@fjall/components-infrastructure 0.88.3 → 0.89.2

package/dist/lib/patterns/aws/compute.d.ts

@@ -1,21 +1,12 @@
-import { type RepositoryImage, type ICluster, type IBaseService } from "aws-cdk-lib/aws-ecs";
-import { Repository } from "aws-cdk-lib/aws-ecr";
-import { Connections, type IVpc, type UserData, type IMachineImage, type ISecurityGroup } from "aws-cdk-lib/aws-ec2";
-import { Code, Runtime, type Architecture, type FunctionUrlAuthType, type FunctionUrlCorsOptions, type IFunction, type InvokeMode } from "aws-cdk-lib/aws-lambda";
-import { type PolicyStatement, type PolicyDocument, type IManagedPolicy, type IGrantable, Grant } from "aws-cdk-lib/aws-iam";
-import { type IApplicationLoadBalancer, type ApplicationListener } from "aws-cdk-lib/aws-elasticloadbalancingv2";
-import { type IAutoScalingGroup } from "aws-cdk-lib/aws-autoscaling";
-import { Construct } from "constructs";
+import { Runtime } from "aws-cdk-lib/aws-lambda";
+import { type Construct } from "constructs";
 import { type IEcsCompute, type ILambdaCompute, type IEc2Compute, type AnyCompute, isCompute, isEcsCompute, isLambdaCompute, isEc2Compute } from "./interfaces/compute.js";
-import { type ConnectionSpec } from "./interfaces/connector.js";
 import type App from "../../app";
-import EcsCluster, { type EcsClusterProps, ScalingType, type DomainConfig, type EcsCapacityProvider, type Ec2CapacityConfig } from "../../resources/aws/compute/ecs";
-import { Ec2Instance } from "../../resources/aws/compute/ec2";
-import { LambdaFunction } from "../../resources/aws/compute/lambda";
-import { type SecretImport } from "../../resources/aws/secrets";
+import { EcsCompute, type EcsComputeProps, type EcsServiceConfig, type EcsContainerConfig, type EcsScalingConfig, type EcsClusterConfig, type EcsRoutingConfig, type EcsCapacityProviderConfig, ECS_CAPACITY_PROVIDER_CONFIG, getEcsCapacityProviderConfig, ScalingType, type EcsCapacityProvider, type Ec2CapacityConfig, validateEcsProps, buildContainerConfigs, type ResolvedScalingConfig, resolveScalingConfig } from "./computeEcs.js";
+import { LambdaCompute, type LambdaComputeProps, type ContainerLambdaProps, type CodeLambdaProps, type FunctionUrlConfig, type ResolvedLambdaDeployment, resolveLambdaDeployment, Architecture, HttpMethod, InvokeMode, type FunctionUrlCorsOptions } from "./computeLambda.js";
+import { Ec2Compute, type Ec2ComputeProps, type SshConfig } from "./computeEc2.js";
+export { EcsCompute, type EcsComputeProps, type EcsServiceConfig, type EcsContainerConfig, type EcsScalingConfig, type EcsClusterConfig, type EcsRoutingConfig, type EcsCapacityProviderConfig, ECS_CAPACITY_PROVIDER_CONFIG, getEcsCapacityProviderConfig, ScalingType, type EcsCapacityProvider, type Ec2CapacityConfig, validateEcsProps, buildContainerConfigs, type ResolvedScalingConfig, resolveScalingConfig, LambdaCompute, type LambdaComputeProps, type ContainerLambdaProps, type CodeLambdaProps, type FunctionUrlConfig, type ResolvedLambdaDeployment, resolveLambdaDeployment, Architecture, HttpMethod, InvokeMode, type FunctionUrlCorsOptions, Ec2Compute, type Ec2ComputeProps, type SshConfig };
 export type ComputeType = "ecs" | "ec2" | "lambda";
-export { ScalingType };
-export type { EcsCapacityProvider, Ec2CapacityConfig };
 /**
  * Configuration defaults for each compute type.
