@fjall/components-infrastructure 0.88.3 → 0.89.2

package/dist/lib/utils/connections.js

@@ -0,0 +1,159 @@
+"use strict";
+/**
+ * Shared connection processor for unified connector interface.
+ *
+ * This module provides the `processConnections` function that handles
+ * both security group rules (IConnectable) and IAM grants (IGrantable)
+ * in a unified way.
+ *
+ * @example
+ * // In ECS service setup
+ * processConnections(
+ *   serviceProps.connections,
+ *   serviceData.taskRole,  // IGrantable for IAM
+ *   service               // IConnectable for security groups
+ * );
+ *
+ * @example
+ * // In Lambda setup
+ * processConnections(
+ *   props.connections,
+ *   this.lambdaFunction,  // IGrantable (execution role)
+ *   this.lambdaFunction   // IConnectable (security group)
+ * );
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processConnections = processConnections;
+const connector_js_1 = require("./connector.js");
+/** Default access levels for each connector type. */
+const DEFAULT_ACCESS = {
+    storage: "readWrite",
+    dynamodb: "readWrite",
+    queue: "full"
+};
+/** Grant storage access based on access level. */
+function processStorageConnection(connector, grantee, access) {
+    switch (access) {
+        case "read":
+            return connector.grantRead(grantee);
+        case "write":
+            return connector.grantWrite(grantee);
+        case "readWrite":
+            return connector.grantReadWrite(grantee);
+    }
+}
+/** Grant DynamoDB access based on access level. */
+function processDynamoDBConnection(connector, grantee, access) {
+    switch (access) {
+        case "read":
+            return connector.grantReadData(grantee);
+        case "write":
+            return connector.grantWriteData(grantee);
+        case "readWrite":
+            return connector.grantReadWriteData(grantee);
+    }
+}
+/** Grant queue access based on access level. */
+function processQueueConnection(connector, grantee, access) {
+    switch (access) {
+        case "send":
+            return connector.grantSendMessages(grantee);
+        case "consume":
+            return connector.grantConsumeMessages(grantee);
+        case "full":
+            return connector.grantFull(grantee);
+    }
+}
+/** Build an IAM connection result. */
+function buildIamResult(connector, grant) {
+    return { resource: connector, grant, connectionType: connector_js_1.CONNECTION_TYPE.IAM };
+}
+/** Build a security group connection result. */
+function buildSecurityGroupResult(resource) {
+    return { resource, connectionType: connector_js_1.CONNECTION_TYPE.SECURITY_GROUP };
+}
+/** Validate and narrow access type for storage/dynamodb connectors. */
+function validateConnectionAccess(access, connectorType, defaultAccess) {
+    if (access === undefined)
+        return defaultAccess;
+    if ((0, connector_js_1.isConnectionAccess)(access))
+        return access;
+    throw new Error(`Invalid access "${access}" for ${connectorType} connector. ` +
+        `Valid values: read, write, readWrite`);
+}
+/** Validate and narrow access type for queue connectors. */
+function validateMessagingAccess(access, defaultAccess) {
+    if (access === undefined)
+        return defaultAccess;
+    if ((0, connector_js_1.isMessagingAccess)(access))
+        return access;
+    throw new Error(`Invalid access "${access}" for queue connector. ` +
+        `Valid values: send, consume, full`);
+}
+/**
+ * Require IConnectable for security group operations.
+ * Throws a descriptive error if not provided.
+ */
+function requireConnectable(connectable, context) {
+    if (!connectable) {
+        throw new Error(`${context} requires an IConnectable to be provided. ` +
+            "Ensure the compute resource (ECS, EC2, Lambda with VPC) implements IConnectable.");
+    }
+}
+/**
+ * Process connections from compute resources to data resources.
+ *
+ * Handles the unified connector interface, dispatching to:
+ * - Security group rules for IConnectable and ISecurityGroupConnector resources
+ * - IAM grants for IStorageConnector, IDynamoDBConnector, and IQueueConnector resources
+ *
+ * @param connections - Array of connection specifications
+ * @param grantee - The IAM grantee (task role, execution role, etc.)
+ * @param connectable - Optional IConnectable for security group rules
+ * @returns Array of connection results
+ *
+ * @example
+ * processConnections(
+ *   [database, { resource: bucket, access: "read" }, queue],
+ *   taskRole,
+ *   service
+ * );
+ */
+function processConnections(connections, grantee, connectable) {
+    return connections.map((spec) => {
+        const { resource, access } = (0, connector_js_1.isConnectionConfig)(spec)
+            ? { resource: spec.resource, access: spec.access }
+            : { resource: spec, access: undefined };
+        // Handle unified connector interface (isConnector now returns AnyConnector)
+        if ((0, connector_js_1.isConnector)(resource)) {
+            switch (resource.connectorType) {
+                case "storage": {
+                    const validAccess = validateConnectionAccess(access, "storage", DEFAULT_ACCESS.storage);
+                    return buildIamResult(resource, processStorageConnection(resource, grantee, validAccess));
+                }
+                case "dynamodb": {
+                    const validAccess = validateConnectionAccess(access, "dynamodb", DEFAULT_ACCESS.dynamodb);
+                    return buildIamResult(resource, processDynamoDBConnection(resource, grantee, validAccess));
+                }
+                case "queue": {
+                    const validAccess = validateMessagingAccess(access, DEFAULT_ACCESS.queue);
+                    return buildIamResult(resource, processQueueConnection(resource, grantee, validAccess));
+                }
+                case "securityGroup":
+                case "relational": {
+                    requireConnectable(connectable, `${resource.connectorType} connector`);
+                    connectable.connections.allowToDefaultPort(resource);
+                    return buildSecurityGroupResult(resource);
+                }
+            }
+        }
+        // Legacy IConnectable path
+        if ((0, connector_js_1.isConnectable)(resource)) {
+            requireConnectable(connectable, "IConnectable resource");
+            connectable.connections.allowToDefaultPort(resource);
+            return buildSecurityGroupResult(resource);
+        }
+        throw new Error("Connection resource must be either an IConnector or IConnectable");
+    });
