtYmVyO1xuICAvKipcbiAgICogVGhlIG5ldG1hc2sgbGVuZ3RoICgvQ0lEUikgcHJvdmlzaW9uZWQgaW50byBlYWNoIGNoaWxkIElQQU0gcG9vbCBvbiBjcmVhdGlvbi5cbiAgICogRGV0ZXJtaW5lcyB0aGUgdG90YWwgYWRkcmVzcyBzcGFjZSBhdmFpbGFibGUgZm9yIFZQQyBhbGxvY2F0aW9ucyBpbiB0aGF0IGFjY291bnQuXG4gICAqIEFjY2VwdGVkIHJhbmdlOiAvMTMgKDUyNCwyODggSVBzKSDigJMgLzE2ICg2NSw1MzYgSVBzKS4gRGVmYXVsdHMgdG8gLzE0LlxuICAgKi9cbiAgcHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RoPzogbnVtYmVyO1xufVxuXG5pbnRlcmZhY2UgSXBhbVBvb2xTdGFja1Byb3BzIGV4dGVuZHMgU3RhY2tQcm9wcyB7XG4gIG9yZ0FjY291bnRzOiBzdHJpbmdbXTtcbiAgcmVnaW9uczogc3RyaW5nW107XG59XG5cbmV4cG9ydCBjbGFzcyBJcGFtUG9vbCBleHRlbmRzIENvbnN0cnVjdCB7XG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBJcGFtUG9vbFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIC8vIEdldCB0aGUgZGVmYXVsdCBJUEFNIHNjb3BlIElEIGZyb20gcHJvcHMsIG9yIENGTiBpbXBvcnRcbiAgICBjb25zdCBJcGFtUHJpdmF0ZURlZmF1bHRTY29wZUlkID1cbiAgICAgIHByb3BzLmlwYW1TY29wZSB8fCBGbi5pbXBvcnRWYWx1ZShcIklwYW1Qcml2YXRlRGVmYXVsdFNjb3BlSWRcIik7XG5cbiAgICBjb25zdCByZWdpb25zID0gcHJvcHMucmVnaW9ucztcbiAgICBpZiAoIXJlZ2lvbnMgfHwgcmVnaW9ucy5sZW5ndGggPT09IDApIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihcIkF0IGxlYXN0IG9uZSByZWdpb24gbXVzdCBiZSBzcGVjaWZpZWQgZm9yIElQQU0gcG9vbHNcIik7XG4gICAgfVxuXG4gICAgY29uc3Qgb3JnYW5pc2F0aW9uQWNjb3VudHMgPSBwcm9wcy5vcmdBY2NvdW50cy5tYXAoKGFjY291bnQpID0+XG4gICAgICBhY2NvdW50LnRvTG93ZXJDYXNlKClcbiAgICApO1xuXG4gICAgLy8gRGV0ZXJtaW5lIHRoZSBjaGlsZC1wb29sIENJRFIgc2l6ZSAoZGVmYXVsdHMgdG8gLzIwKVxuICAgIGNvbnN0IGRlZmF1bHROZXRtYXNrTGVuZ3RoID0gcHJvcHMuYWxsb2NhdGlvbkRlZmF1bHROZXRtYXNrTGVuZ3RoID8/IDIwO1xuICAgIGNvbnN0IHByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCA9IHByb3BzLnByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCA/PyAxNDtcblxuICAgIC8vIEJhc2ljIHZhbGlkYXRpb24g4oCTIC8xNiB0byAvMjggaW5jbHVzaXZlIGFyZSBjb25zaWRlcmVkIHNhZmUgZm9yIFZQQyBhbGxvY2F0aW9uc1xuICAgIGlmIChkZWZhdWx0TmV0bWFza0xlbmd0aCA8IDE2IHx8IGRlZmF1bHROZXRtYXNrTGVuZ3RoID4gMjgpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgYGFsbG9jYXRpb25EZWZhdWx0TmV0bWFza0xlbmd0aCBtdXN0IGJlIGJldHdlZW4gMTYgYW5kIDI4IChpbmNsdXNpdmUpLiBSZWNlaXZlZDogJHtkZWZhdWx0TmV0bWFza0xlbmd0aH1gXG4gICAgICApO1xuICAgIH1cblxuICAgIC8vIFZhbGlkYXRlIHByb3Zpc2lvbmVkIGJsb2NrIHNpemUgKC8xMyB0byAvMTYpXG4gICAgaWYgKHByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCA8IDEzIHx8IHByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCA+IDE2KSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgICAgIGBwcm92aXNpb25lZE5ldG1hc2tMZW5ndGggbXVzdCBiZSBiZXR3ZWVuIDEzIGFuZCAxNiAoaW5jbHVzaXZlKS4gUmVjZWl2ZWQ6ICR7cHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RofWBcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gV2FybiBpZiB1c2VyIHJlcXVlc3RzIFZQQyBhbGxvY2F0aW9ucyBsYXJnZXIgdGhhbiB0aGUgcHJvdmlzaW9uZWQgcG9vbFxuICAgIGlmIChkZWZhdWx0TmV0bWFza0xlbmd0aCA8IHByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCkge1xuICAgICAgRmphbGxMb2dnZXIud2FybihcbiAgICAgICAgYCdhbGxvY2F0aW9uRGVmYXVsdE5ldG1hc2tMZW5ndGgnICgvJHtkZWZhdWx0TmV0bWFza0xlbmd0aH0pIGlzIGxhcmdlciB0aGFuICdwcm92aXNpb25lZE5ldG1hc2tMZW5ndGgnICgvJHtwcm92aXNpb25lZE5ldG1hc2tMZW5ndGh9KS4gYCArXG4gICAgICAgICAgYFZQQyBhbGxvY2F0aW9uIG1heSBmYWlsIGlmIHRoZSBwb29sIGNhbm5vdCBzYXRpc2Z5IHRoZSByZXF1ZXN0LmBcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gVG9wIExldmVsIFBvb2xcbiAgICBjb25zdCByb290UG9vbCA9IG5ldyBJcGFtUG9vbENsYXNzKHRoaXMsIFwiVG9wTGV2ZWxJcGFtUG9vbFwiLCB7XG4gICAgICBkZXNjcmlwdGlvbjogYFJvb3QgSVBBTSBwb29sIChHbG9iYWwpYCxcbiAgICAgIGFkZHJlc3NGYW1pbHk6IFwiaXB2NFwiLFxuICAgICAgaXBhbVNjb3BlSWQ6IElwYW1Qcml2YXRlRGVmYXVsdFNjb3BlSWQsXG4gICAgICBwcm92aXNpb25lZENpZHJzOiBbXG4gICAgICAgIHsgY2lkcjogXCIxMC4wLjAuMC84XCIgfSxcbiAgICAgICAgeyBjaWRyOiBcIjE3Mi4xNi4wLjAvMTJcIiB9LFxuICAgICAgICB7IGNpZHI6IFwiMTkyLjE2OC4wLjAvMTZcIiB9XG4gICAgICBdLFxuICAgICAgYXV0b0ltcG9ydDogdHJ1ZSxcbiAgICAgIHRhZ3M6IFtcbiAgICAgICAge1xuICAgICAgICAgIGtleTogXCJmamFsbDpvcGVyYXRpb25zOnBvb2xcIixcbiAgICAgICAgICB2YWx1ZTogXCJ0b3AtbGV2ZWxcIlxuICAgICAgICB9LFxuICAgICAgICB7XG4gICAgICAgICAga2V5OiBcImZqYWxsOmNvc3RBbGxvY2F0aW9uOmVudmlyb25tZW50XCIsXG4gICAgICAgICAgdmFsdWU6IFwibWFuYWdlbWVudFwiXG4gICAgICAgIH1cbiAgICAgIF1cbiAgICB9KTtcblxuICAgIC8vIENyZWF0ZSByZWdpb25hbCBwb29scyBhcyBjaGlsZHJlbiBvZiB0aGUgcm9vdCBwb29sXG4gICAgZm9yIChjb25zdCByZWdpb24gb2YgcmVnaW9ucykge1xuICAgICAgY29uc3QgcmVnaW9uU3VmZml4ID0gcmVnaW9uLnJlcGxhY2UoLy0vZywgXCJcIik7XG5cbiAgICAgIC8vIENyZWF0ZSBhIHJlZ2lvbmFsIHBvb2wgZm9yIHRoaXMgc3BlY2lmaWMgcmVnaW9uXG4gICAgICBjb25zdCByZWdpb25hbFBvb2wgPSBuZXcgSXBhbVBvb2xDbGFzcyhcbiAgICAgICAgdGhpcyxcbiAgICAgICAgYFJlZ2lvbmFsUG9vbCR7cmVnaW9uU3VmZml4fWAsXG4gICAgICAgIHtcbiAgICAgICAgICBkZXNjcmlwdGlvbjogYFJlZ2lvbmFsIElQQU0gcG9vbCAtICR7cmVnaW9ufWAsXG4gICAgICAgICAgYWRkcmVzc0ZhbWlseTogXCJpcHY0XCIsXG4gICAgICAgICAgaXBhbVNjb3BlSWQ6IElwYW1Qcml2YXRlRGVmYXVsdFNjb3BlSWQsXG4gICAgICAgICAgbG9jYWxlOiByZWdpb24sXG4gICAgICAgICAgc291cmNlSXBhbVBvb2xJZDogcm9vdFBvb2wuYXR0cklwYW1Qb29sSWQsXG4gICAgICAgICAgYXV0b0ltcG9ydDogdHJ1ZSxcbiAgICAgICAgICB0YWdzOiBbXG4gICAgICAgICAgICB7XG4gICAgICAgICAgICAgIGtleTogXCJmamFsbDpvcGVyYXRpb25zOnBvb2xcIixcbiAgICAgICAgICAgICAgdmFsdWU6IGByZWdpb25hbC0ke3JlZ2lvbn1gXG4gICAgICAgICAgICB9LFxuICAgICAgICAgICAge1xuICAgICAgICAgICAgICBrZXk6IFwiZmphbGw6Y29zdEFsbG9jYXRpb246ZW52aXJvbm1lbnRcIixcbiAgICAgICAgICAgICAgdmFsdWU6IFwibWFuYWdlbWVudFwiXG4gICAgICAgICAgICB9XG4gICAgICAgICAgXVxuICAgICAgICB9XG4gICAgICApO1xuXG4gICAgICBjb25zdCByZWdpb25hbENpZHJBbGxvY2F0aW9uID0gbmV3IENmbklQQU1Qb29sQ2lkcihcbiAgICAgICAgdGhpcyxcbiAgICAgICAgYFJlZ2lvbmFsUG9vbENpZHIke3JlZ2lvblN1ZmZpeH1gLFxuICAgICAgICB7XG4gICAgICAgICAgaXBhbVBvb2xJZDogcmVnaW9uYWxQb29sLmF0dHJJcGFtUG9vbElkLFxuICAgICAgICAgIG5ldG1hc2tMZW5ndGg6IDEwIC8vIEVhY2ggcmVnaW9uIGdldHMgYSAvMTAgKDQsMTk0LDMwNCBJUHMpXG4gICAgICAgIH1cbiAgICAgICk7XG5cbiAgICAgIC8vIENyZWF0ZSBhY2NvdW50IHBvb2xzIHVuZGVyIGVhY2ggcmVnaW9uYWwgcG9vbFxuICAgICAgZm9yIChjb25zdCBhY2NvdW50IG9mIG9yZ2FuaXNhdGlvbkFjY291bnRzKSB7XG4gICAgICAgIGNvbnN0IGFjY291bnRJZCA9IGdldEFjY291bnRJZChhY2NvdW50KTtcblxuICAgICAgICBjb25zdCBpcGFtUG9vbCA9IG5ldyBJcGFtUG9vbENsYXNzKFxuICAgICAgICAgIHRoaXMsXG4gICAgICAgICAgYCR7YWNjb3VudH1JcGFtUG9vbCR7cmVnaW9uU3VmZml4fWAsXG4gICAgICAgICAge1xuICAgICAgICAgICAgZGVzY3JpcHRpb246IGAke2FjY291bnR9IC0gSVBBTSBwb29sIC0gJHtyZWdpb259YCxcbiAgICAgICAgICAgIGFkZHJlc3NGYW1pbHk6IFwiaXB2NFwiLFxuICAgICAgICAgICAgaXBhbVNjb3BlSWQ6IElwYW1Qcml2YXRlRGVmYXVsdFNjb3BlSWQsXG4gICAgICAgICAgICBsb2NhbGU6IHJlZ2lvbixcbiAgICAgICAgICAgIHNvdXJjZUlwYW1Qb29sSWQ6IHJlZ2lvbmFsUG9vbC5hdHRySXBhbVBvb2xJZCxcbiAgICAgICAgICAgIGFsbG9jYXRpb25EZWZhdWx0TmV0bWFza0xlbmd0aDogZGVmYXVsdE5ldG1hc2tMZW5ndGgsXG4gICAgICAgICAgICBhbGxvY2F0aW9uUmVzb3VyY2VUYWdzOiBbXG4gICAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAgICBrZXk6IFwiZmphbGw6b3BlcmF0aW9uczpwb29sXCIsXG4gICAgICAgICAgICAgICAgdmFsdWU6IGAke2FjY291bnRJZH0tJHtyZWdpb259YFxuICAgICAgICAgICAgICB9XG4gICAgICAgICAgICBdLFxuICAgICAgICAgICAgYXV0b0ltcG9ydDogdHJ1ZSxcbiAgICAgICAgICAgIHRhZ3M6IFtcbiAgICAgICAgICAgICAge1xuICAgICAgICAgICAgICAgIGtleTogXCJmamFsbDpvcGVyYXRpb25zOnBvb2xcIixcbiAgICAgICAgICAgICAgICB2YWx1ZTogYCR7YWNjb3VudElkfS0ke3JlZ2lvbn1gXG4gICAgICAgICAgICAgIH0sXG4gICAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAgICBrZXk6IFwiZmphbGw6Y29zdEFsbG9jYXRpb246YWNjb3VudE5hbWVcIixcbiAgICAgICAgICAgICAgICB2YWx1ZTogYWNjb3VudFxuICAgICAgICAgICAgICB9XG4gICAgICAgICAgICBdXG4gICAgICAgICAgfVxuICAgICAgICApO1xuXG4gICAgICAgIC8vIEVuc3VyZSB0aGUgYWNjb3VudCBwb29sIGlzIGNyZWF0ZWQgYWZ0ZXIgdGhlIHJlZ2lvbmFsIENJRFIgYWxsb2NhdGlvblxuICAgICAgICBpcGFtUG9vbC5ub2RlLmFkZERlcGVuZGVuY3kocmVnaW9uYWxDaWRyQWxsb2NhdGlvbik7XG5cbiAgICAgICAgY29uc3QgY2lkckFsbG9jYXRpb24gPSBuZXcgQ2ZuSVBBTVBvb2xDaWRyKFxuICAgICAgICAgIHRoaXMsXG4gICAgICAgICAgYCR7YWNjb3VudH1Qb29sQ2lkciR7cHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RofSR7cmVnaW9uU3VmZml4fWAsXG4gICAgICAgICAge1xuICAgICAgICAgICAgaXBhbVBvb2xJZDogaXBhbVBvb2wuYXR0cklwYW1Qb29sSWQsXG4gICAgICAgICAgICBuZXRtYXNrTGVuZ3RoOiBwcm92aXNpb25lZE5ldG1hc2tMZW5ndGhcbiAgICAgICAgICB9XG4gICAgICAgICk7XG5cbiAgICAgICAgLy8gU2hhcmUgdGhlIHBvb2wgd2l0aCB0aGUgdGFyZ2V0IGFjY291bnQgc28gdGhhdCBWUENzIGNhbiBhbGxvY2F0ZVxuICAgICAgICBjb25zdCBzaGFyZSA9IG5ldyBSZXNvdXJjZVNoYXJlKFxuICAgICAgICAgIHRoaXMsXG4gICAgICAgICAgYCR7YWNjb3VudH1JcGFtUmVzb3VyY2VTaGFyZSR7cmVnaW9uU3VmZml4fWAsXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogYCR7YWNjb3VudH1JcGFtUmVzb3VyY2VTaGFyZS4ke3JlZ2lvbn1gLFxuICAgICAgICAgICAgYWxsb3dFeHRlcm5hbFByaW5jaXBhbHM6IGZhbHNlLFxuICAgICAgICAgICAgcHJpbmNpcGFsczogW2FjY291bnRJZF0sXG4gICAgICAgICAgICByZXNvdXJjZUFybnM6IFtpcGFtUG9vbC5hdHRyQXJuXSxcbiAgICAgICAgICAgIHRhZ3M6IFtcbiAgICAgICAgICAgICAge1xuICAgICAgICAgICAgICAgIGtleTogXCJmamFsbDpjb3N0QWxsb2NhdGlvbjplbnZpcm9ubWVudFwiLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBgbWFuYWdlbWVudGBcbiAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgXVxuICAgICAgICAgIH1cbiAgICAgICAgKTtcblxuICAgICAgICAvLyBFbnN1cmUgdGhlIHNoYXJlIGlzIGNyZWF0ZWQgb25seSBhZnRlciB0aGUgQ0lEUiBpcyBwcm92aXNpb25lZFxuICAgICAgICBzaGFyZS5ub2RlLmFkZERlcGVuZGVuY3koY2lkckFsbG9jYXRpb24pO1xuXG4gICAgICAgIC8vIEV4cG9zZSB0aGUgcG9vbCBJRCBmb3IgY3Jvc3Mtc3RhY2sgdXNhZ2UgKGUuZy4gVlBDIGFsbG9jYXRpb25zKVxuICAgICAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGBJcGFtUG9vbElkJHthY2NvdW50SWR9JHtyZWdpb25TdWZmaXh9YCwge1xuICAgICAgICAgIGtleTogYElwYW1Qb29sSWQke2FjY291bnRJZH0ke3JlZ2lvblN1ZmZpeH1gLFxuICAgICAgICAgIHZhbHVlOiBpcGFtUG9vbC5hdHRySXBhbVBvb2xJZCxcbiAgICAgICAgICBleHBvcnROYW1lOiBgSXBhbVBvb2xJZCR7YWNjb3VudElkfSR7cmVnaW9uU3VmZml4fWBcbiAgICAgICAgfSk7XG5cbiAgICAgICAgbmV3IENmbk91dHB1dCh0aGlzLCBgSXBhbVBvb2xBcm4ke2FjY291bnRJZH0ke3JlZ2lvblN1ZmZpeH1gLCB7XG4gICAgICAgICAga2V5OiBgSXBhbVBvb2xBcm4ke2FjY291bnRJZH0ke3JlZ2lvblN1ZmZpeH1gLFxuICAgICAgICAgIHZhbHVlOiBpcGFtUG9vbC5hdHRyQXJuLFxuICAgICAgICAgIGV4cG9ydE5hbWU6IGBJcGFtUG9vbEFybiR7YWNjb3VudElkfSR7cmVnaW9uU3VmZml4fWBcbiAgICAgICAgfSk7XG4gICAgICB9XG4gICAgfVxuICB9XG59XG5cbmV4cG9ydCBjbGFzcyBJcGFtUG9vbFN0YWNrIGV4dGVuZHMgU3RhY2sge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogSXBhbVBvb2xTdGFja1Byb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIG5ldyBJcGFtUG9vbCh0aGlzLCBcIklwYW1Qb29sXCIsIHtcbiAgICAgIG9yZ0FjY291bnRzOiBwcm9wcy5vcmdBY2NvdW50cyxcbiAgICAgIHJlZ2lvbnM6IHByb3BzLnJlZ2lvbnNcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
230
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaXBhbVBvb2wuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9uZXR3b3JraW5nL2lwYW1Qb29sLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUE4RTtBQUM5RSwyQ0FBdUM7QUFDdkMsaURBRzZCO0FBQzdCLHVEQUFpRDtBQUNqRCxpREFBOEQ7QUFDOUQsOERBQTJEO0FBQzNELGdFQUE2RDtBQUM3RCw4REFBdUQ7QUFDdkQsc0VBQThEO0FBeUI5RCxNQUFhLFFBQVMsU0FBUSxzQkFBUztJQUNyQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQW9CO1FBQzVELEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsMERBQTBEO1FBQzFELE1BQU0seUJBQXlCLEdBQzdCLEtBQUssQ0FBQyxTQUFTLElBQUksZ0JBQUUsQ0FBQyxXQUFXLENBQUMsMkJBQTJCLENBQUMsQ0FBQztRQUVqRSxNQUFNLE9BQU8sR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDO1FBQzlCLElBQUksQ0FBQyxPQUFPLElBQUksT0FBTyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUNyQyxNQUFNLElBQUksS0FBSyxDQUFDLHNEQUFzRCxDQUFDLENBQUM7UUFDMUUsQ0FBQztRQUVELE1BQU0sb0JBQW9CLEdBQUcsS0FBSyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUM3RCxPQUFPLENBQUMsV0FBVyxFQUFFLENBQ3RCLENBQUM7UUFFRix1REFBdUQ7UUFDdkQsTUFBTSxvQkFBb0IsR0FBRyxLQUFLLENBQUMsOEJBQThCLElBQUksRUFBRSxDQUFDO1FBQ3hFLE1BQU0sd0JBQXdCLEdBQUcsS0FBSyxDQUFDLHdCQUF3QixJQUFJLEVBQUUsQ0FBQztRQUV0RSxrRkFBa0Y7UUFDbEYsSUFBSSxvQkFBb0IsR0FBRyxFQUFFLElBQUksb0JBQW9CLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDM0QsTUFBTSxJQUFJLEtBQUssQ0FDYixtRkFBbUYsb0JBQW9CLEVBQUUsQ0FDMUcsQ0FBQztRQUNKLENBQUM7UUFFRCwrQ0FBK0M7UUFDL0MsSUFBSSx3QkFBd0IsR0FBRyxFQUFFLElBQUksd0JBQXdCLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDbkUsTUFBTSxJQUFJLEtBQUssQ0FDYiw2RUFBNkUsd0JBQXdCLEVBQUUsQ0FDeEcsQ0FBQztRQUNKLENBQUM7UUFFRCx5RUFBeUU7UUFDekUsSUFBSSxvQkFBb0IsR0FBRyx3QkFBd0IsRUFBRSxDQUFDO1lBQ3BELDhCQUFXLENBQUMsSUFBSSxDQUNkLHNDQUFzQyxvQkFBb0IsaURBQWlELHdCQUF3QixLQUFLO2dCQUN0SSxpRUFBaUUsQ0FDcEUsQ0FBQztRQUNKLENBQUM7UUFFRCxpQkFBaUI7UUFDakIsTUFBTSxRQUFRLEdBQUcsSUFBSSxxQkFBYSxDQUFDLElBQUksRUFBRSxrQkFBa0IsRUFBRTtZQUMzRCxXQUFXLEVBQUUseUJBQXlCO1lBQ3RDLGFBQWEsRUFBRSxNQUFNO1lBQ3JCLFdBQVcsRUFBRSx5QkFBeUI7WUFDdEMsZ0JBQWdCLEVBQUU7Z0JBQ2hCLEVBQUUsSUFBSSxFQUFFLFlBQVksRUFBRTtnQkFDdEIsRUFBRSxJQUFJLEVBQUUsZUFBZSxFQUFFO2dCQUN6QixFQUFFLElBQUksRUFBRSxnQkFBZ0IsRUFBRTthQUMzQjtZQUNELFVBQVUsRUFBRSxJQUFJO1lBQ2hCLElBQUksRUFBRTtnQkFDSjtvQkFDRSxHQUFHLEVBQUUsdUJBQXVCO29CQUM1QixLQUFLLEVBQUUsV0FBVztpQkFDbkI7Z0JBQ0Q7b0JBQ0UsR0FBRyxFQUFFLGtDQUFrQztvQkFDdkMsS0FBSyxFQUFFLFlBQVk7aUJBQ3BCO2FBQ0Y7U