  */
@@ -27,29 +18,17 @@ export interface ComputeTypeConfig {
         minCapacity: number;
         maxCapacity: number;
     };
-    /** Whether this compute type supports security group connections */
-    supportsConnections: boolean;
     /** Whether this compute type requires a VPC */
     requiresVpc: boolean;
 }
 export declare const COMPUTE_TYPE_CONFIG: Record<ComputeType, ComputeTypeConfig>;
-/**
- * Configuration for ECS capacity providers.
- */
-export interface EcsCapacityProviderConfig {
-    /** Whether this uses Spot pricing */
-    usesSpot: boolean;
-    /** Whether this runs on EC2 instances (vs serverless Fargate) */
-    usesEc2Instances: boolean;
-}
-export declare const ECS_CAPACITY_PROVIDER_CONFIG: Record<EcsCapacityProvider, EcsCapacityProviderConfig>;
 /**
  * Default values for compute resource configuration.
  * Centralised constants to ensure consistency across the codebase.
  */
 export declare const COMPUTE_DEFAULTS: {
     readonly EC2: {
-        readonly INSTANCE_TYPE: "t3.micro";
+        readonly INSTANCE_TYPE: "t4g.micro";
         readonly MIN_CAPACITY: 1;
         readonly MAX_CAPACITY: 1;
     };
@@ -62,618 +41,14 @@ export declare const COMPUTE_DEFAULTS: {
     readonly LAMBDA: {
         readonly HANDLER: "index.handler";
         readonly RUNTIME: Runtime;
+        readonly ARCHITECTURE: Architecture;
     };
 };
 export declare function getComputeTypeConfig(type: ComputeType): ComputeTypeConfig;
-export declare function getEcsCapacityProviderConfig(provider: EcsCapacityProvider): EcsCapacityProviderConfig;
-export { Architecture, HttpMethod, InvokeMode, type FunctionUrlCorsOptions } from "aws-cdk-lib/aws-lambda";
-/**
- * Configuration for a container in an ECS task.
- *
- * For single-container services, `name` is optional and defaults to `${serviceName}Container`.
- * For multi-container tasks, the first container with a `port` is the **primary container**
- * that receives load balancer traffic.
- *
- * @example
- * // Single container (name auto-generated)
- * containers: [{ port: 3000 }]
- *
- * @example
- * // Multi-container with sidecars
- * containers: [
- *   { name: "app", port: 3000 },                    // Primary - receives ALB traffic
- *   { name: "datadog", image: "datadog/agent" }     // Sidecar - monitoring
- * ]
- */
-export interface EcsContainerConfig {
-    /** Container name. Optional for single-container services. */
-    name?: string;
-    /**
-     * Container image. Options:
-     * - Omit: Uses app's default ECR repository (primary container only)
-     * - string: ECR repository name or public image URL
-     * - Repository: CDK ECR Repository construct
-     */
-    image?: string | Repository;
-    /**
-     * Port the container listens on.
-     * The first container with a port becomes the **primary container**
-     * and is registered with the load balancer.
-     */
-    port?: number;
-    /** Environment variables */
-    environment?: Record<string, string>;
-    /**
-     * Secrets from AWS SSM Parameter Store.
-     * Array of secret names that will be fetched from the service's SSM namespace.
-     * The namespace path is auto-determined from app/cluster/service names.
-     *
-     * @example
-     * // Secrets at /myapp/api-cluster/users/API_KEY and /myapp/api-cluster/users/DB_PASSWORD
-     * secrets: ["API_KEY", "DB_PASSWORD"]
-     */
-    secrets?: string[];
-    /** Secrets imported from other CDK resources (AWS Secrets Manager) */
-    secretsImport?: Record<string, SecretImport>;
-    /** Command to run in the container */
-    command?: string[];
-    /** Entry point for the container */
-    entryPoint?: string[];
-    /**
-     * Whether this container is essential.
-     * If an essential container stops, all containers in the task stop.
-     * Default: true
-     */
-    essential?: boolean;
-    /**
-     * Health check configuration.
-     * Default: For primary container with port, uses curl health check.
