@fjall/components-infrastructure 0.89.5 → 0.94.0

package/dist/lib/resources/aws/database/rdsHelpers.js

@@ -1,18 +1,11 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DEFAULT_POSTGRES_ENGINE_CONFIG = void 0;
-exports.resolveStorageEncryptionKey = resolveStorageEncryptionKey;
-exports.resolvePerformanceInsightsKey = resolvePerformanceInsightsKey;
-exports.resolveDatabaseInsights = resolveDatabaseInsights;
-exports.addMultiUserSecretRotation = addMultiUserSecretRotation;
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const aws_secretsmanager_1 = require("aws-cdk-lib/aws-secretsmanager");
-const secrets_1 = require("../secrets");
-const resourceNaming_1 = require("../../../utils/resourceNaming");
-const rdsDefaults_1 = require("./rdsDefaults");
-const databaseTypes_1 = require("../../../utils/databaseTypes");
+import { Duration } from "aws-cdk-lib";
+import { SecretRotation, SecretRotationApplication } from "aws-cdk-lib/aws-secretsmanager";
+import { CustomerManagedKey, Secret } from "../secrets/index.js";
+import { ResourceNaming } from "../../../utils/resourceNaming.js";
+import { RDS_DEFAULTS } from "./rdsDefaults.js";
+import { isAwsManagedKey, isCMKRequested } from "../../../utils/databaseTypes.js";
 /** Default PostgreSQL engine configuration used by both Aurora and Instance constructs. */
-exports.DEFAULT_POSTGRES_ENGINE_CONFIG = {
+export const DEFAULT_POSTGRES_ENGINE_CONFIG = {
     defaultUsername: "postgres",
     sslParameters: { "rds.force_ssl": "1" },
     rotationAppName: "SecretsManagerRDSPostgreSQLRotationMultiUser"
@@ -23,11 +16,11 @@ exports.DEFAULT_POSTGRES_ENGINE_CONFIG = {
  * - AWS managed / undefined → returns undefined (CDK default)
  * - IKey → returns the key as-is
  */
-function resolveStorageEncryptionKey(scope, databaseName, storageKey) {
-    if ((0, databaseTypes_1.isCMKRequested)(storageKey)) {
-        return new secrets_1.CustomerManagedKey(scope, `${databaseName}ClusterEncryptionKey`, { aliasName: `cmk/rds/${databaseName}/encryptionKey` }).key;
+export function resolveStorageEncryptionKey(scope, databaseName, storageKey) {
+    if (isCMKRequested(storageKey)) {
+        return new CustomerManagedKey(scope, `${databaseName}ClusterEncryptionKey`, { aliasName: `cmk/rds/${databaseName}/encryptionKey` }).key;
     }
-    if ((0, databaseTypes_1.isAwsManagedKey)(storageKey) || storageKey === undefined) {
+    if (isAwsManagedKey(storageKey) || storageKey === undefined) {
         return undefined;
     }
     return storageKey;
@@ -36,14 +29,14 @@ function resolveStorageEncryptionKey(scope, databaseName, storageKey) {
  * Resolve a Performance Insights encryption key spec into an IKey or undefined.
  * Only creates a CMK when PI is enabled and CMK is requested.
  */
-function resolvePerformanceInsightsKey(scope, databaseName, piEnabled, encryptionKey) {
-    if (piEnabled && (0, databaseTypes_1.isCMKRequested)(encryptionKey)) {
-        return new secrets_1.CustomerManagedKey(scope, `${databaseName}PerformanceInsightsKey`, { aliasName: `cmk/rds/${databaseName}/InsightsKey` }).key;
+export function resolvePerformanceInsightsKey(scope, databaseName, piEnabled, encryptionKey) {
+    if (piEnabled && isCMKRequested(encryptionKey)) {
+        return new CustomerManagedKey(scope, `${databaseName}PerformanceInsightsKey`, { aliasName: `cmk/rds/${databaseName}/InsightsKey` }).key;
     }
     return undefined;
 }
 /** Resolve the databaseInsights prop into an enabled flag and optional config object. */
-function resolveDatabaseInsights(databaseInsights) {
+export function resolveDatabaseInsights(databaseInsights) {
     const piEnabled = databaseInsights !== false;
     const piConfig = piEnabled && typeof databaseInsights === "object"
         ? databaseInsights
@@ -54,16 +47,16 @@ function resolveDatabaseInsights(databaseInsights) {
  * Add multi-user secret rotation to a database construct.
  * Shared between RdsAurora and RdsInstance.
  */
-function addMultiUserSecretRotation(params) {
+export function addMultiUserSecretRotation(params) {
     const rotationConfig = params.credentialsConfig?.secretRotation;
     const rotationPeriod = (typeof rotationConfig === "object" &&
         rotationConfig?.automaticallyAfter) ||
-        aws_cdk_lib_1.Duration.days(30);
-    const masterSecret = new secrets_1.Secret(params.scope, `${params.databaseName}MasterSecret`, {
-        secretName: resourceNaming_1.ResourceNaming.masterSecretName(params.constructId)
+        Duration.days(30);
+    const masterSecret = new Secret(params.scope, `${params.databaseName}MasterSecret`, {
+        secretName: ResourceNaming.masterSecretName(params.constructId)
     });
-    new aws_secretsmanager_1.SecretRotation(params.scope, `${params.databaseName}SecretRotation`, {
-        application: new aws_secretsmanager_1.SecretRotationApplication(params.engineConfig.rotationAppName, rdsDefaults_1.RDS_DEFAULTS.ROTATION_APP_VERSION, { isMultiUser: true }),
+    new SecretRotation(params.scope, `${params.databaseName}SecretRotation`, {
+        application: new SecretRotationApplication(params.engineConfig.rotationAppName, RDS_DEFAULTS.ROTATION_APP_VERSION, { isMultiUser: true }),
         secret: params.databaseSecret,
         masterSecret: masterSecret.secret,
         target: params.target,
@@ -72,4 +65,3 @@ function addMultiUserSecretRotation(params) {
     });
     return masterSecret;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmRzSGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL2xpYi9yZXNvdXJjZXMvYXdzL2RhdGFiYXNlL3Jkc0hlbHBlcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBa0NBLGtFQWdCQztBQU1ELHNFQWNDO0FBR0QsMERBWUM7QUFNRCxnRUFzQ0M7QUFqSUQsNkNBQXVDO0FBSXZDLHVFQUd3QztBQUV4Qyx3Q0FBd0Q7QUFDeEQsa0VBQStEO0FBQy9ELCtDQUE2QztBQUM3QyxnRUFPc0M7QUFFdEMsMkZBQTJGO0FBQzlFLFFBQUEsOEJBQThCLEdBQWlCO0lBQzFELGVBQWUsRUFBRSxVQUFVO0lBQzNCLGFBQWEsRUFBRSxFQUFFLGVBQWUsRUFBRSxHQUFHLEVBQUU7SUFDdkMsZUFBZSxFQUFFLDhDQUE4QztDQUNoRSxDQUFDO0FBRUY7Ozs7O0dBS0c7QUFDSCxTQUFnQiwyQkFBMkIsQ0FDekMsS0FBZ0IsRUFDaEIsWUFBZ0MsRUFDaEMsVUFBeUM7SUFFekMsSUFBSSxJQUFBLDhCQUFjLEVBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztRQUMvQixPQUFPLElBQUksNEJBQWtCLENBQzNCLEtBQUssRUFDTCxHQUFHLFlBQVksc0JBQXNCLEVBQ3JDLEVBQUUsU0FBUyxFQUFFLFdBQVcsWUFBWSxnQkFBZ0IsRUFBRSxDQUN2RCxDQUFDLEdBQUcsQ0FBQztJQUNSLENBQUM7SUFDRCxJQUFJLElBQUEsK0JBQWUsRUFBQyxVQUFVLENBQUMsSUFBSSxVQUFVLEtBQUssU0FBUyxFQUFFLENBQUM7UUFDNUQsT0FBTyxTQUFTLENBQUM7SUFDbkIsQ0FBQztJQUNELE9BQU8sVUFBVSxDQUFDO0FBQ3BCLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFnQiw2QkFBNkIsQ0FDM0MsS0FBZ0IsRUFDaEIsWUFBZ0MsRUFDaEMsU0FBa0IsRUFDbEIsYUFBNEM7SUFFNUMsSUFBSSxTQUFTLElBQUksSUFBQSw4QkFBYyxFQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUM7UUFDL0MsT0FBTyxJQUFJLDRCQUFrQixDQUMzQixLQUFLLEVBQ0wsR0FBRyxZQUFZLHdCQUF3QixFQUN2QyxFQUFFLFNBQVMsRUFBRSxXQUFXLFlBQVksY0FBYyxFQUFFLENBQ3JELENBQUMsR0FBRyxDQUFDO0lBQ1IsQ0FBQztJQUNELE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRCx5RkFBeUY7QUFDekYsU0FBZ0IsdUJBQXVCLENBQ3JDLGdCQUE0RDtJQUs1RCxNQUFNLFNBQVMsR0FBRyxnQkFBZ0IsS0FBSyxLQUFLLENBQUM7SUFDN0MsTUFBTSxRQUFRLEdBQ1osU0FBUyxJQUFJLE9BQU8sZ0JBQWdCLEtBQUssUUFBUTtRQUMvQyxDQUFDLENBQUMsZ0JBQWdCO1FBQ2xCLENBQUMsQ0FBQyxTQUFTLENBQUM7SUFDaEIsT0FBTyxFQUFFLFNBQVMsRUFBRSxRQUFRLEVBQUUsQ0FBQztBQUNqQyxDQUFDO0FBRUQ7OztHQUdHO0FBQ0gsU0FBZ0IsMEJBQTBCLENBQUMsTUFTMUM7SUFDQyxNQUFNLGNBQWMsR0FBRyxNQUFNLENBQUMsaUJBQWlCLEVBQUUsY0FBYyxDQUFDO0lBQ2hFLE1BQU0sY0FBYyxHQUNsQixDQUFDLE9BQU8sY0FBYyxLQUFLLFFBQVE7UUFDakMsY0FBYyxFQUFFLGtCQUFrQixDQUFDO1FBQ3JDLHNCQUFRLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO0lBRXBCLE1BQU0sWUFBWSxHQUFHLElBQUksZ0JBQU0sQ0FDN0IsTUFBTSxDQUFDLEtBQUssRUFDWixHQUFHLE1BQU0sQ0FBQyxZQUFZLGNBQWMsRUFDcEM7UUFDRSxVQUFVLEVBQUUsK0JBQWMsQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDO0tBQ2hFLENBQ0YsQ0FBQztJQUVGLElBQUksbUNBQWMsQ0FBQyxNQUFNLENBQUMsS0FBSyxFQUFFLEdBQUcsTUFBTSxDQUFDLFlBQVksZ0JBQWdCLEVBQUU7UUFDdkUsV0FBVyxFQUFFLElBQUksOENBQXlCLENBQ3hDLE1BQU0sQ0FBQyxZQUFZLENBQUMsZUFBZSxFQUNuQywwQkFBWSxDQUFDLG9CQUFvQixFQUNqQyxFQUFFLFdBQVcsRUFBRSxJQUFJLEVBQUUsQ0FDdEI7UUFDRCxNQUFNLEVBQUUsTUFBTSxDQUFDLGNBQWM7UUFDN0IsWUFBWSxFQUFFLFlBQVksQ0FBQyxNQUFNO1FBQ2pDLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTTtRQUNyQixHQUFHLEVBQUUsTUFBTSxDQUFDLEdBQUc7UUFDZixrQkFBa0IsRUFBRSxjQUFjO0tBQ25DLENBQUMsQ0FBQztJQUVILE9BQU8sWUFBWSxDQUFDO0FBQ3RCLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBEdXJhdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHsgdHlwZSBJS2V5IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1rbXNcIjtcbmltcG9ydCB7IHR5cGUgSVZwYywgdHlwZSBJQ29ubmVjdGFibGUgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjMlwiO1xuaW1wb3J0IHsgdHlwZSBJU2VjcmV0IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zZWNyZXRzbWFuYWdlclwiO1xuaW1wb3J0IHtcbiAgU2VjcmV0Um90YXRpb24sXG4gIFNlY3JldFJvdGF0aW9uQXBwbGljYXRpb25cbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zZWNyZXRzbWFuYWdlclwiO1xuaW1wb3J0IHR5cGUgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHsgQ3VzdG9tZXJNYW5hZ2VkS2V5LCBTZWNyZXQgfSBmcm9tIFwiLi4vc2VjcmV0c1wiO1xuaW1wb3J0IHsgUmVzb3VyY2VOYW1pbmcgfSBmcm9tIFwiLi4vLi4vLi4vdXRpbHMvcmVzb3VyY2VOYW1pbmdcIjtcbmltcG9ydCB7IFJEU19ERUZBVUxUUyB9IGZyb20gXCIuL3Jkc0RlZmF1bHRzXCI7XG5pbXBvcnQge1xuICB0eXBlIERhdGFiYXNlSW5zaWdodHNDb25maWcsXG4gIHR5cGUgRW5naW5lQ29uZmlnLFxuICB0eXBlIEVuY3J5cHRpb25LZXlTcGVjLFxuICB0eXBlIENyZWRlbnRpYWxzQ29uZmlnLFxuICBpc0F3c01hbmFnZWRLZXksXG4gIGlzQ01LUmVxdWVzdGVkXG59IGZyb20gXCIuLi8uLi8uLi91dGlscy9kYXRhYmFzZVR5cGVzXCI7XG5cbi8qKiBEZWZhdWx0IFBvc3RncmVTUUwgZW5naW5lIGNvbmZpZ3VyYXRpb24gdXNlZCBieSBib3RoIEF1cm9yYSBhbmQgSW5zdGFuY2UgY29uc3RydWN0cy4gKi9cbmV4cG9ydCBjb25zdCBERUZBVUxUX1BPU1RHUkVTX0VOR0lORV9DT05GSUc6IEVuZ2luZUNvbmZpZyA9IHtcbiAgZGVmYXVsdFVzZXJuYW1lOiBcInBvc3RncmVzXCIsXG4gIHNzbFBhcmFtZXRlcnM6IHsgXCJyZHMuZm9yY2Vfc3NsXCI6IFwiMVwiIH0sXG4gIHJvdGF0aW9uQXBwTmFtZTogXCJTZWNyZXRzTWFuYWdlclJEU1Bvc3RncmVTUUxSb3RhdGlvbk11bHRpVXNlclwiXG59O1xuXG4vKipcbiAqIFJlc29sdmUgYSBzdG9yYWdlIGVuY3J5cHRpb24ga2V5IHNwZWMgaW50byBhbiBJS2V5IG9yIHVuZGVmaW5lZC5cbiAqIC0gQ01LIG1hcmtlciDihpIgY3JlYXRlcyBhIG5ldyBDdXN0b21lck1hbmFnZWRLZXlcbiAqIC0gQVdTIG1hbmFnZWQgLyB1bmRlZmluZWQg4oaSIHJldHVybnMgdW5kZWZpbmVkIChDREsgZGVmYXVsdClcbiAqIC0gSUtleSDihpIgcmV0dXJucyB0aGUga2V5IGFzLWlzXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiByZXNvbHZlU3RvcmFnZUVuY3J5cHRpb25LZXkoXG4gIHNjb3BlOiBDb25zdHJ1Y3QsXG4gIGRhdGFiYXNlTmFtZTogc3RyaW5nIHwgdW5kZWZpbmVkLFxuICBzdG9yYWdlS2V5OiBFbmNyeXB0aW9uS2V5U3BlYyB8IHVuZGVmaW5lZFxuKTogSUtleSB8IHVuZGVmaW5lZCB7XG4gIGlmIChpc0NNS1JlcXVlc3RlZChzdG9yYWdlS2V5KSkge1xuICAgIHJldHVybiBuZXcgQ3VzdG9tZXJNYW5hZ2VkS2V5KFxuICAgICAgc2NvcGUsXG4gICAgICBgJHtkYXRhYmFzZU5hbWV9Q2x1c3RlckVuY3J5cHRpb25LZXlgLFxuICAgICAgeyBhbGlhc05hbWU6IGBjbWsvcmRzLyR7ZGF0YWJhc2VOYW1lfS9lbmNyeXB0aW9uS2V5YCB9XG4gICAgKS5rZXk7XG4gIH1cbiAgaWYgKGlzQXdzTWFuYWdlZEtleShzdG9yYWdlS2V5KSB8fCBzdG9yYWdlS2V5ID09PSB1bmRlZmluZWQpIHtcbiAgICByZXR1cm4gdW5kZWZpbmVkO1xuICB9XG4gIHJldHVybiBzdG9yYWdlS2V5O1xufVxuXG4vKipcbiAqIFJlc29sdmUgYSBQZXJmb3JtYW5jZSBJbnNpZ2h0cyBlbmNyeXB0aW9uIGtleSBzcGVjIGludG8gYW4gSUtleSBvciB1bmRlZmluZWQuXG4gKiBPbmx5IGNyZWF0ZXMgYSBDTUsgd2hlbiBQSSBpcyBlbmFibGVkIGFuZCBDTUsgaXMgcmVxdWVzdGVkLlxuICovXG5leHBvcnQgZnVuY3Rpb24gcmVzb2x2ZVBlcmZvcm1hbmNlSW5zaWdodHNLZXkoXG4gIHNjb3BlOiBDb25zdHJ1Y3QsXG4gIGRhdGFiYXNlTmFtZTogc3RyaW5nIHwgdW5kZWZpbmVkLFxuICBwaUVuYWJsZWQ6IGJvb2xlYW4sXG4gIGVuY3J5cHRpb25LZXk6IEVuY3J5cHRpb25LZXlTcGVjIHwgdW5kZWZpbmVkXG4pOiBJS2V5IHwgdW5kZWZpbmVkIHtcbiAgaWYgKHBpRW5hYmxlZCAmJiBpc0NNS1JlcXVlc3RlZChlbmNyeXB0aW9uS2V5KSkge1xuICAgIHJldHVybiBuZXcgQ3VzdG9tZXJNYW5hZ2VkS2V5KFxuICAgICAgc2NvcGUsXG4gICAgICBgJHtkYXRhYmFzZU5hbWV9UGVyZm9ybWFuY2VJbnNpZ2h0c0tleWAsXG4gICAgICB7IGFsaWFzTmFtZTogYGNtay9yZHMvJHtkYXRhYmFzZU5hbWV9L0luc2lnaHRzS2V5YCB9XG4gICAgKS5rZXk7XG4gIH1cbiAgcmV0dXJuIHVuZGVmaW5lZDtcbn1cblxuLyoqIFJlc29sdmUgdGhlIGRhdGFiYXNlSW5zaWdodHMgcHJvcCBpbnRvIGFuIGVuYWJsZWQgZmxhZyBhbmQgb3B0aW9uYWwgY29uZmlnIG9iamVjdC4gKi9cbmV4cG9ydCBmdW5jdGlvbiByZXNvbHZlRGF0YWJhc2VJbnNpZ2h0cyhcbiAgZGF0YWJhc2VJbnNpZ2h0czogRGF0YWJhc2VJbnNpZ2h0c0NvbmZpZyB8IGZhbHNlIHwgdW5kZWZpbmVkXG4pOiB7XG4gIHBpRW5hYmxlZDogYm9vbGVhbjtcbiAgcGlDb25maWc6IERhdGFiYXNlSW5zaWdodHNDb25maWcgfCB1bmRlZmluZWQ7XG59IHtcbiAgY29uc3QgcGlFbmFibGVkID0gZGF0YWJhc2VJbnNpZ2h0cyAhPT0gZmFsc2U7XG4gIGNvbnN0IHBpQ29uZmlnID1cbiAgICBwaUVuYWJsZWQgJiYgdHlwZW9mIGRhdGFiYXNlSW5zaWdodHMgPT09IFwib2JqZWN0XCJcbiAgICAgID8gZGF0YWJhc2VJbnNpZ2h0c1xuICAgICAgOiB1bmRlZmluZWQ7XG4gIHJldHVybiB7IHBpRW5hYmxlZCwgcGlDb25maWcgfTtcbn1cblxuLyoqXG4gKiBBZGQgbXVsdGktdXNlciBzZWNyZXQgcm90YXRpb24gdG8gYSBkYXRhYmFzZSBjb25zdHJ1Y3QuXG4gKiBTaGFyZWQgYmV0d2VlbiBSZHNBdXJvcmEgYW5kIFJkc0luc3RhbmNlLlxuICovXG5leHBvcnQgZnVuY3Rpb24gYWRkTXVsdGlVc2VyU2VjcmV0Um90YXRpb24ocGFyYW1zOiB7XG4gIHNjb3BlOiBDb25zdHJ1Y3Q7XG4gIGRhdGFiYXNlTmFtZTogc3RyaW5nIHwgdW5kZWZpbmVkO1xuICBjb25zdHJ1Y3RJZDogc3RyaW5nO1xuICBlbmdpbmVDb25maWc6IEVuZ2luZUNvbmZpZztcbiAgY3JlZGVudGlhbHNDb25maWc6IENyZWRlbnRpYWxzQ29uZmlnIHwgdW5kZWZpbmVkO1xuICBkYXRhYmFzZVNlY3JldDogSVNlY3JldDtcbiAgdGFyZ2V0OiBJQ29ubmVjdGFibGU7XG4gIHZwYzogSVZwYztcbn0pOiBTZWNyZXQge1xuICBjb25zdCByb3RhdGlvbkNvbmZpZyA9IHBhcmFtcy5jcmVkZW50aWFsc0NvbmZpZz8uc2VjcmV0Um90YXRpb247XG4gIGNvbnN0IHJvdGF0aW9uUGVyaW9kID1cbiAgICAodHlwZW9mIHJvdGF0aW9uQ29uZmlnID09PSBcIm9iamVjdFwiICYmXG4gICAgICByb3RhdGlvbkNvbmZpZz8uYXV0b21hdGljYWxseUFmdGVyKSB8fFxuICAgIER1cmF0aW9uLmRheXMoMzApO1xuXG4gIGNvbnN0IG1hc3RlclNlY3JldCA9IG5ldyBTZWNyZXQoXG4gICAgcGFyYW1zLnNjb3BlLFxuICAgIGAke3BhcmFtcy5kYXRhYmFzZU5hbWV9TWFzdGVyU2VjcmV0YCxcbiAgICB7XG4gICAgICBzZWNyZXROYW1lOiBSZXNvdXJjZU5hbWluZy5tYXN0ZXJTZWNyZXROYW1lKHBhcmFtcy5jb25zdHJ1Y3RJZClcbiAgICB9XG4gICk7XG5cbiAgbmV3IFNlY3JldFJvdGF0aW9uKHBhcmFtcy5zY29wZSwgYCR7cGFyYW1zLmRhdGFiYXNlTmFtZX1TZWNyZXRSb3RhdGlvbmAsIHtcbiAgICBhcHBsaWNhdGlvbjogbmV3IFNlY3JldFJvdGF0aW9uQXBwbGljYXRpb24oXG4gICAgICBwYXJhbXMuZW5naW5lQ29uZmlnLnJvdGF0aW9uQXBwTmFtZSxcbiAgICAgIFJEU19ERUZBVUxUUy5ST1RBVElPTl9BUFBfVkVSU0lPTixcbiAgICAgIHsgaXNNdWx0aVVzZXI6IHRydWUgfVxuICAgICksXG4gICAgc2VjcmV0OiBwYXJhbXMuZGF0YWJhc2VTZWNyZXQsXG4gICAgbWFzdGVyU2VjcmV0OiBtYXN0ZXJTZWNyZXQuc2VjcmV0LFxuICAgIHRhcmdldDogcGFyYW1zLnRhcmdldCxcbiAgICB2cGM6IHBhcmFtcy52cGMsXG4gICAgYXV0b21hdGljYWxseUFmdGVyOiByb3RhdGlvblBlcmlvZFxuICB9KTtcblxuICByZXR1cm4gbWFzdGVyU2VjcmV0O1xufVxuIl19

package/dist/lib/resources/aws/database/rdsInstance.d.ts

@@ -3,9 +3,11 @@ import { Connections, type IConnectable, type IVpc } from "aws-cdk-lib/aws-ec2";
 import { type IInstanceEngine } from "aws-cdk-lib/aws-rds";
 import { Construct } from "constructs";
 import { SecurityGroup } from "../networking/securityGroup.js";
-import { Secret } from "../secrets";
-import { type StackBuilder } from "../base/awsStack";
-import { type EngineConfig, type ProxyConfig, type ReadReplicaConfig, type CredentialsConfig, type EncryptionConfig, type DatabaseInsightsConfig } from "../../../utils/databaseTypes";
+import { Secret } from "../secrets/index.js";
+import { type StackBuilder } from "../base/awsStack.js";
+import { type EngineConfig, type ProxyConfig, type ReadReplicaConfig, type CredentialsConfig, type EncryptionConfig, type DatabaseInsightsConfig } from "../../../utils/databaseTypes.js";
+import type { ITopic } from "aws-cdk-lib/aws-sns";
+import { type RdsAlarmThresholds } from "../monitoring/index.js";
 interface RdsProps {
     vpc: IVpc;
     databaseName?: string;
@@ -33,6 +35,12 @@ interface RdsProps {
     snapshotIdentifier?: string;
     /** Username from the snapshot (required when restoring from snapshot to reset password) */
     snapshotUsername?: string;
+    /** SNS topic for alarm notifications. Required for alarm creation. */
+    alertsTopic?: ITopic;
+    /** Alarm thresholds. false to disable, undefined for defaults, object to override. */
+    alarms?: RdsAlarmThresholds | false;
+    /** Application ID for alarm tagging. */
+    applicationId?: string;
 }
 export declare class RdsInstance extends Construct implements IConnectable {
     connections: Connections;

package/dist/lib/resources/aws/database/rdsInstance.js

@@ -1,29 +1,39 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RdsInstance = void 0;
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const aws_ec2_1 = require("aws-cdk-lib/aws-ec2");
-const aws_rds_1 = require("aws-cdk-lib/aws-rds");