0FDRixDQUFDLENBQUM7UUFFSCxxREFBcUQ7UUFDckQsS0FBSyxNQUFNLE1BQU0sSUFBSSxPQUFPLEVBQUUsQ0FBQztZQUM3QixNQUFNLFlBQVksR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxFQUFFLENBQUMsQ0FBQztZQUU5QyxrREFBa0Q7WUFDbEQsTUFBTSxZQUFZLEdBQUcsSUFBSSxxQkFBYSxDQUNwQyxJQUFJLEVBQ0osZUFBZSxZQUFZLEVBQUUsRUFDN0I7Z0JBQ0UsV0FBVyxFQUFFLHdCQUF3QixNQUFNLEVBQUU7Z0JBQzdDLGFBQWEsRUFBRSxNQUFNO2dCQUNyQixXQUFXLEVBQUUseUJBQXlCO2dCQUN0QyxNQUFNLEVBQUUsTUFBTTtnQkFDZCxnQkFBZ0IsRUFBRSxRQUFRLENBQUMsY0FBYztnQkFDekMsVUFBVSxFQUFFLElBQUk7Z0JBQ2hCLElBQUksRUFBRTtvQkFDSjt3QkFDRSxHQUFHLEVBQUUsdUJBQXVCO3dCQUM1QixLQUFLLEVBQUUsWUFBWSxNQUFNLEVBQUU7cUJBQzVCO29CQUNEO3dCQUNFLEdBQUcsRUFBRSxrQ0FBa0M7d0JBQ3ZDLEtBQUssRUFBRSxZQUFZO3FCQUNwQjtpQkFDRjthQUNGLENBQ0YsQ0FBQztZQUVGLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSx5QkFBZSxDQUNoRCxJQUFJLEVBQ0osbUJBQW1CLFlBQVksRUFBRSxFQUNqQztnQkFDRSxVQUFVLEVBQUUsWUFBWSxDQUFDLGNBQWM7Z0JBQ3ZDLGFBQWEsRUFBRSxFQUFFLENBQUMseUNBQXlDO2FBQzVELENBQ0YsQ0FBQztZQUVGLGlEQUFpRDtZQUNqRCwyRUFBMkU7WUFDM0Usa0VBQWtFO1lBQ2xFLHVEQUF1RDtZQUN2RCxNQUFNLHNCQUFzQixHQUFHLENBQUMsQ0FBQztZQUNqQyxNQUFNLE9BQU8sR0FBc0IsRUFBRSxDQUFDO1lBQ3RDLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxvQkFBb0IsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQztnQkFDckQsTUFBTSxPQUFPLEdBQUcsb0JBQW9CLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3hDLE1BQU0sU0FBUyxHQUFHLElBQUEsc0JBQVksRUFBQyxPQUFPLENBQUMsQ0FBQztnQkFFeEMsTUFBTSxRQUFRLEdBQUcsSUFBSSxxQkFBYSxDQUNoQyxJQUFJLEVBQ0osR0FBRyxPQUFPLFdBQVcsWUFBWSxFQUFFLEVBQ25DO29CQUNFLFdBQVcsRUFBRSxHQUFHLE9BQU8sa0JBQWtCLE1BQU0sRUFBRTtvQkFDakQsYUFBYSxFQUFFLE1BQU07b0JBQ3JCLFdBQVcsRUFBRSx5QkFBeUI7b0JBQ3RDLE1BQU0sRUFBRSxNQUFNO29CQUNkLGdCQUFnQixFQUFFLFlBQVksQ0FBQyxjQUFjO29CQUM3Qyw4QkFBOEIsRUFBRSxvQkFBb0I7b0JBQ3BELHNCQUFzQixFQUFFO3dCQUN0Qjs0QkFDRSxHQUFHLEVBQUUsdUJBQXVCOzRCQUM1QixLQUFLLEVBQUUsR0FBRyxTQUFTLElBQUksTUFBTSxFQUFFO3lCQUNoQztxQkFDRjtvQkFDRCxVQUFVLEVBQUUsSUFBSTtvQkFDaEIsSUFBSSxFQUFFO3dCQUNKOzRCQUNFLEdBQUcsRUFBRSx1QkFBdUI7NEJBQzVCLEtBQUssRUFBRSxHQUFHLFNBQVMsSUFBSSxNQUFNLEVBQUU7eUJBQ2hDO3dCQUNEOzRCQUNFLEdBQUcsRUFBRSxrQ0FBa0M7NEJBQ3ZDLEtBQUssRUFBRSxPQUFPO3lCQUNmO3FCQUNGO2lCQUNGLENBQ0YsQ0FBQztnQkFFRix3RUFBd0U7Z0JBQ3hFLFFBQVEsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLHNCQUFzQixDQUFDLENBQUM7Z0JBRXBELGtFQUFrRTtnQkFDbEUsa0VBQWtFO2dCQUNsRSx1Q0FBdUM7Z0JBQ3ZDLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQyxHQUFHLHNCQUFzQixDQUFDLENBQUM7Z0JBQzFELElBQUksVUFBVSxHQUFHLENBQUMsRUFBRSxDQUFDO29CQUNuQixLQUFLLE1BQU0sWUFBWSxJQUFJLE9BQU8sQ0FBQyxVQUFVLEdBQUcsQ0FBQyxDQUFDLEVBQUUsQ0FBQzt3QkFDbkQsUUFBUSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsWUFBWSxDQUFDLENBQUM7b0JBQzVDLENBQUM7Z0JBQ0gsQ0FBQztnQkFDRCxJQUFJLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQztvQkFBRSxPQUFPLENBQUMsVUFBVSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUNuRCxPQUFPLENBQUMsVUFBVSxDQUFDLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUVuQyxNQUFNLGNBQWMsR0FBRyxJQUFJLHlCQUFlLENBQ3hDLElBQUksRUFDSixHQUFHLE9BQU8sV0FBVyx3QkFBd0IsR0FBRyxZQUFZLEVBQUUsRUFDOUQ7b0JBQ0UsVUFBVSxFQUFFLFFBQVEsQ0FBQyxjQUFjO29CQUNuQyxhQUFhLEVBQUUsd0JBQXdCO2lCQUN4QyxDQUNGLENBQUM7Z0JBRUYscUVBQXFFO2dCQUNyRSx1RUFBdUU7Z0JBQ3ZFLE1BQU0saUJBQWlCLEdBQUcsSUFBSSwrQkFBYyxDQUMxQyxJQUFJLEVBQ0osR0FBRyxPQUFPLGNBQWMsWUFBWSxFQUFFLEVBQ3RDO29CQUNFLE9BQU8sRUFBRSxvQkFBTyxDQUFDLFdBQVc7b0JBQzVCLE9BQU8sRUFBRSxzQkFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7b0JBQzVCLGlCQUFpQixFQUFFLEdBQUcsT0FBTyxtQ0FBbUMsTUFBTSxFQUFFO29CQUN4RSxVQUFVLEVBQUU7d0JBQ1YsVUFBVSxFQUFFLFFBQVEsQ0FBQyxjQUFjO3FCQUNwQztvQkFDRCxZQUFZLEVBQUU7d0JBQ1osSUFBSSx5QkFBZSxDQUFDOzRCQUNsQixNQUFNLEVBQUUsZ0JBQU0sQ0FBQyxLQUFLOzRCQUNwQixPQUFPLEVBQUU7Z0NBQ1AsNEJBQTRCO2dDQUM1QiwrQkFBK0I7NkJBQ2hDOzRCQUNELFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQzt5QkFDakIsQ0FBQztxQkFDSDtvQkFDRCxVQUFVLEVBQUU7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0E0QnJCO2lCQUNRLENBQ0YsQ0FBQztnQkFDRixpQkFBaUIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGNBQWMsQ0FBQyxDQUFDO2dCQUVyRCxtRUFBbUU7Z0JBQ25FLE1BQU0sS0FBSyxHQUFHLElBQUksNkJBQWEsQ0FDN0IsSUFBSSxFQUNKLEdBQUcsT0FBTyxvQkFBb0IsWUFBWSxFQUFFLEVBQzVDO29CQUNFLElBQUksRUFBRSxHQUFHLE9BQU8scUJBQXFCLE1BQU0sRUFBRTtvQkFDN0MsdUJBQXVCLEVBQUUsS0FBSztvQkFDOUIsVUFBVSxFQUFFLENBQUMsU0FBUyxDQUFDO29CQUN2QixZQUFZLEVBQUUsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDO29CQUNoQyxJQUFJLEVBQUU7d0JBQ0o7NEJBQ0UsR0FBRyxFQUFFLGtDQUFrQzs0QkFDdkMsS0FBSyxFQUFFLFlBQVk7eUJBQ3BCO3FCQUNGO2lCQUNGLENBQ0YsQ0FBQztnQkFFRixtRkFBbUY7Z0JBQ25GLEtBQUssQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGlCQUFpQixDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUVyRCxrRUFBa0U7Z0JBQ2xFLElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsYUFBYSxTQUFTLEdBQUcsWUFBWSxFQUFFLEVBQUU7b0JBQzNELEdBQUcsRUFBRSxhQUFhLFNBQVMsR0FBRyxZQUFZLEVBQUU7b0JBQzVDLEtBQUssRUFBRSxRQUFRLENBQUMsY0FBYztvQkFDOUIsVUFBVSxFQUFFLGFBQWEsU0FBUyxHQUFHLFlBQVksRUFBRTtpQkFDcEQsQ0FBQyxDQUFDO2dCQUVILElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsY0FBYyxTQUFTLEdBQUcsWUFBWSxFQUFFLEVBQUU7b0JBQzVELEdBQUcsRUFBRSxjQUFjLFNBQVMsR0FBRyxZQUFZLEVBQUU7b0JBQzdDLEtBQUssRUFBRSxRQUFRLENBQUMsT0FBTztvQkFDdkIsVUFBVSxFQUFFLGNBQWMsU0FBUyxHQUFHLFlBQVksRUFBRTtpQkFDckQsQ0FBQyxDQUFDO1lBQ0wsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUFsUUQsNEJBa1FDO0FBRUQsTUFBYSxhQUFjLFNBQVEsbUJBQUs7SUFDdEMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUF5QjtRQUNqRSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksUUFBUSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDN0IsV0FBVyxFQUFFLEtBQUssQ0FBQyxXQUFXO1lBQzlCLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTztTQUN2QixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUFURCxzQ0FTQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENmbk91dHB1dCwgRHVyYXRpb24sIEZuLCB0eXBlIFN0YWNrUHJvcHMsIFN0YWNrIH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHtcbiAgQ2ZuSVBBTVBvb2wgYXMgSXBhbVBvb2xDbGFzcyxcbiAgQ2ZuSVBBTVBvb2xDaWRyXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtZWMyXCI7XG5pbXBvcnQgeyBSdW50aW1lIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1sYW1iZGFcIjtcbmltcG9ydCB7IEVmZmVjdCwgUG9saWN5U3RhdGVtZW50IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIjtcbmltcG9ydCB7IFJlc291cmNlU2hhcmUgfSBmcm9tIFwiLi4vdXRpbGl0aWVzL3Jlc291cmNlU2hhcmVcIjtcbmltcG9ydCB7IEN1c3RvbVJlc291cmNlIH0gZnJvbSBcIi4uL3V0aWxpdGllcy9jdXN0b21SZXNvdXJjZVwiO1xuaW1wb3J0IGdldEFjY291bnRJZCBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvZ2V0QWNjb3VudElkXCI7XG5pbXBvcnQgeyBGamFsbExvZ2dlciB9IGZyb20gXCIuLi8uLi8uLi91dGlscy92YWxpZGF0aW9uTG9nZ2VyXCI7XG5cbmV4cG9ydCBpbnRlcmZhY2UgSXBhbVBvb2xQcm9wcyBleHRlbmRzIFN0YWNrUHJvcHMge1xuICBvcmdBY2NvdW50czogc3RyaW5nW107XG4gIGlwYW1TY29wZT86IHN0cmluZztcbiAgcmVnaW9uczogc3RyaW5nW107XG4gIC8qKlxuICAgKiBUaGUgbmV0bWFzayBsZW5ndGggKC9DSURSKSBlYWNoIGNoaWxkIElQQU0gcG9vbCBzaG91bGQgcmVjZWl2ZS5cbiAgICogQ29udHJvbHMgdGhlIHNpemUgb2YgQ0lEUiBibG9ja3MgYXV0b21hdGljYWxseSBhbGxvY2F0ZWQgdG8gVlBDcyBmcm9tIHRoZSBwb29sLlxuICAgKiBBY2NlcHRlZCByYW5nZTogLzE2ICg2NSw1MzYgSVBzKSDigJMgLzI4ICgxNiBJUHMpLiBEZWZhdWx0cyB0byAvMjAgKDQsMDk2IElQcykuXG4gICAqL1xuICBhbGxvY2F0aW9uRGVmYXVsdE5ldG1hc2tMZW5ndGg/OiBudW1iZXI7XG4gIC8qKlxuICAgKiBUaGUgbmV0bWFzayBsZW5ndGggKC9DSURSKSBwcm92aXNpb25lZCBpbnRvIGVhY2ggY2hpbGQgSVBBTSBwb29sIG9uIGNyZWF0aW9uLlxuICAgKiBEZXRlcm1pbmVzIHRoZSB0b3RhbCBhZGRyZXNzIHNwYWNlIGF2YWlsYWJsZSBmb3IgVlBDIGFsbG9jYXRpb25zIGluIHRoYXQgYWNjb3VudC5cbiAgICogQWNjZXB0ZWQgcmFuZ2U6IC8xMyAoNTI0LDI4OCBJUHMpIOKAkyAvMTYgKDY1LDUzNiBJUHMpLiBEZWZhdWx0cyB0byAvMTQuXG4gICAqL1xuICBwcm92aXNpb25lZE5ldG1hc2tMZW5ndGg/OiBudW1iZXI7XG59XG5cbmludGVyZmFjZSBJcGFtUG9vbFN0YWNrUHJvcHMgZXh0ZW5kcyBTdGFja1Byb3BzIHtcbiAgb3JnQWNjb3VudHM6IHN0cmluZ1tdO1xuICByZWdpb25zOiBzdHJpbmdbXTtcbn1cblxuZXhwb3J0IGNsYXNzIElwYW1Qb29sIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IElwYW1Qb29sUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgLy8gR2V0IHRoZSBkZWZhdWx0IElQQU0gc2NvcGUgSUQgZnJvbSBwcm9wcywgb3IgQ0ZOIGltcG9ydFxuICAgIGNvbnN0IElwYW1Qcml2YXRlRGVmYXVsdFNjb3BlSWQgPVxuICAgICAgcHJvcHMuaXBhbVNjb3BlIHx8IEZuLmltcG9ydFZhbHVlKFwiSXBhbVByaXZhdGVEZWZhdWx0U2NvcGVJZFwiKTtcblxuICAgIGNvbnN0IHJlZ2lvbnMgPSBwcm9wcy5yZWdpb25zO1xuICAgIGlmICghcmVnaW9ucyB8fCByZWdpb25zLmxlbmd0aCA9PT0gMCkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKFwiQXQgbGVhc3Qgb25lIHJlZ2lvbiBtdXN0IGJlIHNwZWNpZmllZCBmb3IgSVBBTSBwb29sc1wiKTtcbiAgICB9XG5cbiAgICBjb25zdCBvcmdhbmlzYXRpb25BY2NvdW50cyA9IHByb3BzLm9yZ0FjY291bnRzLm1hcCgoYWNjb3VudCkgPT5cbiAgICAgIGFjY291bnQudG9Mb3dlckNhc2UoKVxuICAgICk7XG5cbiAgICAvLyBEZXRlcm1pbmUgdGhlIGNoaWxkLXBvb2wgQ0lEUiBzaXplIChkZWZhdWx0cyB0byAvMjApXG4gICAgY29uc3QgZGVmYXVsdE5ldG1hc2tMZW5ndGggPSBwcm9wcy5hbGxvY2F0aW9uRGVmYXVsdE5ldG1hc2tMZW5ndGggPz8gMjA7XG4gICAgY29uc3QgcHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RoID0gcHJvcHMucHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RoID8/IDE0O1xuXG4gICAgLy8gQmFzaWMgdmFsaWRhdGlvbiDigJMgLzE2IHRvIC8yOCBpbmNsdXNpdmUgYXJlIGNvbnNpZGVyZWQgc2FmZSBmb3IgVlBDIGFsbG9jYXRpb25zXG4gICAgaWYgKGRlZmF1bHROZXRtYXNrTGVuZ3RoIDwgMTYgfHwgZGVmYXVsdE5ldG1hc2tMZW5ndGggPiAyOCkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgICBgYWxsb2NhdGlvbkRlZmF1bHROZXRtYXNrTGVuZ3RoIG11c3QgYmUgYmV0d2VlbiAxNiBhbmQgMjggKGluY2x1c2l2ZSkuIFJlY2VpdmVkOiAke2RlZmF1bHROZXRtYXNrTGVuZ3RofWBcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gVmFsaWRhdGUgcHJvdmlzaW9uZWQgYmxvY2sgc2l6ZSAoLzEzIHRvIC8xNilcbiAgICBpZiAocHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RoIDwgMTMgfHwgcHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RoID4gMTYpIHtcbiAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgYHByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCBtdXN0IGJlIGJldHdlZW4gMTMgYW5kIDE2IChpbmNsdXNpdmUpLiBSZWNlaXZlZDogJHtwcm92aXNpb25lZE5ldG1hc2tMZW5ndGh9YFxuICAgICAgKTtcbiAgICB9XG5cbiAgICAvLyBXYXJuIGlmIHVzZXIgcmVxdWVzdHMgVlBDIGFsbG9jYXRpb25zIGxhcmdlciB0aGFuIHRoZSBwcm92aXNpb25lZCBwb29sXG4gICAgaWYgKGRlZmF1bHROZXRtYXNrTGVuZ3RoIDwgcHJvdmlzaW9uZWROZXRtYXNrTGVuZ3RoKSB7XG4gICAgICBGamFsbExvZ2dlci53YXJuKFxuICAgICAgICBgJ2FsbG9jYXRpb25EZWZhdWx0TmV0bWFza0xlbmd0aCcgKC8ke2RlZmF1bHROZXRtYXNrTGVuZ3RofSkgaXMgbGFyZ2VyIHRoYW4gJ3Byb3Zpc2lvbmVkTmV0bWFza0xlbmd0aCcgKC8ke3Byb3Zpc2lvbmVkTmV0bWFza0xlbmd0aH0pLiBgICtcbiAgICAgICAgICBgVlBDIGFsbG9jYXRpb24gbWF5IGZhaWwgaWYgdGhlIHBvb2wgY2Fubm90IHNhdGlzZnkgdGhlIHJlcXVlc3QuYFxuICAgICAgKTtcbiAgICB9XG5cbiAgICAvLyBUb3AgTGV2ZWwgUG9vbFxuICAgIGNvbnN0IHJvb3RQb29sID0gbmV3IElwYW1Qb29sQ2xhc3ModGhpcywgXCJUb3BMZXZlbElwYW1Qb29sXCIsIHtcbiAgICAgIGRlc2NyaXB0aW9uOiBgUm9vdCBJUEFNIHBvb2wgKEdsb2JhbClgLFxuICAgICAgYWRkcmVzc0ZhbWlseTogXCJpcHY0XCIsXG4gICAgICBpcGFtU2NvcGVJZDogSXBhbVByaXZhdGVEZWZhdWx0U2NvcGVJZCxcbiAgICAgIHByb3Zpc2lvbmVkQ2lkcnM6IFtcbiAgICAgICAgeyBjaWRyOiBcIjEwLjAuMC4wLzhcIiB9LFxuICAgICAgICB7IGNpZHI6IFwiMTcyLjE2LjAuMC8xMlwiIH0sXG4gICAgICAgIHsgY2lkcjogXCIxOTIuMTY4LjAuMC8xNlwiIH1cbiAgICAgIF0sXG4gICAgICBhdXRvSW1wb3J0OiB0cnVlLFxuICAgICAgdGFnczogW1xuICAgICAgICB7XG4gICAgICAgICAga2V5OiBcImZqYWxsOm9wZXJhdGlvbnM6cG9vbFwiLFxuICAgICAgICAgIHZhbHVlOiBcInRvcC1sZXZlbFwiXG4gICAgICAgIH0sXG4gICAgICAgIHtcbiAgICAgICAgICBrZXk6IFwiZmphbGw6Y29zdEFsbG9jYXRpb246ZW52aXJvbm1lbnRcIixcbiAgICAgICAgICB2YWx1ZTogXCJtYW5hZ2VtZW50XCJcbiAgICAgICAgfVxuICAgICAgXVxuICAgIH0pO1xuXG4gICAgLy8gQ3JlYXRlIHJlZ2lvbmFsIHBvb2xzIGFzIGNoaWxkcmVuIG9mIHRoZSByb290IHBvb2xcbiAgICBmb3IgKGNvbnN0IHJlZ2lvbiBvZiByZWdpb25zKSB7XG4gICAgICBjb25zdCByZWdpb25TdWZmaXggPSByZWdpb24ucmVwbGFjZSgvLS9nLCBcIlwiKTtcblxuICAgICAgLy8gQ3JlYXRlIGEgcmVnaW9uYWwgcG9vbCBmb3IgdGhpcyBzcGVjaWZpYyByZWdpb25cbiAgICAgIGNvbnN0IHJlZ2lvbmFsUG9vbCA9IG5ldyBJcGFtUG9vbENsYXNzKFxuICAgICAgICB0aGlzLFxuICAgICAgICBgUmVnaW9uYWxQb29sJHtyZWdpb25TdWZmaXh9YCxcbiAgICAgICAge1xuICAgICAgICAgIGRlc2NyaXB0aW9uOiBgUmVnaW9uYWwgSVBBTSBwb29sIC0gJHtyZWdpb259YCxcbiAgICAgICAgICBhZGRyZXNzRmFtaWx5OiBcImlwdjRcIixcbiAgICAgICAgICBpcGFtU2NvcGVJZDogSXBhbVByaXZhdGVEZWZhdWx0U2NvcGVJZCxcbiAgICAgICAgICBsb2NhbGU6IHJlZ2lvbixcbiAgICAgICAgICBzb3VyY2VJcGFtUG9vbElkOiByb290UG9vbC5hdHRySXBhbVBvb2xJZCxcbiAgICAgICAgICBhdXRvSW1wb3J0OiB0cnVlLFxuICAgICAgICAgIHRhZ3M6IFtcbiAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAga2V5OiBcImZqYWxsOm9wZXJhdGlvbnM6cG9vbFwiLFxuICAgICAgICAgICAgICB2YWx1ZTogYHJlZ2lvbmFsLSR7cmVnaW9ufWBcbiAgICAgICAgICAgIH0sXG4gICAgICAgICAgICB7XG4gICAgICAgICAgICAgIGtleTogXCJmamFsbDpjb3N0QWxsb2NhdGlvbjplbnZpcm9ubWVudFwiLFxuICAgICAgICAgICAgICB2YWx1ZTogXCJtYW5hZ2VtZW50XCJcbiAgICAgICAgICAgIH1cbiAgICAgICAgICBdXG4gICAgICAgIH1cbiAgICAgICk7XG5cbiAgICAgIGNvbnN0IHJlZ2lvbmFsQ2lkckFsbG9jYXRpb24gPSBuZXcgQ2ZuSVBBTVBvb2xDaWRyKFxuICAgICAgICB0aGlzLFxuICAgICAgICBgUmVnaW9uYWxQb29sQ2lkciR7cmVnaW9uU3VmZml4fWAsXG4gICAgICAgIHtcbiAgICAgICAgICBpcGFtUG9vbElkOiByZWdpb25hbFBvb2wuYXR0cklwYW1Qb29sSWQsXG4gICAgICAgICAgbmV0bWFza0xlbmd0aDogMTAgLy8gRWFjaCByZWdpb24gZ2V0cyBhIC8xMCAoNCwxOTQsMzA0IElQcylcbiAgICAgICAgfVxuICAgICAgKTtcblxuICAgICAgLy8gQ3JlYXRlIGFjY291bnQgcG9vbHMgdW5kZXIgZWFjaCByZWdpb25hbCBwb29sLlxuICAgICAgLy8gSVBBTSBlbmZvcmNlcyBhIGxvdyBjb25jdXJyZW50LW11dGF0aW9uIGxpbWl0IChub3QgcHVibGljbHkgZG9jdW1lbnRlZCkuXG4gICAgICAvLyBCYXRjaCBhY2NvdW50IHBvb2xzIHNvIGVhY2ggYmF0Y2ggZGVwZW5kcyBvbiB0aGUgcHJldmlvdXMgYmF0Y2hcbiAgICAgIC8vIGNvbXBsZXRpbmcsIGxpbWl0aW5nIGNvbmN1cnJlbnQgSVBBTSBwb29sIG11dGF0aW9ucy5cbiAgICAgIGNvbnN0IElQQU1fQ09OQ1VSUkVOQ1lfTElNSVQgPSAyO1xuICAgICAgY29uc3QgYmF0Y2hlczogSXBhbVBvb2xDbGFzc1tdW10gPSBbXTtcbiAgICAgIGZvciAobGV0IGkgPSAwOyBpIDwgb3JnYW5pc2F0aW9uQWNjb3VudHMubGVuZ3RoOyBpKyspIHtcbiAgICAgICAgY29uc3QgYWNjb3VudCA9IG9yZ2FuaXNhdGlvbkFjY291bnRzW2ldO1xuICAgICAgICBjb25zdCBhY2NvdW50SWQgPSBnZXRBY2NvdW50SWQoYWNjb3VudCk7XG5cbiAgICAgICAgY29uc3QgaXBhbVBvb2wgPSBuZXcgSXBhbVBvb2xDbGFzcyhcbiAgICAgICAgICB0aGlzLFxuICAgICAgICAgIGAke2FjY291bnR9SXBhbVBvb2wke3JlZ2lvblN1ZmZpeH1gLFxuICAgICAgICAgIHtcbiAgICAgICAgICAgIGRlc2NyaXB0aW9uOiBgJHthY2NvdW50fSAtIElQQU0gcG9vbCAtICR7cmVnaW9ufWAsXG4gICAgICAgICAgICBhZGRyZXNzRmFtaWx5OiBcImlwdjRcIixcbiAgICAgICAgICAgIGlwYW1TY29wZUlkOiBJcGFtUHJpdmF0ZURlZmF1bHRTY29wZUlkLFxuICAgICAgICAgICAgbG9jYWxlOiByZWdpb24sXG4gICAgICAgICAgICBzb3VyY2VJcGFtUG9vbElkOiByZWdpb25hbFBvb2wuYXR0cklwYW1Qb29sSWQsXG4gICAgICAgICAgICBhbGxvY2F0aW9uRGVmYXVsdE5ldG1hc2tMZW5ndGg6IGRlZmF1bHROZXRtYXNrTGVuZ3RoLFxuICAgICAgICAgICAgYWxsb2NhdGlvblJlc291cmNlVGFnczogW1xuICAgICAgICAgICAgICB7XG4gICAgICAgICAgICAgICAga2V5OiBcImZqYWxsOm9wZXJhdGlvbnM6cG9vbFwiLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBgJHthY2NvdW50SWR9LSR7cmVnaW9ufWBcbiAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgXSxcbiAgICAgICAgICAgIGF1dG9JbXBvcnQ6IHRydWUsXG4gICAgICAgICAgICB0YWdzOiBbXG4gICAgICAgICAgICAgIHtcbiAgICAgICAgICAgICAgICBrZXk6IFwiZmphbGw6b3BlcmF0aW9uczpwb29sXCIsXG4gICAgICAgICAgICAgICAgdmFsdWU6IGAke2FjY291bnRJZH0tJHtyZWdpb259YFxuICAgICAgICAgICAgICB9LFxuICAgICAgICAgICAgICB7XG4gICAgICAgICAgICAgICAga2V5OiBcImZqYWxsOmNvc3RBbGxvY2F0aW9uOmFjY291bnROYW1lXCIsXG4gICAgICAgICAgICAgICAgdmFsdWU6IGFjY291bnRcbiAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgXVxuICAgICAgICAgIH1cbiAgICAgICAgKTtcblxuICAgICAgICAvLyBFbnN1cmUgdGhlIGFjY291bnQgcG9vbCBpcyBjcmVhdGVkIGFmdGVyIHRoZSByZWdpb25hbCBDSURSIGFsbG9jYXRpb25cbiAgICAgICAgaXBhbVBvb2wubm9kZS5hZGREZXBlbmRlbmN5KHJlZ2lvbmFsQ2lkckFsbG9jYXRpb24pO1xuXG4gICAgICAgIC8vIEVhY2ggYmF0Y2ggb2YgSVBBTV9DT05DVVJSRU5DWV9MSU1JVCBwb29scyBkZXBlbmRzIG9uIEFMTCBwb29sc1xuICAgICAgICAvLyBmcm9tIHRoZSBwcmV2aW91cyBiYXRjaCwgc28gdGhlIG5leHQgYmF0Y2ggb25seSBzdGFydHMgb25jZSB0aGVcbiAgICAgICAgLy8gZW50aXJlIHByZXZpb3VzIGJhdGNoIGhhcyBjb21wbGV0ZWQuXG4gICAgICAgIGNvbnN0IGJhdGNoSW5kZXggPSBNYXRoLmZsb29yKGkgLyBJUEFNX0NPTkNVUlJFTkNZX0xJTUlUKTtcbiAgICAgICAgaWYgKGJhdGNoSW5kZXggPiAwKSB7XG4gICAgICAgICAgZm9yIChjb25zdCBwcmV2aW91c1Bvb2wgb2YgYmF0Y2hlc1tiYXRjaEluZGV4IC0gMV0pIHtcbiAgICAgICAgICAgIGlwYW1Qb29sLm5vZGUuYWRkRGVwZW5kZW5jeShwcmV2aW91c1Bvb2wpO1xuICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgICAgICBpZiAoIWJhdGNoZXNbYmF0Y2hJbmRleF0pIGJhdGNoZXNbYmF0Y2hJbmRleF0gPSBbXTtcbiAgICAgICAgYmF0Y2hlc1tiYXRjaEluZGV4XS5wdXNoKGlwYW1Qb29sKTtcblxuICAgICAgICBjb25zdCBjaWRyQWxsb2NhdGlvbiA9IG5ldyBDZm5JUEFNUG9vbENpZHIoXG4gICAgICAgICAgdGhpcyxcbiAgICAgICAgICBgJHthY2NvdW50fVBvb2xDaWRyJHtwcm92aXNpb25lZE5ldG1hc2tMZW5ndGh9JHtyZWdpb25TdWZmaXh9YCxcbiAgICAgICAgICB7XG4gICAgICAgICAgICBpcGFtUG9vbElkOiBpcGFtUG9vbC5hdHRySXBhbVBvb2xJZCxcbiAgICAgICAgICAgIG5ldG1hc2tMZW5ndGg6IHByb3Zpc2lvbmVkTmV0bWFza0xlbmd0aFxuICAgICAgICAgIH1cbiAgICAgICAgKTtcblxuICAgICAgICAvLyBPbiBzdGFjayBkZWxldGlvbiwgVlBDIGFsbG9jYXRpb25zIChub3QgbWFuYWdlZCBieSBDbG91ZEZvcm1hdGlvbilcbiAgICAgICAgLy8gYmxvY2sgQ0lEUiBkZXByb3Zpc2lvbmluZy4gVGhpcyBjdXN0b20gcmVzb3VyY2UgcmVsZWFzZXMgdGhlbSBmaXJzdC5cbiAgICAgICAgY29uc3QgYWxsb2NhdGlvbkNsZWFudXAgPSBuZXcgQ3VzdG9tUmVzb3VyY2UoXG4gICAgICAgICAgdGhpcyxcbiAgICAgICAgICBgJHthY2NvdW50fUlwYW1DbGVhbnVwJHtyZWdpb25TdWZmaXh9YCxcbiAgICAgICAgICB7XG4gICAgICAgICAgICBydW50aW1lOiBSdW50aW1lLk5PREVKU18yMl9YLFxuICAgICAgICAgICAgdGltZW91dDogRHVyYXRpb24ubWludXRlcyg1KSxcbiAgICAgICAgICAgIGxhbWJkYURlc2NyaXB0aW9uOiBgJHthY2NvdW50fSBJUEFNIHBvb2wgYWxsb2NhdGlvbiBjbGVhbnVwIC0gJHtyZWdpb259YCxcbiAgICAgICAgICAgIHByb3BlcnRpZXM6IHtcbiAgICAgICAgICAgICAgSXBhbVBvb2xJZDogaXBhbVBvb2wuYXR0cklwYW1Qb29sSWRcbiAgICAgICAgICAgIH0sXG4gICAgICAgICAgICBpbmxpbmVQb2xpY3k6IFtcbiAgICAgICAgICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgICAgICAgICAgYWN0aW9uczogW1xuICAgICAgICAgICAgICAgICAgXCJlYzI6R2V0SXBhbVBvb2xBbGxvY2F0aW9uc1wiLFxuICAgICAgICAgICAgICAgICAgXCJlYzI6UmVsZWFzZUlwYW1Qb29sQWxsb2NhdGlvblwiXG4gICAgICAgICAgICAgICAgXSxcbiAgICAgICAgICAgICAgICByZXNvdXJjZXM6IFtcIipcIl1cbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgIF0sXG4gICAgICAgICAgICBpbmxpbmVDb2RlOiBgXG5jb25zdCB7IEVDMkNsaWVudCwgR2V0SXBhbVBvb2xBbGxvY2F0aW9uc0NvbW1hbmQsIFJlbGVhc2VJcGFtUG9vbEFsbG9jYXRpb25Db21tYW5kIH0gPSByZXF1aXJlKCdAYXdzLXNkay9jbGllbnQtZWMyJyk7XG5cbmV4cG9ydHMuaGFuZGxlciA9IGFzeW5jIChldmVudCkgPT4ge1xuICBjb25zdCBwaHlzaWNhbFJlc291cmNlSWQgPSBldmVudC5QaHlzaWNhbFJlc291cmNlSWQgfHwgZXZlbnQuTG9naWNhbFJlc291cmNlSWQgfHwgJ2lwYW0tcG9vbC1jbGVhbnVwJztcbiAgaWYgKGV2ZW50LlJlcXVlc3RUeXBlICE9PSAnRGVsZXRlJykge1xuICAgIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkIH07XG4gIH1cbiAgY29uc3QgcG9vbElkID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLklwYW1Qb29sSWQ7XG4gIGNvbnN0IGVjMiA9IG5ldyBFQzJDbGllbnQoe30pO1xuICBsZXQgbmV4dFRva2VuO1xuICBkbyB7XG4gICAgY29uc3QgcmVzID0gYXdhaXQgZWMyLnNlbmQobmV3IEdldElwYW1Qb29sQWxsb2NhdGlvbnNDb21tYW5kKHtcbiAgICAgIElwYW1Qb29sSWQ6IHBvb2xJZCwgLi4uKG5leHRUb2tlbiAmJiB7IE5leHRUb2tlbjogbmV4dFRva2VuIH0pXG4gICAgfSkpO1xuICAgIGZvciAoY29uc3QgYWxsb2Mgb2YgKHJlcy5JcGFtUG9vbEFsbG9jYXRpb25zIHx8IFtdKSkge1xuICAgICAgaWYgKGFsbG9jLlJlc291cmNlVHlwZSA9PT0gJ2lwYW0tcG9vbCcpIGNvbnRpbnVlO1xuICAgICAgdHJ5IHtcbiAgICAgICAgYXdhaXQgZWMyLnNlbmQobmV3IFJlbGVhc2VJcGFtUG9vbEFsbG9jYXRpb25Db21tYW5kKHtcbiAgICAgICAgICBJcGFtUG9vbElkOiBwb29sSWQsXG4gICAgICAgICAgQ2lkcjogYWxsb2MuQ2lkcixcbiAgICAgICAgICBJcGFtUG9vbEFsbG9jYXRpb25JZDogYWxsb2MuSXBhbVBvb2xBbGxvY2F0aW9uSWRcbiAgICAgICAgfSkpO1xuICAgICAgfSBjYXRjaCAoZSkgeyBjb25zb2xlLmxvZygnUmVsZWFzZSBmYWlsZWQgKG1heSBhbHJlYWR5IGJlIHJlbGVhc2VkKTonLCBlLm1lc3NhZ2UpOyB9XG4gICAgfVxuICAgIG5leHRUb2tlbiA9IHJlcy5OZXh0VG9rZW47XG4gIH0gd2hpbGUgKG5leHRUb2tlbik7XG4gIHJldHVybiB7IFBoeXNpY2FsUmVzb3VyY2VJZDogcGh5c2ljYWxSZXNvdXJjZUlkIH07XG59O2BcbiAgICAgICAgICB9XG4gICAgICAgICk7XG4gICAgICAgIGFsbG9jYXRpb25DbGVhbnVwLm5vZGUuYWRkRGVwZW5kZW5jeShjaWRyQWxsb2NhdGlvbik7XG5cbiAgICAgICAgLy8gU2hhcmUgdGhlIHBvb2wgd2l0aCB0aGUgdGFyZ2V0IGFjY291bnQgc28gdGhhdCBWUENzIGNhbiBhbGxvY2F0ZVxuICAgICAgICBjb25zdCBzaGFyZSA9IG5ldyBSZXNvdXJjZVNoYXJlKFxuICAgICAgICAgIHRoaXMsXG4gICAgICAgICAgYCR7YWNjb3VudH1JcGFtUmVzb3VyY2VTaGFyZSR7cmVnaW9uU3VmZml4fWAsXG4gICAgICAgICAge1xuICAgICAgICAgICAgbmFtZTogYCR7YWNjb3VudH1JcGFtUmVzb3VyY2VTaGFyZS4ke3JlZ2lvbn1gLFxuICAgICAgICAgICAgYWxsb3dFeHRlcm5hbFByaW5jaXBhbHM6IGZhbHNlLFxuICAgICAgICAgICAgcHJpbmNpcGFsczogW2FjY291bnRJZF0sXG4gICAgICAgICAgICByZXNvdXJjZUFybnM6IFtpcGFtUG9vbC5hdHRyQXJuXSxcbiAgICAgICAgICAgIHRhZ3M6IFtcbiAgICAgICAgICAgICAge1xuICAgICAgICAgICAgICAgIGtleTogXCJmamFsbDpjb3N0QWxsb2NhdGlvbjplbnZpcm9ubWVudFwiLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBgbWFuYWdlbWVudGBcbiAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgXVxuICAgICAgICAgIH1cbiAgICAgICAgKTtcblxuICAgICAgICAvLyBEZWxldGUgb3JkZXI6IHNoYXJlIOKGkiBjbGVhbnVwIChyZWxlYXNlcyBWUEMgYWxsb2NhdGlvbnMpIOKGkiBjaWRyQWxsb2NhdGlvbiDihpIgcG9vbFxuICAgICAgICBzaGFyZS5ub2RlLmFkZERlcGVuZGVuY3koYWxsb2NhdGlvbkNsZWFudXAucmVzb3VyY2UpO1xuXG4gICAgICAgIC8vIEV4cG9zZSB0aGUgcG9vbCBJRCBmb3IgY3Jvc3Mtc3RhY2sgdXNhZ2UgKGUuZy4gVlBDIGFsbG9jYXRpb25zKVxuICAgICAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGBJcGFtUG9vbElkJHthY2NvdW50SWR9JHtyZWdpb25TdWZmaXh9YCwge1xuICAgICAgICAgIGtleTogYElwYW1Qb29sSWQke2FjY291bnRJZH0ke3JlZ2lvblN1ZmZpeH1gLFxuICAgICAgICAgIHZhbHVlOiBpcGFtUG9vbC5hdHRySXBhbVBvb2xJZCxcbiAgICAgICAgICBleHBvcnROYW1lOiBgSXBhbVBvb2xJZCR7YWNjb3VudElkfSR7cmVnaW9uU3VmZml4fWBcbiAgICAgICAgfSk7XG5cbiAgICAgICAgbmV3IENmbk91dHB1dCh0aGlzLCBgSXBhbVBvb2xBcm4ke2FjY291bnRJZH0ke3JlZ2lvblN1ZmZpeH1gLCB7XG4gICAgICAgICAga2V5OiBgSXBhbVBvb2xBcm4ke2FjY291bnRJZH0ke3JlZ2lvblN1ZmZpeH1gLFxuICAgICAgICAgIHZhbHVlOiBpcGFtUG9vbC5hdHRyQXJuLFxuICAgICAgICAgIGV4cG9ydE5hbWU6IGBJcGFtUG9vbEFybiR7YWNjb3VudElkfSR7cmVnaW9uU3VmZml4fWBcbiAgICAgICAgfSk7XG4gICAgICB9XG4gICAgfVxuICB9XG59XG5cbmV4cG9ydCBjbGFzcyBJcGFtUG9vbFN0YWNrIGV4dGVuZHMgU3RhY2sge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogSXBhbVBvb2xTdGFja1Byb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIG5ldyBJcGFtUG9vbCh0aGlzLCBcIklwYW1Qb29sXCIsIHtcbiAgICAgIG9yZ0FjY291bnRzOiBwcm9wcy5vcmdBY2NvdW50cyxcbiAgICAgIHJlZ2lvbnM6IHByb3BzLnJlZ2lvbnNcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
export { Organisation as OrganisationResource, type OrganisationProps as OrganisationResourceProps } from "./organisation";
|
|
2
|
+
export { type OrganisationalUnitProps } from "./organisationalUnit";
|
|
3
|
+
export { OrganisationAccount, type OrganisationAccountProps } from "./organisationAccount";
|
|
4
|
+
export { OrganisationPolicy, type OrganisationPolicyProps, type OrganisationPolicyType } from "./organisationPolicy";
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.OrganisationPolicy = exports.OrganisationAccount = exports.OrganisationResource = void 0;
|
|
4
|
+
var organisation_1 = require("./organisation");
|
|
5
|
+
Object.defineProperty(exports, "OrganisationResource", { enumerable: true, get: function () { return organisation_1.Organisation; } });
|
|
6
|
+
var organisationAccount_1 = require("./organisationAccount");
|
|
7
|
+
Object.defineProperty(exports, "OrganisationAccount", { enumerable: true, get: function () { return organisationAccount_1.OrganisationAccount; } });
|
|
8
|
+
var organisationPolicy_1 = require("./organisationPolicy");
|
|
9
|
+
Object.defineProperty(exports, "OrganisationPolicy", { enumerable: true, get: function () { return organisationPolicy_1.OrganisationPolicy; } });
|
|
10
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9vcmdhbmlzYXRpb24vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsK0NBR3dCO0FBRnRCLG9IQUFBLFlBQVksT0FBd0I7QUFJdEMsNkRBRytCO0FBRjdCLDBIQUFBLG1CQUFtQixPQUFBO0FBR3JCLDJEQUk4QjtBQUg1Qix3SEFBQSxrQkFBa0IsT0FBQSIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCB7XG4gIE9yZ2FuaXNhdGlvbiBhcyBPcmdhbmlzYXRpb25SZXNvdXJjZSxcbiAgdHlwZSBPcmdhbmlzYXRpb25Qcm9wcyBhcyBPcmdhbmlzYXRpb25SZXNvdXJjZVByb3BzXG59IGZyb20gXCIuL29yZ2FuaXNhdGlvblwiO1xuZXhwb3J0IHsgdHlwZSBPcmdhbmlzYXRpb25hbFVuaXRQcm9wcyB9IGZyb20gXCIuL29yZ2FuaXNhdGlvbmFsVW5pdFwiO1xuZXhwb3J0IHtcbiAgT3JnYW5pc2F0aW9uQWNjb3VudCxcbiAgdHlwZSBPcmdhbmlzYXRpb25BY2NvdW50UHJvcHNcbn0gZnJvbSBcIi4vb3JnYW5pc2F0aW9uQWNjb3VudFwiO1xuZXhwb3J0IHtcbiAgT3JnYW5pc2F0aW9uUG9saWN5LFxuICB0eXBlIE9yZ2FuaXNhdGlvblBvbGljeVByb3BzLFxuICB0eXBlIE9yZ2FuaXNhdGlvblBvbGljeVR5cGVcbn0gZnJvbSBcIi4vb3JnYW5pc2F0aW9uUG9saWN5XCI7XG4iXX0=
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Construct } from "constructs";
|
|
2
|
+
export interface OrganisationProps {
|
|
3
|
+
orgId: string;
|
|
4
|
+
rootId: string;
|
|
5
|
+
managementAccountId: string;
|
|
6
|
+
}
|
|
7
|
+
export declare class Organisation extends Construct {
|
|
8
|
+
readonly orgId: string;
|
|
9
|
+
readonly rootId: string;
|
|
10
|
+
readonly managementAccountId: string;
|
|
11
|
+
constructor(scope: Construct, id: string, props: OrganisationProps);
|
|
12
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Organisation = void 0;
|
|
4
|
+
const constructs_1 = require("constructs");
|
|
5
|
+
class Organisation extends constructs_1.Construct {
|
|
6
|
+
constructor(scope, id, props) {
|
|
7
|
+
super(scope, id);
|
|
8
|
+
this.orgId = props.orgId;
|
|
9
|
+
this.rootId = props.rootId;
|
|
10
|
+
this.managementAccountId = props.managementAccountId;
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
exports.Organisation = Organisation;
|
|
14
