@fjall/components-infrastructure 0.88.1 → 0.88.4

package/dist/lib/utils/connector.d.ts

@@ -0,0 +1,183 @@
+/**
+ * Unified connector interface for bidirectional connections.
+ *
+ * This module provides a unified `IConnector` interface that enables
+ * bidirectional connections between compute resources (ECS, Lambda, EC2)
+ * and data resources (S3, DynamoDB, SQS, RDS).
+ *
+ * The connector pattern unifies:
+ * - Security group rules (IConnectable) for RDS, ECS, etc.
+ * - IAM grants for S3, DynamoDB, SQS
+ *
+ * @example
+ * // Simple connections (default permissions)
+ * const api = app.addCompute(ComputeFactory.build("Api", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "api",
+ *     capacityProvider: "FARGATE",
+ *     connections: [database, bucket, cache, queue]
+ *   }]
+ * }));
+ *
+ * @example
+ * // Explicit access levels
+ * const worker = app.addCompute(ComputeFactory.build("Worker", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "worker",
+ *     capacityProvider: "FARGATE",
+ *     connections: [
+ *       database,                              // Security group (RDS)
+ *       { resource: cache, access: "read" },   // Read-only DynamoDB
+ *       { resource: bucket, access: "write" }, // Write-only S3
+ *       { resource: queue, access: "consume" } // Consume-only SQS
+ *     ]
+ *   }]
+ * }));
+ */
+import { type IConnectable } from "aws-cdk-lib/aws-ec2";
+import { type IGrantable, type Grant } from "aws-cdk-lib/aws-iam";
+/**
+ * Connector type discriminator.
+ * - "storage": S3 buckets
+ * - "dynamodb": DynamoDB tables
+ * - "queue": SQS queues
+ * - "securityGroup": Resources with security groups (ECS, Lambda with VPC)
+ * - "relational": RDS databases (uses security groups)
+ */
+export type ConnectorType = "storage" | "dynamodb" | "queue" | "securityGroup" | "relational";
+/**
+ * Access level for storage and DynamoDB connectors.
+ */
+export type ConnectionAccess = "read" | "write" | "readWrite";
+/**
+ * Access level for messaging connectors (SQS).
+ */
+export type MessagingAccess = "send" | "consume" | "full";
+/**
+ * Base connector interface.
+ * All connector types implement this interface.
+ */
+export interface IConnector {
+    /** The type of connector resource. Used for runtime type narrowing. */
+    readonly connectorType: ConnectorType;
+}
+/**
+ * Storage connector interface (S3).
+ * Provides IAM grant methods for S3 bucket access.
+ */
+export interface IStorageConnector extends IConnector {
+    readonly connectorType: "storage";
+    /** Grant read permissions to the grantee. */
+    grantRead(grantee: IGrantable): Grant;
+    /** Grant write permissions to the grantee. */
+    grantWrite(grantee: IGrantable): Grant;
+    /** Grant read and write permissions to the grantee. */
+    grantReadWrite(grantee: IGrantable): Grant;
+}
+/**
+ * DynamoDB connector interface.
+ * Provides IAM grant methods for DynamoDB table access.
+ */
+export interface IDynamoDBConnector extends IConnector {
+    readonly connectorType: "dynamodb";
+    /** Grant read data permissions to the grantee. */
+    grantReadData(grantee: IGrantable): Grant;
+    /** Grant write data permissions to the grantee. */
+    grantWriteData(grantee: IGrantable): Grant;
+    /** Grant read and write data permissions to the grantee. */
+    grantReadWriteData(grantee: IGrantable): Grant;
+}
+/**
+ * Queue connector interface (SQS).
+ * Provides IAM grant methods for SQS queue access.
+ */
+export interface IQueueConnector extends IConnector {
+    readonly connectorType: "queue";
+    /** Grant send message permissions to the grantee. */
+    grantSendMessages(grantee: IGrantable): Grant;
+    /** Grant consume (receive and delete) message permissions to the grantee. */
+    grantConsumeMessages(grantee: IGrantable): Grant;
+    /** Grant full access (send and consume) to the grantee. */
+    grantFull(grantee: IGrantable): Grant;
+}
+/**
+ * Security group connector interface (RDS, ECS with VPC).
+ * Provides access to the security group connections for network-level access.
+ *
+ * Both "securityGroup" and "relational" types use this interface:
+ * - "relational": RDS databases (Aurora, Instance, GlobalAurora)
+ * - "securityGroup": Other resources requiring security group rules (ECS, EC2)
+ */
+export interface ISecurityGroupConnector extends IConnector {
+    readonly connectorType: "securityGroup" | "relational";
+    /** The security group connections for this resource. */
+    readonly connections: IConnectable["connections"];
+}
+/**
+ * Union type representing any connector interface.
+ */
+export type AnyConnector = IStorageConnector | IDynamoDBConnector | IQueueConnector | ISecurityGroupConnector;
+/**
+ * Connection configuration with explicit access level.
+ * Use this to specify non-default access levels.
+ */
+export interface ConnectionConfig {
+    /** The resource to connect to. */
+    resource: AnyConnector | IConnectable;
+    /** The access level to grant. Defaults vary by resource type. */
+    access?: ConnectionAccess | MessagingAccess;
+}
+/**
+ * Connection specification.
+ * Can be:
+ * - IConnectable: Legacy security group resource
+ * - AnyConnector: Unified connector resource
+ * - ConnectionConfig: Explicit access configuration
+ */
+export type ConnectionSpec = IConnectable | AnyConnector | ConnectionConfig;
+/** Connection result types. */
+export declare const CONNECTION_TYPE: {
+    readonly SECURITY_GROUP: "securityGroup";
+    readonly IAM: "iam";
+};
+export type ConnectionType = (typeof CONNECTION_TYPE)[keyof typeof CONNECTION_TYPE];
+/**
+ * Result of processing a connection.
+ * Contains the grant result for IAM-based connections.
+ */
+export interface ConnectionResult {
+    /** The resource that was connected. */
+    resource: AnyConnector | IConnectable;
+    /** The grant result if IAM permissions were granted. */
+    grant?: Grant;
+    /** The type of connection that was made. */
+    connectionType: ConnectionType;
+}
+/** Check if a value is a valid ConnectionAccess. */
+export declare function isConnectionAccess(value: unknown): value is ConnectionAccess;
+/** Check if a value is a valid MessagingAccess. */
+export declare function isMessagingAccess(value: unknown): value is MessagingAccess;
+/**
+ * Type guard to check if a resource is a connector.
+ * Returns AnyConnector for discriminated union narrowing in switch statements.
+ */
+export declare function isConnector(resource: unknown): resource is AnyConnector;
+/**
+ * Type guard to check if a resource is a CDK IConnectable.
+ * Checks for the `connections` property that IConnectable resources have.
+ */
+export declare function isConnectable(resource: unknown): resource is IConnectable;
+/**
+ * Type guard to check if a connection spec is a ConnectionConfig.
+ */
+export declare function isConnectionConfig(spec: ConnectionSpec): spec is ConnectionConfig;
+/** Type guard for storage connectors (S3 buckets). */
+export declare function isStorageConnector(connector: IConnector): connector is IStorageConnector;
+/** Type guard for DynamoDB connectors. */
+export declare function isDynamoDBConnector(connector: IConnector): connector is IDynamoDBConnector;
+/** Type guard for queue connectors (SQS queues). */
+export declare function isQueueConnector(connector: IConnector): connector is IQueueConnector;
+/** Type guard for security group connectors (RDS, ECS). */
+export declare function isSecurityGroupConnector(connector: IConnector): connector is ISecurityGroupConnector;

package/dist/lib/utils/connector.js

@@ -0,0 +1,117 @@
+"use strict";
+/**
+ * Unified connector interface for bidirectional connections.
+ *
+ * This module provides a unified `IConnector` interface that enables
+ * bidirectional connections between compute resources (ECS, Lambda, EC2)
+ * and data resources (S3, DynamoDB, SQS, RDS).
+ *
+ * The connector pattern unifies:
+ * - Security group rules (IConnectable) for RDS, ECS, etc.
+ * - IAM grants for S3, DynamoDB, SQS
+ *
+ * @example
+ * // Simple connections (default permissions)
+ * const api = app.addCompute(ComputeFactory.build("Api", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "api",
+ *     capacityProvider: "FARGATE",
+ *     connections: [database, bucket, cache, queue]
+ *   }]
+ * }));
+ *
+ * @example
+ * // Explicit access levels
+ * const worker = app.addCompute(ComputeFactory.build("Worker", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "worker",
+ *     capacityProvider: "FARGATE",
+ *     connections: [
+ *       database,                              // Security group (RDS)
+ *       { resource: cache, access: "read" },   // Read-only DynamoDB
+ *       { resource: bucket, access: "write" }, // Write-only S3
+ *       { resource: queue, access: "consume" } // Consume-only SQS
+ *     ]
+ *   }]
+ * }));
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CONNECTION_TYPE = void 0;
+exports.isConnectionAccess = isConnectionAccess;
+exports.isMessagingAccess = isMessagingAccess;
+exports.isConnector = isConnector;
+exports.isConnectable = isConnectable;
+exports.isConnectionConfig = isConnectionConfig;
+exports.isStorageConnector = isStorageConnector;
+exports.isDynamoDBConnector = isDynamoDBConnector;
+exports.isQueueConnector = isQueueConnector;
+exports.isSecurityGroupConnector = isSecurityGroupConnector;
+/** Connection result types. */
+exports.CONNECTION_TYPE = {
+    SECURITY_GROUP: "securityGroup",
+    IAM: "iam"
+};
+const VALID_CONNECTION_ACCESS = [
+    "read",
+    "write",
+    "readWrite"
+];
+const VALID_MESSAGING_ACCESS = [
+    "send",
+    "consume",
+    "full"
+];
+/** Check if a value is a valid ConnectionAccess. */
+function isConnectionAccess(value) {
+    return (typeof value === "string" &&
+        VALID_CONNECTION_ACCESS.includes(value));
+}
+/** Check if a value is a valid MessagingAccess. */
+function isMessagingAccess(value) {
+    return (typeof value === "string" &&
+        VALID_MESSAGING_ACCESS.includes(value));
+}
+/**
+ * Type guard to check if a resource is a connector.