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29ubmVjdGlvbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9saWIvdXRpbHMvY29ubmVjdGlvbnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBc0JHOztBQXlKSCxnREF1RUM7QUE1TkQsaURBZXdCO0FBRXhCLHFEQUFxRDtBQUNyRCxNQUFNLGNBQWMsR0FBRztJQUNyQixPQUFPLEVBQUUsV0FBVztJQUNwQixRQUFRLEVBQUUsV0FBVztJQUNyQixLQUFLLEVBQUUsTUFBTTtDQUNMLENBQUM7QUFFWCxrREFBa0Q7QUFDbEQsU0FBUyx3QkFBd0IsQ0FDL0IsU0FBNEIsRUFDNUIsT0FBbUIsRUFDbkIsTUFBd0I7SUFFeEIsUUFBUSxNQUFNLEVBQUUsQ0FBQztRQUNmLEtBQUssTUFBTTtZQUNULE9BQU8sU0FBUyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN0QyxLQUFLLE9BQU87WUFDVixPQUFPLFNBQVMsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDdkMsS0FBSyxXQUFXO1lBQ2QsT0FBTyxTQUFTLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzdDLENBQUM7QUFDSCxDQUFDO0FBRUQsbURBQW1EO0FBQ25ELFNBQVMseUJBQXlCLENBQ2hDLFNBQTZCLEVBQzdCLE9BQW1CLEVBQ25CLE1BQXdCO0lBRXhCLFFBQVEsTUFBTSxFQUFFLENBQUM7UUFDZixLQUFLLE1BQU07WUFDVCxPQUFPLFNBQVMsQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDMUMsS0FBSyxPQUFPO1lBQ1YsT0FBTyxTQUFTLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQzNDLEtBQUssV0FBVztZQUNkLE9BQU8sU0FBUyxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQ2pELENBQUM7QUFDSCxDQUFDO0FBRUQsZ0RBQWdEO0FBQ2hELFNBQVMsc0JBQXNCLENBQzdCLFNBQTBCLEVBQzFCLE9BQW1CLEVBQ25CLE1BQXVCO0lBRXZCLFFBQVEsTUFBTSxFQUFFLENBQUM7UUFDZixLQUFLLE1BQU07WUFDVCxPQUFPLFNBQVMsQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM5QyxLQUFLLFNBQVM7WUFDWixPQUFPLFNBQVMsQ0FBQyxvQkFBb0IsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNqRCxLQUFLLE1BQU07WUFDVCxPQUFPLFNBQVMsQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDeEMsQ0FBQztBQUNILENBQUM7QUFFRCxzQ0FBc0M7QUFDdEMsU0FBUyxjQUFjLENBQ3JCLFNBQXVCLEVBQ3ZCLEtBQVk7SUFFWixPQUFPLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsY0FBYyxFQUFFLDhCQUFlLENBQUMsR0FBRyxFQUFFLENBQUM7QUFDN0UsQ0FBQztBQUVELGdEQUFnRDtBQUNoRCxTQUFTLHdCQUF3QixDQUMvQixRQUFxQztJQUVyQyxPQUFPLEVBQUUsUUFBUSxFQUFFLGNBQWMsRUFBRSw4QkFBZSxDQUFDLGNBQWMsRUFBRSxDQUFDO0FBQ3RFLENBQUM7QUFFRCx1RUFBdUU7QUFDdkUsU0FBUyx3QkFBd0IsQ0FDL0IsTUFBc0QsRUFDdEQsYUFBcUIsRUFDckIsYUFBK0I7SUFFL0IsSUFBSSxNQUFNLEtBQUssU0FBUztRQUFFLE9BQU8sYUFBYSxDQUFDO0lBQy9DLElBQUksSUFBQSxpQ0FBa0IsRUFBQyxNQUFNLENBQUM7UUFBRSxPQUFPLE1BQU0sQ0FBQztJQUM5QyxNQUFNLElBQUksS0FBSyxDQUNiLG1CQUFtQixNQUFNLFNBQVMsYUFBYSxjQUFjO1FBQzNELHNDQUFzQyxDQUN6QyxDQUFDO0FBQ0osQ0FBQztBQUVELDREQUE0RDtBQUM1RCxTQUFTLHVCQUF1QixDQUM5QixNQUFzRCxFQUN0RCxhQUE4QjtJQUU5QixJQUFJLE1BQU0sS0FBSyxTQUFTO1FBQUUsT0FBTyxhQUFhLENBQUM7SUFDL0MsSUFBSSxJQUFBLGdDQUFpQixFQUFDLE1BQU0sQ0FBQztRQUFFLE9BQU8sTUFBTSxDQUFDO0lBQzdDLE1BQU0sSUFBSSxLQUFLLENBQ2IsbUJBQW1CLE1BQU0seUJBQXlCO1FBQ2hELG1DQUFtQyxDQUN0QyxDQUFDO0FBQ0osQ0FBQztBQUVEOzs7R0FHRztBQUNILFNBQVMsa0JBQWtCLENBQ3pCLFdBQXFDLEVBQ3JDLE9BQWU7SUFFZixJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDakIsTUFBTSxJQUFJLEtBQUssQ0FDYixHQUFHLE9BQU8sNENBQTRDO1lBQ3BELGtGQUFrRixDQUNyRixDQUFDO0lBQ0osQ0FBQztBQUNILENBQUM7QUFFRDs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBa0JHO0FBQ0gsU0FBZ0Isa0JBQWtCLENBQ2hDLFdBQTZCLEVBQzdCLE9BQW1CLEVBQ25CLFdBQTBCO0lBRTFCLE9BQU8sV0FBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFO1FBQzlCLE1BQU0sRUFBRSxRQUFRLEVBQUUsTUFBTSxFQUFFLEdBQUcsSUFBQSxpQ0FBa0IsRUFBQyxJQUFJLENBQUM7WUFDbkQsQ0FBQyxDQUFDLEVBQUUsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRLEVBQUUsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNLEVBQUU7WUFDbEQsQ0FBQyxDQUFDLEVBQUUsUUFBUSxFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsU0FBUyxFQUFFLENBQUM7UUFFMUMsNEVBQTRFO1FBQzVFLElBQUksSUFBQSwwQkFBVyxFQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDMUIsUUFBUSxRQUFRLENBQUMsYUFBYSxFQUFFLENBQUM7Z0JBQy9CLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQztvQkFDZixNQUFNLFdBQVcsR0FBRyx3QkFBd0IsQ0FDMUMsTUFBTSxFQUNOLFNBQVMsRUFDVCxjQUFjLENBQUMsT0FBTyxDQUN2QixDQUFDO29CQUNGLE9BQU8sY0FBYyxDQUNuQixRQUFRLEVBQ1Isd0JBQXdCLENBQUMsUUFBUSxFQUFFLE9BQU8sRUFBRSxXQUFXLENBQUMsQ0FDekQsQ0FBQztnQkFDSixDQUFDO2dCQUVELEtBQUssVUFBVSxDQUFDLENBQUMsQ0FBQztvQkFDaEIsTUFBTSxXQUFXLEdBQUcsd0JBQXdCLENBQzFDLE1BQU0sRUFDTixVQUFVLEVBQ1YsY0FBYyxDQUFDLFFBQVEsQ0FDeEIsQ0FBQztvQkFDRixPQUFPLGNBQWMsQ0FDbkIsUUFBUSxFQUNSLHlCQUF5QixDQUFDLFFBQVEsRUFBRSxPQUFPLEVBQUUsV0FBVyxDQUFDLENBQzFELENBQUM7Z0JBQ0osQ0FBQztnQkFFRCxLQUFLLE9BQU8sQ0FBQyxDQUFDLENBQUM7b0JBQ2IsTUFBTSxXQUFXLEdBQUcsdUJBQXVCLENBQ3pDLE1BQU0sRUFDTixjQUFjLENBQUMsS0FBSyxDQUNyQixDQUFDO29CQUNGLE9BQU8sY0FBYyxDQUNuQixRQUFRLEVBQ1Isc0JBQXNCLENBQUMsUUFBUSxFQUFFLE9BQU8sRUFBRSxXQUFXLENBQUMsQ0FDdkQsQ0FBQztnQkFDSixDQUFDO2dCQUVELEtBQUssZUFBZSxDQUFDO2dCQUNyQixLQUFLLFlBQVksQ0FBQyxDQUFDLENBQUM7b0JBQ2xCLGtCQUFrQixDQUNoQixXQUFXLEVBQ1gsR0FBRyxRQUFRLENBQUMsYUFBYSxZQUFZLENBQ3RDLENBQUM7b0JBQ0YsV0FBVyxDQUFDLFdBQVcsQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztvQkFDckQsT0FBTyx3QkFBd0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztnQkFDNUMsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQsMkJBQTJCO1FBQzNCLElBQUksSUFBQSw0QkFBYSxFQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDNUIsa0JBQWtCLENBQUMsV0FBVyxFQUFFLHVCQUF1QixDQUFDLENBQUM7WUFDekQsV0FBVyxDQUFDLFdBQVcsQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUNyRCxPQUFPLHdCQUF3QixDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQzVDLENBQUM7UUFFRCxNQUFNLElBQUksS0FBSyxDQUNiLGtFQUFrRSxDQUNuRSxDQUFDO0lBQ0osQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiBTaGFyZWQgY29ubmVjdGlvbiBwcm9jZXNzb3IgZm9yIHVuaWZpZWQgY29ubmVjdG9yIGludGVyZmFjZS5cbiAqXG4gKiBUaGlzIG1vZHVsZSBwcm92aWRlcyB0aGUgYHByb2Nlc3NDb25uZWN0aW9uc2AgZnVuY3Rpb24gdGhhdCBoYW5kbGVzXG4gKiBib3RoIHNlY3VyaXR5IGdyb3VwIHJ1bGVzIChJQ29ubmVjdGFibGUpIGFuZCBJQU0gZ3JhbnRzIChJR3JhbnRhYmxlKVxuICogaW4gYSB1bmlmaWVkIHdheS5cbiAqXG4gKiBAZXhhbXBsZVxuICogLy8gSW4gRUNTIHNlcnZpY2Ugc2V0dXBcbiAqIHByb2Nlc3NDb25uZWN0aW9ucyhcbiAqICAgc2VydmljZVByb3BzLmNvbm5lY3Rpb25zLFxuICogICBzZXJ2aWNlRGF0YS50YXNrUm9sZSwgIC8vIElHcmFudGFibGUgZm9yIElBTVxuICogICBzZXJ2aWNlICAgICAgICAgICAgICAgLy8gSUNvbm5lY3RhYmxlIGZvciBzZWN1cml0eSBncm91cHNcbiAqICk7XG4gKlxuICogQGV4YW1wbGVcbiAqIC8vIEluIExhbWJkYSBzZXR1cFxuICogcHJvY2Vzc0Nvbm5lY3Rpb25zKFxuICogICBwcm9wcy5jb25uZWN0aW9ucyxcbiAqICAgdGhpcy5sYW1iZGFGdW5jdGlvbiwgIC8vIElHcmFudGFibGUgKGV4ZWN1dGlvbiByb2xlKVxuICogICB0aGlzLmxhbWJkYUZ1bmN0aW9uICAgLy8gSUNvbm5lY3RhYmxlIChzZWN1cml0eSBncm91cClcbiAqICk7XG4gKi9cblxuaW1wb3J0IHsgdHlwZSBJQ29ubmVjdGFibGUgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjMlwiO1xuaW1wb3J0IHsgdHlwZSBJR3JhbnRhYmxlLCB0eXBlIEdyYW50IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIjtcbmltcG9ydCB7XG4gIHR5cGUgQ29ubmVjdGlvblNwZWMsXG4gIHR5cGUgQ29ubmVjdGlvblJlc3VsdCxcbiAgdHlwZSBDb25uZWN0aW9uQWNjZXNzLFxuICB0eXBlIE1lc3NhZ2luZ0FjY2VzcyxcbiAgdHlwZSBBbnlDb25uZWN0b3IsXG4gIHR5cGUgSVN0b3JhZ2VDb25uZWN0b3IsXG4gIHR5cGUgSUR5bmFtb0RCQ29ubmVjdG9yLFxuICB0eXBlIElRdWV1ZUNvbm5lY3RvcixcbiAgQ09OTkVDVElPTl9UWVBFLFxuICBpc0Nvbm5lY3Rpb25Db25maWcsXG4gIGlzQ29ubmVjdG9yLFxuICBpc0Nvbm5lY3RhYmxlLFxuICBpc0Nvbm5lY3Rpb25BY2Nlc3MsXG4gIGlzTWVzc2FnaW5nQWNjZXNzXG59IGZyb20gXCIuL2Nvbm5lY3Rvci5qc1wiO1xuXG4vKiogRGVmYXVsdCBhY2Nlc3MgbGV2ZWxzIGZvciBlYWNoIGNvbm5lY3RvciB0eXBlLiAqL1xuY29uc3QgREVGQVVMVF9BQ0NFU1MgPSB7XG4gIHN0b3JhZ2U6IFwicmVhZFdyaXRlXCIsXG4gIGR5bmFtb2RiOiBcInJlYWRXcml0ZVwiLFxuICBxdWV1ZTogXCJmdWxsXCJcbn0gYXMgY29uc3Q7XG5cbi8qKiBHcmFudCBzdG9yYWdlIGFjY2VzcyBiYXNlZCBvbiBhY2Nlc3MgbGV2ZWwuICovXG5mdW5jdGlvbiBwcm9jZXNzU3RvcmFnZUNvbm5lY3Rpb24oXG4gIGNvbm5lY3RvcjogSVN0b3JhZ2VDb25uZWN0b3IsXG4gIGdyYW50ZWU6IElHcmFudGFibGUsXG4gIGFjY2VzczogQ29ubmVjdGlvbkFjY2Vzc1xuKTogR3JhbnQge1xuICBzd2l0Y2ggKGFjY2Vzcykge1xuICAgIGNhc2UgXCJyZWFkXCI6XG4gICAgICByZXR1cm4gY29ubmVjdG9yLmdyYW50UmVhZChncmFudGVlKTtcbiAgICBjYXNlIFwid3JpdGVcIjpcbiAgICAgIHJldHVybiBjb25uZWN0b3IuZ3JhbnRXcml0ZShncmFudGVlKTtcbiAgICBjYXNlIFwicmVhZFdyaXRlXCI6XG4gICAgICByZXR1cm4gY29ubmVjdG9yLmdyYW50UmVhZFdyaXRlKGdyYW50ZWUpO1xuICB9XG59XG5cbi8qKiBHcmFudCBEeW5hbW9EQiBhY2Nlc3MgYmFzZWQgb24gYWNjZXNzIGxldmVsLiAqL1xuZnVuY3Rpb24gcHJvY2Vzc0R5bmFtb0RCQ29ubmVjdGlvbihcbiAgY29ubmVjdG9yOiBJRHluYW1vREJDb25uZWN0b3IsXG4gIGdyYW50ZWU6IElHcmFudGFibGUsXG4gIGFjY2VzczogQ29ubmVjdGlvbkFjY2Vzc1xuKTogR3JhbnQge1xuICBzd2l0Y2ggKGFjY2Vzcykge1xuICAgIGNhc2UgXCJyZWFkXCI6XG4gICAgICByZXR1cm4gY29ubmVjdG9yLmdyYW50UmVhZERhdGEoZ3JhbnRlZSk7XG4gICAgY2FzZSBcIndyaXRlXCI6XG4gICAgICByZXR1cm4gY29ubmVjdG9yLmdyYW50V3JpdGVEYXRhKGdyYW50ZWUpO1xuICAgIGNhc2UgXCJyZWFkV3JpdGVcIjpcbiAgICAgIHJldHVybiBjb25uZWN0b3IuZ3JhbnRSZWFkV3JpdGVEYXRhKGdyYW50ZWUpO1xuICB9XG59XG5cbi8qKiBHcmFudCBxdWV1ZSBhY2Nlc3MgYmFzZWQgb24gYWNjZXNzIGxldmVsLiAqL1xuZnVuY3Rpb24gcHJvY2Vzc1F1ZXVlQ29ubmVjdGlvbihcbiAgY29ubmVjdG9yOiBJUXVldWVDb25uZWN0b3IsXG4gIGdyYW50ZWU6IElHcmFudGFibGUsXG4gIGFjY2VzczogTWVzc2FnaW5nQWNjZXNzXG4pOiBHcmFudCB7XG4gIHN3aXRjaCAoYWNjZXNzKSB7XG4gICAgY2FzZSBcInNlbmRcIjpcbiAgICAgIHJldHVybiBjb25uZWN0b3IuZ3JhbnRTZW5kTWVzc2FnZXMoZ3JhbnRlZSk7XG4gICAgY2FzZSBcImNvbnN1bWVcIjpcbiAgICAgIHJldHVybiBjb25uZWN0b3IuZ3JhbnRDb25zdW1lTWVzc2FnZXMoZ3JhbnRlZSk7XG4gICAgY2FzZSBcImZ1bGxcIjpcbiAgICAgIHJldHVybiBjb25uZWN0b3IuZ3JhbnRGdWxsKGdyYW50ZWUpO1xuICB9XG59XG5cbi8qKiBCdWlsZCBhbiBJQU0gY29ubmVjdGlvbiByZXN1bHQuICovXG5mdW5jdGlvbiBidWlsZElhbVJlc3VsdChcbiAgY29ubmVjdG9yOiBBbnlDb25uZWN0b3IsXG4gIGdyYW50OiBHcmFudFxuKTogQ29ubmVjdGlvblJlc3VsdCB7XG4gIHJldHVybiB7IHJlc291cmNlOiBjb25uZWN0b3IsIGdyYW50LCBjb25uZWN0aW9uVHlwZTogQ09OTkVDVElPTl9UWVBFLklBTSB9O1xufVxuXG4vKiogQnVpbGQgYSBzZWN1cml0eSBncm91cCBjb25uZWN0aW9uIHJlc3VsdC4gKi9cbmZ1bmN0aW9uIGJ1aWxkU2VjdXJpdHlHcm91cFJlc3VsdChcbiAgcmVzb3VyY2U6IEFueUNvbm5lY3RvciB8IElDb25uZWN0YWJsZVxuKTogQ29ubmVjdGlvblJlc3VsdCB7XG4gIHJldHVybiB7IHJlc291cmNlLCBjb25uZWN0aW9uVHlwZTogQ09OTkVDVElPTl9UWVBFLlNFQ1VSSVRZX0dST1VQIH07XG59XG5cbi8qKiBWYWxpZGF0ZSBhbmQgbmFycm93IGFjY2VzcyB0eXBlIGZvciBzdG9yYWdlL2R5bmFtb2RiIGNvbm5lY3RvcnMuICovXG5mdW5jdGlvbiB2YWxpZGF0ZUNvbm5lY3Rpb25BY2Nlc3MoXG4gIGFjY2VzczogQ29ubmVjdGlvbkFjY2VzcyB8IE1lc3NhZ2luZ0FjY2VzcyB8IHVuZGVmaW5lZCxcbiAgY29ubmVjdG9yVHlwZTogc3RyaW5nLFxuICBkZWZhdWx0QWNjZXNzOiBDb25uZWN0aW9uQWNjZXNzXG4pOiBDb25uZWN0aW9uQWNjZXNzIHtcbiAgaWYgKGFjY2VzcyA9PT0gdW5kZWZpbmVkKSByZXR1cm4gZGVmYXVsdEFjY2VzcztcbiAgaWYgKGlzQ29ubmVjdGlvbkFjY2VzcyhhY2Nlc3MpKSByZXR1cm4gYWNjZXNzO1xuICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgYEludmFsaWQgYWNjZXNzIFwiJHthY2Nlc3N9XCIgZm9yICR7Y29ubmVjdG9yVHlwZX0gY29ubmVjdG9yLiBgICtcbiAgICAgIGBWYWxpZCB2YWx1ZXM6IHJlYWQsIHdyaXRlLCByZWFkV3JpdGVgXG4gICk7XG59XG5cbi8qKiBWYWxpZGF0ZSBhbmQgbmFycm93IGFjY2VzcyB0eXBlIGZvciBxdWV1ZSBjb25uZWN0b3JzLiAqL1xuZnVuY3Rpb24gdmFsaWRhdGVNZXNzYWdpbmdBY2Nlc3MoXG4gIGFjY2VzczogQ29ubmVjdGlvbkFjY2VzcyB8IE1lc3NhZ2luZ0FjY2VzcyB8IHVuZGVmaW5lZCxcbiAgZGVmYXVsdEFjY2VzczogTWVzc2FnaW5nQWNjZXNzXG4pOiBNZXNzYWdpbmdBY2Nlc3Mge1xuICBpZiAoYWNjZXNzID09PSB1bmRlZmluZWQpIHJldHVybiBkZWZhdWx0QWNjZXNzO1xuICBpZiAoaXNNZXNzYWdpbmdBY2Nlc3MoYWNjZXNzKSkgcmV0dXJuIGFjY2VzcztcbiAgdGhyb3cgbmV3IEVycm9yKFxuICAgIGBJbnZhbGlkIGFjY2VzcyBcIiR7YWNjZXNzfVwiIGZvciBxdWV1ZSBjb25uZWN0b3IuIGAgK1xuICAgICAgYFZhbGlkIHZhbHVlczogc2VuZCwgY29uc3VtZSwgZnVsbGBcbiAgKTtcbn1cblxuLyoqXG4gKiBSZXF1aXJlIElDb25uZWN0YWJsZSBmb3Igc2VjdXJpdHkgZ3JvdXAgb3BlcmF0aW9ucy5cbiAqIFRocm93cyBhIGRlc2NyaXB0aXZlIGVycm9yIGlmIG5vdCBwcm92aWRlZC5cbiAqL1xuZnVuY3Rpb24gcmVxdWlyZUNvbm5lY3RhYmxlKFxuICBjb25uZWN0YWJsZTogSUNvbm5lY3RhYmxlIHwgdW5kZWZpbmVkLFxuICBjb250ZXh0OiBzdHJpbmdcbik6IGFzc2VydHMgY29ubmVjdGFibGUgaXMgSUNvbm5lY3RhYmxlIHtcbiAgaWYgKCFjb25uZWN0YWJsZSkge1xuICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgIGAke2NvbnRleHR9IHJlcXVpcmVzIGFuIElDb25uZWN0YWJsZSB0byBiZSBwcm92aWRlZC4gYCArXG4gICAgICAgIFwiRW5zdXJlIHRoZSBjb21wdXRlIHJlc291cmNlIChFQ1MsIEVDMiwgTGFtYmRhIHdpdGggVlBDKSBpbXBsZW1lbnRzIElDb25uZWN0YWJsZS5cIlxuICAgICk7XG4gIH1cbn1cblxuLyoqXG4gKiBQcm9jZXNzIGNvbm5lY3Rpb25zIGZyb20gY29tcHV0ZSByZXNvdXJjZXMgdG8gZGF0YSByZXNvdXJjZXMuXG4gKlxuICogSGFuZGxlcyB0aGUgdW5pZmllZCBjb25uZWN0b3IgaW50ZXJmYWNlLCBkaXNwYXRjaGluZyB0bzpcbiAqIC0gU2VjdXJpdHkgZ3JvdXAgcnVsZXMgZm9yIElDb25uZWN0YWJsZSBhbmQgSVNlY3VyaXR5R3JvdXBDb25uZWN0b3IgcmVzb3VyY2VzXG4gKiAtIElBTSBncmFudHMgZm9yIElTdG9yYWdlQ29ubmVjdG9yLCBJRHluYW1vREJDb25uZWN0b3IsIGFuZCBJUXVldWVDb25uZWN0b3IgcmVzb3VyY2VzXG4gKlxuICogQHBhcmFtIGNvbm5lY3Rpb25zIC0gQXJyYXkgb2YgY29ubmVjdGlvbiBzcGVjaWZpY2F0aW9uc1xuICogQHBhcmFtIGdyYW50ZWUgLSBUaGUgSUFNIGdyYW50ZWUgKHRhc2sgcm9sZSwgZXhlY3V0aW9uIHJvbGUsIGV0Yy4pXG4gKiBAcGFyYW0gY29ubmVjdGFibGUgLSBPcHRpb25hbCBJQ29ubmVjdGFibGUgZm9yIHNlY3VyaXR5IGdyb3VwIHJ1bGVzXG4gKiBAcmV0dXJucyBBcnJheSBvZiBjb25uZWN0aW9uIHJlc3VsdHNcbiAqXG4gKiBAZXhhbXBsZVxuICogcHJvY2Vzc0Nvbm5lY3Rpb25zKFxuICogICBbZGF0YWJhc2UsIHsgcmVzb3VyY2U6IGJ1Y2tldCwgYWNjZXNzOiBcInJlYWRcIiB9LCBxdWV1ZV0sXG4gKiAgIHRhc2tSb2xlLFxuICogICBzZXJ2aWNlXG4gKiApO1xuICovXG5leHBvcnQgZnVuY3Rpb24gcHJvY2Vzc0Nvbm5lY3Rpb25zKFxuICBjb25uZWN0aW9uczogQ29ubmVjdGlvblNwZWNbXSxcbiAgZ3JhbnRlZTogSUdyYW50YWJsZSxcbiAgY29ubmVjdGFibGU/OiBJQ29ubmVjdGFibGVcbik6IENvbm5lY3Rpb25SZXN1bHRbXSB7XG4gIHJldHVybiBjb25uZWN0aW9ucy5tYXAoKHNwZWMpID0+IHtcbiAgICBjb25zdCB7IHJlc291cmNlLCBhY2Nlc3MgfSA9IGlzQ29ubmVjdGlvbkNvbmZpZyhzcGVjKVxuICAgICAgPyB7IHJlc291cmNlOiBzcGVjLnJlc291cmNlLCBhY2Nlc3M6IHNwZWMuYWNjZXNzIH1cbiAgICAgIDogeyByZXNvdXJjZTogc3BlYywgYWNjZXNzOiB1bmRlZmluZWQgfTtcblxuICAgIC8vIEhhbmRsZSB1bmlmaWVkIGNvbm5lY3RvciBpbnRlcmZhY2UgKGlzQ29ubmVjdG9yIG5vdyByZXR1cm5zIEFueUNvbm5lY3RvcilcbiAgICBpZiAoaXNDb25uZWN0b3IocmVzb3VyY2UpKSB7XG4gICAgICBzd2l0Y2ggKHJlc291cmNlLmNvbm5lY3RvclR5cGUpIHtcbiAgICAgICAgY2FzZSBcInN0b3JhZ2VcIjoge1xuICAgICAgICAgIGNvbnN0IHZhbGlkQWNjZXNzID0gdmFsaWRhdGVDb25uZWN0aW9uQWNjZXNzKFxuICAgICAgICAgICAgYWNjZXNzLFxuICAgICAgICAgICAgXCJzdG9yYWdlXCIsXG4gICAgICAgICAgICBERUZBVUxUX0FDQ0VTUy5zdG9yYWdlXG4gICAgICAgICAgKTtcbiAgICAgICAgICByZXR1cm4gYnVpbGRJYW1SZXN1bHQoXG4gICAgICAgICAgICByZXNvdXJjZSxcbiAgICAgICAgICAgIHByb2Nlc3NTdG9yYWdlQ29ubmVjdGlvbihyZXNvdXJjZSwgZ3JhbnRlZSwgdmFsaWRBY2Nlc3MpXG4gICAgICAgICAgKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGNhc2UgXCJkeW5hbW9kYlwiOiB7XG4gICAgICAgICAgY29uc3QgdmFsaWRBY2Nlc3MgPSB2YWxpZGF0ZUNvbm5lY3Rpb25BY2Nlc3MoXG4gICAgICAgICAgICBhY2Nlc3MsXG4gICAgICAgICAgICBcImR5bmFtb2RiXCIsXG4gICAgICAgICAgICBERUZBVUxUX0FDQ0VTUy5keW5hbW9kYlxuICAgICAgICAgICk7XG4gICAgICAgICAgcmV0dXJuIGJ1aWxkSWFtUmVzdWx0KFxuICAgICAgICAgICAgcmVzb3VyY2UsXG4gICAgICAgICAgICBwcm9jZXNzRHluYW1vREJDb25uZWN0aW9uKHJlc291cmNlLCBncmFudGVlLCB2YWxpZEFjY2VzcylcbiAgICAgICAgICApO1xuICAgICAgICB9XG5cbiAgICAgICAgY2FzZSBcInF1ZXVlXCI6IHtcbiAgICAgICAgICBjb25zdCB2YWxpZEFjY2VzcyA9IHZhbGlkYXRlTWVzc2FnaW5nQWNjZXNzKFxuICAgICAgICAgICAgYWNjZXNzLFxuICAgICAgICAgICAgREVGQVVMVF9BQ0NFU1MucXVldWVcbiAgICAgICAgICApO1xuICAgICAgICAgIHJldHVybiBidWlsZElhbVJlc3VsdChcbiAgICAgICAgICAgIHJlc291cmNlLFxuICAgICAgICAgICAgcHJvY2Vzc1F1ZXVlQ29ubmVjdGlvbihyZXNvdXJjZSwgZ3JhbnRlZSwgdmFsaWRBY2Nlc3MpXG4gICAgICAgICAgKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGNhc2UgXCJzZWN1cml0eUdyb3VwXCI6XG4gICAgICAgIGNhc2UgXCJyZWxhdGlvbmFsXCI6IHtcbiAgICAgICAgICByZXF1aXJlQ29ubmVjdGFibGUoXG4gICAgICAgICAgICBjb25uZWN0YWJsZSxcbiAgICAgICAgICAgIGAke3Jlc291cmNlLmNvbm5lY3RvclR5cGV9IGNvbm5lY3RvcmBcbiAgICAgICAgICApO1xuICAgICAgICAgIGNvbm5lY3RhYmxlLmNvbm5lY3Rpb25zLmFsbG93VG9EZWZhdWx0UG9ydChyZXNvdXJjZSk7XG4gICAgICAgICAgcmV0dXJuIGJ1aWxkU2VjdXJpdHlHcm91cFJlc3VsdChyZXNvdXJjZSk7XG4gICAgICAgIH1cbiAgICAgIH1cbiAgICB9XG5cbiAgICAvLyBMZWdhY3kgSUNvbm5lY3RhYmxlIHBhdGhcbiAgICBpZiAoaXNDb25uZWN0YWJsZShyZXNvdXJjZSkpIHtcbiAgICAgIHJlcXVpcmVDb25uZWN0YWJsZShjb25uZWN0YWJsZSwgXCJJQ29ubmVjdGFibGUgcmVzb3VyY2VcIik7XG4gICAgICBjb25uZWN0YWJsZS5jb25uZWN0aW9ucy5hbGxvd1RvRGVmYXVsdFBvcnQocmVzb3VyY2UpO1xuICAgICAgcmV0dXJuIGJ1aWxkU2VjdXJpdHlHcm91cFJlc3VsdChyZXNvdXJjZSk7XG4gICAgfVxuXG4gICAgdGhyb3cgbmV3IEVycm9yKFxuICAgICAgXCJDb25uZWN0aW9uIHJlc291cmNlIG11c3QgYmUgZWl0aGVyIGFuIElDb25uZWN0b3Igb3IgSUNvbm5lY3RhYmxlXCJcbiAgICApO1xuICB9KTtcbn1cbiJdfQ==

package/dist/lib/utils/connector.d.ts

@@ -0,0 +1,183 @@
+/**
+ * Unified connector interface for bidirectional connections.