-const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
-const aws_iam_1 = require("aws-cdk-lib/aws-iam");
-const constructs_1 = require("constructs");
-const securityGroup_js_1 = require("../networking/securityGroup.js");
-const secrets_1 = require("../secrets");
-const customResource_1 = require("../utilities/customResource");
-const _1 = require("./");
-const rdsDefaults_1 = require("./rdsDefaults");
-const rdsHelpers_1 = require("./rdsHelpers");
-const databaseTypes_1 = require("../../../utils/databaseTypes");
-const resourceNaming_1 = require("../../../utils/resourceNaming");
-const rdsProxyOutput_1 = require("./rdsProxyOutput");
-class RdsInstance extends constructs_1.Construct {
+import { Duration, RemovalPolicy } from "aws-cdk-lib";
+import { Connections, InstanceType, Port, SubnetType } from "aws-cdk-lib/aws-ec2";
+import { CaCertificate, Credentials, DatabaseInstance, DatabaseInstanceFromSnapshot, DatabaseInstanceEngine, DatabaseInstanceReadReplica, DatabaseProxy, ParameterGroup, PostgresEngineVersion, ProxyTarget, SnapshotCredentials, StorageType } from "aws-cdk-lib/aws-rds";
+import { Runtime } from "aws-cdk-lib/aws-lambda";
+import { PolicyStatement, Effect } from "aws-cdk-lib/aws-iam";
+import { Construct } from "constructs";
+import { SecurityGroup } from "../networking/securityGroup.js";
+import { CustomerManagedKey, Secret } from "../secrets/index.js";
+import { CustomResource } from "../utilities/customResource.js";
+import { getDatabaseInsightsRetention } from "./index.js";
+import { RDS_DEFAULTS } from "./rdsDefaults.js";
+import { DEFAULT_POSTGRES_ENGINE_CONFIG, resolveDatabaseInsights, resolveStorageEncryptionKey, resolvePerformanceInsightsKey, addMultiUserSecretRotation } from "./rdsHelpers.js";
+import { isCMKRequested } from "../../../utils/databaseTypes.js";
+import { ResourceNaming } from "../../../utils/resourceNaming.js";
+import { addProxyCfnOutput } from "./rdsProxyOutput.js";
+import { createRdsAlarms } from "../monitoring/index.js";
+export class RdsInstance extends Construct {
+    connections;
+    databaseSecurityGroup;
+    vpc;
+    port;
+    engineConfig;
+    databaseCredentials;
+    database;
+    masterSecret;
+    databaseProxy;
+    databaseProxySecurityGroup;
+    readReplicaSecurityGroup;
+    constructId;
     constructor(scope, id, props) {
         super(scope, id);
         this.constructId = id;
-        this.port = props.port || rdsDefaults_1.RDS_DEFAULTS.DEFAULT_PORT;
+        this.port = props.port || RDS_DEFAULTS.DEFAULT_PORT;
         this.vpc = props.vpc;
         // PostgreSQL fallback for direct usage - ensure engine and engineConfig match
-        this.engineConfig = props.engineConfig ?? rdsHelpers_1.DEFAULT_POSTGRES_ENGINE_CONFIG;
+        this.engineConfig = props.engineConfig ?? DEFAULT_POSTGRES_ENGINE_CONFIG;
         this.addDatabase(props);
         // Secret rotation enabled by default (opt-out with secretRotation: false)
         const secretRotationDisabled = props.credentials?.secretRotation === false;
@@ -36,14 +46,24 @@ class RdsInstance extends constructs_1.Construct {
         if (props.readReplica !== undefined && props.readReplica !== false) {
             this.addReadReplica(props);
         }
+        if (props.alertsTopic && props.alarms !== false) {
+            createRdsAlarms({
+                scope: this,
+                databaseName: this.constructId,
+                database: this.database,
+                config: typeof props.alarms === "object" ? props.alarms : {},
+                alarmTopic: props.alertsTopic,
+                applicationId: props.applicationId
+            });
+        }
     }
     addDatabase(props) {
         // Username priority: snapshotUsername > credentials.username > engine default
         const username = props.snapshotIdentifier && props.snapshotUsername
             ? props.snapshotUsername
             : (props.credentials?.username ?? this.engineConfig.defaultUsername);
-        this.databaseCredentials = new secrets_1.Secret(this, `${props.databaseName}Credentials`, {
-            secretName: resourceNaming_1.ResourceNaming.credentialsSecretName(this.constructId),
+        this.databaseCredentials = new Secret(this, `${props.databaseName}Credentials`, {
+            secretName: ResourceNaming.credentialsSecretName(this.constructId),
             generateSecretString: {
                 secretStringTemplate: JSON.stringify({
                     username
@@ -53,36 +73,36 @@ class RdsInstance extends constructs_1.Construct {
                 generateStringKey: "password"
             }
         });
-        this.databaseSecurityGroup = new securityGroup_js_1.SecurityGroup(this, `${props.databaseName}SecurityGroup`, {
+        this.databaseSecurityGroup = new SecurityGroup(this, `${props.databaseName}SecurityGroup`, {
             vpc: this.vpc,
             description: `Security group for RDS database instance ${props.databaseName}`
         });
         // Self-referencing rule for multi-AZ communication
-        this.databaseSecurityGroup.addIngressRule(this.databaseSecurityGroup, aws_ec2_1.Port.tcp(this.port));
-        this.connections = new aws_ec2_1.Connections({
+        this.databaseSecurityGroup.addIngressRule(this.databaseSecurityGroup, Port.tcp(this.port));
+        this.connections = new Connections({
             securityGroups: [this.databaseSecurityGroup],
-            defaultPort: aws_ec2_1.Port.tcp(this.port)
+            defaultPort: Port.tcp(this.port)
         });
-        const storageEncryptionKey = (0, rdsHelpers_1.resolveStorageEncryptionKey)(this, props.databaseName, props.encryption?.storageKey);
-        const { piEnabled, piConfig } = (0, rdsHelpers_1.resolveDatabaseInsights)(props.databaseInsights);
-        const performanceInsightsEncryptionKey = (0, rdsHelpers_1.resolvePerformanceInsightsKey)(this, props.databaseName, piEnabled, piConfig?.encryptionKey);
+        const storageEncryptionKey = resolveStorageEncryptionKey(this, props.databaseName, props.encryption?.storageKey);
+        const { piEnabled, piConfig } = resolveDatabaseInsights(props.databaseInsights);
+        const performanceInsightsEncryptionKey = resolvePerformanceInsightsKey(this, props.databaseName, piEnabled, piConfig?.encryptionKey);
         const diMode = piConfig?.mode ?? "standard";
         const performanceInsightsRetention = piEnabled
-            ? (0, _1.getDatabaseInsightsRetention)(diMode)
+            ? getDatabaseInsightsRetention(diMode)
             : undefined;
         const engine = props.engine ||
-            aws_rds_1.DatabaseInstanceEngine.postgres({
-                version: aws_rds_1.PostgresEngineVersion.VER_17_5
+            DatabaseInstanceEngine.postgres({
+                version: PostgresEngineVersion.VER_17_5
             });
-        const parameterGroup = new aws_rds_1.ParameterGroup(this, `${props.databaseName}ParameterGroup`, {
+        const parameterGroup = new ParameterGroup(this, `${props.databaseName}ParameterGroup`, {
             engine,
             description: `Parameter group for ${props.databaseName} with security defaults`,
             parameters: this.engineConfig.sslParameters
         });
         // Use PUBLIC subnet for publiclyAccessible databases (e.g., tinkerer tier without NAT)
         const subnetType = props.publiclyAccessible
-            ? aws_ec2_1.SubnetType.PUBLIC
-            : aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS;
+            ? SubnetType.PUBLIC
+            : SubnetType.PRIVATE_WITH_EGRESS;
         const commonInstanceProps = {
             vpc: this.vpc,
             vpcSubnets: {
@@ -92,50 +112,50 @@ class RdsInstance extends constructs_1.Construct {
             engine,
             parameterGroup,
             allocatedStorage: props.allocatedStorage,
-            backupRetention: props.backupRetention || aws_cdk_lib_1.Duration.days(14),
+            backupRetention: props.backupRetention || Duration.days(14),
             preferredBackupWindow: props.preferredBackupWindow || "02:00-03:00",