-     */
-    healthCheck?: {
-        command: string[];
-        interval?: number;
-        timeout?: number;
-        retries?: number;
-        startPeriod?: number;
-    };
-}
-/**
- * ECS scaling configuration.
- * - Omit: enabled with defaults
- * - `{}`: enabled with defaults
- * - `{ minCapacity: 2, maxCapacity: 10 }`: custom scaling
- * - `false`: explicitly disabled
- */
-export interface EcsScalingConfig {
-    minCapacity?: number;
-    maxCapacity?: number;
-    scalingType?: ScalingType;
-}
-/**
- * Cluster-level configuration.
- * Controls the shared ALB for all services in this cluster.
- */
-export interface EcsClusterConfig {
-    /**
-     * Domain for HTTPS access.
-     * - Omit: ALB created with default DNS (*.elb.amazonaws.com)
-     * - Specified: Creates ACM certificate + Route53 DNS A record
-     */
-    domain?: string;
-    /**
-     * Load balancer configuration.
-     * - Omit or "public": Internet-facing ALB (default)
-     * - "internal": VPC-only ALB
-     * - false: No ALB (for workers/background processors)
-     */
-    loadBalancer?: false | "public" | "internal";
-    /**
-     * Enable direct EC2 access without ALB.
-     * Uses host network mode for predictable ports.
-     * Access via EC2 public IP at container port.
-     */
-    directAccess?: boolean;
-    /**
-     * Advanced domain configuration for routing policies (latency, weighted, geo).
-     * Only used when domain is specified.
-     * Allows for multi-region deployments with advanced DNS routing.
-     */
-    domainConfig?: DomainConfig;
-}
-/**
- * Routing configuration for path/host-based routing on the ALB.
- * Required when cluster has multiple services with ports.
- * Optional for single service (gets all traffic automatically).
- */
-export interface EcsRoutingConfig {
-    /**
-     * Path pattern for routing (e.g., "/api/*", "/users/*").
-     * Uses ALB path-based routing.
-     */
-    path?: string;
-    /**
-     * Host header for routing (e.g., "api.example.com").
-     * Uses ALB host-based routing.
-     */
-    host?: string;
-    /**
-     * Priority for this routing rule (1-50000).
-     * Lower number = higher priority.
-     * Auto-assigned if omitted.
-     */
-    priority?: number;
-    /**
-     * Health check path for this service's target group.
-     * Default: "/"
-     */
-    healthCheckPath?: string;
-}
-/**
- * Configuration for a service in an ECS cluster.
- * Each service gets its own task definition, scaling config, and target group.
- *
- * @example
- * // Simple service
- * { name: "api", containers: [{ port: 3000 }] }
- *
- * @example
- * // Service with routing (for multi-service clusters)
- * { name: "users", containers: [{ port: 3000 }], routing: { path: "/users/*", priority: 100 } }
- *
- * @example
- * // Service with multiple routing rules (same target group)
- * { name: "web", containers: [{ port: 3000 }], routing: [
- *   { path: "/api/v2/*", priority: 50 },
- *   { path: "/*", priority: 200 },
- * ]}
- *
- * @example
- * // Service with sidecars
- * {
- *   name: "api",
- *   containers: [
- *     { name: "app", port: 3000 },
- *     { name: "datadog", image: "datadog/agent" }
- *   ]
- * }
- */
-export interface EcsServiceConfig {
-    /** Service name (unique within cluster) */
-    name: string;
-    /**
-     * Container image for this service (applies to first container without explicit image).
-     * - Omit: Uses app's default ECR repository
-     * - string: ECR repository name or public image URL
-     * - Repository: CDK ECR Repository construct
-     */
-    image?: string | Repository;
-    /**
-     * Container configuration(s) for this service.
-     * For single-container services, container name is optional and auto-generated.
-     * For multi-container services, the first container with a port is the primary container.
-     */
-    containers?: EcsContainerConfig[];
-    /**
-     * Routing rules for this service on the cluster's ALB.
-     * Required when cluster has multiple services with ports.
-     * Optional for single service (gets /* automatically).