+ *
+ * This module provides a unified `IConnector` interface that enables
+ * bidirectional connections between compute resources (ECS, Lambda, EC2)
+ * and data resources (S3, DynamoDB, SQS, RDS).
+ *
+ * The connector pattern unifies:
+ * - Security group rules (IConnectable) for RDS, ECS, etc.
+ * - IAM grants for S3, DynamoDB, SQS
+ *
+ * @example
+ * // Simple connections (default permissions)
+ * const api = app.addCompute(ComputeFactory.build("Api", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "api",
+ *     capacityProvider: "FARGATE",
+ *     connections: [database, bucket, cache, queue]
+ *   }]
+ * }));
+ *
+ * @example
+ * // Explicit access levels
+ * const worker = app.addCompute(ComputeFactory.build("Worker", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "worker",
+ *     capacityProvider: "FARGATE",
+ *     connections: [
+ *       database,                              // Security group (RDS)
+ *       { resource: cache, access: "read" },   // Read-only DynamoDB
+ *       { resource: bucket, access: "write" }, // Write-only S3
+ *       { resource: queue, access: "consume" } // Consume-only SQS
+ *     ]
+ *   }]
+ * }));
+ */
+import { type IConnectable } from "aws-cdk-lib/aws-ec2";
+import { type IGrantable, type Grant } from "aws-cdk-lib/aws-iam";
+/**
+ * Connector type discriminator.
+ * - "storage": S3 buckets
+ * - "dynamodb": DynamoDB tables
+ * - "queue": SQS queues
+ * - "securityGroup": Resources with security groups (ECS, Lambda with VPC)
+ * - "relational": RDS databases (uses security groups)
+ */
+export type ConnectorType = "storage" | "dynamodb" | "queue" | "securityGroup" | "relational";
+/**
+ * Access level for storage and DynamoDB connectors.
+ */
+export type ConnectionAccess = "read" | "write" | "readWrite";
+/**
+ * Access level for messaging connectors (SQS).
+ */
+export type MessagingAccess = "send" | "consume" | "full";
+/**
+ * Base connector interface.
+ * All connector types implement this interface.
+ */
+export interface IConnector {
+    /** The type of connector resource. Used for runtime type narrowing. */
+    readonly connectorType: ConnectorType;
+}
+/**
+ * Storage connector interface (S3).
+ * Provides IAM grant methods for S3 bucket access.
+ */
+export interface IStorageConnector extends IConnector {
+    readonly connectorType: "storage";
+    /** Grant read permissions to the grantee. */
+    grantRead(grantee: IGrantable): Grant;
+    /** Grant write permissions to the grantee. */
+    grantWrite(grantee: IGrantable): Grant;
+    /** Grant read and write permissions to the grantee. */
+    grantReadWrite(grantee: IGrantable): Grant;
+}
+/**
+ * DynamoDB connector interface.
+ * Provides IAM grant methods for DynamoDB table access.
+ */
+export interface IDynamoDBConnector extends IConnector {
+    readonly connectorType: "dynamodb";
+    /** Grant read data permissions to the grantee. */
+    grantReadData(grantee: IGrantable): Grant;
+    /** Grant write data permissions to the grantee. */
+    grantWriteData(grantee: IGrantable): Grant;
+    /** Grant read and write data permissions to the grantee. */
+    grantReadWriteData(grantee: IGrantable): Grant;
+}
+/**
+ * Queue connector interface (SQS).
+ * Provides IAM grant methods for SQS queue access.
+ */
+export interface IQueueConnector extends IConnector {
+    readonly connectorType: "queue";
+    /** Grant send message permissions to the grantee. */
+    grantSendMessages(grantee: IGrantable): Grant;
+    /** Grant consume (receive and delete) message permissions to the grantee. */
+    grantConsumeMessages(grantee: IGrantable): Grant;
+    /** Grant full access (send and consume) to the grantee. */
+    grantFull(grantee: IGrantable): Grant;
+}
+/**
+ * Security group connector interface (RDS, ECS with VPC).
+ * Provides access to the security group connections for network-level access.
+ *
+ * Both "securityGroup" and "relational" types use this interface:
+ * - "relational": RDS databases (Aurora, Instance, GlobalAurora)
+ * - "securityGroup": Other resources requiring security group rules (ECS, EC2)
+ */
+export interface ISecurityGroupConnector extends IConnector {
+    readonly connectorType: "securityGroup" | "relational";
+    /** The security group connections for this resource. */
+    readonly connections: IConnectable["connections"];
+}
+/**
+ * Union type representing any connector interface.
+ */
+export type AnyConnector = IStorageConnector | IDynamoDBConnector | IQueueConnector | ISecurityGroupConnector;
+/**
+ * Connection configuration with explicit access level.
+ * Use this to specify non-default access levels.
+ */
+export interface ConnectionConfig {
+    /** The resource to connect to. */
+    resource: AnyConnector | IConnectable;
+    /** The access level to grant. Defaults vary by resource type. */
+    access?: ConnectionAccess | MessagingAccess;
+}
+/**
+ * Connection specification.
+ * Can be:
+ * - IConnectable: Legacy security group resource
+ * - AnyConnector: Unified connector resource
+ * - ConnectionConfig: Explicit access configuration
+ */
+export type ConnectionSpec = IConnectable | AnyConnector | ConnectionConfig;
+/** Connection result types. */
+export declare const CONNECTION_TYPE: {
+    readonly SECURITY_GROUP: "securityGroup";
+    readonly IAM: "iam";
+};
+export type ConnectionType = (typeof CONNECTION_TYPE)[keyof typeof CONNECTION_TYPE];
+/**
+ * Result of processing a connection.
+ * Contains the grant result for IAM-based connections.
+ */
+export interface ConnectionResult {
+    /** The resource that was connected. */
+    resource: AnyConnector | IConnectable;
+    /** The grant result if IAM permissions were granted. */
+    grant?: Grant;
+    /** The type of connection that was made. */
+    connectionType: ConnectionType;
+}
+/** Check if a value is a valid ConnectionAccess. */
+export declare function isConnectionAccess(value: unknown): value is ConnectionAccess;
+/** Check if a value is a valid MessagingAccess. */
+export declare function isMessagingAccess(value: unknown): value is MessagingAccess;
+/**
+ * Type guard to check if a resource is a connector.
+ * Returns AnyConnector for discriminated union narrowing in switch statements.
+ */
+export declare function isConnector(resource: unknown): resource is AnyConnector;
+/**
+ * Type guard to check if a resource is a CDK IConnectable.
+ * Checks for the `connections` property that IConnectable resources have.
+ */
+export declare function isConnectable(resource: unknown): resource is IConnectable;
+/**
+ * Type guard to check if a connection spec is a ConnectionConfig.
+ */
+export declare function isConnectionConfig(spec: ConnectionSpec): spec is ConnectionConfig;
+/** Type guard for storage connectors (S3 buckets). */
+export declare function isStorageConnector(connector: IConnector): connector is IStorageConnector;
+/** Type guard for DynamoDB connectors. */
+export declare function isDynamoDBConnector(connector: IConnector): connector is IDynamoDBConnector;
+/** Type guard for queue connectors (SQS queues). */
+export declare function isQueueConnector(connector: IConnector): connector is IQueueConnector;
+/** Type guard for security group connectors (RDS, ECS). */
+export declare function isSecurityGroupConnector(connector: IConnector): connector is ISecurityGroupConnector;

package/dist/lib/utils/connector.js

@@ -0,0 +1,117 @@
+"use strict";
+/**
+ * Unified connector interface for bidirectional connections.
+ *
+ * This module provides a unified `IConnector` interface that enables
+ * bidirectional connections between compute resources (ECS, Lambda, EC2)
+ * and data resources (S3, DynamoDB, SQS, RDS).
+ *
+ * The connector pattern unifies:
+ * - Security group rules (IConnectable) for RDS, ECS, etc.
+ * - IAM grants for S3, DynamoDB, SQS
+ *
+ * @example
+ * // Simple connections (default permissions)
+ * const api = app.addCompute(ComputeFactory.build("Api", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "api",
+ *     capacityProvider: "FARGATE",
+ *     connections: [database, bucket, cache, queue]
+ *   }]
+ * }));
+ *
+ * @example
+ * // Explicit access levels
+ * const worker = app.addCompute(ComputeFactory.build("Worker", {
+ *   type: "ecs",
+ *   services: [{
+ *     name: "worker",
+ *     capacityProvider: "FARGATE",
+ *     connections: [
+ *       database,                              // Security group (RDS)
+ *       { resource: cache, access: "read" },   // Read-only DynamoDB
+ *       { resource: bucket, access: "write" }, // Write-only S3
+ *       { resource: queue, access: "consume" } // Consume-only SQS
+ *     ]
+ *   }]
+ * }));
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CONNECTION_TYPE = void 0;
+exports.isConnectionAccess = isConnectionAccess;
+exports.isMessagingAccess = isMessagingAccess;
+exports.isConnector = isConnector;
+exports.isConnectable = isConnectable;
+exports.isConnectionConfig = isConnectionConfig;
+exports.isStorageConnector = isStorageConnector;
+exports.isDynamoDBConnector = isDynamoDBConnector;
+exports.isQueueConnector = isQueueConnector;
+exports.isSecurityGroupConnector = isSecurityGroupConnector;
+/** Connection result types. */
+exports.CONNECTION_TYPE = {
+    SECURITY_GROUP: "securityGroup",
+    IAM: "iam"
+};
+const VALID_CONNECTION_ACCESS = [
+    "read",
+    "write",
+    "readWrite"
+];
+const VALID_MESSAGING_ACCESS = [
+    "send",
+    "consume",
+    "full"
+];
+/** Check if a value is a valid ConnectionAccess. */
+function isConnectionAccess(value) {
+    return (typeof value === "string" &&
+        VALID_CONNECTION_ACCESS.includes(value));
+}
+/** Check if a value is a valid MessagingAccess. */
+function isMessagingAccess(value) {
+    return (typeof value === "string" &&
+        VALID_MESSAGING_ACCESS.includes(value));
+}
+/**
+ * Type guard to check if a resource is a connector.