             storageEncrypted: true,
             storageEncryptionKey,
-            storageType: aws_rds_1.StorageType.GP3,
-            caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1,
-            removalPolicy: aws_cdk_lib_1.RemovalPolicy.SNAPSHOT,
+            storageType: StorageType.GP3,
+            caCertificate: CaCertificate.RDS_CA_RSA4096_G1,
+            removalPolicy: RemovalPolicy.SNAPSHOT,
             deleteAutomatedBackups: false,
             enablePerformanceInsights: piEnabled,
             performanceInsightEncryptionKey: performanceInsightsEncryptionKey,
             performanceInsightRetention: performanceInsightsRetention,
-            instanceIdentifier: resourceNaming_1.ResourceNaming.dbInstanceId(this.constructId),
+            instanceIdentifier: ResourceNaming.dbInstanceId(this.constructId),
             instanceType: props.instanceType
-                ? new aws_ec2_1.InstanceType(props.instanceType)
-                : new aws_ec2_1.InstanceType("t4g.large"),
+                ? new InstanceType(props.instanceType)
+                : new InstanceType("t4g.large"),
             maxAllocatedStorage: props.maxAllocatedStorage || 500,
-            monitoringInterval: props.monitoringInterval || rdsDefaults_1.RDS_DEFAULTS.MONITORING_INTERVAL,
+            monitoringInterval: props.monitoringInterval || RDS_DEFAULTS.MONITORING_INTERVAL,
             multiAz: props.multiAz !== false,
             port: this.port,
             deletionProtection: props.deletionProtection ?? true,
             preferredMaintenanceWindow: props.preferredMaintenanceWindow ||
-                rdsDefaults_1.RDS_DEFAULTS.PREFERRED_MAINTENANCE_WINDOW,
+                RDS_DEFAULTS.PREFERRED_MAINTENANCE_WINDOW,
             publiclyAccessible: props.publiclyAccessible ?? false
         };
         if (props.snapshotIdentifier) {
             // Create from snapshot
-            this.database = new aws_rds_1.DatabaseInstanceFromSnapshot(this, `${props.databaseName}Database`, {
+            this.database = new DatabaseInstanceFromSnapshot(this, `${props.databaseName}Database`, {
                 ...commonInstanceProps,
                 snapshotIdentifier: props.snapshotIdentifier,
                 // For snapshots, credentials are used to reset the password
-                credentials: aws_rds_1.SnapshotCredentials.fromSecret(this.databaseCredentials.secret)
+                credentials: SnapshotCredentials.fromSecret(this.databaseCredentials.secret)
             });
         }
         else {
             // Create new instance
-            this.database = new aws_rds_1.DatabaseInstance(this, `${props.databaseName}Database`, {
+            this.database = new DatabaseInstance(this, `${props.databaseName}Database`, {
                 ...commonInstanceProps,
                 databaseName: props.databaseName,
-                credentials: aws_rds_1.Credentials.fromSecret(this.databaseCredentials.secret)
+                credentials: Credentials.fromSecret(this.databaseCredentials.secret)
             });
         }
     }
     rotateSecret(props) {
-        this.masterSecret = (0, rdsHelpers_1.addMultiUserSecretRotation)({
+        this.masterSecret = addMultiUserSecretRotation({
             scope: this,
             databaseName: props.databaseName,
             constructId: this.constructId,
@@ -151,55 +171,55 @@ class RdsInstance extends constructs_1.Construct {
             return;
         const proxyConfig = props.proxy;
         const vpcSubnets = proxyConfig.vpcSubnets ?? {
-            subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS
+            subnetType: SubnetType.PRIVATE_WITH_EGRESS
         };
-        this.databaseProxySecurityGroup = new securityGroup_js_1.SecurityGroup(this, `${props.databaseName}ProxySecurityGroup`, {
+        this.databaseProxySecurityGroup = new SecurityGroup(this, `${props.databaseName}ProxySecurityGroup`, {
             vpc: this.vpc,
             description: `Security group for RDS Proxy for ${props.databaseName}`
         });
         // Allow proxy to connect to database
-        this.databaseSecurityGroup.addIngressRule(this.databaseProxySecurityGroup, aws_ec2_1.Port.tcp(this.port), "Allow RDS Proxy to connect to database");
-        this.databaseProxy = new aws_rds_1.DatabaseProxy(this, `${props.databaseName}DatabaseProxy`, {
-            dbProxyName: resourceNaming_1.ResourceNaming.proxyName(this.constructId),
-            proxyTarget: aws_rds_1.ProxyTarget.fromInstance(this.database),
+        this.databaseSecurityGroup.addIngressRule(this.databaseProxySecurityGroup, Port.tcp(this.port), "Allow RDS Proxy to connect to database");
+        this.databaseProxy = new DatabaseProxy(this, `${props.databaseName}DatabaseProxy`, {
+            dbProxyName: ResourceNaming.proxyName(this.constructId),
+            proxyTarget: ProxyTarget.fromInstance(this.database),
             secrets: [this.databaseCredentials.secret],
             securityGroups: [this.databaseProxySecurityGroup],
             vpc: this.vpc,
             vpcSubnets,
             requireTLS: proxyConfig.requireTLS ?? true,
             borrowTimeout: proxyConfig.connectionBorrowTimeout
-                ? aws_cdk_lib_1.Duration.seconds(proxyConfig.connectionBorrowTimeout)
-                : aws_cdk_lib_1.Duration.seconds(120),
+                ? Duration.seconds(proxyConfig.connectionBorrowTimeout)
+                : Duration.seconds(120),
             maxConnectionsPercent: proxyConfig.maxConnections,
             maxIdleConnectionsPercent: proxyConfig.maxIdleConnections
         });
-        (0, rdsProxyOutput_1.addProxyCfnOutput)(this, this.constructId, props.databaseName, this.databaseProxy);
+        addProxyCfnOutput(this, this.constructId, props.databaseName, this.databaseProxy);
     }
     addReadReplica(props) {
         if (!props.readReplica)
             return;
         const replicaConfig = props.readReplica;
         const replicaInstanceType = replicaConfig.instanceType ?? props.instanceType ?? "t4g.large";
-        const { piEnabled, piConfig } = (0, rdsHelpers_1.resolveDatabaseInsights)(props.databaseInsights);
-        const readReplicaPerformanceInsightsKey = piEnabled && (0, databaseTypes_1.isCMKRequested)(piConfig?.encryptionKey)
-            ? new secrets_1.CustomerManagedKey(this, `${props.databaseName}ReadReplicaReaderInsightsKey`, {
+        const { piEnabled, piConfig } = resolveDatabaseInsights(props.databaseInsights);
+        const readReplicaPerformanceInsightsKey = piEnabled && isCMKRequested(piConfig?.encryptionKey)
+            ? new CustomerManagedKey(this, `${props.databaseName}ReadReplicaReaderInsightsKey`, {
                 aliasName: `cmk/rds/${props.databaseName}/ReadReplicaInsightsKey`
             }).key
             : undefined;
-        this.readReplicaSecurityGroup = new securityGroup_js_1.SecurityGroup(this, `${props.databaseName}ReadReplicaSecurityGroup`, {
+        this.readReplicaSecurityGroup = new SecurityGroup(this, `${props.databaseName}ReadReplicaSecurityGroup`, {
             vpc: this.vpc,
             description: `Security group for RDS read replica of ${props.databaseName}`
         });
         // Allow primary database to replicate to read replica
-        this.readReplicaSecurityGroup.addIngressRule(this.databaseSecurityGroup, aws_ec2_1.Port.tcp(this.port), "Allow primary database to replicate to read replica");
+        this.readReplicaSecurityGroup.addIngressRule(this.databaseSecurityGroup, Port.tcp(this.port), "Allow primary database to replicate to read replica");
         // Deletion waiter ensures primary is "available" before CloudFormation deletes it.
         // When the read replica is deleted, the primary enters "modifying" state.
         // Without this waiter, the final snapshot creation fails.
-        const instanceId = resourceNaming_1.ResourceNaming.dbInstanceId(this.constructId);
-        const waiterTimeout = aws_cdk_lib_1.Duration.minutes(10);