-     * Can be a single rule or an array of rules pointing to the same target group.
-     *
-     * @example
-     * // Multiple routes for the same service
-     * routing: [
-     *   { path: "/api/v2/*", priority: 50 },
-     *   { path: "/*", priority: 200 },
-     * ]
-     */
-    routing?: EcsRoutingConfig | EcsRoutingConfig[];
-    /** CPU units for this service's tasks (256-4096) */
-    cpu?: number;
-    /** Memory in MiB for this service's tasks (512-30720) */
-    memoryLimitMiB?: number;
-    /** Desired number of tasks. Default: 2 */
-    desiredCount?: number;
-    /**
-     * Scaling configuration.
-     * - Omit: enabled with defaults
-     * - false: disabled
-     */
-    scaling?: EcsScalingConfig | false;
-    /**
-     * Path to Dockerfile for building this service's image.
-     * Metadata for CLI build process, not used during CDK synthesis.
-     */
-    dockerfilePath?: string;
-    /**
-     * Docker build target stage for multi-stage Dockerfiles.
-     * When specified, the CLI builds with `--target <dockerTarget>`.
-     * The image tag suffix is also updated: `<service>-<target>-latest`.
-     *
-     * @example
-     * // Dockerfile: FROM node AS base ... FROM base AS api ... FROM base AS worker
-     * { name: "api", dockerTarget: "api" }   // builds: myapp-api-api-latest
-     * { name: "worker", dockerTarget: "worker" }  // builds: myapp-worker-worker-latest
-     */
-    dockerTarget?: string;
-    /**
-     * Additional inline policies for this service's task role.
-     * Added on top of the default ECS Exec permissions.
-     * Use for service-specific AWS permissions (S3, DynamoDB, SQS, etc.).
-     */
-    taskRoleInlinePolicies?: Record<string, PolicyDocument>;
-    /**
-     * Additional managed policies for this service's task role.
-     * Added on top of the default ECS Exec permissions.
-     */
-    taskRoleManagedPolicies?: IManagedPolicy[];
-    /**
-     * Resources this service needs to connect to (e.g., databases, S3 buckets, SQS queues).
-     * Creates security group rules for IConnectable resources and IAM grants for IAM resources.
-     * Follows least-privilege - only this service gets access, not all services in the cluster.
-     *
-     * Supports:
-     * - IConnectable: Security group resources (RDS, ECS, etc.)
-     * - IStorageConnector: S3 buckets (IAM grants)
-     * - IDynamoDBConnector: DynamoDB tables (IAM grants)
-     * - IQueueConnector: SQS queues (IAM grants)
-     * - ConnectionConfig: Explicit access level configuration
-     *
-     * @example
-     * // Simple connections (default permissions)
-     * connections: [database, bucket, cache, queue]
-     *
-     * @example
-     * // Explicit access levels
-     * connections: [
-     *   database,                              // Security group (RDS)
-     *   { resource: cache, access: "read" },   // Read-only DynamoDB
-     *   { resource: bucket, access: "write" }, // Write-only S3
-     *   { resource: queue, access: "consume" } // Consume-only SQS
-     * ]
-     */
-    connections?: ConnectionSpec[];
-    /**
-     * Capacity provider for this service. REQUIRED.
-     * Each service specifies its own capacity provider.
-     *
-     * @example
-     * // Mixed FARGATE and EC2 services in same cluster
-     * {
-     *   services: [
-     *     { name: "api", capacityProvider: "FARGATE" },
-     *     { name: "worker", capacityProvider: "EC2", ec2Config: { instanceType: "t3.micro" } }
-     *   ]
-     * }
-     */
-    capacityProvider: EcsCapacityProvider;
-    /**
-     * EC2 capacity configuration for this service.
-     * Only used when service capacityProvider is "EC2".
-     * Services with matching ec2Config share an ASG for efficiency.
-     */
-    ec2Config?: Ec2CapacityConfig;
-    /**
-     * SSM Parameter Store path for secrets.
-     * If not specified, secrets are fetched from /<app>/<cluster>/<service>.
-     * Use this to override the default convention.