+ * Returns AnyConnector for discriminated union narrowing in switch statements.
+ */
+function isConnector(resource) {
+    return (resource !== null &&
+        typeof resource === "object" &&
+        "connectorType" in resource);
+}
+/**
+ * Type guard to check if a resource is a CDK IConnectable.
+ * Checks for the `connections` property that IConnectable resources have.
+ */
+function isConnectable(resource) {
+    return (resource !== null &&
+        typeof resource === "object" &&
+        "connections" in resource);
+}
+/**
+ * Type guard to check if a connection spec is a ConnectionConfig.
+ */
+function isConnectionConfig(spec) {
+    return spec !== null && typeof spec === "object" && "resource" in spec;
+}
+/** Type guard for storage connectors (S3 buckets). */
+function isStorageConnector(connector) {
+    return connector.connectorType === "storage";
+}
+/** Type guard for DynamoDB connectors. */
+function isDynamoDBConnector(connector) {
+    return connector.connectorType === "dynamodb";
+}
+/** Type guard for queue connectors (SQS queues). */
+function isQueueConnector(connector) {
+    return connector.connectorType === "queue";
+}
+/** Type guard for security group connectors (RDS, ECS). */
+function isSecurityGroupConnector(connector) {
+    return (connector.connectorType === "securityGroup" ||
+        connector.connectorType === "relational");
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29ubmVjdG9yLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vbGliL3V0aWxzL2Nvbm5lY3Rvci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FxQ0c7OztBQTJLSCxnREFLQztBQUdELDhDQUtDO0FBTUQsa0NBTUM7QUFNRCxzQ0FNQztBQUtELGdEQUlDO0FBR0QsZ0RBSUM7QUFHRCxrREFJQztBQUdELDRDQUlDO0FBR0QsNERBT0M7QUFqSEQsK0JBQStCO0FBQ2xCLFFBQUEsZUFBZSxHQUFHO0lBQzdCLGNBQWMsRUFBRSxlQUFlO0lBQy9CLEdBQUcsRUFBRSxLQUFLO0NBQ0YsQ0FBQztBQW9CWCxNQUFNLHVCQUF1QixHQUFnQztJQUMzRCxNQUFNO0lBQ04sT0FBTztJQUNQLFdBQVc7Q0FDWixDQUFDO0FBQ0YsTUFBTSxzQkFBc0IsR0FBK0I7SUFDekQsTUFBTTtJQUNOLFNBQVM7SUFDVCxNQUFNO0NBQ1AsQ0FBQztBQUVGLG9EQUFvRDtBQUNwRCxTQUFnQixrQkFBa0IsQ0FBQyxLQUFjO0lBQy9DLE9BQU8sQ0FDTCxPQUFPLEtBQUssS0FBSyxRQUFRO1FBQ3pCLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxLQUF5QixDQUFDLENBQzVELENBQUM7QUFDSixDQUFDO0FBRUQsbURBQW1EO0FBQ25ELFNBQWdCLGlCQUFpQixDQUFDLEtBQWM7SUFDOUMsT0FBTyxDQUNMLE9BQU8sS0FBSyxLQUFLLFFBQVE7UUFDekIsc0JBQXNCLENBQUMsUUFBUSxDQUFDLEtBQXdCLENBQUMsQ0FDMUQsQ0FBQztBQUNKLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQixXQUFXLENBQUMsUUFBaUI7SUFDM0MsT0FBTyxDQUNMLFFBQVEsS0FBSyxJQUFJO1FBQ2pCLE9BQU8sUUFBUSxLQUFLLFFBQVE7UUFDNUIsZUFBZSxJQUFJLFFBQVEsQ0FDNUIsQ0FBQztBQUNKLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQixhQUFhLENBQUMsUUFBaUI7SUFDN0MsT0FBTyxDQUNMLFFBQVEsS0FBSyxJQUFJO1FBQ2pCLE9BQU8sUUFBUSxLQUFLLFFBQVE7UUFDNUIsYUFBYSxJQUFJLFFBQVEsQ0FDMUIsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLGtCQUFrQixDQUNoQyxJQUFvQjtJQUVwQixPQUFPLElBQUksS0FBSyxJQUFJLElBQUksT0FBTyxJQUFJLEtBQUssUUFBUSxJQUFJLFVBQVUsSUFBSSxJQUFJLENBQUM7QUFDekUsQ0FBQztBQUVELHNEQUFzRDtBQUN0RCxTQUFnQixrQkFBa0IsQ0FDaEMsU0FBcUI7SUFFckIsT0FBTyxTQUFTLENBQUMsYUFBYSxLQUFLLFNBQVMsQ0FBQztBQUMvQyxDQUFDO0FBRUQsMENBQTBDO0FBQzFDLFNBQWdCLG1CQUFtQixDQUNqQyxTQUFxQjtJQUVyQixPQUFPLFNBQVMsQ0FBQyxhQUFhLEtBQUssVUFBVSxDQUFDO0FBQ2hELENBQUM7QUFFRCxvREFBb0Q7QUFDcEQsU0FBZ0IsZ0JBQWdCLENBQzlCLFNBQXFCO0lBRXJCLE9BQU8sU0FBUyxDQUFDLGFBQWEsS0FBSyxPQUFPLENBQUM7QUFDN0MsQ0FBQztBQUVELDJEQUEyRDtBQUMzRCxTQUFnQix3QkFBd0IsQ0FDdEMsU0FBcUI7SUFFckIsT0FBTyxDQUNMLFNBQVMsQ0FBQyxhQUFhLEtBQUssZUFBZTtRQUMzQyxTQUFTLENBQUMsYUFBYSxLQUFLLFlBQVksQ0FDekMsQ0FBQztBQUNKLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIFVuaWZpZWQgY29ubmVjdG9yIGludGVyZmFjZSBmb3IgYmlkaXJlY3Rpb25hbCBjb25uZWN0aW9ucy5cbiAqXG4gKiBUaGlzIG1vZHVsZSBwcm92aWRlcyBhIHVuaWZpZWQgYElDb25uZWN0b3JgIGludGVyZmFjZSB0aGF0IGVuYWJsZXNcbiAqIGJpZGlyZWN0aW9uYWwgY29ubmVjdGlvbnMgYmV0d2VlbiBjb21wdXRlIHJlc291cmNlcyAoRUNTLCBMYW1iZGEsIEVDMilcbiAqIGFuZCBkYXRhIHJlc291cmNlcyAoUzMsIER5bmFtb0RCLCBTUVMsIFJEUykuXG4gKlxuICogVGhlIGNvbm5lY3RvciBwYXR0ZXJuIHVuaWZpZXM6XG4gKiAtIFNlY3VyaXR5IGdyb3VwIHJ1bGVzIChJQ29ubmVjdGFibGUpIGZvciBSRFMsIEVDUywgZXRjLlxuICogLSBJQU0gZ3JhbnRzIGZvciBTMywgRHluYW1vREIsIFNRU1xuICpcbiAqIEBleGFtcGxlXG4gKiAvLyBTaW1wbGUgY29ubmVjdGlvbnMgKGRlZmF1bHQgcGVybWlzc2lvbnMpXG4gKiBjb25zdCBhcGkgPSBhcHAuYWRkQ29tcHV0ZShDb21wdXRlRmFjdG9yeS5idWlsZChcIkFwaVwiLCB7XG4gKiAgIHR5cGU6IFwiZWNzXCIsXG4gKiAgIHNlcnZpY2VzOiBbe1xuICogICAgIG5hbWU6IFwiYXBpXCIsXG4gKiAgICAgY2FwYWNpdHlQcm92aWRlcjogXCJGQVJHQVRFXCIsXG4gKiAgICAgY29ubmVjdGlvbnM6IFtkYXRhYmFzZSwgYnVja2V0LCBjYWNoZSwgcXVldWVdXG4gKiAgIH1dXG4gKiB9KSk7XG4gKlxuICogQGV4YW1wbGVcbiAqIC8vIEV4cGxpY2l0IGFjY2VzcyBsZXZlbHNcbiAqIGNvbnN0IHdvcmtlciA9IGFwcC5hZGRDb21wdXRlKENvbXB1dGVGYWN0b3J5LmJ1aWxkKFwiV29ya2VyXCIsIHtcbiAqICAgdHlwZTogXCJlY3NcIixcbiAqICAgc2VydmljZXM6IFt7XG4gKiAgICAgbmFtZTogXCJ3b3JrZXJcIixcbiAqICAgICBjYXBhY2l0eVByb3ZpZGVyOiBcIkZBUkdBVEVcIixcbiAqICAgICBjb25uZWN0aW9uczogW1xuICogICAgICAgZGF0YWJhc2UsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLy8gU2VjdXJpdHkgZ3JvdXAgKFJEUylcbiAqICAgICAgIHsgcmVzb3VyY2U6IGNhY2hlLCBhY2Nlc3M6IFwicmVhZFwiIH0sICAgLy8gUmVhZC1vbmx5IER5bmFtb0RCXG4gKiAgICAgICB7IHJlc291cmNlOiBidWNrZXQsIGFjY2VzczogXCJ3cml0ZVwiIH0sIC8vIFdyaXRlLW9ubHkgUzNcbiAqICAgICAgIHsgcmVzb3VyY2U6IHF1ZXVlLCBhY2Nlc3M6IFwiY29uc3VtZVwiIH0gLy8gQ29uc3VtZS1vbmx5IFNRU1xuICogICAgIF1cbiAqICAgfV1cbiAqIH0pKTtcbiAqL1xuXG5pbXBvcnQgeyB0eXBlIElDb25uZWN0YWJsZSB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtZWMyXCI7XG5pbXBvcnQgeyB0eXBlIElHcmFudGFibGUsIHR5cGUgR3JhbnQgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuXG4vKipcbiAqIENvbm5lY3RvciB0eXBlIGRpc2NyaW1pbmF0b3IuXG4gKiAtIFwic3RvcmFnZVwiOiBTMyBidWNrZXRzXG4gKiAtIFwiZHluYW1vZGJcIjogRHluYW1vREIgdGFibGVzXG4gKiAtIFwicXVldWVcIjogU1FTIHF1ZXVlc1xuICogLSBcInNlY3VyaXR5R3JvdXBcIjogUmVzb3VyY2VzIHdpdGggc2VjdXJpdHkgZ3JvdXBzIChFQ1MsIExhbWJkYSB3aXRoIFZQQylcbiAqIC0gXCJyZWxhdGlvbmFsXCI6IFJEUyBkYXRhYmFzZXMgKHVzZXMgc2VjdXJpdHkgZ3JvdXBzKVxuICovXG5leHBvcnQgdHlwZSBDb25uZWN0b3JUeXBlID1cbiAgfCBcInN0b3JhZ2VcIlxuICB8IFwiZHluYW1vZGJcIlxuICB8IFwicXVldWVcIlxuICB8IFwic2VjdXJpdHlHcm91cFwiXG4gIHwgXCJyZWxhdGlvbmFsXCI7XG5cbi8qKlxuICogQWNjZXNzIGxldmVsIGZvciBzdG9yYWdlIGFuZCBEeW5hbW9EQiBjb25uZWN0b3JzLlxuICovXG5leHBvcnQgdHlwZSBDb25uZWN0aW9uQWNjZXNzID0gXCJyZWFkXCIgfCBcIndyaXRlXCIgfCBcInJlYWRXcml0ZVwiO1xuXG4vKipcbiAqIEFjY2VzcyBsZXZlbCBmb3IgbWVzc2FnaW5nIGNvbm5lY3RvcnMgKFNRUykuXG4gKi9cbmV4cG9ydCB0eXBlIE1lc3NhZ2luZ0FjY2VzcyA9IFwic2VuZFwiIHwgXCJjb25zdW1lXCIgfCBcImZ1bGxcIjtcblxuLyoqXG4gKiBCYXNlIGNvbm5lY3RvciBpbnRlcmZhY2UuXG4gKiBBbGwgY29ubmVjdG9yIHR5cGVzIGltcGxlbWVudCB0aGlzIGludGVyZmFjZS5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJQ29ubmVjdG9yIHtcbiAgLyoqIFRoZSB0eXBlIG9mIGNvbm5lY3RvciByZXNvdXJjZS4gVXNlZCBmb3IgcnVudGltZSB0eXBlIG5hcnJvd2luZy4gKi9cbiAgcmVhZG9ubHkgY29ubmVjdG9yVHlwZTogQ29ubmVjdG9yVHlwZTtcbn1cblxuLyoqXG4gKiBTdG9yYWdlIGNvbm5lY3RvciBpbnRlcmZhY2UgKFMzKS5cbiAqIFByb3ZpZGVzIElBTSBncmFudCBtZXRob2RzIGZvciBTMyBidWNrZXQgYWNjZXNzLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIElTdG9yYWdlQ29ubmVjdG9yIGV4dGVuZHMgSUNvbm5lY3RvciB7XG4gIHJlYWRvbmx5IGNvbm5lY3RvclR5cGU6IFwic3RvcmFnZVwiO1xuXG4gIC8qKiBHcmFudCByZWFkIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWQoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50O1xuXG4gIC8qKiBHcmFudCB3cml0ZSBwZXJtaXNzaW9ucyB0byB0aGUgZ3JhbnRlZS4gKi9cbiAgZ3JhbnRXcml0ZShncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQ7XG5cbiAgLyoqIEdyYW50IHJlYWQgYW5kIHdyaXRlIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWRXcml0ZShncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQ7XG59XG5cbi8qKlxuICogRHluYW1vREIgY29ubmVjdG9yIGludGVyZmFjZS5cbiAqIFByb3ZpZGVzIElBTSBncmFudCBtZXRob2RzIGZvciBEeW5hbW9EQiB0YWJsZSBhY2Nlc3MuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSUR5bmFtb0RCQ29ubmVjdG9yIGV4dGVuZHMgSUNvbm5lY3RvciB7XG4gIHJlYWRvbmx5IGNvbm5lY3RvclR5cGU6IFwiZHluYW1vZGJcIjtcblxuICAvKiogR3JhbnQgcmVhZCBkYXRhIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWREYXRhKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudDtcblxuICAvKiogR3JhbnQgd3JpdGUgZGF0YSBwZXJtaXNzaW9ucyB0byB0aGUgZ3JhbnRlZS4gKi9cbiAgZ3JhbnRXcml0ZURhdGEoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50O1xuXG4gIC8qKiBHcmFudCByZWFkIGFuZCB3cml0ZSBkYXRhIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWRXcml0ZURhdGEoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50O1xufVxuXG4vKipcbiAqIFF1ZXVlIGNvbm5lY3RvciBpbnRlcmZhY2UgKFNRUykuXG4gKiBQcm92aWRlcyBJQU0gZ3JhbnQgbWV0aG9kcyBmb3IgU1FTIHF1ZXVlIGFjY2Vzcy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJUXVldWVDb25uZWN0b3IgZXh0ZW5kcyBJQ29ubmVjdG9yIHtcbiAgcmVhZG9ubHkgY29ubmVjdG9yVHlwZTogXCJxdWV1ZVwiO1xuXG4gIC8qKiBHcmFudCBzZW5kIG1lc3NhZ2UgcGVybWlzc2lvbnMgdG8gdGhlIGdyYW50ZWUuICovXG4gIGdyYW50U2VuZE1lc3NhZ2VzKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudDtcblxuICAvKiogR3JhbnQgY29uc3VtZSAocmVjZWl2ZSBhbmQgZGVsZXRlKSBtZXNzYWdlIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudENvbnN1bWVNZXNzYWdlcyhncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQ7XG5cbiAgLyoqIEdyYW50IGZ1bGwgYWNjZXNzIChzZW5kIGFuZCBjb25zdW1lKSB0byB0aGUgZ3JhbnRlZS4gKi9cbiAgZ3JhbnRGdWxsKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudDtcbn1cblxuLyoqXG4gKiBTZWN1cml0eSBncm91cCBjb25uZWN0b3IgaW50ZXJmYWNlIChSRFMsIEVDUyB3aXRoIFZQQykuXG4gKiBQcm92aWRlcyBhY2Nlc3MgdG8gdGhlIHNlY3VyaXR5IGdyb3VwIGNvbm5lY3Rpb25zIGZvciBuZXR3b3JrLWxldmVsIGFjY2Vzcy5cbiAqXG4gKiBCb3RoIFwic2VjdXJpdHlHcm91cFwiIGFuZCBcInJlbGF0aW9uYWxcIiB0eXBlcyB1c2UgdGhpcyBpbnRlcmZhY2U6XG4gKiAtIFwicmVsYXRpb25hbFwiOiBSRFMgZGF0YWJhc2VzIChBdXJvcmEsIEluc3RhbmNlLCBHbG9iYWxBdXJvcmEpXG4gKiAtIFwic2VjdXJpdHlHcm91cFwiOiBPdGhlciByZXNvdXJjZXMgcmVxdWlyaW5nIHNlY3VyaXR5IGdyb3VwIHJ1bGVzIChFQ1MsIEVDMilcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJU2VjdXJpdHlHcm91cENvbm5lY3RvciBleHRlbmRzIElDb25uZWN0b3Ige1xuICByZWFkb25seSBjb25uZWN0b3JUeXBlOiBcInNlY3VyaXR5R3JvdXBcIiB8IFwicmVsYXRpb25hbFwiO1xuXG4gIC8qKiBUaGUgc2VjdXJpdHkgZ3JvdXAgY29ubmVjdGlvbnMgZm9yIHRoaXMgcmVzb3VyY2UuICovXG4gIHJlYWRvbmx5IGNvbm5lY3Rpb25zOiBJQ29ubmVjdGFibGVbXCJjb25uZWN0aW9uc1wiXTtcbn1cblxuLyoqXG4gKiBVbmlvbiB0eXBlIHJlcHJlc2VudGluZyBhbnkgY29ubmVjdG9yIGludGVyZmFjZS5cbiAqL1xuZXhwb3J0IHR5cGUgQW55Q29ubmVjdG9yID1cbiAgfCBJU3RvcmFnZUNvbm5lY3RvclxuICB8IElEeW5hbW9EQkNvbm5lY3RvclxuICB8IElRdWV1ZUNvbm5lY3RvclxuICB8IElTZWN1cml0eUdyb3VwQ29ubmVjdG9yO1xuXG4vKipcbiAqIENvbm5lY3Rpb24gY29uZmlndXJhdGlvbiB3aXRoIGV4cGxpY2l0IGFjY2VzcyBsZXZlbC5cbiAqIFVzZSB0aGlzIHRvIHNwZWNpZnkgbm9uLWRlZmF1bHQgYWNjZXNzIGxldmVscy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBDb25uZWN0aW9uQ29uZmlnIHtcbiAgLyoqIFRoZSByZXNvdXJjZSB0byBjb25uZWN0IHRvLiAqL1xuICByZXNvdXJjZTogQW55Q29ubmVjdG9yIHwgSUNvbm5lY3RhYmxlO1xuXG4gIC8qKiBUaGUgYWNjZXNzIGxldmVsIHRvIGdyYW50LiBEZWZhdWx0cyB2YXJ5IGJ5IHJlc291cmNlIHR5cGUuICovXG4gIGFjY2Vzcz86IENvbm5lY3Rpb25BY2Nlc3MgfCBNZXNzYWdpbmdBY2Nlc3M7XG59XG5cbi8qKlxuICogQ29ubmVjdGlvbiBzcGVjaWZpY2F0aW9uLlxuICogQ2FuIGJlOlxuICogLSBJQ29ubmVjdGFibGU6IExlZ2FjeSBzZWN1cml0eSBncm91cCByZXNvdXJjZVxuICogLSBBbnlDb25uZWN0b3I6IFVuaWZpZWQgY29ubmVjdG9yIHJlc291cmNlXG4gKiAtIENvbm5lY3Rpb25Db25maWc6IEV4cGxpY2l0IGFjY2VzcyBjb25maWd1cmF0aW9uXG4gKi9cbmV4cG9ydCB0eXBlIENvbm5lY3Rpb25TcGVjID0gSUNvbm5lY3RhYmxlIHwgQW55Q29ubmVjdG9yIHwgQ29ubmVjdGlvbkNvbmZpZztcblxuLyoqIENvbm5lY3Rpb24gcmVzdWx0IHR5cGVzLiAqL1xuZXhwb3J0IGNvbnN0IENPTk5FQ1RJT05fVFlQRSA9IHtcbiAgU0VDVVJJVFlfR1JPVVA6IFwic2VjdXJpdHlHcm91cFwiLFxuICBJQU06IFwiaWFtXCJcbn0gYXMgY29uc3Q7XG5cbmV4cG9ydCB0eXBlIENvbm5lY3Rpb25UeXBlID1cbiAgKHR5cGVvZiBDT05ORUNUSU9OX1RZUEUpW2tleW9mIHR5cGVvZiBDT05ORUNUSU9OX1RZUEVdO1xuXG4vKipcbiAqIFJlc3VsdCBvZiBwcm9jZXNzaW5nIGEgY29ubmVjdGlvbi5cbiAqIENvbnRhaW5zIHRoZSBncmFudCByZXN1bHQgZm9yIElBTS1iYXNlZCBjb25uZWN0aW9ucy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBDb25uZWN0aW9uUmVzdWx0IHtcbiAgLyoqIFRoZSByZXNvdXJjZSB0aGF0IHdhcyBjb25uZWN0ZWQuICovXG4gIHJlc291cmNlOiBBbnlDb25uZWN0b3IgfCBJQ29ubmVjdGFibGU7XG5cbiAgLyoqIFRoZSBncmFudCByZXN1bHQgaWYgSUFNIHBlcm1pc3Npb25zIHdlcmUgZ3JhbnRlZC4gKi9cbiAgZ3JhbnQ/OiBHcmFudDtcblxuICAvKiogVGhlIHR5cGUgb2YgY29ubmVjdGlvbiB0aGF0IHdhcyBtYWRlLiAqL1xuICBjb25uZWN0aW9uVHlwZTogQ29ubmVjdGlvblR5cGU7XG59XG5cbmNvbnN0IFZBTElEX0NPTk5FQ1RJT05fQUNDRVNTOiByZWFkb25seSBDb25uZWN0aW9uQWNjZXNzW10gPSBbXG4gIFwicmVhZFwiLFxuICBcIndyaXRlXCIsXG4gIFwicmVhZFdyaXRlXCJcbl07XG5jb25zdCBWQUxJRF9NRVNTQUdJTkdfQUNDRVNTOiByZWFkb25seSBNZXNzYWdpbmdBY2Nlc3NbXSA9IFtcbiAgXCJzZW5kXCIsXG4gIFwiY29uc3VtZVwiLFxuICBcImZ1bGxcIlxuXTtcblxuLyoqIENoZWNrIGlmIGEgdmFsdWUgaXMgYSB2YWxpZCBDb25uZWN0aW9uQWNjZXNzLiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGlzQ29ubmVjdGlvbkFjY2Vzcyh2YWx1ZTogdW5rbm93bik6IHZhbHVlIGlzIENvbm5lY3Rpb25BY2Nlc3Mge1xuICByZXR1cm4gKFxuICAgIHR5cGVvZiB2YWx1ZSA9PT0gXCJzdHJpbmdcIiAmJlxuICAgIFZBTElEX0NPTk5FQ1RJT05fQUNDRVNTLmluY2x1ZGVzKHZhbHVlIGFzIENvbm5lY3Rpb25BY2Nlc3MpXG4gICk7XG59XG5cbi8qKiBDaGVjayBpZiBhIHZhbHVlIGlzIGEgdmFsaWQgTWVzc2FnaW5nQWNjZXNzLiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGlzTWVzc2FnaW5nQWNjZXNzKHZhbHVlOiB1bmtub3duKTogdmFsdWUgaXMgTWVzc2FnaW5nQWNjZXNzIHtcbiAgcmV0dXJuIChcbiAgICB0eXBlb2YgdmFsdWUgPT09IFwic3RyaW5nXCIgJiZcbiAgICBWQUxJRF9NRVNTQUdJTkdfQUNDRVNTLmluY2x1ZGVzKHZhbHVlIGFzIE1lc3NhZ2luZ0FjY2VzcylcbiAgKTtcbn1cblxuLyoqXG4gKiBUeXBlIGd1YXJkIHRvIGNoZWNrIGlmIGEgcmVzb3VyY2UgaXMgYSBjb25uZWN0b3IuXG4gKiBSZXR1cm5zIEFueUNvbm5lY3RvciBmb3IgZGlzY3JpbWluYXRlZCB1bmlvbiBuYXJyb3dpbmcgaW4gc3dpdGNoIHN0YXRlbWVudHMuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc0Nvbm5lY3RvcihyZXNvdXJjZTogdW5rbm93bik6IHJlc291cmNlIGlzIEFueUNvbm5lY3RvciB7XG4gIHJldHVybiAoXG4gICAgcmVzb3VyY2UgIT09IG51bGwgJiZcbiAgICB0eXBlb2YgcmVzb3VyY2UgPT09IFwib2JqZWN0XCIgJiZcbiAgICBcImNvbm5lY3RvclR5cGVcIiBpbiByZXNvdXJjZVxuICApO1xufVxuXG4vKipcbiAqIFR5cGUgZ3VhcmQgdG8gY2hlY2sgaWYgYSByZXNvdXJjZSBpcyBhIENESyBJQ29ubmVjdGFibGUuXG4gKiBDaGVja3MgZm9yIHRoZSBgY29ubmVjdGlvbnNgIHByb3BlcnR5IHRoYXQgSUNvbm5lY3RhYmxlIHJlc291cmNlcyBoYXZlLlxuICovXG5leHBvcnQgZnVuY3Rpb24gaXNDb25uZWN0YWJsZShyZXNvdXJjZTogdW5rbm93bik6IHJlc291cmNlIGlzIElDb25uZWN0YWJsZSB7XG4gIHJldHVybiAoXG4gICAgcmVzb3VyY2UgIT09IG51bGwgJiZcbiAgICB0eXBlb2YgcmVzb3VyY2UgPT09IFwib2JqZWN0XCIgJiZcbiAgICBcImNvbm5lY3Rpb25zXCIgaW4gcmVzb3VyY2VcbiAgKTtcbn1cblxuLyoqXG4gKiBUeXBlIGd1YXJkIHRvIGNoZWNrIGlmIGEgY29ubmVjdGlvbiBzcGVjIGlzIGEgQ29ubmVjdGlvbkNvbmZpZy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGlzQ29ubmVjdGlvbkNvbmZpZyhcbiAgc3BlYzogQ29ubmVjdGlvblNwZWNcbik6IHNwZWMgaXMgQ29ubmVjdGlvbkNvbmZpZyB7XG4gIHJldHVybiBzcGVjICE9PSBudWxsICYmIHR5cGVvZiBzcGVjID09PSBcIm9iamVjdFwiICYmIFwicmVzb3VyY2VcIiBpbiBzcGVjO1xufVxuXG4vKiogVHlwZSBndWFyZCBmb3Igc3RvcmFnZSBjb25uZWN0b3JzIChTMyBidWNrZXRzKS4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc1N0b3JhZ2VDb25uZWN0b3IoXG4gIGNvbm5lY3RvcjogSUNvbm5lY3RvclxuKTogY29ubmVjdG9yIGlzIElTdG9yYWdlQ29ubmVjdG9yIHtcbiAgcmV0dXJuIGNvbm5lY3Rvci5jb25uZWN0b3JUeXBlID09PSBcInN0b3JhZ2VcIjtcbn1cblxuLyoqIFR5cGUgZ3VhcmQgZm9yIER5bmFtb0RCIGNvbm5lY3RvcnMuICovXG5leHBvcnQgZnVuY3Rpb24gaXNEeW5hbW9EQkNvbm5lY3RvcihcbiAgY29ubmVjdG9yOiBJQ29ubmVjdG9yXG4pOiBjb25uZWN0b3IgaXMgSUR5bmFtb0RCQ29ubmVjdG9yIHtcbiAgcmV0dXJuIGNvbm5lY3Rvci5jb25uZWN0b3JUeXBlID09PSBcImR5bmFtb2RiXCI7XG59XG5cbi8qKiBUeXBlIGd1YXJkIGZvciBxdWV1ZSBjb25uZWN0b3JzIChTUVMgcXVldWVzKS4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc1F1ZXVlQ29ubmVjdG9yKFxuICBjb25uZWN0b3I6IElDb25uZWN0b3Jcbik6IGNvbm5lY3RvciBpcyBJUXVldWVDb25uZWN0b3Ige1xuICByZXR1cm4gY29ubmVjdG9yLmNvbm5lY3RvclR5cGUgPT09IFwicXVldWVcIjtcbn1cblxuLyoqIFR5cGUgZ3VhcmQgZm9yIHNlY3VyaXR5IGdyb3VwIGNvbm5lY3RvcnMgKFJEUywgRUNTKS4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc1NlY3VyaXR5R3JvdXBDb25uZWN0b3IoXG4gIGNvbm5lY3RvcjogSUNvbm5lY3RvclxuKTogY29ubmVjdG9yIGlzIElTZWN1cml0eUdyb3VwQ29ubmVjdG9yIHtcbiAgcmV0dXJuIChcbiAgICBjb25uZWN0b3IuY29ubmVjdG9yVHlwZSA9PT0gXCJzZWN1cml0eUdyb3VwXCIgfHxcbiAgICBjb25uZWN0b3IuY29ubmVjdG9yVHlwZSA9PT0gXCJyZWxhdGlvbmFsXCJcbiAgKTtcbn1cbiJdfQ==

package/dist/lib/utils/databaseTypes.d.ts

@@ -0,0 +1,85 @@
+import { type Duration } from "aws-cdk-lib";
+import { type IKey } from "aws-cdk-lib/aws-kms";
+import { type SubnetSelection } from "aws-cdk-lib/aws-ec2";
+export type DatabaseEngine = "postgresql" | "mysql";
+export interface EngineConfig {
+    defaultUsername: string;
+    sslParameters: Record<string, string>;
+    rotationAppName: string;
+}
+export interface ProxyConfig {
+    maxConnections?: number;
+    maxIdleConnections?: number;
+    connectionBorrowTimeout?: number;
+    requireTLS?: boolean;
+    vpcSubnets?: SubnetSelection;
+}
+export interface ReadReplicaConfig {
+    instanceType?: string;
+    availabilityZone?: string;
+}
+export interface CredentialsConfig {
+    username?: string;
+    secretRotation?: SecretRotationConfig | false;
+}
+export interface SecretRotationConfig {
+    automaticallyAfter?: Duration;
+}
+export interface EncryptionConfig {
+    storageKey?: EncryptionKeySpec;
+}
+/** Configuration for Database Insights (formerly Performance Insights). */
+export interface DatabaseInsightsConfig {
+    encryptionKey?: EncryptionKeySpec;
+    /** Database Insights mode. Default: "standard". */
+    mode?: "standard" | "advanced";
+}
+export interface AwsManagedKey {
+    readonly awsManaged: true;
+}
+export interface CustomerManagedKeyMarker {
+    readonly useCMK: true;
+}
+export type EncryptionKeySpec = IKey | AwsManagedKey | CustomerManagedKeyMarker;
+export declare function isAwsManagedKey(spec: EncryptionKeySpec | undefined): spec is AwsManagedKey;
+/**
+ * Type guard to check if CMK is explicitly requested.