+ * Returns AnyConnector for discriminated union narrowing in switch statements.
+ */
+function isConnector(resource) {
+    return (resource !== null &&
+        typeof resource === "object" &&
+        "connectorType" in resource);
+}
+/**
+ * Type guard to check if a resource is a CDK IConnectable.
+ * Checks for the `connections` property that IConnectable resources have.
+ */
+function isConnectable(resource) {
+    return (resource !== null &&
+        typeof resource === "object" &&
+        "connections" in resource);
+}
+/**
+ * Type guard to check if a connection spec is a ConnectionConfig.
+ */
+function isConnectionConfig(spec) {
+    return spec !== null && typeof spec === "object" && "resource" in spec;
+}
+/** Type guard for storage connectors (S3 buckets). */
+function isStorageConnector(connector) {
+    return connector.connectorType === "storage";
+}
+/** Type guard for DynamoDB connectors. */
+function isDynamoDBConnector(connector) {
+    return connector.connectorType === "dynamodb";
+}
+/** Type guard for queue connectors (SQS queues). */
+function isQueueConnector(connector) {
+    return connector.connectorType === "queue";
+}
+/** Type guard for security group connectors (RDS, ECS). */
+function isSecurityGroupConnector(connector) {
+    return (connector.connectorType === "securityGroup" ||
+        connector.connectorType === "relational");
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29ubmVjdG9yLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vbGliL3V0aWxzL2Nvbm5lY3Rvci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0FxQ0c7OztBQTJLSCxnREFLQztBQUdELDhDQUtDO0FBTUQsa0NBTUM7QUFNRCxzQ0FNQztBQUtELGdEQUlDO0FBR0QsZ0RBSUM7QUFHRCxrREFJQztBQUdELDRDQUlDO0FBR0QsNERBT0M7QUFqSEQsK0JBQStCO0FBQ2xCLFFBQUEsZUFBZSxHQUFHO0lBQzdCLGNBQWMsRUFBRSxlQUFlO0lBQy9CLEdBQUcsRUFBRSxLQUFLO0NBQ0YsQ0FBQztBQW9CWCxNQUFNLHVCQUF1QixHQUFnQztJQUMzRCxNQUFNO0lBQ04sT0FBTztJQUNQLFdBQVc7Q0FDWixDQUFDO0FBQ0YsTUFBTSxzQkFBc0IsR0FBK0I7SUFDekQsTUFBTTtJQUNOLFNBQVM7SUFDVCxNQUFNO0NBQ1AsQ0FBQztBQUVGLG9EQUFvRDtBQUNwRCxTQUFnQixrQkFBa0IsQ0FBQyxLQUFjO0lBQy9DLE9BQU8sQ0FDTCxPQUFPLEtBQUssS0FBSyxRQUFRO1FBQ3pCLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxLQUF5QixDQUFDLENBQzVELENBQUM7QUFDSixDQUFDO0FBRUQsbURBQW1EO0FBQ25ELFNBQWdCLGlCQUFpQixDQUFDLEtBQWM7SUFDOUMsT0FBTyxDQUNMLE9BQU8sS0FBSyxLQUFLLFFBQVE7UUFDekIsc0JBQXNCLENBQUMsUUFBUSxDQUFDLEtBQXdCLENBQUMsQ0FDMUQsQ0FBQztBQUNKLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQixXQUFXLENBQUMsUUFBaUI7SUFDM0MsT0FBTyxDQUNMLFFBQVEsS0FBSyxJQUFJO1FBQ2pCLE9BQU8sUUFBUSxLQUFLLFFBQVE7UUFDNUIsZUFBZSxJQUFJLFFBQVEsQ0FDNUIsQ0FBQztBQUNKLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQixhQUFhLENBQUMsUUFBaUI7SUFDN0MsT0FBTyxDQUNMLFFBQVEsS0FBSyxJQUFJO1FBQ2pCLE9BQU8sUUFBUSxLQUFLLFFBQVE7UUFDNUIsYUFBYSxJQUFJLFFBQVEsQ0FDMUIsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLGtCQUFrQixDQUNoQyxJQUFvQjtJQUVwQixPQUFPLElBQUksS0FBSyxJQUFJLElBQUksT0FBTyxJQUFJLEtBQUssUUFBUSxJQUFJLFVBQVUsSUFBSSxJQUFJLENBQUM7QUFDekUsQ0FBQztBQUVELHNEQUFzRDtBQUN0RCxTQUFnQixrQkFBa0IsQ0FDaEMsU0FBcUI7SUFFckIsT0FBTyxTQUFTLENBQUMsYUFBYSxLQUFLLFNBQVMsQ0FBQztBQUMvQyxDQUFDO0FBRUQsMENBQTBDO0FBQzFDLFNBQWdCLG1CQUFtQixDQUNqQyxTQUFxQjtJQUVyQixPQUFPLFNBQVMsQ0FBQyxhQUFhLEtBQUssVUFBVSxDQUFDO0FBQ2hELENBQUM7QUFFRCxvREFBb0Q7QUFDcEQsU0FBZ0IsZ0JBQWdCLENBQzlCLFNBQXFCO0lBRXJCLE9BQU8sU0FBUyxDQUFDLGFBQWEsS0FBSyxPQUFPLENBQUM7QUFDN0MsQ0FBQztBQUVELDJEQUEyRDtBQUMzRCxTQUFnQix3QkFBd0IsQ0FDdEMsU0FBcUI7SUFFckIsT0FBTyxDQUNMLFNBQVMsQ0FBQyxhQUFhLEtBQUssZUFBZTtRQUMzQyxTQUFTLENBQUMsYUFBYSxLQUFLLFlBQVksQ0FDekMsQ0FBQztBQUNKLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIFVuaWZpZWQgY29ubmVjdG9yIGludGVyZmFjZSBmb3IgYmlkaXJlY3Rpb25hbCBjb25uZWN0aW9ucy5cbiAqXG4gKiBUaGlzIG1vZHVsZSBwcm92aWRlcyBhIHVuaWZpZWQgYElDb25uZWN0b3JgIGludGVyZmFjZSB0aGF0IGVuYWJsZXNcbiAqIGJpZGlyZWN0aW9uYWwgY29ubmVjdGlvbnMgYmV0d2VlbiBjb21wdXRlIHJlc291cmNlcyAoRUNTLCBMYW1iZGEsIEVDMilcbiAqIGFuZCBkYXRhIHJlc291cmNlcyAoUzMsIER5bmFtb0RCLCBTUVMsIFJEUykuXG4gKlxuICogVGhlIGNvbm5lY3RvciBwYXR0ZXJuIHVuaWZpZXM6XG4gKiAtIFNlY3VyaXR5IGdyb3VwIHJ1bGVzIChJQ29ubmVjdGFibGUpIGZvciBSRFMsIEVDUywgZXRjLlxuICogLSBJQU0gZ3JhbnRzIGZvciBTMywgRHluYW1vREIsIFNRU1xuICpcbiAqIEBleGFtcGxlXG4gKiAvLyBTaW1wbGUgY29ubmVjdGlvbnMgKGRlZmF1bHQgcGVybWlzc2lvbnMpXG4gKiBjb25zdCBhcGkgPSBhcHAuYWRkQ29tcHV0ZShDb21wdXRlRmFjdG9yeS5idWlsZChcIkFwaVwiLCB7XG4gKiAgIHR5cGU6IFwiZWNzXCIsXG4gKiAgIHNlcnZpY2VzOiBbe1xuICogICAgIG5hbWU6IFwiYXBpXCIsXG4gKiAgICAgY2FwYWNpdHlQcm92aWRlcjogXCJGQVJHQVRFXCIsXG4gKiAgICAgY29ubmVjdGlvbnM6IFtkYXRhYmFzZSwgYnVja2V0LCBjYWNoZSwgcXVldWVdXG4gKiAgIH1dXG4gKiB9KSk7XG4gKlxuICogQGV4YW1wbGVcbiAqIC8vIEV4cGxpY2l0IGFjY2VzcyBsZXZlbHNcbiAqIGNvbnN0IHdvcmtlciA9IGFwcC5hZGRDb21wdXRlKENvbXB1dGVGYWN0b3J5LmJ1aWxkKFwiV29ya2VyXCIsIHtcbiAqICAgdHlwZTogXCJlY3NcIixcbiAqICAgc2VydmljZXM6IFt7XG4gKiAgICAgbmFtZTogXCJ3b3JrZXJcIixcbiAqICAgICBjYXBhY2l0eVByb3ZpZGVyOiBcIkZBUkdBVEVcIixcbiAqICAgICBjb25uZWN0aW9uczogW1xuICogICAgICAgZGF0YWJhc2UsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgLy8gU2VjdXJpdHkgZ3JvdXAgKFJEUylcbiAqICAgICAgIHsgcmVzb3VyY2U6IGNhY2hlLCBhY2Nlc3M6IFwicmVhZFwiIH0sICAgLy8gUmVhZC1vbmx5IER5bmFtb0RCXG4gKiAgICAgICB7IHJlc291cmNlOiBidWNrZXQsIGFjY2VzczogXCJ3cml0ZVwiIH0sIC8vIFdyaXRlLW9ubHkgUzNcbiAqICAgICAgIHsgcmVzb3VyY2U6IHF1ZXVlLCBhY2Nlc3M6IFwiY29uc3VtZVwiIH0gLy8gQ29uc3VtZS1vbmx5IFNRU1xuICogICAgIF1cbiAqICAgfV1cbiAqIH0pKTtcbiAqL1xuXG5pbXBvcnQgeyB0eXBlIElDb25uZWN0YWJsZSB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtZWMyXCI7XG5pbXBvcnQgeyB0eXBlIElHcmFudGFibGUsIHR5cGUgR3JhbnQgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuXG4vKipcbiAqIENvbm5lY3RvciB0eXBlIGRpc2NyaW1pbmF0b3IuXG4gKiAtIFwic3RvcmFnZVwiOiBTMyBidWNrZXRzXG4gKiAtIFwiZHluYW1vZGJcIjogRHluYW1vREIgdGFibGVzXG4gKiAtIFwicXVldWVcIjogU1FTIHF1ZXVlc1xuICogLSBcInNlY3VyaXR5R3JvdXBcIjogUmVzb3VyY2VzIHdpdGggc2VjdXJpdHkgZ3JvdXBzIChFQ1MsIExhbWJkYSB3aXRoIFZQQylcbiAqIC0gXCJyZWxhdGlvbmFsXCI6IFJEUyBkYXRhYmFzZXMgKHVzZXMgc2VjdXJpdHkgZ3JvdXBzKVxuICovXG5leHBvcnQgdHlwZSBDb25uZWN0b3JUeXBlID1cbiAgfCBcInN0b3JhZ2VcIlxuICB8IFwiZHluYW1vZGJcIlxuICB8IFwicXVldWVcIlxuICB8IFwic2VjdXJpdHlHcm91cFwiXG4gIHwgXCJyZWxhdGlvbmFsXCI7XG5cbi8qKlxuICogQWNjZXNzIGxldmVsIGZvciBzdG9yYWdlIGFuZCBEeW5hbW9EQiBjb25uZWN0b3JzLlxuICovXG5leHBvcnQgdHlwZSBDb25uZWN0aW9uQWNjZXNzID0gXCJyZWFkXCIgfCBcIndyaXRlXCIgfCBcInJlYWRXcml0ZVwiO1xuXG4vKipcbiAqIEFjY2VzcyBsZXZlbCBmb3IgbWVzc2FnaW5nIGNvbm5lY3RvcnMgKFNRUykuXG4gKi9cbmV4cG9ydCB0eXBlIE1lc3NhZ2luZ0FjY2VzcyA9IFwic2VuZFwiIHwgXCJjb25zdW1lXCIgfCBcImZ1bGxcIjtcblxuLyoqXG4gKiBCYXNlIGNvbm5lY3RvciBpbnRlcmZhY2UuXG4gKiBBbGwgY29ubmVjdG9yIHR5cGVzIGltcGxlbWVudCB0aGlzIGludGVyZmFjZS5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJQ29ubmVjdG9yIHtcbiAgLyoqIFRoZSB0eXBlIG9mIGNvbm5lY3RvciByZXNvdXJjZS4gVXNlZCBmb3IgcnVudGltZSB0eXBlIG5hcnJvd2luZy4gKi9cbiAgcmVhZG9ubHkgY29ubmVjdG9yVHlwZTogQ29ubmVjdG9yVHlwZTtcbn1cblxuLyoqXG4gKiBTdG9yYWdlIGNvbm5lY3RvciBpbnRlcmZhY2UgKFMzKS5cbiAqIFByb3ZpZGVzIElBTSBncmFudCBtZXRob2RzIGZvciBTMyBidWNrZXQgYWNjZXNzLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIElTdG9yYWdlQ29ubmVjdG9yIGV4dGVuZHMgSUNvbm5lY3RvciB7XG4gIHJlYWRvbmx5IGNvbm5lY3RvclR5cGU6IFwic3RvcmFnZVwiO1xuXG4gIC8qKiBHcmFudCByZWFkIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWQoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50O1xuXG4gIC8qKiBHcmFudCB3cml0ZSBwZXJtaXNzaW9ucyB0byB0aGUgZ3JhbnRlZS4gKi9cbiAgZ3JhbnRXcml0ZShncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQ7XG5cbiAgLyoqIEdyYW50IHJlYWQgYW5kIHdyaXRlIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWRXcml0ZShncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQ7XG59XG5cbi8qKlxuICogRHluYW1vREIgY29ubmVjdG9yIGludGVyZmFjZS5cbiAqIFByb3ZpZGVzIElBTSBncmFudCBtZXRob2RzIGZvciBEeW5hbW9EQiB0YWJsZSBhY2Nlc3MuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSUR5bmFtb0RCQ29ubmVjdG9yIGV4dGVuZHMgSUNvbm5lY3RvciB7XG4gIHJlYWRvbmx5IGNvbm5lY3RvclR5cGU6IFwiZHluYW1vZGJcIjtcblxuICAvKiogR3JhbnQgcmVhZCBkYXRhIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWREYXRhKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudDtcblxuICAvKiogR3JhbnQgd3JpdGUgZGF0YSBwZXJtaXNzaW9ucyB0byB0aGUgZ3JhbnRlZS4gKi9cbiAgZ3JhbnRXcml0ZURhdGEoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50O1xuXG4gIC8qKiBHcmFudCByZWFkIGFuZCB3cml0ZSBkYXRhIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudFJlYWRXcml0ZURhdGEoZ3JhbnRlZTogSUdyYW50YWJsZSk6IEdyYW50O1xufVxuXG4vKipcbiAqIFF1ZXVlIGNvbm5lY3RvciBpbnRlcmZhY2UgKFNRUykuXG4gKiBQcm92aWRlcyBJQU0gZ3JhbnQgbWV0aG9kcyBmb3IgU1FTIHF1ZXVlIGFjY2Vzcy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJUXVldWVDb25uZWN0b3IgZXh0ZW5kcyBJQ29ubmVjdG9yIHtcbiAgcmVhZG9ubHkgY29ubmVjdG9yVHlwZTogXCJxdWV1ZVwiO1xuXG4gIC8qKiBHcmFudCBzZW5kIG1lc3NhZ2UgcGVybWlzc2lvbnMgdG8gdGhlIGdyYW50ZWUuICovXG4gIGdyYW50U2VuZE1lc3NhZ2VzKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudDtcblxuICAvKiogR3JhbnQgY29uc3VtZSAocmVjZWl2ZSBhbmQgZGVsZXRlKSBtZXNzYWdlIHBlcm1pc3Npb25zIHRvIHRoZSBncmFudGVlLiAqL1xuICBncmFudENvbnN1bWVNZXNzYWdlcyhncmFudGVlOiBJR3JhbnRhYmxlKTogR3JhbnQ7XG5cbiAgLyoqIEdyYW50IGZ1bGwgYWNjZXNzIChzZW5kIGFuZCBjb25zdW1lKSB0byB0aGUgZ3JhbnRlZS4gKi9cbiAgZ3JhbnRGdWxsKGdyYW50ZWU6IElHcmFudGFibGUpOiBHcmFudDtcbn1cblxuLyoqXG4gKiBTZWN1cml0eSBncm91cCBjb25uZWN0b3IgaW50ZXJmYWNlIChSRFMsIEVDUyB3aXRoIFZQQykuXG4gKiBQcm92aWRlcyBhY2Nlc3MgdG8gdGhlIHNlY3VyaXR5IGdyb3VwIGNvbm5lY3Rpb25zIGZvciBuZXR3b3JrLWxldmVsIGFjY2Vzcy5cbiAqXG4gKiBCb3RoIFwic2VjdXJpdHlHcm91cFwiIGFuZCBcInJlbGF0aW9uYWxcIiB0eXBlcyB1c2UgdGhpcyBpbnRlcmZhY2U6XG4gKiAtIFwicmVsYXRpb25hbFwiOiBSRFMgZGF0YWJhc2VzIChBdXJvcmEsIEluc3RhbmNlLCBHbG9iYWxBdXJvcmEpXG4gKiAtIFwic2VjdXJpdHlHcm91cFwiOiBPdGhlciByZXNvdXJjZXMgcmVxdWlyaW5nIHNlY3VyaXR5IGdyb3VwIHJ1bGVzIChFQ1MsIEVDMilcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJU2VjdXJpdHlHcm91cENvbm5lY3RvciBleHRlbmRzIElDb25uZWN0b3Ige1xuICByZWFkb25seSBjb25uZWN0b3JUeXBlOiBcInNlY3VyaXR5R3JvdXBcIiB8IFwicmVsYXRpb25hbFwiO1xuXG4gIC8qKiBUaGUgc2VjdXJpdHkgZ3JvdXAgY29ubmVjdGlvbnMgZm9yIHRoaXMgcmVzb3VyY2UuICovXG4gIHJlYWRvbmx5IGNvbm5lY3Rpb25zOiBJQ29ubmVjdGFibGVbXCJjb25uZWN0aW9uc1wiXTtcbn1cblxuLyoqXG4gKiBVbmlvbiB0eXBlIHJlcHJlc2VudGluZyBhbnkgY29ubmVjdG9yIGludGVyZmFjZS5cbiAqL1xuZXhwb3J0IHR5cGUgQW55Q29ubmVjdG9yID1cbiAgfCBJU3RvcmFnZUNvbm5lY3RvclxuICB8IElEeW5hbW9EQkNvbm5lY3RvclxuICB8IElRdWV1ZUNvbm5lY3RvclxuICB8IElTZWN1cml0eUdyb3VwQ29ubmVjdG9yO1xuXG4vKipcbiAqIENvbm5lY3Rpb24gY29uZmlndXJhdGlvbiB3aXRoIGV4cGxpY2l0IGFjY2VzcyBsZXZlbC5cbiAqIFVzZSB0aGlzIHRvIHNwZWNpZnkgbm9uLWRlZmF1bHQgYWNjZXNzIGxldmVscy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBDb25uZWN0aW9uQ29uZmlnIHtcbiAgLyoqIFRoZSByZXNvdXJjZSB0byBjb25uZWN0IHRvLiAqL1xuICByZXNvdXJjZTogQW55Q29ubmVjdG9yIHwgSUNvbm5lY3RhYmxlO1xuXG4gIC8qKiBUaGUgYWNjZXNzIGxldmVsIHRvIGdyYW50LiBEZWZhdWx0cyB2YXJ5IGJ5IHJlc291cmNlIHR5cGUuICovXG4gIGFjY2Vzcz86IENvbm5lY3Rpb25BY2Nlc3MgfCBNZXNzYWdpbmdBY2Nlc3M7XG59XG5cbi8qKlxuICogQ29ubmVjdGlvbiBzcGVjaWZpY2F0aW9uLlxuICogQ2FuIGJlOlxuICogLSBJQ29ubmVjdGFibGU6IExlZ2FjeSBzZWN1cml0eSBncm91cCByZXNvdXJjZVxuICogLSBBbnlDb25uZWN0b3I6IFVuaWZpZWQgY29ubmVjdG9yIHJlc291cmNlXG4gKiAtIENvbm5lY3Rpb25Db25maWc6IEV4cGxpY2l0IGFjY2VzcyBjb25maWd1cmF0aW9uXG4gKi9cbmV4cG9ydCB0eXBlIENvbm5lY3Rpb25TcGVjID0gSUNvbm5lY3RhYmxlIHwgQW55Q29ubmVjdG9yIHwgQ29ubmVjdGlvbkNvbmZpZztcblxuLyoqIENvbm5lY3Rpb24gcmVzdWx0IHR5cGVzLiAqL1xuZXhwb3J0IGNvbnN0IENPTk5FQ1RJT05fVFlQRSA9IHtcbiAgU0VDVVJJVFlfR1JPVVA6IFwic2VjdXJpdHlHcm91cFwiLFxuICBJQU06IFwiaWFtXCJcbn0gYXMgY29uc3Q7XG5cbmV4cG9ydCB0eXBlIENvbm5lY3Rpb25UeXBlID1cbiAgKHR5cGVvZiBDT05ORUNUSU9OX1RZUEUpW2tleW9mIHR5cGVvZiBDT05ORUNUSU9OX1RZUEVdO1xuXG4vKipcbiAqIFJlc3VsdCBvZiBwcm9jZXNzaW5nIGEgY29ubmVjdGlvbi5cbiAqIENvbnRhaW5zIHRoZSBncmFudCByZXN1bHQgZm9yIElBTS1iYXNlZCBjb25uZWN0aW9ucy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBDb25uZWN0aW9uUmVzdWx0IHtcbiAgLyoqIFRoZSByZXNvdXJjZSB0aGF0IHdhcyBjb25uZWN0ZWQuICovXG4gIHJlc291cmNlOiBBbnlDb25uZWN0b3IgfCBJQ29ubmVjdGFibGU7XG5cbiAgLyoqIFRoZSBncmFudCByZXN1bHQgaWYgSUFNIHBlcm1pc3Npb25zIHdlcmUgZ3JhbnRlZC4gKi9cbiAgZ3JhbnQ/OiBHcmFudDtcblxuICAvKiogVGhlIHR5cGUgb2YgY29ubmVjdGlvbiB0aGF0IHdhcyBtYWRlLiAqL1xuICBjb25uZWN0aW9uVHlwZTogQ29ubmVjdGlvblR5cGU7XG59XG5cbmNvbnN0IFZBTElEX0NPTk5FQ1RJT05fQUNDRVNTOiByZWFkb25seSBDb25uZWN0aW9uQWNjZXNzW10gPSBbXG4gIFwicmVhZFwiLFxuICBcIndyaXRlXCIsXG4gIFwicmVhZFdyaXRlXCJcbl07XG5jb25zdCBWQUxJRF9NRVNTQUdJTkdfQUNDRVNTOiByZWFkb25seSBNZXNzYWdpbmdBY2Nlc3NbXSA9IFtcbiAgXCJzZW5kXCIsXG4gIFwiY29uc3VtZVwiLFxuICBcImZ1bGxcIlxuXTtcblxuLyoqIENoZWNrIGlmIGEgdmFsdWUgaXMgYSB2YWxpZCBDb25uZWN0aW9uQWNjZXNzLiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGlzQ29ubmVjdGlvbkFjY2Vzcyh2YWx1ZTogdW5rbm93bik6IHZhbHVlIGlzIENvbm5lY3Rpb25BY2Nlc3Mge1xuICByZXR1cm4gKFxuICAgIHR5cGVvZiB2YWx1ZSA9PT0gXCJzdHJpbmdcIiAmJlxuICAgIFZBTElEX0NPTk5FQ1RJT05fQUNDRVNTLmluY2x1ZGVzKHZhbHVlIGFzIENvbm5lY3Rpb25BY2Nlc3MpXG4gICk7XG59XG5cbi8qKiBDaGVjayBpZiBhIHZhbHVlIGlzIGEgdmFsaWQgTWVzc2FnaW5nQWNjZXNzLiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGlzTWVzc2FnaW5nQWNjZXNzKHZhbHVlOiB1bmtub3duKTogdmFsdWUgaXMgTWVzc2FnaW5nQWNjZXNzIHtcbiAgcmV0dXJuIChcbiAgICB0eXBlb2YgdmFsdWUgPT09IFwic3RyaW5nXCIgJiZcbiAgICBWQUxJRF9NRVNTQUdJTkdfQUNDRVNTLmluY2x1ZGVzKHZhbHVlIGFzIE1lc3NhZ2luZ0FjY2VzcylcbiAgKTtcbn1cblxuLyoqXG4gKiBUeXBlIGd1YXJkIHRvIGNoZWNrIGlmIGEgcmVzb3VyY2UgaXMgYSBjb25uZWN0b3IuXG4gKiBSZXR1cm5zIEFueUNvbm5lY3RvciBmb3IgZGlzY3JpbWluYXRlZCB1bmlvbiBuYXJyb3dpbmcgaW4gc3dpdGNoIHN0YXRlbWVudHMuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc0Nvbm5lY3RvcihyZXNvdXJjZTogdW5rbm93bik6IHJlc291cmNlIGlzIEFueUNvbm5lY3RvciB7XG4gIHJldHVybiAoXG4gICAgcmVzb3VyY2UgIT09IG51bGwgJiZcbiAgICB0eXBlb2YgcmVzb3VyY2UgPT09IFwib2JqZWN0XCIgJiZcbiAgICBcImNvbm5lY3RvclR5cGVcIiBpbiByZXNvdXJjZVxuICApO1xufVxuXG4vKipcbiAqIFR5cGUgZ3VhcmQgdG8gY2hlY2sgaWYgYSByZXNvdXJjZSBpcyBhIENESyBJQ29ubmVjdGFibGUuXG4gKiBDaGVja3MgZm9yIHRoZSBgY29ubmVjdGlvbnNgIHByb3BlcnR5IHRoYXQgSUNvbm5lY3RhYmxlIHJlc291cmNlcyBoYXZlLlxuICovXG5leHBvcnQgZnVuY3Rpb24gaXNDb25uZWN0YWJsZShyZXNvdXJjZTogdW5rbm93bik6IHJlc291cmNlIGlzIElDb25uZWN0YWJsZSB7XG4gIHJldHVybiAoXG4gICAgcmVzb3VyY2UgIT09IG51bGwgJiZcbiAgICB0eXBlb2YgcmVzb3VyY2UgPT09IFwib2JqZWN0XCIgJiZcbiAgICBcImNvbm5lY3Rpb25zXCIgaW4gcmVzb3VyY2VcbiAgKTtcbn1cblxuLyoqXG4gKiBUeXBlIGd1YXJkIHRvIGNoZWNrIGlmIGEgY29ubmVjdGlvbiBzcGVjIGlzIGEgQ29ubmVjdGlvbkNvbmZpZy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGlzQ29ubmVjdGlvbkNvbmZpZyhcbiAgc3BlYzogQ29ubmVjdGlvblNwZWNcbik6IHNwZWMgaXMgQ29ubmVjdGlvbkNvbmZpZyB7XG4gIHJldHVybiBzcGVjICE9PSBudWxsICYmIHR5cGVvZiBzcGVjID09PSBcIm9iamVjdFwiICYmIFwicmVzb3VyY2VcIiBpbiBzcGVjO1xufVxuXG4vKiogVHlwZSBndWFyZCBmb3Igc3RvcmFnZSBjb25uZWN0b3JzIChTMyBidWNrZXRzKS4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc1N0b3JhZ2VDb25uZWN0b3IoXG4gIGNvbm5lY3RvcjogSUNvbm5lY3RvclxuKTogY29ubmVjdG9yIGlzIElTdG9yYWdlQ29ubmVjdG9yIHtcbiAgcmV0dXJuIGNvbm5lY3Rvci5jb25uZWN0b3JUeXBlID09PSBcInN0b3JhZ2VcIjtcbn1cblxuLyoqIFR5cGUgZ3VhcmQgZm9yIER5bmFtb0RCIGNvbm5lY3RvcnMuICovXG5leHBvcnQgZnVuY3Rpb24gaXNEeW5hbW9EQkNvbm5lY3RvcihcbiAgY29ubmVjdG9yOiBJQ29ubmVjdG9yXG4pOiBjb25uZWN0b3IgaXMgSUR5bmFtb0RCQ29ubmVjdG9yIHtcbiAgcmV0dXJuIGNvbm5lY3Rvci5jb25uZWN0b3JUeXBlID09PSBcImR5bmFtb2RiXCI7XG59XG5cbi8qKiBUeXBlIGd1YXJkIGZvciBxdWV1ZSBjb25uZWN0b3JzIChTUVMgcXVldWVzKS4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc1F1ZXVlQ29ubmVjdG9yKFxuICBjb25uZWN0b3I6IElDb25uZWN0b3Jcbik6IGNvbm5lY3RvciBpcyBJUXVldWVDb25uZWN0b3Ige1xuICByZXR1cm4gY29ubmVjdG9yLmNvbm5lY3RvclR5cGUgPT09IFwicXVldWVcIjtcbn1cblxuLyoqIFR5cGUgZ3VhcmQgZm9yIHNlY3VyaXR5IGdyb3VwIGNvbm5lY3RvcnMgKFJEUywgRUNTKS4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc1NlY3VyaXR5R3JvdXBDb25uZWN0b3IoXG4gIGNvbm5lY3RvcjogSUNvbm5lY3RvclxuKTogY29ubmVjdG9yIGlzIElTZWN1cml0eUdyb3VwQ29ubmVjdG9yIHtcbiAgcmV0dXJuIChcbiAgICBjb25uZWN0b3IuY29ubmVjdG9yVHlwZSA9PT0gXCJzZWN1cml0eUdyb3VwXCIgfHxcbiAgICBjb25uZWN0b3IuY29ubmVjdG9yVHlwZSA9PT0gXCJyZWxhdGlvbmFsXCJcbiAgKTtcbn1cbiJdfQ==

package/dist/lib/utils/databaseTypes.d.ts

@@ -0,0 +1,85 @@
+import { type Duration } from "aws-cdk-lib";
+import { type IKey } from "aws-cdk-lib/aws-kms";
+import { type SubnetSelection } from "aws-cdk-lib/aws-ec2";
+export type DatabaseEngine = "postgresql" | "mysql";
+export interface EngineConfig {
+    defaultUsername: string;
+    sslParameters: Record<string, string>;
+    rotationAppName: string;
+}
+export interface ProxyConfig {
+    maxConnections?: number;
+    maxIdleConnections?: number;
+    connectionBorrowTimeout?: number;
+    requireTLS?: boolean;
+    vpcSubnets?: SubnetSelection;
+}
+export interface ReadReplicaConfig {
+    instanceType?: string;
+    availabilityZone?: string;
+}
+export interface CredentialsConfig {
+    username?: string;
+    secretRotation?: SecretRotationConfig | false;
+}
+export interface SecretRotationConfig {
+    automaticallyAfter?: Duration;
+}
+export interface EncryptionConfig {
+    storageKey?: EncryptionKeySpec;
+}
+/** Configuration for Database Insights (formerly Performance Insights). */
+export interface DatabaseInsightsConfig {
+    encryptionKey?: EncryptionKeySpec;
+    /** Database Insights mode. Default: "standard". */
+    mode?: "standard" | "advanced";
+}
+export interface AwsManagedKey {
+    readonly awsManaged: true;
+}
+export interface CustomerManagedKeyMarker {
+    readonly useCMK: true;
+}
+export type EncryptionKeySpec = IKey | AwsManagedKey | CustomerManagedKeyMarker;
+export declare function isAwsManagedKey(spec: EncryptionKeySpec | undefined): spec is AwsManagedKey;
+/**
+ * Type guard to check if CMK is explicitly requested.
+ */
+export declare function isCMKRequested(spec: EncryptionKeySpec | undefined): spec is CustomerManagedKeyMarker;
+/**
+ * Convenience constant for specifying AWS managed encryption (the default).
+ * @example
+ * encryption: { storageKey: AWS_MANAGED }
+ */
+export declare const AWS_MANAGED: AwsManagedKey;
+/**
+ * Convenience constant for explicitly requesting CMK.
+ * @example
+ * encryption: { storageKey: USE_CMK }
+ */
+export declare const USE_CMK: CustomerManagedKeyMarker;
+/**
+ * **DESTRUCTIVE**: Changing `storageKey` after cluster creation causes cluster REPLACEMENT.
+ */
+export interface AuroraEncryptionConfig {
+    /** DESTRUCTIVE: Changing after creation causes cluster replacement */
+    storageKey?: EncryptionKeySpec;
+}
+export interface AuroraReaderConfig {
+    scaleWithWriter?: boolean;
+    enableDatabaseInsights?: boolean;
+    identifierSuffix?: string;
+    availabilityZone?: string;
+}
+export interface AuroraWriterConfig {
+    enableDatabaseInsights?: boolean;
+    identifierSuffix?: string;
+    availabilityZone?: string;
+}
+export interface AuroraReadersConfig {
+    /** Mutually exclusive with instances */
+    count?: number;
+    /** Mutually exclusive with count */
+    instances?: AuroraReaderConfig[];
+    defaultEnableDatabaseInsights?: boolean;
+}

package/dist/lib/utils/databaseTypes.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.USE_CMK = exports.AWS_MANAGED = void 0;
+exports.isAwsManagedKey = isAwsManagedKey;
+exports.isCMKRequested = isCMKRequested;
+// Type guard to check if the encryption key spec is AWS managed.
+function isAwsManagedKey(spec) {
+    return (spec !== undefined &&
+        typeof spec === "object" &&
+        "awsManaged" in spec &&
+        spec.awsManaged === true);
+}
+/**
+ * Type guard to check if CMK is explicitly requested.
+ */
+function isCMKRequested(spec) {
+    return (spec !== undefined &&
+        typeof spec === "object" &&
+        "useCMK" in spec &&
+        spec.useCMK === true);
+}
+/**
+ * Convenience constant for specifying AWS managed encryption (the default).
+ * @example
+ * encryption: { storageKey: AWS_MANAGED }
+ */
+exports.AWS_MANAGED = { awsManaged: true };
+/**
+ * Convenience constant for explicitly requesting CMK.