-     *
-     * @example
-     * // Override default path
-     * ssmSecretsPath: "/custom/path/to/secrets"
-     */
-    ssmSecretsPath?: string;
-}
-/**
- * SSH access configuration for EC2 instances.
- * - Omit: disabled (default)
- * - `{}`: enabled with auto-generated key
- * - `{ keyName: "my-key" }`: enabled with existing key
- * - `false`: explicitly disabled
- */
-export interface SshConfig {
-    /** SSH key pair name */
-    keyName?: string;
-    /** Allowed CIDR blocks for SSH access */
-    allowedCidrs?: string[];
-}
-/**
- * Lambda function URL configuration.
- * - Omit: disabled (default)
- * - `{}`: enabled with IAM auth
- * - `{ authType: "NONE", cors: {...} }`: public with CORS
- * - `false`: explicitly disabled
- */
-export interface FunctionUrlConfig {
-    /** Authentication type. Default: AWS_IAM */
-    authType?: FunctionUrlAuthType;
-    /** CORS configuration */
-    cors?: FunctionUrlCorsOptions;
-    /** Invoke mode. Use RESPONSE_STREAM for Lambda streaming. Default: BUFFERED */
-    invokeMode?: InvokeMode;
-}
-interface BaseComputeProps {
-    vpc?: IVpc;
-}
-/**
- * ECS compute configuration.
- * Creates an ECS cluster with one or more services sharing a load balancer.
- *
- * @example
- * // Single service
- * app.addCompute(ComputeFactory.build("WebApp", {
- *   type: "ecs",
- *   cluster: { domain: "app.example.com" },
- *   services: [{ name: "web", containers: [{ port: 3000 }] }]
- * }));
- *
- * @example
- * // Multi-service cluster with routing
- * app.addCompute(ComputeFactory.build("ApiCluster", {
- *   type: "ecs",
- *   cluster: { domain: "api.example.com" },
- *   services: [
- *     { name: "users", containers: [{ port: 3000 }], routing: { path: "/users/*" } },
- *     { name: "orders", containers: [{ port: 3001 }], routing: { path: "/orders/*" } }
- *   ]
- * }));
- *
- * @example
- * // Internal workers (no ALB)
- * app.addCompute(ComputeFactory.build("Workers", {
- *   type: "ecs",
- *   cluster: { loadBalancer: false },
- *   services: [{ name: "processor" }, { name: "emailer" }]
- * }));
- */
-export interface EcsComputeProps extends BaseComputeProps {
-    type: "ecs";
-    /**
-     * Application name for SSM secrets namespace.
-     * When containers use secrets, the path is derived as: /<appName>/<clusterName>/<serviceName>
-     * Auto-derived from App.getName() if not specified.
-     */
-    appName?: string;
-    /**
-     * Cluster configuration.
-     * Controls the shared ALB for all services in this cluster.
-     * - Omit: ALB created with default settings
-     * - `{ domain: "..." }`: ALB with HTTPS + DNS
-     * - `{ loadBalancer: false }`: No ALB (internal workers)
-     */
-    cluster?: EcsClusterConfig;
-    /**
-     * Services in this cluster.
-     * Each service gets its own task definition, scaling, and target group.
-     * Each service MUST specify its own capacityProvider.
-     * All services share the cluster's ALB (unless disabled).
-     */
-    services: EcsServiceConfig[];
-    /**
-     * ECR repository for all services (default image).
-     * Individual services can override with their own `image` property.
-     */
-    ecrRepository?: Repository | RepositoryImage;
-    /**
-     * Path to Dockerfile for building custom image.
-     * Note: This is metadata for the CLI build process,
-     * not used during CDK synthesis.
-     */
-    dockerfilePath?: string;
-}
-export interface Ec2ComputeProps extends BaseComputeProps {
-    type: "ec2";
-    /** EC2 instance type. Default: "t3.micro" */
-    instanceType?: string;
-    /**
-     * SSH access configuration.