+ */
+export declare function isCMKRequested(spec: EncryptionKeySpec | undefined): spec is CustomerManagedKeyMarker;
+/**
+ * Convenience constant for specifying AWS managed encryption (the default).
+ * @example
+ * encryption: { storageKey: AWS_MANAGED }
+ */
+export declare const AWS_MANAGED: AwsManagedKey;
+/**
+ * Convenience constant for explicitly requesting CMK.
+ * @example
+ * encryption: { storageKey: USE_CMK }
+ */
+export declare const USE_CMK: CustomerManagedKeyMarker;
+/**
+ * **DESTRUCTIVE**: Changing `storageKey` after cluster creation causes cluster REPLACEMENT.
+ */
+export interface AuroraEncryptionConfig {
+    /** DESTRUCTIVE: Changing after creation causes cluster replacement */
+    storageKey?: EncryptionKeySpec;
+}
+export interface AuroraReaderConfig {
+    scaleWithWriter?: boolean;
+    enableDatabaseInsights?: boolean;
+    identifierSuffix?: string;
+    availabilityZone?: string;
+}
+export interface AuroraWriterConfig {
+    enableDatabaseInsights?: boolean;
+    identifierSuffix?: string;
+    availabilityZone?: string;
+}
+export interface AuroraReadersConfig {
+    /** Mutually exclusive with instances */
+    count?: number;
+    /** Mutually exclusive with count */
+    instances?: AuroraReaderConfig[];
+    defaultEnableDatabaseInsights?: boolean;
+}

package/dist/lib/utils/databaseTypes.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.USE_CMK = exports.AWS_MANAGED = void 0;
+exports.isAwsManagedKey = isAwsManagedKey;
+exports.isCMKRequested = isCMKRequested;
+// Type guard to check if the encryption key spec is AWS managed.
+function isAwsManagedKey(spec) {
+    return (spec !== undefined &&
+        typeof spec === "object" &&
+        "awsManaged" in spec &&
+        spec.awsManaged === true);
+}
+/**
+ * Type guard to check if CMK is explicitly requested.
+ */
+function isCMKRequested(spec) {
+    return (spec !== undefined &&
+        typeof spec === "object" &&
+        "useCMK" in spec &&
+        spec.useCMK === true);
+}
+/**
+ * Convenience constant for specifying AWS managed encryption (the default).
+ * @example
+ * encryption: { storageKey: AWS_MANAGED }
+ */
+exports.AWS_MANAGED = { awsManaged: true };
+/**
+ * Convenience constant for explicitly requesting CMK.
+ * @example
+ * encryption: { storageKey: USE_CMK }
+ */
+exports.USE_CMK = { useCMK: true };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGF0YWJhc2VUeXBlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL2xpYi91dGlscy9kYXRhYmFzZVR5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQTJEQSwwQ0FTQztBQUtELHdDQVNDO0FBeEJELGlFQUFpRTtBQUNqRSxTQUFnQixlQUFlLENBQzdCLElBQW1DO0lBRW5DLE9BQU8sQ0FDTCxJQUFJLEtBQUssU0FBUztRQUNsQixPQUFPLElBQUksS0FBSyxRQUFRO1FBQ3hCLFlBQVksSUFBSSxJQUFJO1FBQ25CLElBQXNCLENBQUMsVUFBVSxLQUFLLElBQUksQ0FDNUMsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLGNBQWMsQ0FDNUIsSUFBbUM7SUFFbkMsT0FBTyxDQUNMLElBQUksS0FBSyxTQUFTO1FBQ2xCLE9BQU8sSUFBSSxLQUFLLFFBQVE7UUFDeEIsUUFBUSxJQUFJLElBQUk7UUFDZixJQUFpQyxDQUFDLE1BQU0sS0FBSyxJQUFJLENBQ25ELENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7R0FJRztBQUNVLFFBQUEsV0FBVyxHQUFrQixFQUFFLFVBQVUsRUFBRSxJQUFJLEVBQVcsQ0FBQztBQUV4RTs7OztHQUlHO0FBQ1UsUUFBQSxPQUFPLEdBQTZCLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBVyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgdHlwZSBEdXJhdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgdHlwZSBJS2V5IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1rbXNcIjtcbmltcG9ydCB7IHR5cGUgU3VibmV0U2VsZWN0aW9uIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzJcIjtcblxuZXhwb3J0IHR5cGUgRGF0YWJhc2VFbmdpbmUgPSBcInBvc3RncmVzcWxcIiB8IFwibXlzcWxcIjtcblxuZXhwb3J0IGludGVyZmFjZSBFbmdpbmVDb25maWcge1xuICBkZWZhdWx0VXNlcm5hbWU6IHN0cmluZztcbiAgc3NsUGFyYW1ldGVyczogUmVjb3JkPHN0cmluZywgc3RyaW5nPjtcbiAgcm90YXRpb25BcHBOYW1lOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUHJveHlDb25maWcge1xuICBtYXhDb25uZWN0aW9ucz86IG51bWJlcjtcbiAgbWF4SWRsZUNvbm5lY3Rpb25zPzogbnVtYmVyO1xuICBjb25uZWN0aW9uQm9ycm93VGltZW91dD86IG51bWJlcjtcbiAgcmVxdWlyZVRMUz86IGJvb2xlYW47XG4gIHZwY1N1Ym5ldHM/OiBTdWJuZXRTZWxlY3Rpb247XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmVhZFJlcGxpY2FDb25maWcge1xuICBpbnN0YW5jZVR5cGU/OiBzdHJpbmc7XG4gIGF2YWlsYWJpbGl0eVpvbmU/OiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ3JlZGVudGlhbHNDb25maWcge1xuICB1c2VybmFtZT86IHN0cmluZztcbiAgc2VjcmV0Um90YXRpb24/OiBTZWNyZXRSb3RhdGlvbkNvbmZpZyB8IGZhbHNlO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFNlY3JldFJvdGF0aW9uQ29uZmlnIHtcbiAgYXV0b21hdGljYWxseUFmdGVyPzogRHVyYXRpb247XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgRW5jcnlwdGlvbkNvbmZpZyB7XG4gIHN0b3JhZ2VLZXk/OiBFbmNyeXB0aW9uS2V5U3BlYztcbn1cblxuLyoqIENvbmZpZ3VyYXRpb24gZm9yIERhdGFiYXNlIEluc2lnaHRzIChmb3JtZXJseSBQZXJmb3JtYW5jZSBJbnNpZ2h0cykuICovXG5leHBvcnQgaW50ZXJmYWNlIERhdGFiYXNlSW5zaWdodHNDb25maWcge1xuICBlbmNyeXB0aW9uS2V5PzogRW5jcnlwdGlvbktleVNwZWM7XG4gIC8qKiBEYXRhYmFzZSBJbnNpZ2h0cyBtb2RlLiBEZWZhdWx0OiBcInN0YW5kYXJkXCIuICovXG4gIG1vZGU/OiBcInN0YW5kYXJkXCIgfCBcImFkdmFuY2VkXCI7XG59XG5cbi8vIE1hcmtlciBmb3IgQVdTIG1hbmFnZWQgZW5jcnlwdGlvbiBrZXkgKGF3cy9yZHMsIGF3cy9zMywgZXRjLilcbmV4cG9ydCBpbnRlcmZhY2UgQXdzTWFuYWdlZEtleSB7XG4gIHJlYWRvbmx5IGF3c01hbmFnZWQ6IHRydWU7XG59XG5cbi8vIE1hcmtlciBmb3IgZXhwbGljaXRseSByZXF1ZXN0aW5nIGEgQ3VzdG9tZXIgTWFuYWdlZCBLZXkgKENNSykuXG5leHBvcnQgaW50ZXJmYWNlIEN1c3RvbWVyTWFuYWdlZEtleU1hcmtlciB7XG4gIHJlYWRvbmx5IHVzZUNNSzogdHJ1ZTtcbn1cblxuLy8gRW5jcnlwdGlvbiBrZXkgc3BlY2lmaWNhdGlvbiBmb3IgUkRTIHJlc291cmNlcy5cbmV4cG9ydCB0eXBlIEVuY3J5cHRpb25LZXlTcGVjID0gSUtleSB8IEF3c01hbmFnZWRLZXkgfCBDdXN0b21lck1hbmFnZWRLZXlNYXJrZXI7XG5cbi8vIFR5cGUgZ3VhcmQgdG8gY2hlY2sgaWYgdGhlIGVuY3J5cHRpb24ga2V5IHNwZWMgaXMgQVdTIG1hbmFnZWQuXG5leHBvcnQgZnVuY3Rpb24gaXNBd3NNYW5hZ2VkS2V5KFxuICBzcGVjOiBFbmNyeXB0aW9uS2V5U3BlYyB8IHVuZGVmaW5lZFxuKTogc3BlYyBpcyBBd3NNYW5hZ2VkS2V5IHtcbiAgcmV0dXJuIChcbiAgICBzcGVjICE9PSB1bmRlZmluZWQgJiZcbiAgICB0eXBlb2Ygc3BlYyA9PT0gXCJvYmplY3RcIiAmJlxuICAgIFwiYXdzTWFuYWdlZFwiIGluIHNwZWMgJiZcbiAgICAoc3BlYyBhcyBBd3NNYW5hZ2VkS2V5KS5hd3NNYW5hZ2VkID09PSB0cnVlXG4gICk7XG59XG5cbi8qKlxuICogVHlwZSBndWFyZCB0byBjaGVjayBpZiBDTUsgaXMgZXhwbGljaXRseSByZXF1ZXN0ZWQuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc0NNS1JlcXVlc3RlZChcbiAgc3BlYzogRW5jcnlwdGlvbktleVNwZWMgfCB1bmRlZmluZWRcbik6IHNwZWMgaXMgQ3VzdG9tZXJNYW5hZ2VkS2V5TWFya2VyIHtcbiAgcmV0dXJuIChcbiAgICBzcGVjICE9PSB1bmRlZmluZWQgJiZcbiAgICB0eXBlb2Ygc3BlYyA9PT0gXCJvYmplY3RcIiAmJlxuICAgIFwidXNlQ01LXCIgaW4gc3BlYyAmJlxuICAgIChzcGVjIGFzIEN1c3RvbWVyTWFuYWdlZEtleU1hcmtlcikudXNlQ01LID09PSB0cnVlXG4gICk7XG59XG5cbi8qKlxuICogQ29udmVuaWVuY2UgY29uc3RhbnQgZm9yIHNwZWNpZnlpbmcgQVdTIG1hbmFnZWQgZW5jcnlwdGlvbiAodGhlIGRlZmF1bHQpLlxuICogQGV4YW1wbGVcbiAqIGVuY3J5cHRpb246IHsgc3RvcmFnZUtleTogQVdTX01BTkFHRUQgfVxuICovXG5leHBvcnQgY29uc3QgQVdTX01BTkFHRUQ6IEF3c01hbmFnZWRLZXkgPSB7IGF3c01hbmFnZWQ6IHRydWUgfSBhcyBjb25zdDtcblxuLyoqXG4gKiBDb252ZW5pZW5jZSBjb25zdGFudCBmb3IgZXhwbGljaXRseSByZXF1ZXN0aW5nIENNSy5cbiAqIEBleGFtcGxlXG4gKiBlbmNyeXB0aW9uOiB7IHN0b3JhZ2VLZXk6IFVTRV9DTUsgfVxuICovXG5leHBvcnQgY29uc3QgVVNFX0NNSzogQ3VzdG9tZXJNYW5hZ2VkS2V5TWFya2VyID0geyB1c2VDTUs6IHRydWUgfSBhcyBjb25zdDtcblxuLyoqXG4gKiAqKkRFU1RSVUNUSVZFKio6IENoYW5naW5nIGBzdG9yYWdlS2V5YCBhZnRlciBjbHVzdGVyIGNyZWF0aW9uIGNhdXNlcyBjbHVzdGVyIFJFUExBQ0VNRU5ULlxuICovXG5leHBvcnQgaW50ZXJmYWNlIEF1cm9yYUVuY3J5cHRpb25Db25maWcge1xuICAvKiogREVTVFJVQ1RJVkU6IENoYW5naW5nIGFmdGVyIGNyZWF0aW9uIGNhdXNlcyBjbHVzdGVyIHJlcGxhY2VtZW50ICovXG4gIHN0b3JhZ2VLZXk/OiBFbmNyeXB0aW9uS2V5U3BlYztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBBdXJvcmFSZWFkZXJDb25maWcge1xuICBzY2FsZVdpdGhXcml0ZXI/OiBib29sZWFuO1xuICBlbmFibGVEYXRhYmFzZUluc2lnaHRzPzogYm9vbGVhbjtcbiAgaWRlbnRpZmllclN1ZmZpeD86IHN0cmluZztcbiAgYXZhaWxhYmlsaXR5Wm9uZT86IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBBdXJvcmFXcml0ZXJDb25maWcge1xuICBlbmFibGVEYXRhYmFzZUluc2lnaHRzPzogYm9vbGVhbjtcbiAgaWRlbnRpZmllclN1ZmZpeD86IHN0cmluZztcbiAgYXZhaWxhYmlsaXR5Wm9uZT86IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBBdXJvcmFSZWFkZXJzQ29uZmlnIHtcbiAgLyoqIE11dHVhbGx5IGV4Y2x1c2l2ZSB3aXRoIGluc3RhbmNlcyAqL1xuICBjb3VudD86IG51bWJlcjtcbiAgLyoqIE11dHVhbGx5IGV4Y2x1c2l2ZSB3aXRoIGNvdW50ICovXG4gIGluc3RhbmNlcz86IEF1cm9yYVJlYWRlckNvbmZpZ1tdO1xuICBkZWZhdWx0RW5hYmxlRGF0YWJhc2VJbnNpZ2h0cz86IGJvb2xlYW47XG59XG4iXX0=

package/dist/lib/utils/env.d.ts

@@ -0,0 +1,42 @@
+/**
+ * Declarative environment configuration utility.
+ *
+ * Resolves environment-specific values at CDK synth time without requiring
+ * an App instance. This allows `env()` to be used in `App.getApp()` arguments.
+ *
+ * @example
+ * ```ts
+ * import { App, env } from "@fjall/components-infrastructure";
+ *
+ * const app = App.getApp("myapp", {
+ *   network: { maxAzs: env({ default: 2, production: 3 }) }
+ * });
+ * ```
+ */
+type EnvConfig<T> = {
+    default: T;
+} & Partial<Record<string, T>>;
+/**
+ * Resolve the current deployment environment without App dependency.
+ *
+ * Resolution order:
+ * 1. Module cache (cached after first call)
+ * 2. `process.env.ENVIRONMENT`
+ * 3. `-c environment=<value>` from process.argv
+ * 4. `CDK_DEFAULT_ACCOUNT` → providerAccounts lookup
+ * 5. `-c accountName=<value>` → providerAccounts lookup
+ * 6. `"unknown"` (with warning)
+ */
+export declare function getEnvironment(): string;
+/**
+ * Resolve an environment-specific value at CDK synth time.
+ *
+ * @param config - Object with `default` key and optional environment overrides
+ * @returns The value for the current environment, or the default
+ */
+export declare function env<T>(config: EnvConfig<T>): T;
+/**
+ * Reset the environment cache. For testing only.
+ */
+export declare function _resetEnvironmentCache(): void;
+export {};

package/dist/lib/utils/env.js

@@ -0,0 +1,128 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getEnvironment = getEnvironment;
+exports.env = env;
+exports._resetEnvironmentCache = _resetEnvironmentCache;
+const util_1 = require("@fjall/util");
+let cachedEnvironment;
+/**
+ * Resolve the current deployment environment without App dependency.
+ *
+ * Resolution order:
+ * 1. Module cache (cached after first call)
+ * 2. `process.env.ENVIRONMENT`
+ * 3. `-c environment=<value>` from process.argv
+ * 4. `CDK_DEFAULT_ACCOUNT` → providerAccounts lookup
+ * 5. `-c accountName=<value>` → providerAccounts lookup
+ * 6. `"unknown"` (with warning)
+ */
+function getEnvironment() {
+    if (cachedEnvironment !== undefined) {
+        return cachedEnvironment;
+    }
+    // 1. process.env.ENVIRONMENT
+    if (process.env.ENVIRONMENT) {
+        cachedEnvironment = process.env.ENVIRONMENT;
+        return cachedEnvironment;
+    }
+    // 2. -c environment=<value> from process.argv
+    const envFromArgv = parseContextArg("environment");
+    if (envFromArgv) {
+        cachedEnvironment = envFromArgv;
+        return cachedEnvironment;
+    }
+    // 3. CDK_DEFAULT_ACCOUNT → providerAccounts lookup
+    const accountId = process.env.CDK_DEFAULT_ACCOUNT;
+    if (accountId) {
+        const env = resolveEnvironmentFromAccountId(accountId);
+        if (env) {
+            cachedEnvironment = env;
+            return cachedEnvironment;
+        }
+    }
+    // 4. -c accountName=<value> → providerAccounts lookup
+    const accountName = parseContextArg("accountName");
+    if (accountName) {
+        const env = resolveEnvironmentFromAccountName(accountName);
+        if (env) {
+            cachedEnvironment = env;
+            return cachedEnvironment;
+        }
+    }
+    // 5. Fallback
+    console.warn("[fjall] Could not determine environment. " +
+        "Set ENVIRONMENT env var or pass -c environment=<value>.");
+    cachedEnvironment = "unknown";
+    return cachedEnvironment;
+}
+/**
+ * Resolve an environment-specific value at CDK synth time.
+ *
+ * @param config - Object with `default` key and optional environment overrides
+ * @returns The value for the current environment, or the default
+ */
+function env(config) {
+    const environment = getEnvironment();
+    if (environment in config) {
+        return config[environment];
+    }
+    return config.default;
+}
+/**
+ * Reset the environment cache. For testing only.
+ */
+function _resetEnvironmentCache() {
+    cachedEnvironment = undefined;
+}
+/**
+ * Parse a `-c key=value` argument from process.argv.
+ */
+function parseContextArg(key) {
+    const args = process.argv;
+    for (let i = 0; i < args.length - 1; i++) {
+        if (args[i] === "-c") {
+            const parts = args[i + 1].split("=");
+            if (parts[0] === key && parts.length >= 2) {
+                return parts.slice(1).join("=");
+            }
+        }
+    }
+    return undefined;
+}
+/**
+ * Look up environment from account ID via fjall config providerAccounts.
+ */
+function resolveEnvironmentFromAccountId(accountId) {
+    try {
+        const config = util_1.Config.loadConfig();
+        const account = config.getProviderAccountById(accountId);
+        return account?.environment;
+    }
+    catch (err) {
+        // Config may not exist yet (first deploy, CI). Caller falls back to next strategy.
+        if (process.env.FJALL_DEBUG) {
+            const msg = err instanceof Error ? err.message : String(err);
+            process.stderr.write(`[fjall] Config lookup by accountId failed: ${msg}\n`);
+        }
+        return undefined;
+    }
+}
+/**
+ * Look up environment from account name via fjall config providerAccounts.
+ */
+function resolveEnvironmentFromAccountName(accountName) {
+    try {
+        const config = util_1.Config.loadConfig();
+        const account = config.getProviderAccount(accountName);
+        return account?.environment;
+    }
+    catch (err) {
+        // Config may not exist yet (first deploy, CI). Caller falls back to next strategy.