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pc2F0aW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvb3JnYW5pc2F0aW9uL29yZ2FuaXNhdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSwyQ0FBdUM7QUFRdkMsTUFBYSxZQUFhLFNBQVEsc0JBQVM7SUFLekMsWUFBWSxLQUFnQixFQUFFLEVBQVUsRUFBRSxLQUF3QjtRQUNoRSxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBQ2pCLElBQUksQ0FBQyxLQUFLLEdBQUcsS0FBSyxDQUFDLEtBQUssQ0FBQztRQUN6QixJQUFJLENBQUMsTUFBTSxHQUFHLEtBQUssQ0FBQyxNQUFNLENBQUM7UUFDM0IsSUFBSSxDQUFDLG1CQUFtQixHQUFHLEtBQUssQ0FBQyxtQkFBbUIsQ0FBQztJQUN2RCxDQUFDO0NBQ0Y7QUFYRCxvQ0FXQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5cbmV4cG9ydCBpbnRlcmZhY2UgT3JnYW5pc2F0aW9uUHJvcHMge1xuICBvcmdJZDogc3RyaW5nO1xuICByb290SWQ6IHN0cmluZztcbiAgbWFuYWdlbWVudEFjY291bnRJZDogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgT3JnYW5pc2F0aW9uIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IG9yZ0lkOiBzdHJpbmc7XG4gIHB1YmxpYyByZWFkb25seSByb290SWQ6IHN0cmluZztcbiAgcHVibGljIHJlYWRvbmx5IG1hbmFnZW1lbnRBY2NvdW50SWQ6IHN0cmluZztcblxuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogT3JnYW5pc2F0aW9uUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuICAgIHRoaXMub3JnSWQgPSBwcm9wcy5vcmdJZDtcbiAgICB0aGlzLnJvb3RJZCA9IHByb3BzLnJvb3RJZDtcbiAgICB0aGlzLm1hbmFnZW1lbnRBY2NvdW50SWQgPSBwcm9wcy5tYW5hZ2VtZW50QWNjb3VudElkO1xuICB9XG59XG4iXX0=
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { Construct } from "constructs";
|
|
2
|
+
export interface OrganisationAccountProps {
|
|
3
|
+
accountId: string;
|
|
4
|
+
managementAccountId: string;
|
|
5
|
+
orgId: string;
|
|
6
|
+
}
|
|
7
|
+
/**
|
|
8
|
+
* CDK construct that exports account ID and ARN as CloudFormation outputs.
|
|
9
|
+
*
|
|
10
|
+
* Account creation and OU placement are handled by the CLI pre-deploy steps
|
|
11
|
+
* (AwsAccountService.ensureMissingAccountsCreated / placeAccountsInOUs).
|
|
12
|
+
* This construct only produces the CfnOutputs needed for cross-stack references.
|
|
13
|
+
*/
|
|
14
|
+
export declare class OrganisationAccount extends Construct {
|
|
15
|
+
readonly accountId: string;
|
|
16
|
+
readonly accountArn: string;
|
|
17
|
+
constructor(scope: Construct, id: string, props: OrganisationAccountProps);
|
|
18
|
+
}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.OrganisationAccount = void 0;
|
|
4
|
+
const aws_cdk_lib_1 = require("aws-cdk-lib");
|
|
5
|
+
const constructs_1 = require("constructs");
|
|
6
|
+
/**
|
|
7
|
+
* CDK construct that exports account ID and ARN as CloudFormation outputs.
|
|
8
|
+
*
|
|
9
|
+
* Account creation and OU placement are handled by the CLI pre-deploy steps
|
|
10
|
+
* (AwsAccountService.ensureMissingAccountsCreated / placeAccountsInOUs).
|
|
11
|
+
* This construct only produces the CfnOutputs needed for cross-stack references.
|
|
12
|
+
*/
|
|
13
|
+
class OrganisationAccount extends constructs_1.Construct {
|
|
14
|
+
constructor(scope, id, props) {
|
|
15
|
+
super(scope, id);
|
|
16
|
+
this.accountId = props.accountId;
|
|
17
|
+
this.accountArn = `arn:aws:organizations::${props.managementAccountId}:account/${props.orgId}/${props.accountId}`;
|
|
18
|
+
new aws_cdk_lib_1.CfnOutput(this, `${id}Id`, {
|
|
19
|
+
key: `${id}Id`,
|
|
20
|
+
value: this.accountId,
|
|
21
|
+
exportName: `${id}Id`
|
|
22
|
+
});
|
|
23
|
+
new aws_cdk_lib_1.CfnOutput(this, `${id}Arn`, {
|
|
24
|
+
key: `${id}Arn`,
|
|
25
|
+
value: this.accountArn,
|
|
26
|
+
exportName: `${id}Arn`
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
exports.OrganisationAccount = OrganisationAccount;
|
|
31
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pc2F0aW9uQWNjb3VudC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL29yZ2FuaXNhdGlvbi9vcmdhbmlzYXRpb25BY2NvdW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZDQUF3QztBQUN4QywyQ0FBdUM7QUFRdkM7Ozs7OztHQU1HO0FBQ0gsTUFBYSxtQkFBb0IsU0FBUSxzQkFBUztJQUloRCxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQStCO1FBQ3ZFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLFNBQVMsR0FBRyxLQUFLLENBQUMsU0FBUyxDQUFDO1FBQ2pDLElBQUksQ0FBQyxVQUFVLEdBQUcsMEJBQTBCLEtBQUssQ0FBQyxtQkFBbUIsWUFBWSxLQUFLLENBQUMsS0FBSyxJQUFJLEtBQUssQ0FBQyxTQUFTLEVBQUUsQ0FBQztRQUVsSCxJQUFJLHVCQUFTLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxJQUFJLEVBQUU7WUFDN0IsR0FBRyxFQUFFLEdBQUcsRUFBRSxJQUFJO1lBQ2QsS0FBSyxFQUFFLElBQUksQ0FBQyxTQUFTO1lBQ3JCLFVBQVUsRUFBRSxHQUFHLEVBQUUsSUFBSTtTQUN0QixDQUFDLENBQUM7UUFFSCxJQUFJLHVCQUFTLENBQUMsSUFBSSxFQUFFLEdBQUcsRUFBRSxLQUFLLEVBQUU7WUFDOUIsR0FBRyxFQUFFLEdBQUcsRUFBRSxLQUFLO1lBQ2YsS0FBSyxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQ3RCLFVBQVUsRUFBRSxHQUFHLEVBQUUsS0FBSztTQUN2QixDQUFDLENBQUM7SUFDTCxDQUFDO0NBQ0Y7QUF0QkQsa0RBc0JDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ2ZuT3V0cHV0IH0gZnJvbSBcImF3cy1jZGstbGliXCI7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuXG5leHBvcnQgaW50ZXJmYWNlIE9yZ2FuaXNhdGlvbkFjY291bnRQcm9wcyB7XG4gIGFjY291bnRJZDogc3RyaW5nO1xuICBtYW5hZ2VtZW50QWNjb3VudElkOiBzdHJpbmc7XG4gIG9yZ0lkOiBzdHJpbmc7XG59XG5cbi8qKlxuICogQ0RLIGNvbnN0cnVjdCB0aGF0IGV4cG9ydHMgYWNjb3VudCBJRCBhbmQgQVJOIGFzIENsb3VkRm9ybWF0aW9uIG91dHB1dHMuXG4gKlxuICogQWNjb3VudCBjcmVhdGlvbiBhbmQgT1UgcGxhY2VtZW50IGFyZSBoYW5kbGVkIGJ5IHRoZSBDTEkgcHJlLWRlcGxveSBzdGVwc1xuICogKEF3c0FjY291bnRTZXJ2aWNlLmVuc3VyZU1pc3NpbmdBY2NvdW50c0NyZWF0ZWQgLyBwbGFjZUFjY291bnRzSW5PVXMpLlxuICogVGhpcyBjb25zdHJ1Y3Qgb25seSBwcm9kdWNlcyB0aGUgQ2ZuT3V0cHV0cyBuZWVkZWQgZm9yIGNyb3NzLXN0YWNrIHJlZmVyZW5jZXMuXG4gKi9cbmV4cG9ydCBjbGFzcyBPcmdhbmlzYXRpb25BY2NvdW50IGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IGFjY291bnRJZDogc3RyaW5nO1xuICBwdWJsaWMgcmVhZG9ubHkgYWNjb3VudEFybjogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBPcmdhbmlzYXRpb25BY2NvdW50UHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5hY2NvdW50SWQgPSBwcm9wcy5hY2NvdW50SWQ7XG4gICAgdGhpcy5hY2NvdW50QXJuID0gYGFybjphd3M6b3JnYW5pemF0aW9uczo6JHtwcm9wcy5tYW5hZ2VtZW50QWNjb3VudElkfTphY2NvdW50LyR7cHJvcHMub3JnSWR9LyR7cHJvcHMuYWNjb3VudElkfWA7XG5cbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsIGAke2lkfUlkYCwge1xuICAgICAga2V5OiBgJHtpZH1JZGAsXG4gICAgICB2YWx1ZTogdGhpcy5hY2NvdW50SWQsXG4gICAgICBleHBvcnROYW1lOiBgJHtpZH1JZGBcbiAgICB9KTtcblxuICAgIG5ldyBDZm5PdXRwdXQodGhpcywgYCR7aWR9QXJuYCwge1xuICAgICAga2V5OiBgJHtpZH1Bcm5gLFxuICAgICAgdmFsdWU6IHRoaXMuYWNjb3VudEFybixcbiAgICAgIGV4cG9ydE5hbWU6IGAke2lkfUFybmBcbiAgICB9KTtcbiAgfVxufVxuIl19
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { Construct } from "constructs";
|
|
2
|
+
export type OrganisationPolicyType = "SERVICE_CONTROL_POLICY" | "TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY";