-     * - Omit: disabled (default)
-     * - `{}`: enabled with defaults
-     * - `false`: explicitly disabled
-     */
-    ssh?: SshConfig | false;
-    /** User data script */
-    userData?: UserData;
-    /** Machine image (AMI) */
-    machineImage?: IMachineImage;
-    /** Minimum number of instances. Default: 1 */
-    minCapacity?: number;
-    /** Maximum number of instances. Default: 1 */
-    maxCapacity?: number;
-    /**
-     * Percentage of capacity to run on Spot instances (0-100).
-     * - Omit or 0: All On-Demand instances (default)
-     * - 100: All Spot instances
-     * - 50: Half Spot, half On-Demand
-     *
-     * Spot instances can reduce costs by up to 90% but may be interrupted.
-     * Use for fault-tolerant workloads.
-     */
-    spotCapacityPercentage?: number;
-}
-/**
- * Base Lambda configuration shared by both container and code deployments.
- */
-interface BaseLambdaProps extends BaseComputeProps {
-    type: "lambda";
-    /** Timeout in seconds. Default: 3 */
-    timeout?: number;
-    /** Memory size in MB. Default: 128 */
-    memorySize?: number;
-    ephemeralStorageSize?: number;
-    /** CPU architecture. Default: x86_64. Use Architecture.ARM_64 for Graviton2. */
-    architecture?: Architecture;
-    /** Lambda function description */
-    description?: string;
-    /** IAM role description */
-    roleDescription?: string;
-    /** Inline IAM policy statements */
-    inlinePolicy?: PolicyStatement[];
-    /**
-     * Function URL configuration.
-     * - Omit: disabled (default)
-     * - `{}`: enabled with IAM auth
-     * - `{ authType: "NONE" }`: public access
-     * - `false`: explicitly disabled
-     */
-    functionUrl?: FunctionUrlConfig | false;
-    /** Environment variables */
-    environment?: Record<string, string>;
-    /**
-     * Secrets from AWS SSM Parameter Store.
-     * Array of secret names that will be fetched from the Lambda's SSM namespace.
-     * The namespace path is auto-determined as: /<appName>/lambda/<functionName>
-     *
-     * @example
-     * secrets: ["API_KEY", "STRIPE_SECRET"]
-     */
-    secrets?: string[];
-    /**
-     * SSM Parameter Store path for secrets.
-     * If secrets are defined, this path is used as the base path.
-     * If not specified, uses: /<appName>/lambda/<functionName>
-     *
-     * @example
-     * ssmSecretsPath: "/myapp/custom/path"
-     */
-    ssmSecretsPath?: string;
-    /**
-     * Secrets imported from other CDK resources (AWS Secrets Manager).
-     * Used for CDK-managed secrets like database credentials.
-     *
-     * @example
-     * secretsImport: {
-     *   DATABASE_USERNAME: database.getCredentials().getImport("username"),
-     *   DATABASE_PASSWORD: database.getCredentials().getImport("password")
-     * }
-     */
-    secretsImport?: Record<string, SecretImport>;
-    /**
-     * Application name for SSM secrets path derivation.
-     * Auto-derived from App instance when using ComputeFactory.
-     * Only specify for advanced use cases.
-     */
-    appName?: string;
-    /**
-     * Resources this Lambda needs to connect to (e.g., databases, S3 buckets, SQS queues).
-     * Creates security group rules for IConnectable resources and IAM grants for IAM resources.
-     *
-     * Supports:
-     * - IConnectable: Security group resources (RDS, ECS, etc.)
-     * - IStorageConnector: S3 buckets (IAM grants)
-     * - IDynamoDBConnector: DynamoDB tables (IAM grants)
-     * - IQueueConnector: SQS queues (IAM grants)
-     * - ConnectionConfig: Explicit access level configuration
-     *
-     * @example
-     * connections: [
-     *   database,
-     *   { resource: queue, access: "send" }
-     * ]
-     */
-    connections?: ConnectionSpec[];
-    /**
-     * EventBridge schedule expression for scheduled Lambda invocations.
-     * Uses cron or rate syntax: "rate(1 hour)" or "cron(0 12 * * ? *)".