+ * @example
+ * encryption: { storageKey: USE_CMK }
+ */
+exports.USE_CMK = { useCMK: true };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGF0YWJhc2VUeXBlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL2xpYi91dGlscy9kYXRhYmFzZVR5cGVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQTJEQSwwQ0FTQztBQUtELHdDQVNDO0FBeEJELGlFQUFpRTtBQUNqRSxTQUFnQixlQUFlLENBQzdCLElBQW1DO0lBRW5DLE9BQU8sQ0FDTCxJQUFJLEtBQUssU0FBUztRQUNsQixPQUFPLElBQUksS0FBSyxRQUFRO1FBQ3hCLFlBQVksSUFBSSxJQUFJO1FBQ25CLElBQXNCLENBQUMsVUFBVSxLQUFLLElBQUksQ0FDNUMsQ0FBQztBQUNKLENBQUM7QUFFRDs7R0FFRztBQUNILFNBQWdCLGNBQWMsQ0FDNUIsSUFBbUM7SUFFbkMsT0FBTyxDQUNMLElBQUksS0FBSyxTQUFTO1FBQ2xCLE9BQU8sSUFBSSxLQUFLLFFBQVE7UUFDeEIsUUFBUSxJQUFJLElBQUk7UUFDZixJQUFpQyxDQUFDLE1BQU0sS0FBSyxJQUFJLENBQ25ELENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7R0FJRztBQUNVLFFBQUEsV0FBVyxHQUFrQixFQUFFLFVBQVUsRUFBRSxJQUFJLEVBQVcsQ0FBQztBQUV4RTs7OztHQUlHO0FBQ1UsUUFBQSxPQUFPLEdBQTZCLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBVyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgdHlwZSBEdXJhdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgdHlwZSBJS2V5IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1rbXNcIjtcbmltcG9ydCB7IHR5cGUgU3VibmV0U2VsZWN0aW9uIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzJcIjtcblxuZXhwb3J0IHR5cGUgRGF0YWJhc2VFbmdpbmUgPSBcInBvc3RncmVzcWxcIiB8IFwibXlzcWxcIjtcblxuZXhwb3J0IGludGVyZmFjZSBFbmdpbmVDb25maWcge1xuICBkZWZhdWx0VXNlcm5hbWU6IHN0cmluZztcbiAgc3NsUGFyYW1ldGVyczogUmVjb3JkPHN0cmluZywgc3RyaW5nPjtcbiAgcm90YXRpb25BcHBOYW1lOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUHJveHlDb25maWcge1xuICBtYXhDb25uZWN0aW9ucz86IG51bWJlcjtcbiAgbWF4SWRsZUNvbm5lY3Rpb25zPzogbnVtYmVyO1xuICBjb25uZWN0aW9uQm9ycm93VGltZW91dD86IG51bWJlcjtcbiAgcmVxdWlyZVRMUz86IGJvb2xlYW47XG4gIHZwY1N1Ym5ldHM/OiBTdWJuZXRTZWxlY3Rpb247XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmVhZFJlcGxpY2FDb25maWcge1xuICBpbnN0YW5jZVR5cGU/OiBzdHJpbmc7XG4gIGF2YWlsYWJpbGl0eVpvbmU/OiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ3JlZGVudGlhbHNDb25maWcge1xuICB1c2VybmFtZT86IHN0cmluZztcbiAgc2VjcmV0Um90YXRpb24/OiBTZWNyZXRSb3RhdGlvbkNvbmZpZyB8IGZhbHNlO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFNlY3JldFJvdGF0aW9uQ29uZmlnIHtcbiAgYXV0b21hdGljYWxseUFmdGVyPzogRHVyYXRpb247XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgRW5jcnlwdGlvbkNvbmZpZyB7XG4gIHN0b3JhZ2VLZXk/OiBFbmNyeXB0aW9uS2V5U3BlYztcbn1cblxuLyoqIENvbmZpZ3VyYXRpb24gZm9yIERhdGFiYXNlIEluc2lnaHRzIChmb3JtZXJseSBQZXJmb3JtYW5jZSBJbnNpZ2h0cykuICovXG5leHBvcnQgaW50ZXJmYWNlIERhdGFiYXNlSW5zaWdodHNDb25maWcge1xuICBlbmNyeXB0aW9uS2V5PzogRW5jcnlwdGlvbktleVNwZWM7XG4gIC8qKiBEYXRhYmFzZSBJbnNpZ2h0cyBtb2RlLiBEZWZhdWx0OiBcInN0YW5kYXJkXCIuICovXG4gIG1vZGU/OiBcInN0YW5kYXJkXCIgfCBcImFkdmFuY2VkXCI7XG59XG5cbi8vIE1hcmtlciBmb3IgQVdTIG1hbmFnZWQgZW5jcnlwdGlvbiBrZXkgKGF3cy9yZHMsIGF3cy9zMywgZXRjLilcbmV4cG9ydCBpbnRlcmZhY2UgQXdzTWFuYWdlZEtleSB7XG4gIHJlYWRvbmx5IGF3c01hbmFnZWQ6IHRydWU7XG59XG5cbi8vIE1hcmtlciBmb3IgZXhwbGljaXRseSByZXF1ZXN0aW5nIGEgQ3VzdG9tZXIgTWFuYWdlZCBLZXkgKENNSykuXG5leHBvcnQgaW50ZXJmYWNlIEN1c3RvbWVyTWFuYWdlZEtleU1hcmtlciB7XG4gIHJlYWRvbmx5IHVzZUNNSzogdHJ1ZTtcbn1cblxuLy8gRW5jcnlwdGlvbiBrZXkgc3BlY2lmaWNhdGlvbiBmb3IgUkRTIHJlc291cmNlcy5cbmV4cG9ydCB0eXBlIEVuY3J5cHRpb25LZXlTcGVjID0gSUtleSB8IEF3c01hbmFnZWRLZXkgfCBDdXN0b21lck1hbmFnZWRLZXlNYXJrZXI7XG5cbi8vIFR5cGUgZ3VhcmQgdG8gY2hlY2sgaWYgdGhlIGVuY3J5cHRpb24ga2V5IHNwZWMgaXMgQVdTIG1hbmFnZWQuXG5leHBvcnQgZnVuY3Rpb24gaXNBd3NNYW5hZ2VkS2V5KFxuICBzcGVjOiBFbmNyeXB0aW9uS2V5U3BlYyB8IHVuZGVmaW5lZFxuKTogc3BlYyBpcyBBd3NNYW5hZ2VkS2V5IHtcbiAgcmV0dXJuIChcbiAgICBzcGVjICE9PSB1bmRlZmluZWQgJiZcbiAgICB0eXBlb2Ygc3BlYyA9PT0gXCJvYmplY3RcIiAmJlxuICAgIFwiYXdzTWFuYWdlZFwiIGluIHNwZWMgJiZcbiAgICAoc3BlYyBhcyBBd3NNYW5hZ2VkS2V5KS5hd3NNYW5hZ2VkID09PSB0cnVlXG4gICk7XG59XG5cbi8qKlxuICogVHlwZSBndWFyZCB0byBjaGVjayBpZiBDTUsgaXMgZXhwbGljaXRseSByZXF1ZXN0ZWQuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBpc0NNS1JlcXVlc3RlZChcbiAgc3BlYzogRW5jcnlwdGlvbktleVNwZWMgfCB1bmRlZmluZWRcbik6IHNwZWMgaXMgQ3VzdG9tZXJNYW5hZ2VkS2V5TWFya2VyIHtcbiAgcmV0dXJuIChcbiAgICBzcGVjICE9PSB1bmRlZmluZWQgJiZcbiAgICB0eXBlb2Ygc3BlYyA9PT0gXCJvYmplY3RcIiAmJlxuICAgIFwidXNlQ01LXCIgaW4gc3BlYyAmJlxuICAgIChzcGVjIGFzIEN1c3RvbWVyTWFuYWdlZEtleU1hcmtlcikudXNlQ01LID09PSB0cnVlXG4gICk7XG59XG5cbi8qKlxuICogQ29udmVuaWVuY2UgY29uc3RhbnQgZm9yIHNwZWNpZnlpbmcgQVdTIG1hbmFnZWQgZW5jcnlwdGlvbiAodGhlIGRlZmF1bHQpLlxuICogQGV4YW1wbGVcbiAqIGVuY3J5cHRpb246IHsgc3RvcmFnZUtleTogQVdTX01BTkFHRUQgfVxuICovXG5leHBvcnQgY29uc3QgQVdTX01BTkFHRUQ6IEF3c01hbmFnZWRLZXkgPSB7IGF3c01hbmFnZWQ6IHRydWUgfSBhcyBjb25zdDtcblxuLyoqXG4gKiBDb252ZW5pZW5jZSBjb25zdGFudCBmb3IgZXhwbGljaXRseSByZXF1ZXN0aW5nIENNSy5cbiAqIEBleGFtcGxlXG4gKiBlbmNyeXB0aW9uOiB7IHN0b3JhZ2VLZXk6IFVTRV9DTUsgfVxuICovXG5leHBvcnQgY29uc3QgVVNFX0NNSzogQ3VzdG9tZXJNYW5hZ2VkS2V5TWFya2VyID0geyB1c2VDTUs6IHRydWUgfSBhcyBjb25zdDtcblxuLyoqXG4gKiAqKkRFU1RSVUNUSVZFKio6IENoYW5naW5nIGBzdG9yYWdlS2V5YCBhZnRlciBjbHVzdGVyIGNyZWF0aW9uIGNhdXNlcyBjbHVzdGVyIFJFUExBQ0VNRU5ULlxuICovXG5leHBvcnQgaW50ZXJmYWNlIEF1cm9yYUVuY3J5cHRpb25Db25maWcge1xuICAvKiogREVTVFJVQ1RJVkU6IENoYW5naW5nIGFmdGVyIGNyZWF0aW9uIGNhdXNlcyBjbHVzdGVyIHJlcGxhY2VtZW50ICovXG4gIHN0b3JhZ2VLZXk/OiBFbmNyeXB0aW9uS2V5U3BlYztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBBdXJvcmFSZWFkZXJDb25maWcge1xuICBzY2FsZVdpdGhXcml0ZXI/OiBib29sZWFuO1xuICBlbmFibGVEYXRhYmFzZUluc2lnaHRzPzogYm9vbGVhbjtcbiAgaWRlbnRpZmllclN1ZmZpeD86IHN0cmluZztcbiAgYXZhaWxhYmlsaXR5Wm9uZT86IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBBdXJvcmFXcml0ZXJDb25maWcge1xuICBlbmFibGVEYXRhYmFzZUluc2lnaHRzPzogYm9vbGVhbjtcbiAgaWRlbnRpZmllclN1ZmZpeD86IHN0cmluZztcbiAgYXZhaWxhYmlsaXR5Wm9uZT86IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBBdXJvcmFSZWFkZXJzQ29uZmlnIHtcbiAgLyoqIE11dHVhbGx5IGV4Y2x1c2l2ZSB3aXRoIGluc3RhbmNlcyAqL1xuICBjb3VudD86IG51bWJlcjtcbiAgLyoqIE11dHVhbGx5IGV4Y2x1c2l2ZSB3aXRoIGNvdW50ICovXG4gIGluc3RhbmNlcz86IEF1cm9yYVJlYWRlckNvbmZpZ1tdO1xuICBkZWZhdWx0RW5hYmxlRGF0YWJhc2VJbnNpZ2h0cz86IGJvb2xlYW47XG59XG4iXX0=

package/dist/lib/utils/dnsRecords.d.ts

@@ -0,0 +1,4 @@
+import { type Construct } from "constructs";
+import { type IHostedZone } from "aws-cdk-lib/aws-route53";
+import type { DnsRecordInput } from "./domainTypes";
+export declare function addDnsRecords(scope: Construct, zone: IHostedZone, zoneName: string, records: DnsRecordInput[]): void;