+        if (process.env.FJALL_DEBUG) {
+            const msg = err instanceof Error ? err.message : String(err);
+            process.stderr.write(`[fjall] Config lookup by accountName failed: ${msg}\n`);
+        }
+        return undefined;
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW52LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vbGliL3V0aWxzL2Vudi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQWlDQSx3Q0E2Q0M7QUFRRCxrQkFRQztBQUtELHdEQUVDO0FBckdELHNDQUFvRDtBQW9CcEQsSUFBSSxpQkFBcUMsQ0FBQztBQUUxQzs7Ozs7Ozs7OztHQVVHO0FBQ0gsU0FBZ0IsY0FBYztJQUM1QixJQUFJLGlCQUFpQixLQUFLLFNBQVMsRUFBRSxDQUFDO1FBQ3BDLE9BQU8saUJBQWlCLENBQUM7SUFDM0IsQ0FBQztJQUVELDZCQUE2QjtJQUM3QixJQUFJLE9BQU8sQ0FBQyxHQUFHLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDNUIsaUJBQWlCLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxXQUFXLENBQUM7UUFDNUMsT0FBTyxpQkFBaUIsQ0FBQztJQUMzQixDQUFDO0lBRUQsOENBQThDO0lBQzlDLE1BQU0sV0FBVyxHQUFHLGVBQWUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNuRCxJQUFJLFdBQVcsRUFBRSxDQUFDO1FBQ2hCLGlCQUFpQixHQUFHLFdBQVcsQ0FBQztRQUNoQyxPQUFPLGlCQUFpQixDQUFDO0lBQzNCLENBQUM7SUFFRCxtREFBbUQ7SUFDbkQsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtQkFBbUIsQ0FBQztJQUNsRCxJQUFJLFNBQVMsRUFBRSxDQUFDO1FBQ2QsTUFBTSxHQUFHLEdBQUcsK0JBQStCLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDdkQsSUFBSSxHQUFHLEVBQUUsQ0FBQztZQUNSLGlCQUFpQixHQUFHLEdBQUcsQ0FBQztZQUN4QixPQUFPLGlCQUFpQixDQUFDO1FBQzNCLENBQUM7SUFDSCxDQUFDO0lBRUQsc0RBQXNEO0lBQ3RELE1BQU0sV0FBVyxHQUFHLGVBQWUsQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUNuRCxJQUFJLFdBQVcsRUFBRSxDQUFDO1FBQ2hCLE1BQU0sR0FBRyxHQUFHLGlDQUFpQyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQzNELElBQUksR0FBRyxFQUFFLENBQUM7WUFDUixpQkFBaUIsR0FBRyxHQUFHLENBQUM7WUFDeEIsT0FBTyxpQkFBaUIsQ0FBQztRQUMzQixDQUFDO0lBQ0gsQ0FBQztJQUVELGNBQWM7SUFDZCxPQUFPLENBQUMsSUFBSSxDQUNWLDJDQUEyQztRQUN6Qyx5REFBeUQsQ0FDNUQsQ0FBQztJQUNGLGlCQUFpQixHQUFHLFNBQVMsQ0FBQztJQUM5QixPQUFPLGlCQUFpQixDQUFDO0FBQzNCLENBQUM7QUFFRDs7Ozs7R0FLRztBQUNILFNBQWdCLEdBQUcsQ0FBSSxNQUFvQjtJQUN6QyxNQUFNLFdBQVcsR0FBRyxjQUFjLEVBQUUsQ0FBQztJQUVyQyxJQUFJLFdBQVcsSUFBSSxNQUFNLEVBQUUsQ0FBQztRQUMxQixPQUFPLE1BQU0sQ0FBQyxXQUFXLENBQU0sQ0FBQztJQUNsQyxDQUFDO0lBRUQsT0FBTyxNQUFNLENBQUMsT0FBTyxDQUFDO0FBQ3hCLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLHNCQUFzQjtJQUNwQyxpQkFBaUIsR0FBRyxTQUFTLENBQUM7QUFDaEMsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBUyxlQUFlLENBQUMsR0FBVztJQUNsQyxNQUFNLElBQUksR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDO0lBQzFCLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxJQUFJLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDO1FBQ3pDLElBQUksSUFBSSxDQUFDLENBQUMsQ0FBQyxLQUFLLElBQUksRUFBRSxDQUFDO1lBQ3JCLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQ3JDLElBQUksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLEdBQUcsSUFBSSxLQUFLLENBQUMsTUFBTSxJQUFJLENBQUMsRUFBRSxDQUFDO2dCQUMxQyxPQUFPLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQ2xDLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUNELE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQVMsK0JBQStCLENBQ3RDLFNBQWlCO0lBRWpCLElBQUksQ0FBQztRQUNILE1BQU0sTUFBTSxHQUFHLGFBQVcsQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUN4QyxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsc0JBQXNCLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDekQsT0FBTyxPQUFPLEVBQUUsV0FBVyxDQUFDO0lBQzlCLENBQUM7SUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO1FBQ2IsbUZBQW1GO1FBQ25GLElBQUksT0FBTyxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUM1QixNQUFNLEdBQUcsR0FBRyxHQUFHLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDN0QsT0FBTyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQ2xCLDhDQUE4QyxHQUFHLElBQUksQ0FDdEQsQ0FBQztRQUNKLENBQUM7UUFDRCxPQUFPLFNBQVMsQ0FBQztJQUNuQixDQUFDO0FBQ0gsQ0FBQztBQUVEOztHQUVHO0FBQ0gsU0FBUyxpQ0FBaUMsQ0FDeEMsV0FBbUI7SUFFbkIsSUFBSSxDQUFDO1FBQ0gsTUFBTSxNQUFNLEdBQUcsYUFBVyxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ3hDLE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUN2RCxPQUFPLE9BQU8sRUFBRSxXQUFXLENBQUM7SUFDOUIsQ0FBQztJQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7UUFDYixtRkFBbUY7UUFDbkYsSUFBSSxPQUFPLENBQUMsR0FBRyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQzVCLE1BQU0sR0FBRyxHQUFHLEdBQUcsWUFBWSxLQUFLLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUM3RCxPQUFPLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FDbEIsZ0RBQWdELEdBQUcsSUFBSSxDQUN4RCxDQUFDO1FBQ0osQ0FBQztRQUNELE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUM7QUFDSCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgQ29uZmlnIGFzIEZqYWxsQ29uZmlnIH0gZnJvbSBcIkBmamFsbC91dGlsXCI7XG5cbi8qKlxuICogRGVjbGFyYXRpdmUgZW52aXJvbm1lbnQgY29uZmlndXJhdGlvbiB1dGlsaXR5LlxuICpcbiAqIFJlc29sdmVzIGVudmlyb25tZW50LXNwZWNpZmljIHZhbHVlcyBhdCBDREsgc3ludGggdGltZSB3aXRob3V0IHJlcXVpcmluZ1xuICogYW4gQXBwIGluc3RhbmNlLiBUaGlzIGFsbG93cyBgZW52KClgIHRvIGJlIHVzZWQgaW4gYEFwcC5nZXRBcHAoKWAgYXJndW1lbnRzLlxuICpcbiAqIEBleGFtcGxlXG4gKiBgYGB0c1xuICogaW1wb3J0IHsgQXBwLCBlbnYgfSBmcm9tIFwiQGZqYWxsL2NvbXBvbmVudHMtaW5mcmFzdHJ1Y3R1cmVcIjtcbiAqXG4gKiBjb25zdCBhcHAgPSBBcHAuZ2V0QXBwKFwibXlhcHBcIiwge1xuICogICBuZXR3b3JrOiB7IG1heEF6czogZW52KHsgZGVmYXVsdDogMiwgcHJvZHVjdGlvbjogMyB9KSB9XG4gKiB9KTtcbiAqIGBgYFxuICovXG5cbnR5cGUgRW52Q29uZmlnPFQ+ID0geyBkZWZhdWx0OiBUIH0gJiBQYXJ0aWFsPFJlY29yZDxzdHJpbmcsIFQ+PjtcblxubGV0IGNhY2hlZEVudmlyb25tZW50OiBzdHJpbmcgfCB1bmRlZmluZWQ7XG5cbi8qKlxuICogUmVzb2x2ZSB0aGUgY3VycmVudCBkZXBsb3ltZW50IGVudmlyb25tZW50IHdpdGhvdXQgQXBwIGRlcGVuZGVuY3kuXG4gKlxuICogUmVzb2x1dGlvbiBvcmRlcjpcbiAqIDEuIE1vZHVsZSBjYWNoZSAoY2FjaGVkIGFmdGVyIGZpcnN0IGNhbGwpXG4gKiAyLiBgcHJvY2Vzcy5lbnYuRU5WSVJPTk1FTlRgXG4gKiAzLiBgLWMgZW52aXJvbm1lbnQ9PHZhbHVlPmAgZnJvbSBwcm9jZXNzLmFyZ3ZcbiAqIDQuIGBDREtfREVGQVVMVF9BQ0NPVU5UYCDihpIgcHJvdmlkZXJBY2NvdW50cyBsb29rdXBcbiAqIDUuIGAtYyBhY2NvdW50TmFtZT08dmFsdWU+YCDihpIgcHJvdmlkZXJBY2NvdW50cyBsb29rdXBcbiAqIDYuIGBcInVua25vd25cImAgKHdpdGggd2FybmluZylcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGdldEVudmlyb25tZW50KCk6IHN0cmluZyB7XG4gIGlmIChjYWNoZWRFbnZpcm9ubWVudCAhPT0gdW5kZWZpbmVkKSB7XG4gICAgcmV0dXJuIGNhY2hlZEVudmlyb25tZW50O1xuICB9XG5cbiAgLy8gMS4gcHJvY2Vzcy5lbnYuRU5WSVJPTk1FTlRcbiAgaWYgKHByb2Nlc3MuZW52LkVOVklST05NRU5UKSB7XG4gICAgY2FjaGVkRW52aXJvbm1lbnQgPSBwcm9jZXNzLmVudi5FTlZJUk9OTUVOVDtcbiAgICByZXR1cm4gY2FjaGVkRW52aXJvbm1lbnQ7XG4gIH1cblxuICAvLyAyLiAtYyBlbnZpcm9ubWVudD08dmFsdWU+IGZyb20gcHJvY2Vzcy5hcmd2XG4gIGNvbnN0IGVudkZyb21Bcmd2ID0gcGFyc2VDb250ZXh0QXJnKFwiZW52aXJvbm1lbnRcIik7XG4gIGlmIChlbnZGcm9tQXJndikge1xuICAgIGNhY2hlZEVudmlyb25tZW50ID0gZW52RnJvbUFyZ3Y7XG4gICAgcmV0dXJuIGNhY2hlZEVudmlyb25tZW50O1xuICB9XG5cbiAgLy8gMy4gQ0RLX0RFRkFVTFRfQUNDT1VOVCDihpIgcHJvdmlkZXJBY2NvdW50cyBsb29rdXBcbiAgY29uc3QgYWNjb3VudElkID0gcHJvY2Vzcy5lbnYuQ0RLX0RFRkFVTFRfQUNDT1VOVDtcbiAgaWYgKGFjY291bnRJZCkge1xuICAgIGNvbnN0IGVudiA9IHJlc29sdmVFbnZpcm9ubWVudEZyb21BY2NvdW50SWQoYWNjb3VudElkKTtcbiAgICBpZiAoZW52KSB7XG4gICAgICBjYWNoZWRFbnZpcm9ubWVudCA9IGVudjtcbiAgICAgIHJldHVybiBjYWNoZWRFbnZpcm9ubWVudDtcbiAgICB9XG4gIH1cblxuICAvLyA0LiAtYyBhY2NvdW50TmFtZT08dmFsdWU+IOKGkiBwcm92aWRlckFjY291bnRzIGxvb2t1cFxuICBjb25zdCBhY2NvdW50TmFtZSA9IHBhcnNlQ29udGV4dEFyZyhcImFjY291bnROYW1lXCIpO1xuICBpZiAoYWNjb3VudE5hbWUpIHtcbiAgICBjb25zdCBlbnYgPSByZXNvbHZlRW52aXJvbm1lbnRGcm9tQWNjb3VudE5hbWUoYWNjb3VudE5hbWUpO1xuICAgIGlmIChlbnYpIHtcbiAgICAgIGNhY2hlZEVudmlyb25tZW50ID0gZW52O1xuICAgICAgcmV0dXJuIGNhY2hlZEVudmlyb25tZW50O1xuICAgIH1cbiAgfVxuXG4gIC8vIDUuIEZhbGxiYWNrXG4gIGNvbnNvbGUud2FybihcbiAgICBcIltmamFsbF0gQ291bGQgbm90IGRldGVybWluZSBlbnZpcm9ubWVudC4gXCIgK1xuICAgICAgXCJTZXQgRU5WSVJPTk1FTlQgZW52IHZhciBvciBwYXNzIC1jIGVudmlyb25tZW50PTx2YWx1ZT4uXCJcbiAgKTtcbiAgY2FjaGVkRW52aXJvbm1lbnQgPSBcInVua25vd25cIjtcbiAgcmV0dXJuIGNhY2hlZEVudmlyb25tZW50O1xufVxuXG4vKipcbiAqIFJlc29sdmUgYW4gZW52aXJvbm1lbnQtc3BlY2lmaWMgdmFsdWUgYXQgQ0RLIHN5bnRoIHRpbWUuXG4gKlxuICogQHBhcmFtIGNvbmZpZyAtIE9iamVjdCB3aXRoIGBkZWZhdWx0YCBrZXkgYW5kIG9wdGlvbmFsIGVudmlyb25tZW50IG92ZXJyaWRlc1xuICogQHJldHVybnMgVGhlIHZhbHVlIGZvciB0aGUgY3VycmVudCBlbnZpcm9ubWVudCwgb3IgdGhlIGRlZmF1bHRcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGVudjxUPihjb25maWc6IEVudkNvbmZpZzxUPik6IFQge1xuICBjb25zdCBlbnZpcm9ubWVudCA9IGdldEVudmlyb25tZW50KCk7XG5cbiAgaWYgKGVudmlyb25tZW50IGluIGNvbmZpZykge1xuICAgIHJldHVybiBjb25maWdbZW52aXJvbm1lbnRdIGFzIFQ7XG4gIH1cblxuICByZXR1cm4gY29uZmlnLmRlZmF1bHQ7XG59XG5cbi8qKlxuICogUmVzZXQgdGhlIGVudmlyb25tZW50IGNhY2hlLiBGb3IgdGVzdGluZyBvbmx5LlxuICovXG5leHBvcnQgZnVuY3Rpb24gX3Jlc2V0RW52aXJvbm1lbnRDYWNoZSgpOiB2b2lkIHtcbiAgY2FjaGVkRW52aXJvbm1lbnQgPSB1bmRlZmluZWQ7XG59XG5cbi8qKlxuICogUGFyc2UgYSBgLWMga2V5PXZhbHVlYCBhcmd1bWVudCBmcm9tIHByb2Nlc3MuYXJndi5cbiAqL1xuZnVuY3Rpb24gcGFyc2VDb250ZXh0QXJnKGtleTogc3RyaW5nKTogc3RyaW5nIHwgdW5kZWZpbmVkIHtcbiAgY29uc3QgYXJncyA9IHByb2Nlc3MuYXJndjtcbiAgZm9yIChsZXQgaSA9IDA7IGkgPCBhcmdzLmxlbmd0aCAtIDE7IGkrKykge1xuICAgIGlmIChhcmdzW2ldID09PSBcIi1jXCIpIHtcbiAgICAgIGNvbnN0IHBhcnRzID0gYXJnc1tpICsgMV0uc3BsaXQoXCI9XCIpO1xuICAgICAgaWYgKHBhcnRzWzBdID09PSBrZXkgJiYgcGFydHMubGVuZ3RoID49IDIpIHtcbiAgICAgICAgcmV0dXJuIHBhcnRzLnNsaWNlKDEpLmpvaW4oXCI9XCIpO1xuICAgICAgfVxuICAgIH1cbiAgfVxuICByZXR1cm4gdW5kZWZpbmVkO1xufVxuXG4vKipcbiAqIExvb2sgdXAgZW52aXJvbm1lbnQgZnJvbSBhY2NvdW50IElEIHZpYSBmamFsbCBjb25maWcgcHJvdmlkZXJBY2NvdW50cy5cbiAqL1xuZnVuY3Rpb24gcmVzb2x2ZUVudmlyb25tZW50RnJvbUFjY291bnRJZChcbiAgYWNjb3VudElkOiBzdHJpbmdcbik6IHN0cmluZyB8IHVuZGVmaW5lZCB7XG4gIHRyeSB7XG4gICAgY29uc3QgY29uZmlnID0gRmphbGxDb25maWcubG9hZENvbmZpZygpO1xuICAgIGNvbnN0IGFjY291bnQgPSBjb25maWcuZ2V0UHJvdmlkZXJBY2NvdW50QnlJZChhY2NvdW50SWQpO1xuICAgIHJldHVybiBhY2NvdW50Py5lbnZpcm9ubWVudDtcbiAgfSBjYXRjaCAoZXJyKSB7XG4gICAgLy8gQ29uZmlnIG1heSBub3QgZXhpc3QgeWV0IChmaXJzdCBkZXBsb3ksIENJKS4gQ2FsbGVyIGZhbGxzIGJhY2sgdG8gbmV4dCBzdHJhdGVneS5cbiAgICBpZiAocHJvY2Vzcy5lbnYuRkpBTExfREVCVUcpIHtcbiAgICAgIGNvbnN0IG1zZyA9IGVyciBpbnN0YW5jZW9mIEVycm9yID8gZXJyLm1lc3NhZ2UgOiBTdHJpbmcoZXJyKTtcbiAgICAgIHByb2Nlc3Muc3RkZXJyLndyaXRlKFxuICAgICAgICBgW2ZqYWxsXSBDb25maWcgbG9va3VwIGJ5IGFjY291bnRJZCBmYWlsZWQ6ICR7bXNnfVxcbmBcbiAgICAgICk7XG4gICAgfVxuICAgIHJldHVybiB1bmRlZmluZWQ7XG4gIH1cbn1cblxuLyoqXG4gKiBMb29rIHVwIGVudmlyb25tZW50IGZyb20gYWNjb3VudCBuYW1lIHZpYSBmamFsbCBjb25maWcgcHJvdmlkZXJBY2NvdW50cy5cbiAqL1xuZnVuY3Rpb24gcmVzb2x2ZUVudmlyb25tZW50RnJvbUFjY291bnROYW1lKFxuICBhY2NvdW50TmFtZTogc3RyaW5nXG4pOiBzdHJpbmcgfCB1bmRlZmluZWQge1xuICB0cnkge1xuICAgIGNvbnN0IGNvbmZpZyA9IEZqYWxsQ29uZmlnLmxvYWRDb25maWcoKTtcbiAgICBjb25zdCBhY2NvdW50ID0gY29uZmlnLmdldFByb3ZpZGVyQWNjb3VudChhY2NvdW50TmFtZSk7XG4gICAgcmV0dXJuIGFjY291bnQ/LmVudmlyb25tZW50O1xuICB9IGNhdGNoIChlcnIpIHtcbiAgICAvLyBDb25maWcgbWF5IG5vdCBleGlzdCB5ZXQgKGZpcnN0IGRlcGxveSwgQ0kpLiBDYWxsZXIgZmFsbHMgYmFjayB0byBuZXh0IHN0cmF0ZWd5LlxuICAgIGlmIChwcm9jZXNzLmVudi5GSkFMTF9ERUJVRykge1xuICAgICAgY29uc3QgbXNnID0gZXJyIGluc3RhbmNlb2YgRXJyb3IgPyBlcnIubWVzc2FnZSA6IFN0cmluZyhlcnIpO1xuICAgICAgcHJvY2Vzcy5zdGRlcnIud3JpdGUoXG4gICAgICAgIGBbZmphbGxdIENvbmZpZyBsb29rdXAgYnkgYWNjb3VudE5hbWUgZmFpbGVkOiAke21zZ31cXG5gXG4gICAgICApO1xuICAgIH1cbiAgICByZXR1cm4gdW5kZWZpbmVkO1xuICB9XG59XG4iXX0=

package/dist/lib/utils/getConfig.d.ts

@@ -1,10 +1,8 @@
 import { type Account } from "@aws-sdk/client-organizations";
-import { type ICostAllocationTags } from "../config/aws";
 export interface Config {
     region: string;
     environment: string;
     existingAccounts: Account[];
-    costAllocationTags: ICostAllocationTags[];
     accountId?: string;
     accountName?: string;
     accountIds?: Record<string, string>;