-     */
-    scheduleExpression?: string;
-}
-/**
- * Container-based Lambda using ECR image.
- *
- * Uses Docker image from ECR repository. Handler and runtime are
- * automatically set to FROM_IMAGE.
- *
- * @example
- * app.addCompute(ComputeFactory.build("ImageLambda", {
- *   type: "lambda",
- *   deployment: "container",
- *   ecrRepository: app.getDefaultContainerRegistry()
- * }));
- */
-export interface ContainerLambdaProps extends BaseLambdaProps {
-    /** Container-based deployment using ECR image */
-    deployment: "container";
-    /** ECR repository containing the Lambda container image */
-    ecrRepository: Repository | RepositoryImage;
-}
-/**
- * Code-based Lambda using inline code or S3.
- *
- * Uses traditional Lambda deployment with code, handler, and runtime.
- *
- * @example
- * app.addCompute(ComputeFactory.build("CodeLambda", {
- *   type: "lambda",
- *   deployment: "code",
- *   code: Code.fromAsset("./lambda"),
- *   handler: "index.handler",
- *   runtime: Runtime.NODEJS_20_X
- * }));
- */
-export interface CodeLambdaProps extends BaseLambdaProps {
-    /** Code-based deployment */
-    deployment: "code";
-    /** Lambda code (from asset, S3, or inline) */
-    code: Code;
-    /** Handler function. Default: "index.handler" */
-    handler?: string;
-    /** Lambda runtime. Default: NODEJS_22_X */
-    runtime?: Runtime;
-}
-/**
- * Lambda compute configuration.
- *
- * Discriminated union ensuring type-safe Lambda configuration:
- * - `deployment: "container"` requires `ecrRepository`
- * - `deployment: "code"` requires `code` and allows `handler`/`runtime`
- *
- * @example
- * // Container-based Lambda
- * { type: "lambda", deployment: "container", ecrRepository: ecr }
- *
- * @example
- * // Code-based Lambda
- * { type: "lambda", deployment: "code", code: Code.fromAsset("./lambda") }
- */
-export type LambdaComputeProps = ContainerLambdaProps | CodeLambdaProps;
 export type IEcsComputeProps = EcsComputeProps;
 export type ILambdaComputeProps = LambdaComputeProps;
 export type IEc2ComputeProps = Ec2ComputeProps;
 export type IComputeProps = IEcsComputeProps | ILambdaComputeProps | IEc2ComputeProps;
-/**
- * Build container configurations for an ECS service.
- * Converts user-facing EcsContainerConfig to internal EcsClusterProps format.
- * @internal Exported for testing only
- */
-export declare function buildContainerConfigs(service: EcsServiceConfig): EcsClusterProps["services"][number]["containers"];
-/**
- * Resolved scaling configuration for an ECS service.
- * @internal Exported for testing only
- */
-export interface ResolvedScalingConfig {
-    scalingType: ScalingType | undefined;
-    minCapacity: number | undefined;
-    maxCapacity: number | undefined;
-}
-/**
- * Resolve scaling configuration from service props.
- * Handles the three cases: explicit config, disabled (false), or default (undefined).
- * @internal Exported for testing only
- */
-export declare function resolveScalingConfig(scaling: EcsScalingConfig | false | undefined): ResolvedScalingConfig;
-/**
- * Resolved Lambda deployment configuration.
- */
-export interface ResolvedLambdaDeployment {
-    code: Code;
-    handler: string;
-    runtime: Runtime;
-}
-/**
- * Resolve Lambda deployment configuration from props.
- * Handles container vs code deployment types.
- */
-export declare function resolveLambdaDeployment(props: ILambdaComputeProps): ResolvedLambdaDeployment;
 /**
  * Factory for creating compute resources with type-safe return types.