|
|
3
|
+
export interface OrganisationPolicyProps {
|
|
4
|
+
name: string;
|
|
5
|
+
policyType: OrganisationPolicyType;
|
|
6
|
+
content: string | Record<string, unknown>;
|
|
7
|
+
description?: string;
|
|
8
|
+
targetIds?: string[];
|
|
9
|
+
}
|
|
10
|
+
export declare class OrganisationPolicy extends Construct {
|
|
11
|
+
readonly policyId: string;
|
|
12
|
+
constructor(scope: Construct, id: string, props: OrganisationPolicyProps);
|
|
13
|
+
}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.OrganisationPolicy = void 0;
|
|
4
|
+
const aws_organizations_1 = require("aws-cdk-lib/aws-organizations");
|
|
5
|
+
const constructs_1 = require("constructs");
|
|
6
|
+
class OrganisationPolicy extends constructs_1.Construct {
|
|
7
|
+
constructor(scope, id, props) {
|
|
8
|
+
super(scope, id);
|
|
9
|
+
let content;
|
|
10
|
+
if (typeof props.content === "string") {
|
|
11
|
+
try {
|
|
12
|
+
content = JSON.parse(props.content);
|
|
13
|
+
}
|
|
14
|
+
catch {
|
|
15
|
+
throw new Error(`Invalid JSON in organisation policy "${props.name}": ${props.content.slice(0, 100)}`);
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
else {
|
|
19
|
+
content = props.content;
|
|
20
|
+
}
|
|
21
|
+
const policy = new aws_organizations_1.CfnPolicy(this, "Policy", {
|
|
22
|
+
name: props.name,
|
|
23
|
+
type: props.policyType,
|
|
24
|
+
content,
|
|
25
|
+
description: props.description,
|
|
26
|
+
targetIds: props.targetIds
|
|
27
|
+
});
|
|
28
|
+
this.policyId = policy.attrId;
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
exports.OrganisationPolicy = OrganisationPolicy;
|
|
32
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pc2F0aW9uUG9saWN5LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvb3JnYW5pc2F0aW9uL29yZ2FuaXNhdGlvblBvbGljeS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxxRUFBMEQ7QUFDMUQsMkNBQXVDO0FBZ0J2QyxNQUFhLGtCQUFtQixTQUFRLHNCQUFTO0lBRy9DLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBOEI7UUFDdEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLE9BQWdDLENBQUM7UUFDckMsSUFBSSxPQUFPLEtBQUssQ0FBQyxPQUFPLEtBQUssUUFBUSxFQUFFLENBQUM7WUFDdEMsSUFBSSxDQUFDO2dCQUNILE9BQU8sR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQTRCLENBQUM7WUFDakUsQ0FBQztZQUFDLE1BQU0sQ0FBQztnQkFDUCxNQUFNLElBQUksS0FBSyxDQUNiLHdDQUF3QyxLQUFLLENBQUMsSUFBSSxNQUFNLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxHQUFHLENBQUMsRUFBRSxDQUN0RixDQUFDO1lBQ0osQ0FBQztRQUNILENBQUM7YUFBTSxDQUFDO1lBQ04sT0FBTyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUM7UUFDMUIsQ0FBQztRQUVELE1BQU0sTUFBTSxHQUFHLElBQUksNkJBQVMsQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFO1lBQzNDLElBQUksRUFBRSxLQUFLLENBQUMsSUFBSTtZQUNoQixJQUFJLEVBQUUsS0FBSyxDQUFDLFVBQVU7WUFDdEIsT0FBTztZQUNQLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7U0FDM0IsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDO0lBQ2hDLENBQUM7Q0FDRjtBQTdCRCxnREE2QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZm5Qb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLW9yZ2FuaXphdGlvbnNcIjtcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gXCJjb25zdHJ1Y3RzXCI7XG5cbmV4cG9ydCB0eXBlIE9yZ2FuaXNhdGlvblBvbGljeVR5cGUgPVxuICB8IFwiU0VSVklDRV9DT05UUk9MX1BPTElDWVwiXG4gIHwgXCJUQUdfUE9MSUNZXCJcbiAgfCBcIkJBQ0tVUF9QT0xJQ1lcIlxuICB8IFwiQUlTRVJWSUNFU19PUFRfT1VUX1BPTElDWVwiO1xuXG5leHBvcnQgaW50ZXJmYWNlIE9yZ2FuaXNhdGlvblBvbGljeVByb3BzIHtcbiAgbmFtZTogc3RyaW5nO1xuICBwb2xpY3lUeXBlOiBPcmdhbmlzYXRpb25Qb2xpY3lUeXBlO1xuICBjb250ZW50OiBzdHJpbmcgfCBSZWNvcmQ8c3RyaW5nLCB1bmtub3duPjtcbiAgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG4gIHRhcmdldElkcz86IHN0cmluZ1tdO1xufVxuXG5leHBvcnQgY2xhc3MgT3JnYW5pc2F0aW9uUG9saWN5IGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHBvbGljeUlkOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IE9yZ2FuaXNhdGlvblBvbGljeVByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIGxldCBjb250ZW50OiBSZWNvcmQ8c3RyaW5nLCB1bmtub3duPjtcbiAgICBpZiAodHlwZW9mIHByb3BzLmNvbnRlbnQgPT09IFwic3RyaW5nXCIpIHtcbiAgICAgIHRyeSB7XG4gICAgICAgIGNvbnRlbnQgPSBKU09OLnBhcnNlKHByb3BzLmNvbnRlbnQpIGFzIFJlY29yZDxzdHJpbmcsIHVua25vd24+O1xuICAgICAgfSBjYXRjaCB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICBgSW52YWxpZCBKU09OIGluIG9yZ2FuaXNhdGlvbiBwb2xpY3kgXCIke3Byb3BzLm5hbWV9XCI6ICR7cHJvcHMuY29udGVudC5zbGljZSgwLCAxMDApfWBcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICB9IGVsc2Uge1xuICAgICAgY29udGVudCA9IHByb3BzLmNvbnRlbnQ7XG4gICAgfVxuXG4gICAgY29uc3QgcG9saWN5ID0gbmV3IENmblBvbGljeSh0aGlzLCBcIlBvbGljeVwiLCB7XG4gICAgICBuYW1lOiBwcm9wcy5uYW1lLFxuICAgICAgdHlwZTogcHJvcHMucG9saWN5VHlwZSxcbiAgICAgIGNvbnRlbnQsXG4gICAgICBkZXNjcmlwdGlvbjogcHJvcHMuZGVzY3JpcHRpb24sXG4gICAgICB0YXJnZXRJZHM6IHByb3BzLnRhcmdldElkc1xuICAgIH0pO1xuXG4gICAgdGhpcy5wb2xpY3lJZCA9IHBvbGljeS5hdHRySWQ7XG4gIH1cbn1cbiJdfQ==
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Organisational Unit management is handled by the CLI pre-deploy step
|
|
3
|
+
* (AwsAccountService.ensureOrganisationalUnitsExist).
|
|
4
|
+
*
|
|
5
|
+
* This module is retained only for type re-exports from the index barrel.
|
|
6
|
+
*/
|
|
7
|
+
export interface OrganisationalUnitProps {
|
|
8
|
+
name: string;
|
|
9
|
+
parentId: string;
|
|
10
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Organisational Unit management is handled by the CLI pre-deploy step
|
|
4
|
+
* (AwsAccountService.ensureOrganisationalUnitsExist).
|
|
5
|
+
*
|
|
6
|
+
* This module is retained only for type re-exports from the index barrel.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib3JnYW5pc2F0aW9uYWxVbml0LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vbGliL3Jlc291cmNlcy9hd3Mvb3JnYW5pc2F0aW9uL29yZ2FuaXNhdGlvbmFsVW5pdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7O0dBS0ciLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIE9yZ2FuaXNhdGlvbmFsIFVuaXQgbWFuYWdlbWVudCBpcyBoYW5kbGVkIGJ5IHRoZSBDTEkgcHJlLWRlcGxveSBzdGVwXG4gKiAoQXdzQWNjb3VudFNlcnZpY2UuZW5zdXJlT3JnYW5pc2F0aW9uYWxVbml0c0V4aXN0KS5cbiAqXG4gKiBUaGlzIG1vZHVsZSBpcyByZXRhaW5lZCBvbmx5IGZvciB0eXBlIHJlLWV4cG9ydHMgZnJvbSB0aGUgaW5kZXggYmFycmVsLlxuICovXG5cbmV4cG9ydCBpbnRlcmZhY2UgT3JnYW5pc2F0aW9uYWxVbml0UHJvcHMge1xuICBuYW1lOiBzdHJpbmc7XG4gIHBhcmVudElkOiBzdHJpbmc7XG59XG4iXX0=
|