  *
@@ -702,7 +77,7 @@ export declare function resolveLambdaDeployment(props: ILambdaComputeProps): Res
  * // EC2 compute - returns Ec2Compute with EC2-specific methods
  * const ec2 = app.addCompute(ComputeFactory.build("Instance", {
  *   type: "ec2",
- *   instanceType: "t3.micro"
+ *   instanceType: "t4g.micro"
  * }));
  * ec2.getAutoScalingGroup(); // Available on Ec2Compute
  */
@@ -711,91 +86,5 @@ export declare class ComputeFactory {
     static build(id: string, props: ILambdaComputeProps): (app: App, scope: Construct) => LambdaCompute;
     static build(id: string, props: IEc2ComputeProps): (app: App, scope: Construct) => Ec2Compute;
 }
-/**
- * ECS compute wrapper implementing IEcsCompute.
- * Provides type-safe access to ECS-specific resources.
- */
-export declare class EcsCompute extends Construct implements IEcsCompute {
-    readonly computeType: "ecs";
-    readonly connections: Connections;
-    private readonly ecsCluster;
-    constructor(scope: Construct, id: string, props: IEcsComputeProps);
-    /** Get the ECS cluster. */
-    getCluster(): ICluster;
-    /** Get the Application Load Balancer if one was created. */
-    getLoadBalancer(): IApplicationLoadBalancer | undefined;
-    /** Get a specific service by name. */
-    getService(name: string): IBaseService | undefined;
-    /** Get all services in the cluster. */
-    getAllServices(): IBaseService[];
-    /** Get the security group for the cluster. */
-    getSecurityGroup(): ISecurityGroup;
-    /**
-     * Get the ALB listener if this is an ECS compute with ALB.
-     */
-    getListener(): ApplicationListener | undefined;
-    /**
-     * Get the underlying ECS cluster construct.
-     */
-    getEcsCluster(): EcsCluster;
-    /**
-     * Grants ecs:ExecuteCommand permission for ECS services.
-     * Uses wildcard resource because ecs:ExecuteCommand targets task ARNs
-     * which are not known until runtime (tasks are ephemeral).
-     */
-    grantExecuteCommand(grantee: IGrantable): Grant;
-}
-/**
- * Lambda compute wrapper implementing ILambdaCompute.
- * Provides type-safe access to Lambda-specific resources.
- */
-export declare class LambdaCompute extends Construct implements ILambdaCompute {
-    readonly computeType: "lambda";
-    readonly connections: Connections;
-    private readonly lambdaFunction;
-    constructor(scope: Construct, id: string, props: ILambdaComputeProps);
-    /**
-     * Get a Lambda function by name.
-     * Since we only have one function, name is ignored.
-     */
-    getFunction(_name?: string): IFunction | undefined;
-    /** Get all Lambda functions. */
-    getAllFunctions(): IFunction[];
-    /**
-     * Get the function URL for a Lambda function.
-     */
-    getFunctionUrl(_name?: string): string | undefined;
-    /**
-     * Grant invoke permissions to a grantee.
-     */
-    grantInvoke(grantee: IGrantable, _functionName?: string): Grant;
-    /**
-     * Get the security group for VPC-enabled Lambda functions.
-     * Returns undefined if the Lambda is not VPC-enabled.
-     */
-    getSecurityGroup(): ISecurityGroup | undefined;
-    /**
-     * Get the underlying Lambda function construct.
-     */
-    getLambdaFunction(): LambdaFunction;
-}
-/**
- * EC2 compute wrapper implementing IEc2Compute.
- * Provides type-safe access to EC2-specific resources.
- */
-export declare class Ec2Compute extends Construct implements IEc2Compute {
-    readonly computeType: "ec2";
-    readonly connections: Connections;
-    private readonly ec2Instance;
-    constructor(scope: Construct, id: string, props: IEc2ComputeProps);
-    /** Get the Auto Scaling Group. */
-    getAutoScalingGroup(): IAutoScalingGroup;
-    /** Get the security group. */
-    getSecurityGroup(): ISecurityGroup;
-    /**
-     * Get the underlying EC2 instance construct.
-     */
-    getEc2Instance(): Ec2Instance;
-}
 export { isCompute, isEcsCompute, isLambdaCompute, isEc2Compute };
 export type { IEcsCompute, ILambdaCompute, IEc2Compute, AnyCompute };