-        const deletionWaiter = new customResource_1.CustomResource(this, `${props.databaseName}DeletionWaiter`, {
-            runtime: aws_lambda_1.Runtime.NODEJS_22_X,
-            timeout: waiterTimeout.plus(aws_cdk_lib_1.Duration.seconds(30)),
+        const instanceId = ResourceNaming.dbInstanceId(this.constructId);
+        const waiterTimeout = Duration.minutes(10);
+        const deletionWaiter = new CustomResource(this, `${props.databaseName}DeletionWaiter`, {
+            runtime: Runtime.NODEJS_22_X,
+            timeout: waiterTimeout.plus(Duration.seconds(30)),
             lambdaDescription: `${props.databaseName} deletion waiter`,
             inlineCode: `
 const { RDSClient } = require('@aws-sdk/client-rds');
@@ -234,8 +254,8 @@ exports.handler = async (event) => {
 };
         `,
             inlinePolicy: [
-                new aws_iam_1.PolicyStatement({
-                    effect: aws_iam_1.Effect.ALLOW,
+                new PolicyStatement({
+                    effect: Effect.ALLOW,
                     actions: ["rds:DescribeDBInstances"],
                     resources: ["*"]
                 })
@@ -246,34 +266,34 @@ exports.handler = async (event) => {
             }
         });
         deletionWaiter.resource.node.addDependency(this.database);
-        const readReplica = new aws_rds_1.DatabaseInstanceReadReplica(this, `${props.databaseName}ReadReplica`, {
+        const readReplica = new DatabaseInstanceReadReplica(this, `${props.databaseName}ReadReplica`, {
             sourceDatabaseInstance: this.database,
             vpc: this.vpc,
             vpcSubnets: {
-                subnetType: aws_ec2_1.SubnetType.PRIVATE_WITH_EGRESS
+                subnetType: SubnetType.PRIVATE_WITH_EGRESS
             },
             securityGroups: [this.readReplicaSecurityGroup],
             allocatedStorage: props.allocatedStorage,
             storageEncrypted: true,
-            storageType: aws_rds_1.StorageType.GP3,
-            caCertificate: aws_rds_1.CaCertificate.RDS_CA_RSA4096_G1,
-            removalPolicy: aws_cdk_lib_1.RemovalPolicy.DESTROY,
+            storageType: StorageType.GP3,
+            caCertificate: CaCertificate.RDS_CA_RSA4096_G1,
+            removalPolicy: RemovalPolicy.DESTROY,
             deleteAutomatedBackups: false,
             enablePerformanceInsights: piEnabled,
             performanceInsightEncryptionKey: readReplicaPerformanceInsightsKey,
             performanceInsightRetention: piEnabled
-                ? (0, _1.getDatabaseInsightsRetention)(piConfig?.mode ?? "standard")
+                ? getDatabaseInsightsRetention(piConfig?.mode ?? "standard")
                 : undefined,
-            instanceIdentifier: resourceNaming_1.ResourceNaming.readReplicaId(this.constructId),
-            instanceType: new aws_ec2_1.InstanceType(replicaInstanceType),
+            instanceIdentifier: ResourceNaming.readReplicaId(this.constructId),
+            instanceType: new InstanceType(replicaInstanceType),
             availabilityZone: replicaConfig.availabilityZone,
             maxAllocatedStorage: props.maxAllocatedStorage || 500,
-            monitoringInterval: props.monitoringInterval || rdsDefaults_1.RDS_DEFAULTS.MONITORING_INTERVAL,
+            monitoringInterval: props.monitoringInterval || RDS_DEFAULTS.MONITORING_INTERVAL,
             multiAz: props.multiAz !== false,
             port: this.port,
             deletionProtection: props.deletionProtection ?? true,
             preferredMaintenanceWindow: props.preferredMaintenanceWindow ||
-                rdsDefaults_1.RDS_DEFAULTS.PREFERRED_MAINTENANCE_WINDOW
+                RDS_DEFAULTS.PREFERRED_MAINTENANCE_WINDOW
         });
         readReplica.node.addDependency(deletionWaiter.resource);
     }
@@ -305,5 +325,3 @@ exports.handler = async (event) => {
         };
     }
 }
-exports.RdsInstance = RdsInstance;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmRzSW5zdGFuY2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9kYXRhYmFzZS9yZHNJbnN0YW5jZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBc0Q7QUFDdEQsaURBUTZCO0FBQzdCLGlEQWU2QjtBQUM3Qix1REFBaUQ7QUFDakQsaURBQThEO0FBQzlELDJDQUF1QztBQUN2QyxxRUFBK0Q7QUFDL0Qsd0NBQXdEO0FBQ3hELGdFQUE2RDtBQUU3RCx5QkFBa0Q7QUFDbEQsK0NBQTZDO0FBQzdDLDZDQU1zQjtBQUN0QixnRUFRc0M7QUFDdEMsa0VBQStEO0FBQy9ELHFEQUFxRDtBQStCckQsTUFBYSxXQUFZLFNBQVEsc0JBQVM7SUFnQnhDLFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBZTtRQUN2RCxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFDO1FBRWpCLElBQUksQ0FBQyxXQUFXLEdBQUcsRUFBRSxDQUFDO1FBQ3RCLElBQUksQ0FBQyxJQUFJLEdBQUcsS0FBSyxDQUFDLElBQUksSUFBSSwwQkFBWSxDQUFDLFlBQVksQ0FBQztRQUNwRCxJQUFJLENBQUMsR0FBRyxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUM7UUFFckIsOEVBQThFO1FBQzlFLElBQUksQ0FBQyxZQUFZLEdBQUcsS0FBSyxDQUFDLFlBQVksSUFBSSwyQ0FBOEIsQ0FBQztRQUV6RSxJQUFJLENBQUMsV0FBVyxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXhCLDBFQUEwRTtRQUMxRSxNQUFNLHNCQUFzQixHQUFHLEtBQUssQ0FBQyxXQUFXLEVBQUUsY0FBYyxLQUFLLEtBQUssQ0FBQztRQUMzRSxJQUFJLENBQUMsc0JBQXNCLEVBQUUsQ0FBQztZQUM1QixJQUFJLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQzNCLENBQUM7UUFFRCxJQUFJLEtBQUssQ0FBQyxLQUFLLEtBQUssU0FBUyxJQUFJLEtBQUssQ0FBQyxLQUFLLEtBQUssS0FBSyxFQUFFLENBQUM7WUFDdkQsSUFBSSxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUN2QixDQUFDO1FBRUQsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLFNBQVMsSUFBSSxLQUFLLENBQUMsV0FBVyxLQUFLLEtBQUssRUFBRSxDQUFDO1lBQ25FLElBQUksQ0FBQyxjQUFjLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDN0IsQ0FBQztJQUNILENBQUM7SUFFTyxXQUFXLENBQUMsS0FBZTtRQUNqQyw4RUFBOEU7UUFDOUUsTUFBTSxRQUFRLEdBQ1osS0FBSyxDQUFDLGtCQUFrQixJQUFJLEtBQUssQ0FBQyxnQkFBZ0I7WUFDaEQsQ0FBQyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0I7WUFDeEIsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxRQUFRLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUN6RSxJQUFJLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxnQkFBTSxDQUNuQyxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxhQUFhLEVBQ2xDO1lBQ0UsVUFBVSxFQUFFLCtCQUFjLENBQUMscUJBQXFCLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQztZQUNsRSxvQkFBb0IsRUFBRTtnQkFDcEIsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQztvQkFDbkMsUUFBUTtpQkFDVCxDQUFDO2dCQUNGLGtCQUFrQixFQUFFLElBQUk7Z0JBQ3hCLFlBQVksRUFBRSxLQUFLO2dCQUNuQixpQkFBaUIsRUFBRSxVQUFVO2FBQzlCO1NBQ0YsQ0FDRixDQUFDO1FBRUYsSUFBSSxDQUFDLHFCQUFxQixHQUFHLElBQUksZ0NBQWEsQ0FDNUMsSUFBSSxFQUNKLEdBQUcsS0FBSyxDQUFDLFlBQVksZUFBZSxFQUNwQztZQUNFLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztZQUNiLFdBQVcsRUFBRSw0Q0FBNEMsS0FBSyxDQUFDLFlBQVksRUFBRTtTQUM5RSxDQUNGLENBQUM7UUFFRixtREFBbUQ7UUFDbkQsSUFBSSxDQUFDLHFCQUFxQixDQUFDLGNBQWMsQ0FDdkMsSUFBSSxDQUFDLHFCQUFxQixFQUMxQixjQUFJLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FDcEIsQ0FBQztRQUVGLElBQUksQ0FBQyxXQUFXLEdBQUcsSUFBSSxxQkFBVyxDQUFDO1lBQ2pDLGNBQWMsRUFBRSxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQztZQUM1QyxXQUFXLEVBQUUsY0FBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDO1NBQ2pDLENBQUMsQ0FBQztRQUVILE1BQU0sb0JBQW9CLEdBQUcsSUFBQSx3Q0FBMkIsRUFDdEQsSUFBSSxFQUNKLEtBQUssQ0FBQyxZQUFZLEVBQ2xCLEtBQUssQ0FBQyxVQUFVLEVBQUUsVUFBVSxDQUM3QixDQUFDO1FBRUYsTUFBTSxFQUFFLFNBQVMsRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFBLG9DQUF1QixFQUNyRCxLQUFLLENBQUMsZ0JBQWdCLENBQ3ZCLENBQUM7UUFFRixNQUFNLGdDQUFnQyxHQUFHLElBQUEsMENBQTZCLEVBQ3BFLElBQUksRUFDSixLQUFLLENBQUMsWUFBWSxFQUNsQixTQUFTLEVBQ1QsUUFBUSxFQUFFLGFBQWEsQ0FDeEIsQ0FBQztRQUVGLE1BQU0sTUFBTSxHQUFHLFFBQVEsRUFBRSxJQUFJLElBQUksVUFBVSxDQUFDO1FBQzVDLE1BQU0sNEJBQTRCLEdBQUcsU0FBUztZQUM1QyxDQUFDLENBQUMsSUFBQSwrQkFBNEIsRUFBQyxNQUFNLENBQUM7WUFDdEMsQ0FBQyxDQUFDLFNBQVMsQ0FBQztRQUVkLE1BQU0sTUFBTSxHQUNWLEtBQUssQ0FBQyxNQUFNO1lBQ1osZ0NBQXNCLENBQUMsUUFBUSxDQUFDO2dCQUM5QixPQUFPLEVBQUUsK0JBQXFCLENBQUMsUUFBUTthQUN4QyxDQUFDLENBQUM7UUFFTCxNQUFNLGNBQWMsR0FBRyxJQUFJLHdCQUFjLENBQ3ZDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLGdCQUFnQixFQUNyQztZQUNFLE1BQU07WUFDTixXQUFXLEVBQUUsdUJBQXVCLEtBQUssQ0FBQyxZQUFZLHlCQUF5QjtZQUMvRSxVQUFVLEVBQUUsSUFBSSxDQUFDLFlBQVksQ0FBQyxhQUFhO1NBQzVDLENBQ0YsQ0FBQztRQUVGLHVGQUF1RjtRQUN2RixNQUFNLFVBQVUsR0FBRyxLQUFLLENBQUMsa0JBQWtCO1lBQ3pDLENBQUMsQ0FBQyxvQkFBVSxDQUFDLE1BQU07WUFDbkIsQ0FBQyxDQUFDLG9CQUFVLENBQUMsbUJBQW1CLENBQUM7UUFFbkMsTUFBTSxtQkFBbUIsR0FBRztZQUMxQixHQUFHLEVBQUUsSUFBSSxDQUFDLEdBQUc7WUFDYixVQUFVLEVBQUU7Z0JBQ1YsVUFBVTthQUNYO1lBQ0QsY0FBYyxFQUFFLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDO1lBQzVDLE1BQU07WUFDTixjQUFjO1lBQ2QsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLGdCQUFnQjtZQUN4QyxlQUFlLEVBQUUsS0FBSyxDQUFDLGVBQWUsSUFBSSxzQkFBUSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDM0QscUJBQXFCLEVBQUUsS0FBSyxDQUFDLHFCQUFxQixJQUFJLGFBQWE7WUFDbkUsZ0JBQWdCLEVBQUUsSUFBSTtZQUN0QixvQkFBb0I7WUFDcEIsV0FBVyxFQUFFLHFCQUFXLENBQUMsR0FBRztZQUM1QixhQUFhLEVBQUUsdUJBQWEsQ0FBQyxpQkFBaUI7WUFDOUMsYUFBYSxFQUFFLDJCQUFhLENBQUMsUUFBUTtZQUNyQyxzQkFBc0IsRUFBRSxLQUFLO1lBQzdCLHlCQUF5QixFQUFFLFNBQVM7WUFDcEMsK0JBQStCLEVBQUUsZ0NBQWdDO1lBQ2pFLDJCQUEyQixFQUFFLDRCQUE0QjtZQUN6RCxrQkFBa0IsRUFBRSwrQkFBYyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDO1lBQ2pFLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWTtnQkFDOUIsQ0FBQyxDQUFDLElBQUksc0JBQVksQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDO2dCQUN0QyxDQUFDLENBQUMsSUFBSSxzQkFBWSxDQUFDLFdBQVcsQ0FBQztZQUNqQyxtQkFBbUIsRUFBRSxLQUFLLENBQUMsbUJBQW1CLElBQUksR0FBRztZQUNyRCxrQkFBa0IsRUFDaEIsS0FBSyxDQUFDLGtCQUFrQixJQUFJLDBCQUFZLENBQUMsbUJBQW1CO1lBQzlELE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTyxLQUFLLEtBQUs7WUFDaEMsSUFBSSxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ2Ysa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQixJQUFJLElBQUk7WUFDcEQsMEJBQTBCLEVBQ3hCLEtBQUssQ0FBQywwQkFBMEI7Z0JBQ2hDLDBCQUFZLENBQUMsNEJBQTRCO1lBQzNDLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0IsSUFBSSxLQUFLO1NBQ3RELENBQUM7UUFFRixJQUFJLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxDQUFDO1lBQzdCLHVCQUF1QjtZQUN2QixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksc0NBQTRCLENBQzlDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLFVBQVUsRUFDL0I7Z0JBQ0UsR0FBRyxtQkFBbUI7Z0JBQ3RCLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0I7Z0JBQzVDLDREQUE0RDtnQkFDNUQsV0FBVyxFQUFFLDZCQUFtQixDQUFDLFVBQVUsQ0FDekMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sQ0FDaEM7YUFDRixDQUNGLENBQUM7UUFDSixDQUFDO2FBQU0sQ0FBQztZQUNOLHNCQUFzQjtZQUN0QixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksMEJBQWdCLENBQ2xDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLFVBQVUsRUFDL0I7Z0JBQ0UsR0FBRyxtQkFBbUI7Z0JBQ3RCLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWTtnQkFDaEMsV0FBVyxFQUFFLHFCQUFXLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxNQUFNLENBQUM7YUFDckUsQ0FDRixDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFTyxZQUFZLENBQUMsS0FBZTtRQUNsQyxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUEsdUNBQTBCLEVBQUM7WUFDN0MsS0FBSyxFQUFFLElBQUk7WUFDWCxZQUFZLEVBQUUsS0FBSyxDQUFDLFlBQVk7WUFDaEMsV0FBVyxFQUFFLElBQUksQ0FBQyxXQUFXO1lBQzdCLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWTtZQUMvQixpQkFBaUIsRUFBRSxLQUFLLENBQUMsV0FBVztZQUNwQyxjQUFjLEVBQUUsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU07WUFDL0MsTUFBTSxFQUFFLElBQUksQ0FBQyxRQUFRO1lBQ3JCLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztTQUNkLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTyxRQUFRLENBQUMsS0FBZTtRQUM5QixJQUFJLENBQUMsS0FBSyxDQUFDLEtBQUs7WUFBRSxPQUFPO1FBQ3pCLE1BQU0sV0FBVyxHQUFHLEtBQUssQ0FBQyxLQUFLLENBQUM7UUFDaEMsTUFBTSxVQUFVLEdBQW9CLFdBQVcsQ0FBQyxVQUFVLElBQUk7WUFDNUQsVUFBVSxFQUFFLG9CQUFVLENBQUMsbUJBQW1CO1NBQzNDLENBQUM7UUFFRixJQUFJLENBQUMsMEJBQTBCLEdBQUcsSUFBSSxnQ0FBYSxDQUNqRCxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxvQkFBb0IsRUFDekM7WUFDRSxHQUFHLEVBQUUsSUFBSSxDQUFDLEdBQUc7WUFDYixXQUFXLEVBQUUsb0NBQW9DLEtBQUssQ0FBQyxZQUFZLEVBQUU7U0FDdEUsQ0FDRixDQUFDO1FBRUYscUNBQXFDO1FBQ3JDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxjQUFjLENBQ3ZDLElBQUksQ0FBQywwQkFBMEIsRUFDL0IsY0FBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQ25CLHdDQUF3QyxDQUN6QyxDQUFDO1FBRUYsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLHVCQUFhLENBQ3BDLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLGVBQWUsRUFDcEM7WUFDRSxXQUFXLEVBQUUsK0JBQWMsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQztZQUN2RCxXQUFXLEVBQUUscUJBQVcsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQztZQUNwRCxPQUFPLEVBQUUsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsTUFBTSxDQUFDO1lBQzFDLGNBQWMsRUFBRSxDQUFDLElBQUksQ0FBQywwQkFBMEIsQ0FBQztZQUNqRCxHQUFHLEVBQUUsSUFBSSxDQUFDLEdBQUc7WUFDYixVQUFVO1lBQ1YsVUFBVSxFQUFFLFdBQVcsQ0FBQyxVQUFVLElBQUksSUFBSTtZQUMxQyxhQUFhLEVBQUUsV0FBVyxDQUFDLHVCQUF1QjtnQkFDaEQsQ0FBQyxDQUFDLHNCQUFRLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyx1QkFBdUIsQ0FBQztnQkFDdkQsQ0FBQyxDQUFDLHNCQUFRLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQztZQUN6QixxQkFBcUIsRUFBRSxXQUFXLENBQUMsY0FBYztZQUNqRCx5QkFBeUIsRUFBRSxXQUFXLENBQUMsa0JBQWtCO1NBQzFELENBQ0YsQ0FBQztRQUVGLElBQUEsa0NBQWlCLEVBQ2YsSUFBSSxFQUNKLElBQUksQ0FBQyxXQUFXLEVBQ2hCLEtBQUssQ0FBQyxZQUFZLEVBQ2xCLElBQUksQ0FBQyxhQUFhLENBQ25CLENBQUM7SUFDSixDQUFDO0lBRU8sY0FBYyxDQUFDLEtBQWU7UUFDcEMsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXO1lBQUUsT0FBTztRQUMvQixNQUFNLGFBQWEsR0FBRyxLQUFLLENBQUMsV0FBVyxDQUFDO1FBQ3hDLE1BQU0sbUJBQW1CLEdBQ3ZCLGFBQWEsQ0FBQyxZQUFZLElBQUksS0FBSyxDQUFDLFlBQVksSUFBSSxXQUFXLENBQUM7UUFFbEUsTUFBTSxFQUFFLFNBQVMsRUFBRSxRQUFRLEVBQUUsR0FBRyxJQUFBLG9DQUF1QixFQUNyRCxLQUFLLENBQUMsZ0JBQWdCLENBQ3ZCLENBQUM7UUFFRixNQUFNLGlDQUFpQyxHQUNyQyxTQUFTLElBQUksSUFBQSw4QkFBYyxFQUFDLFFBQVEsRUFBRSxhQUFhLENBQUM7WUFDbEQsQ0FBQyxDQUFDLElBQUksNEJBQWtCLENBQ3BCLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLDhCQUE4QixFQUNuRDtnQkFDRSxTQUFTLEVBQUUsV0FBVyxLQUFLLENBQUMsWUFBWSx5QkFBeUI7YUFDbEUsQ0FDRixDQUFDLEdBQUc7WUFDUCxDQUFDLENBQUMsU0FBUyxDQUFDO1FBRWhCLElBQUksQ0FBQyx3QkFBd0IsR0FBRyxJQUFJLGdDQUFhLENBQy9DLElBQUksRUFDSixHQUFHLEtBQUssQ0FBQyxZQUFZLDBCQUEwQixFQUMvQztZQUNFLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztZQUNiLFdBQVcsRUFBRSwwQ0FBMEMsS0FBSyxDQUFDLFlBQVksRUFBRTtTQUM1RSxDQUNGLENBQUM7UUFFRixzREFBc0Q7UUFDdEQsSUFBSSxDQUFDLHdCQUF3QixDQUFDLGNBQWMsQ0FDMUMsSUFBSSxDQUFDLHFCQUFxQixFQUMxQixjQUFJLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFDbkIscURBQXFELENBQ3RELENBQUM7UUFFRixtRkFBbUY7UUFDbkYsMEVBQTBFO1FBQzFFLDBEQUEwRDtRQUMxRCxNQUFNLFVBQVUsR0FBRywrQkFBYyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDakUsTUFBTSxhQUFhLEdBQUcsc0JBQVEsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDM0MsTUFBTSxjQUFjLEdBQUcsSUFBSSwrQkFBYyxDQUN2QyxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxnQkFBZ0IsRUFDckM7WUFDRSxPQUFPLEVBQUUsb0JBQU8sQ0FBQyxXQUFXO1lBQzVCLE9BQU8sRUFBRSxhQUFhLENBQUMsSUFBSSxDQUFDLHNCQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2pELGlCQUFpQixFQUFFLEdBQUcsS0FBSyxDQUFDLFlBQVksa0JBQWtCO1lBQzFELFVBQVUsRUFBRTs7Ozs7Ozs7Ozs7Ozs7aUNBY2EsYUFBYSxDQUFDLFNBQVMsRUFBRTs7Ozs7Ozs7Ozs7Ozs7Ozs7U0FpQmpEO1lBQ0QsWUFBWSxFQUFFO2dCQUNaLElBQUkseUJBQWUsQ0FBQztvQkFDbEIsTUFBTSxFQUFFLGdCQUFNLENBQUMsS0FBSztvQkFDcEIsT0FBTyxFQUFFLENBQUMseUJBQXlCLENBQUM7b0JBQ3BDLFNBQVMsRUFBRSxDQUFDLEdBQUcsQ0FBQztpQkFDakIsQ0FBQzthQUNIO1lBQ0QsVUFBVSxFQUFFO2dCQUNWLGtCQUFrQixFQUFFLFVBQVU7Z0JBQzlCLE9BQU8sRUFBRSxPQUFPO2FBQ2pCO1NBQ0YsQ0FDRixDQUFDO1FBRUYsY0FBYyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUUxRCxNQUFNLFdBQVcsR0FBRyxJQUFJLHFDQUEyQixDQUNqRCxJQUFJLEVBQ0osR0FBRyxLQUFLLENBQUMsWUFBWSxhQUFhLEVBQ2xDO1lBQ0Usc0JBQXNCLEVBQUUsSUFBSSxDQUFDLFFBQVE7WUFDckMsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHO1lBQ2IsVUFBVSxFQUFFO2dCQUNWLFVBQVUsRUFBRSxvQkFBVSxDQUFDLG1CQUFtQjthQUMzQztZQUNELGNBQWMsRUFBRSxDQUFDLElBQUksQ0FBQyx3QkFBd0IsQ0FBQztZQUMvQyxnQkFBZ0IsRUFBRSxLQUFLLENBQUMsZ0JBQWdCO1lBQ3hDLGdCQUFnQixFQUFFLElBQUk7WUFDdEIsV0FBVyxFQUFFLHFCQUFXLENBQUMsR0FBRztZQUM1QixhQUFhLEVBQUUsdUJBQWEsQ0FBQyxpQkFBaUI7WUFDOUMsYUFBYSxFQUFFLDJCQUFhLENBQUMsT0FBTztZQUNwQyxzQkFBc0IsRUFBRSxLQUFLO1lBQzdCLHlCQUF5QixFQUFFLFNBQVM7WUFDcEMsK0JBQStCLEVBQUUsaUNBQWlDO1lBQ2xFLDJCQUEyQixFQUFFLFNBQVM7Z0JBQ3BDLENBQUMsQ0FBQyxJQUFBLCtCQUE0QixFQUFDLFFBQVEsRUFBRSxJQUFJLElBQUksVUFBVSxDQUFDO2dCQUM1RCxDQUFDLENBQUMsU0FBUztZQUNiLGtCQUFrQixFQUFFLCtCQUFjLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUM7WUFDbEUsWUFBWSxFQUFFLElBQUksc0JBQVksQ0FBQyxtQkFBbUIsQ0FBQztZQUNuRCxnQkFBZ0IsRUFBRSxhQUFhLENBQUMsZ0JBQWdCO1lBQ2hELG1CQUFtQixFQUFFLEtBQUssQ0FBQyxtQkFBbUIsSUFBSSxHQUFHO1lBQ3JELGtCQUFrQixFQUNoQixLQUFLLENBQUMsa0JBQWtCLElBQUksMEJBQVksQ0FBQyxtQkFBbUI7WUFDOUQsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPLEtBQUssS0FBSztZQUNoQyxJQUFJLEVBQUUsSUFBSSxDQUFDLElBQUk7WUFDZixrQkFBa0IsRUFBRSxLQUFLLENBQUMsa0JBQWtCLElBQUksSUFBSTtZQUNwRCwwQkFBMEIsRUFDeEIsS0FBSyxDQUFDLDBCQUEwQjtnQkFDaEMsMEJBQVksQ0FBQyw0QkFBNEI7U0FDNUMsQ0FDRixDQUFDO1FBRUYsV0FBVyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsY0FBYyxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQzFELENBQUM7SUFFRCxlQUFlO1FBQ2IsSUFBSSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDdkIsT0FBTyxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQztRQUNyQyxDQUFDO2FBQU0sQ0FBQztZQUNOLE9BQU8sSUFBSSxDQUFDLFFBQVEsQ0FBQyx5QkFBeUIsQ0FBQztRQUNqRCxDQUFDO0lBQ0gsQ0FBQztJQUVELFdBQVc7UUFDVCxPQUFPLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDM0IsQ0FBQztJQUVELGNBQWM7UUFDWixPQUFPLElBQUksQ0FBQyxtQkFBbUIsQ0FBQztJQUNsQyxDQUFDO0lBRUQsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFVLEVBQUUsS0FBZTtRQUN0QyxPQUFPLENBQUMsRUFBZ0IsRUFBRSxFQUFFO1lBQzFCLE1BQU0sUUFBUSxHQUFhO2dCQUN6QixHQUFHLEtBQUs7Z0JBQ1IsR0FBRztvQkFDRCxHQUFHLEVBQUUsRUFBRSxDQUFDLFVBQVUsRUFBRSxJQUFJLEtBQUssQ0FBQyxHQUFHO29CQUNqQyxnQkFBZ0IsRUFBRSxLQUFLLEVBQUUsZ0JBQWdCLElBQUksRUFBRTtvQkFDL0MsWUFBWSxFQUFFLEtBQUssQ0FBQyxZQUFZLElBQUksR0FBRyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsRUFBRTtpQkFDL0Q7YUFDRixDQUFDO1lBRUYsT0FBTyxJQUFJLElBQUksQ0FBQyxFQUFFLENBQUMsUUFBUSxFQUFFLEVBQUUsRUFBRSxFQUFFLFFBQVEsQ0FBQyxDQUFDO1FBQy9DLENBQUMsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQXJhRCxrQ0FxYUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBEdXJhdGlvbiwgUmVtb3ZhbFBvbGljeSB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHtcbiAgQ29ubmVjdGlvbnMsXG4gIHR5cGUgSUNvbm5lY3RhYmxlLFxuICBJbnN0YW5jZVR5cGUsXG4gIHR5cGUgSVZwYyxcbiAgUG9ydCxcbiAgdHlwZSBTdWJuZXRTZWxlY3Rpb24sXG4gIFN1Ym5ldFR5cGVcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1lYzJcIjtcbmltcG9ydCB7XG4gIENhQ2VydGlmaWNhdGUsXG4gIENyZWRlbnRpYWxzLFxuICBEYXRhYmFzZUluc3RhbmNlLFxuICBEYXRhYmFzZUluc3RhbmNlRnJvbVNuYXBzaG90LFxuICBEYXRhYmFzZUluc3RhbmNlRW5naW5lLFxuICBEYXRhYmFzZUluc3RhbmNlUmVhZFJlcGxpY2EsXG4gIERhdGFiYXNlUHJveHksXG4gIHR5cGUgSURhdGFiYXNlSW5zdGFuY2UsXG4gIHR5cGUgSUluc3RhbmNlRW5naW5lLFxuICBQYXJhbWV0ZXJHcm91cCxcbiAgUG9zdGdyZXNFbmdpbmVWZXJzaW9uLFxuICBQcm94eVRhcmdldCxcbiAgU25hcHNob3RDcmVkZW50aWFscyxcbiAgU3RvcmFnZVR5cGVcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1yZHNcIjtcbmltcG9ydCB7IFJ1bnRpbWUgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWxhbWJkYVwiO1xuaW1wb3J0IHsgUG9saWN5U3RhdGVtZW50LCBFZmZlY3QgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcbmltcG9ydCB7IFNlY3VyaXR5R3JvdXAgfSBmcm9tIFwiLi4vbmV0d29ya2luZy9zZWN1cml0eUdyb3VwLmpzXCI7XG5pbXBvcnQgeyBDdXN0b21lck1hbmFnZWRLZXksIFNlY3JldCB9IGZyb20gXCIuLi9zZWNyZXRzXCI7XG5pbXBvcnQgeyBDdXN0b21SZXNvdXJjZSB9IGZyb20gXCIuLi91dGlsaXRpZXMvY3VzdG9tUmVzb3VyY2VcIjtcbmltcG9ydCB7IHR5cGUgU3RhY2tCdWlsZGVyIH0gZnJvbSBcIi4uL2Jhc2UvYXdzU3RhY2tcIjtcbmltcG9ydCB7IGdldERhdGFiYXNlSW5zaWdodHNSZXRlbnRpb24gfSBmcm9tIFwiLi9cIjtcbmltcG9ydCB7IFJEU19ERUZBVUxUUyB9IGZyb20gXCIuL3Jkc0RlZmF1bHRzXCI7XG5pbXBvcnQge1xuICBERUZBVUxUX1BPU1RHUkVTX0VOR0lORV9DT05GSUcsXG4gIHJlc29sdmVEYXRhYmFzZUluc2lnaHRzLFxuICByZXNvbHZlU3RvcmFnZUVuY3J5cHRpb25LZXksXG4gIHJlc29sdmVQZXJmb3JtYW5jZUluc2lnaHRzS2V5LFxuICBhZGRNdWx0aVVzZXJTZWNyZXRSb3RhdGlvblxufSBmcm9tIFwiLi9yZHNIZWxwZXJzXCI7XG5pbXBvcnQge1xuICB0eXBlIEVuZ2luZUNvbmZpZyxcbiAgdHlwZSBQcm94eUNvbmZpZyxcbiAgdHlwZSBSZWFkUmVwbGljYUNvbmZpZyxcbiAgdHlwZSBDcmVkZW50aWFsc0NvbmZpZyxcbiAgdHlwZSBFbmNyeXB0aW9uQ29uZmlnLFxuICB0eXBlIERhdGFiYXNlSW5zaWdodHNDb25maWcsXG4gIGlzQ01LUmVxdWVzdGVkXG59IGZyb20gXCIuLi8uLi8uLi91dGlscy9kYXRhYmFzZVR5cGVzXCI7XG5pbXBvcnQgeyBSZXNvdXJjZU5hbWluZyB9IGZyb20gXCIuLi8uLi8uLi91dGlscy9yZXNvdXJjZU5hbWluZ1wiO1xuaW1wb3J0IHsgYWRkUHJveHlDZm5PdXRwdXQgfSBmcm9tIFwiLi9yZHNQcm94eU91dHB1dFwiO1xuXG5pbnRlcmZhY2UgUmRzUHJvcHMge1xuICB2cGM6IElWcGM7XG4gIGRhdGFiYXNlTmFtZT86IHN0cmluZztcbiAgZW5naW5lPzogSUluc3RhbmNlRW5naW5lO1xuICBlbmdpbmVDb25maWc/OiBFbmdpbmVDb25maWc7XG4gIGluc3RhbmNlVHlwZT86IHN0cmluZztcbiAgbWF4QWxsb2NhdGVkU3RvcmFnZT86IG51bWJlcjtcbiAgYWxsb2NhdGVkU3RvcmFnZT86IG51bWJlcjtcbiAgYmFja3VwUmV0ZW50aW9uPzogRHVyYXRpb247XG4gIHByZWZlcnJlZEJhY2t1cFdpbmRvdz86IHN0cmluZztcbiAgY2x1c3RlcklkZW50aWZpZXI/OiBzdHJpbmc7XG4gIG1vbml0b3JpbmdJbnRlcnZhbD86IER1cmF0aW9uO1xuICBwcmVmZXJyZWRNYWludGVuYW5jZVdpbmRvdz86IHN0cmluZztcbiAgcG9ydD86IG51bWJlcjtcbiAgZGF0YWJhc2VJbnNpZ2h0cz86IERhdGFiYXNlSW5zaWdodHNDb25maWcgfCBmYWxzZTtcbiAgc2VjdXJpdHlHcm91cElkcz86IHN0cmluZ1tdO1xuICBtdWx0aUF6PzogYm9vbGVhbjtcbiAgcHJveHk/OiBQcm94eUNvbmZpZyB8IGZhbHNlO1xuICByZWFkUmVwbGljYT86IFJlYWRSZXBsaWNhQ29uZmlnIHwgZmFsc2U7XG4gIGNyZWRlbnRpYWxzPzogQ3JlZGVudGlhbHNDb25maWc7XG4gIGVuY3J5cHRpb24/OiBFbmNyeXB0aW9uQ29uZmlnO1xuICBwdWJsaWNseUFjY2Vzc2libGU/OiBib29sZWFuO1xuICBkZWxldGlvblByb3RlY3Rpb24/OiBib29sZWFuO1xuICAvKiogQVJOIG9yIGlkZW50aWZpZXIgb2YgREIgaW5zdGFuY2Ugc25hcHNob3QgdG8gcmVzdG9yZSBmcm9tICovXG4gIHNuYXBzaG90SWRlbnRpZmllcj86IHN0cmluZztcbiAgLyoqIFVzZXJuYW1lIGZyb20gdGhlIHNuYXBzaG90IChyZXF1aXJlZCB3aGVuIHJlc3RvcmluZyBmcm9tIHNuYXBzaG90IHRvIHJlc2V0IHBhc3N3b3JkKSAqL1xuICBzbmFwc2hvdFVzZXJuYW1lPzogc3RyaW5nO1xufVxuXG5leHBvcnQgY2xhc3MgUmRzSW5zdGFuY2UgZXh0ZW5kcyBDb25zdHJ1Y3QgaW1wbGVtZW50cyBJQ29ubmVjdGFibGUge1xuICBwdWJsaWMgY29ubmVjdGlvbnMhOiBDb25uZWN0aW9ucztcbiAgcHVibGljIGRhdGFiYXNlU2VjdXJpdHlHcm91cCE6IFNlY3VyaXR5R3JvdXA7XG4gIHB1YmxpYyB2cGMhOiBJVnBjO1xuXG4gIHByaXZhdGUgcG9ydCE6IG51bWJlcjtcbiAgcHJpdmF0ZSBlbmdpbmVDb25maWchOiBFbmdpbmVDb25maWc7XG4gIHByaXZhdGUgZGF0YWJhc2VDcmVkZW50aWFscyE6IFNlY3JldDtcbiAgcHJpdmF0ZSBkYXRhYmFzZSE6IElEYXRhYmFzZUluc3RhbmNlO1xuICBwcml2YXRlIG1hc3RlclNlY3JldD86IFNlY3JldDtcbiAgcHJpdmF0ZSBkYXRhYmFzZVByb3h5PzogRGF0YWJhc2VQcm94eTtcbiAgcHJpdmF0ZSBkYXRhYmFzZVByb3h5U2VjdXJpdHlHcm91cD86IFNlY3VyaXR5R3JvdXA7XG4gIHByaXZhdGUgcmVhZFJlcGxpY2FTZWN1cml0eUdyb3VwPzogU2VjdXJpdHlHcm91cDtcblxuICBwcml2YXRlIHJlYWRvbmx5IGNvbnN0cnVjdElkOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IENvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFJkc1Byb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKTtcblxuICAgIHRoaXMuY29uc3RydWN0SWQgPSBpZDtcbiAgICB0aGlzLnBvcnQgPSBwcm9wcy5wb3J0IHx8IFJEU19ERUZBVUxUUy5ERUZBVUxUX1BPUlQ7XG4gICAgdGhpcy52cGMgPSBwcm9wcy52cGM7XG5cbiAgICAvLyBQb3N0Z3JlU1FMIGZhbGxiYWNrIGZvciBkaXJlY3QgdXNhZ2UgLSBlbnN1cmUgZW5naW5lIGFuZCBlbmdpbmVDb25maWcgbWF0Y2hcbiAgICB0aGlzLmVuZ2luZUNvbmZpZyA9IHByb3BzLmVuZ2luZUNvbmZpZyA/PyBERUZBVUxUX1BPU1RHUkVTX0VOR0lORV9DT05GSUc7XG5cbiAgICB0aGlzLmFkZERhdGFiYXNlKHByb3BzKTtcblxuICAgIC8vIFNlY3JldCByb3RhdGlvbiBlbmFibGVkIGJ5IGRlZmF1bHQgKG9wdC1vdXQgd2l0aCBzZWNyZXRSb3RhdGlvbjogZmFsc2UpXG4gICAgY29uc3Qgc2VjcmV0Um90YXRpb25EaXNhYmxlZCA9IHByb3BzLmNyZWRlbnRpYWxzPy5zZWNyZXRSb3RhdGlvbiA9PT0gZmFsc2U7XG4gICAgaWYgKCFzZWNyZXRSb3RhdGlvbkRpc2FibGVkKSB7XG4gICAgICB0aGlzLnJvdGF0ZVNlY3JldChwcm9wcyk7XG4gICAgfVxuXG4gICAgaWYgKHByb3BzLnByb3h5ICE9PSB1bmRlZmluZWQgJiYgcHJvcHMucHJveHkgIT09IGZhbHNlKSB7XG4gICAgICB0aGlzLmFkZFByb3h5KHByb3BzKTtcbiAgICB9XG5cbiAgICBpZiAocHJvcHMucmVhZFJlcGxpY2EgIT09IHVuZGVmaW5lZCAmJiBwcm9wcy5yZWFkUmVwbGljYSAhPT0gZmFsc2UpIHtcbiAgICAgIHRoaXMuYWRkUmVhZFJlcGxpY2EocHJvcHMpO1xuICAgIH1cbiAgfVxuXG4gIHByaXZhdGUgYWRkRGF0YWJhc2UocHJvcHM6IFJkc1Byb3BzKSB7XG4gICAgLy8gVXNlcm5hbWUgcHJpb3JpdHk6IHNuYXBzaG90VXNlcm5hbWUgPiBjcmVkZW50aWFscy51c2VybmFtZSA+IGVuZ2luZSBkZWZhdWx0XG4gICAgY29uc3QgdXNlcm5hbWUgPVxuICAgICAgcHJvcHMuc25hcHNob3RJZGVudGlmaWVyICYmIHByb3BzLnNuYXBzaG90VXNlcm5hbWVcbiAgICAgICAgPyBwcm9wcy5zbmFwc2hvdFVzZXJuYW1lXG4gICAgICAgIDogKHByb3BzLmNyZWRlbnRpYWxzPy51c2VybmFtZSA/PyB0aGlzLmVuZ2luZUNvbmZpZy5kZWZhdWx0VXNlcm5hbWUpO1xuICAgIHRoaXMuZGF0YWJhc2VDcmVkZW50aWFscyA9IG5ldyBTZWNyZXQoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfUNyZWRlbnRpYWxzYCxcbiAgICAgIHtcbiAgICAgICAgc2VjcmV0TmFtZTogUmVzb3VyY2VOYW1pbmcuY3JlZGVudGlhbHNTZWNyZXROYW1lKHRoaXMuY29uc3RydWN0SWQpLFxuICAgICAgICBnZW5lcmF0ZVNlY3JldFN0cmluZzoge1xuICAgICAgICAgIHNlY3JldFN0cmluZ1RlbXBsYXRlOiBKU09OLnN0cmluZ2lmeSh7XG4gICAgICAgICAgICB1c2VybmFtZVxuICAgICAgICAgIH0pLFxuICAgICAgICAgIGV4Y2x1ZGVQdW5jdHVhdGlvbjogdHJ1ZSxcbiAgICAgICAgICBpbmNsdWRlU3BhY2U6IGZhbHNlLFxuICAgICAgICAgIGdlbmVyYXRlU3RyaW5nS2V5OiBcInBhc3N3b3JkXCJcbiAgICAgICAgfVxuICAgICAgfVxuICAgICk7XG5cbiAgICB0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cCA9IG5ldyBTZWN1cml0eUdyb3VwKFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1TZWN1cml0eUdyb3VwYCxcbiAgICAgIHtcbiAgICAgICAgdnBjOiB0aGlzLnZwYyxcbiAgICAgICAgZGVzY3JpcHRpb246IGBTZWN1cml0eSBncm91cCBmb3IgUkRTIGRhdGFiYXNlIGluc3RhbmNlICR7cHJvcHMuZGF0YWJhc2VOYW1lfWBcbiAgICAgIH1cbiAgICApO1xuXG4gICAgLy8gU2VsZi1yZWZlcmVuY2luZyBydWxlIGZvciBtdWx0aS1BWiBjb21tdW5pY2F0aW9uXG4gICAgdGhpcy5kYXRhYmFzZVNlY3VyaXR5R3JvdXAuYWRkSW5ncmVzc1J1bGUoXG4gICAgICB0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cCxcbiAgICAgIFBvcnQudGNwKHRoaXMucG9ydClcbiAgICApO1xuXG4gICAgdGhpcy5jb25uZWN0aW9ucyA9IG5ldyBDb25uZWN0aW9ucyh7XG4gICAgICBzZWN1cml0eUdyb3VwczogW3RoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwXSxcbiAgICAgIGRlZmF1bHRQb3J0OiBQb3J0LnRjcCh0aGlzLnBvcnQpXG4gICAgfSk7XG5cbiAgICBjb25zdCBzdG9yYWdlRW5jcnlwdGlvbktleSA9IHJlc29sdmVTdG9yYWdlRW5jcnlwdGlvbktleShcbiAgICAgIHRoaXMsXG4gICAgICBwcm9wcy5kYXRhYmFzZU5hbWUsXG4gICAgICBwcm9wcy5lbmNyeXB0aW9uPy5zdG9yYWdlS2V5XG4gICAgKTtcblxuICAgIGNvbnN0IHsgcGlFbmFibGVkLCBwaUNvbmZpZyB9ID0gcmVzb2x2ZURhdGFiYXNlSW5zaWdodHMoXG4gICAgICBwcm9wcy5kYXRhYmFzZUluc2lnaHRzXG4gICAgKTtcblxuICAgIGNvbnN0IHBlcmZvcm1hbmNlSW5zaWdodHNFbmNyeXB0aW9uS2V5ID0gcmVzb2x2ZVBlcmZvcm1hbmNlSW5zaWdodHNLZXkoXG4gICAgICB0aGlzLFxuICAgICAgcHJvcHMuZGF0YWJhc2VOYW1lLFxuICAgICAgcGlFbmFibGVkLFxuICAgICAgcGlDb25maWc/LmVuY3J5cHRpb25LZXlcbiAgICApO1xuXG4gICAgY29uc3QgZGlNb2RlID0gcGlDb25maWc/Lm1vZGUgPz8gXCJzdGFuZGFyZFwiO1xuICAgIGNvbnN0IHBlcmZvcm1hbmNlSW5zaWdodHNSZXRlbnRpb24gPSBwaUVuYWJsZWRcbiAgICAgID8gZ2V0RGF0YWJhc2VJbnNpZ2h0c1JldGVudGlvbihkaU1vZGUpXG4gICAgICA6IHVuZGVmaW5lZDtcblxuICAgIGNvbnN0IGVuZ2luZSA9XG4gICAgICBwcm9wcy5lbmdpbmUgfHxcbiAgICAgIERhdGFiYXNlSW5zdGFuY2VFbmdpbmUucG9zdGdyZXMoe1xuICAgICAgICB2ZXJzaW9uOiBQb3N0Z3Jlc0VuZ2luZVZlcnNpb24uVkVSXzE3XzVcbiAgICAgIH0pO1xuXG4gICAgY29uc3QgcGFyYW1ldGVyR3JvdXAgPSBuZXcgUGFyYW1ldGVyR3JvdXAoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVBhcmFtZXRlckdyb3VwYCxcbiAgICAgIHtcbiAgICAgICAgZW5naW5lLFxuICAgICAgICBkZXNjcmlwdGlvbjogYFBhcmFtZXRlciBncm91cCBmb3IgJHtwcm9wcy5kYXRhYmFzZU5hbWV9IHdpdGggc2VjdXJpdHkgZGVmYXVsdHNgLFxuICAgICAgICBwYXJhbWV0ZXJzOiB0aGlzLmVuZ2luZUNvbmZpZy5zc2xQYXJhbWV0ZXJzXG4gICAgICB9XG4gICAgKTtcblxuICAgIC8vIFVzZSBQVUJMSUMgc3VibmV0IGZvciBwdWJsaWNseUFjY2Vzc2libGUgZGF0YWJhc2VzIChlLmcuLCB0aW5rZXJlciB0aWVyIHdpdGhvdXQgTkFUKVxuICAgIGNvbnN0IHN1Ym5ldFR5cGUgPSBwcm9wcy5wdWJsaWNseUFjY2Vzc2libGVcbiAgICAgID8gU3VibmV0VHlwZS5QVUJMSUNcbiAgICAgIDogU3VibmV0VHlwZS5QUklWQVRFX1dJVEhfRUdSRVNTO1xuXG4gICAgY29uc3QgY29tbW9uSW5zdGFuY2VQcm9wcyA9IHtcbiAgICAgIHZwYzogdGhpcy52cGMsXG4gICAgICB2cGNTdWJuZXRzOiB7XG4gICAgICAgIHN1Ym5ldFR5cGVcbiAgICAgIH0sXG4gICAgICBzZWN1cml0eUdyb3VwczogW3RoaXMuZGF0YWJhc2VTZWN1cml0eUdyb3VwXSxcbiAgICAgIGVuZ2luZSxcbiAgICAgIHBhcmFtZXRlckdyb3VwLFxuICAgICAgYWxsb2NhdGVkU3RvcmFnZTogcHJvcHMuYWxsb2NhdGVkU3RvcmFnZSxcbiAgICAgIGJhY2t1cFJldGVudGlvbjogcHJvcHMuYmFja3VwUmV0ZW50aW9uIHx8IER1cmF0aW9uLmRheXMoMTQpLFxuICAgICAgcHJlZmVycmVkQmFja3VwV2luZG93OiBwcm9wcy5wcmVmZXJyZWRCYWNrdXBXaW5kb3cgfHwgXCIwMjowMC0wMzowMFwiLFxuICAgICAgc3RvcmFnZUVuY3J5cHRlZDogdHJ1ZSxcbiAgICAgIHN0b3JhZ2VFbmNyeXB0aW9uS2V5LFxuICAgICAgc3RvcmFnZVR5cGU6IFN0b3JhZ2VUeXBlLkdQMyxcbiAgICAgIGNhQ2VydGlmaWNhdGU6IENhQ2VydGlmaWNhdGUuUkRTX0NBX1JTQTQwOTZfRzEsXG4gICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LlNOQVBTSE9ULFxuICAgICAgZGVsZXRlQXV0b21hdGVkQmFja3VwczogZmFsc2UsXG4gICAgICBlbmFibGVQZXJmb3JtYW5jZUluc2lnaHRzOiBwaUVuYWJsZWQsXG4gICAgICBwZXJmb3JtYW5jZUluc2lnaHRFbmNyeXB0aW9uS2V5OiBwZXJmb3JtYW5jZUluc2lnaHRzRW5jcnlwdGlvbktleSxcbiAgICAgIHBlcmZvcm1hbmNlSW5zaWdodFJldGVudGlvbjogcGVyZm9ybWFuY2VJbnNpZ2h0c1JldGVudGlvbixcbiAgICAgIGluc3RhbmNlSWRlbnRpZmllcjogUmVzb3VyY2VOYW1pbmcuZGJJbnN0YW5jZUlkKHRoaXMuY29uc3RydWN0SWQpLFxuICAgICAgaW5zdGFuY2VUeXBlOiBwcm9wcy5pbnN0YW5jZVR5cGVcbiAgICAgICAgPyBuZXcgSW5zdGFuY2VUeXBlKHByb3BzLmluc3RhbmNlVHlwZSlcbiAgICAgICAgOiBuZXcgSW5zdGFuY2VUeXBlKFwidDRnLmxhcmdlXCIpLFxuICAgICAgbWF4QWxsb2NhdGVkU3RvcmFnZTogcHJvcHMubWF4QWxsb2NhdGVkU3RvcmFnZSB8fCA1MDAsXG4gICAgICBtb25pdG9yaW5nSW50ZXJ2YWw6XG4gICAgICAgIHByb3BzLm1vbml0b3JpbmdJbnRlcnZhbCB8fCBSRFNfREVGQVVMVFMuTU9OSVRPUklOR19JTlRFUlZBTCxcbiAgICAgIG11bHRpQXo6IHByb3BzLm11bHRpQXogIT09IGZhbHNlLFxuICAgICAgcG9ydDogdGhpcy5wb3J0LFxuICAgICAgZGVsZXRpb25Qcm90ZWN0aW9uOiBwcm9wcy5kZWxldGlvblByb3RlY3Rpb24gPz8gdHJ1ZSxcbiAgICAgIHByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93OlxuICAgICAgICBwcm9wcy5wcmVmZXJyZWRNYWludGVuYW5jZVdpbmRvdyB8fFxuICAgICAgICBSRFNfREVGQVVMVFMuUFJFRkVSUkVEX01BSU5URU5BTkNFX1dJTkRPVyxcbiAgICAgIHB1YmxpY2x5QWNjZXNzaWJsZTogcHJvcHMucHVibGljbHlBY2Nlc3NpYmxlID8/IGZhbHNlXG4gICAgfTtcblxuICAgIGlmIChwcm9wcy5zbmFwc2hvdElkZW50aWZpZXIpIHtcbiAgICAgIC8vIENyZWF0ZSBmcm9tIHNuYXBzaG90XG4gICAgICB0aGlzLmRhdGFiYXNlID0gbmV3IERhdGFiYXNlSW5zdGFuY2VGcm9tU25hcHNob3QoXG4gICAgICAgIHRoaXMsXG4gICAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EYXRhYmFzZWAsXG4gICAgICAgIHtcbiAgICAgICAgICAuLi5jb21tb25JbnN0YW5jZVByb3BzLFxuICAgICAgICAgIHNuYXBzaG90SWRlbnRpZmllcjogcHJvcHMuc25hcHNob3RJZGVudGlmaWVyLFxuICAgICAgICAgIC8vIEZvciBzbmFwc2hvdHMsIGNyZWRlbnRpYWxzIGFyZSB1c2VkIHRvIHJlc2V0IHRoZSBwYXNzd29yZFxuICAgICAgICAgIGNyZWRlbnRpYWxzOiBTbmFwc2hvdENyZWRlbnRpYWxzLmZyb21TZWNyZXQoXG4gICAgICAgICAgICB0aGlzLmRhdGFiYXNlQ3JlZGVudGlhbHMuc2VjcmV0XG4gICAgICAgICAgKVxuICAgICAgICB9XG4gICAgICApO1xuICAgIH0gZWxzZSB7XG4gICAgICAvLyBDcmVhdGUgbmV3IGluc3RhbmNlXG4gICAgICB0aGlzLmRhdGFiYXNlID0gbmV3IERhdGFiYXNlSW5zdGFuY2UoXG4gICAgICAgIHRoaXMsXG4gICAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EYXRhYmFzZWAsXG4gICAgICAgIHtcbiAgICAgICAgICAuLi5jb21tb25JbnN0YW5jZVByb3BzLFxuICAgICAgICAgIGRhdGFiYXNlTmFtZTogcHJvcHMuZGF0YWJhc2VOYW1lLFxuICAgICAgICAgIGNyZWRlbnRpYWxzOiBDcmVkZW50aWFscy5mcm9tU2VjcmV0KHRoaXMuZGF0YWJhc2VDcmVkZW50aWFscy5zZWNyZXQpXG4gICAgICAgIH1cbiAgICAgICk7XG4gICAgfVxuICB9XG5cbiAgcHJpdmF0ZSByb3RhdGVTZWNyZXQocHJvcHM6IFJkc1Byb3BzKSB7XG4gICAgdGhpcy5tYXN0ZXJTZWNyZXQgPSBhZGRNdWx0aVVzZXJTZWNyZXRSb3RhdGlvbih7XG4gICAgICBzY29wZTogdGhpcyxcbiAgICAgIGRhdGFiYXNlTmFtZTogcHJvcHMuZGF0YWJhc2VOYW1lLFxuICAgICAgY29uc3RydWN0SWQ6IHRoaXMuY29uc3RydWN0SWQsXG4gICAgICBlbmdpbmVDb25maWc6IHRoaXMuZW5naW5lQ29uZmlnLFxuICAgICAgY3JlZGVudGlhbHNDb25maWc6IHByb3BzLmNyZWRlbnRpYWxzLFxuICAgICAgZGF0YWJhc2VTZWNyZXQ6IHRoaXMuZGF0YWJhc2VDcmVkZW50aWFscy5zZWNyZXQsXG4gICAgICB0YXJnZXQ6IHRoaXMuZGF0YWJhc2UsXG4gICAgICB2cGM6IHRoaXMudnBjXG4gICAgfSk7XG4gIH1cblxuICBwcml2YXRlIGFkZFByb3h5KHByb3BzOiBSZHNQcm9wcykge1xuICAgIGlmICghcHJvcHMucHJveHkpIHJldHVybjtcbiAgICBjb25zdCBwcm94eUNvbmZpZyA9IHByb3BzLnByb3h5O1xuICAgIGNvbnN0IHZwY1N1Ym5ldHM6IFN1Ym5ldFNlbGVjdGlvbiA9IHByb3h5Q29uZmlnLnZwY1N1Ym5ldHMgPz8ge1xuICAgICAgc3VibmV0VHlwZTogU3VibmV0VHlwZS5QUklWQVRFX1dJVEhfRUdSRVNTXG4gICAgfTtcblxuICAgIHRoaXMuZGF0YWJhc2VQcm94eVNlY3VyaXR5R3JvdXAgPSBuZXcgU2VjdXJpdHlHcm91cChcbiAgICAgIHRoaXMsXG4gICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UHJveHlTZWN1cml0eUdyb3VwYCxcbiAgICAgIHtcbiAgICAgICAgdnBjOiB0aGlzLnZwYyxcbiAgICAgICAgZGVzY3JpcHRpb246IGBTZWN1cml0eSBncm91cCBmb3IgUkRTIFByb3h5IGZvciAke3Byb3BzLmRhdGFiYXNlTmFtZX1gXG4gICAgICB9XG4gICAgKTtcblxuICAgIC8vIEFsbG93IHByb3h5IHRvIGNvbm5lY3QgdG8gZGF0YWJhc2VcbiAgICB0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cC5hZGRJbmdyZXNzUnVsZShcbiAgICAgIHRoaXMuZGF0YWJhc2VQcm94eVNlY3VyaXR5R3JvdXAsXG4gICAgICBQb3J0LnRjcCh0aGlzLnBvcnQpLFxuICAgICAgXCJBbGxvdyBSRFMgUHJveHkgdG8gY29ubmVjdCB0byBkYXRhYmFzZVwiXG4gICAgKTtcblxuICAgIHRoaXMuZGF0YWJhc2VQcm94eSA9IG5ldyBEYXRhYmFzZVByb3h5KFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EYXRhYmFzZVByb3h5YCxcbiAgICAgIHtcbiAgICAgICAgZGJQcm94eU5hbWU6IFJlc291cmNlTmFtaW5nLnByb3h5TmFtZSh0aGlzLmNvbnN0cnVjdElkKSxcbiAgICAgICAgcHJveHlUYXJnZXQ6IFByb3h5VGFyZ2V0LmZyb21JbnN0YW5jZSh0aGlzLmRhdGFiYXNlKSxcbiAgICAgICAgc2VjcmV0czogW3RoaXMuZGF0YWJhc2VDcmVkZW50aWFscy5zZWNyZXRdLFxuICAgICAgICBzZWN1cml0eUdyb3VwczogW3RoaXMuZGF0YWJhc2VQcm94eVNlY3VyaXR5R3JvdXBdLFxuICAgICAgICB2cGM6IHRoaXMudnBjLFxuICAgICAgICB2cGNTdWJuZXRzLFxuICAgICAgICByZXF1aXJlVExTOiBwcm94eUNvbmZpZy5yZXF1aXJlVExTID8/IHRydWUsXG4gICAgICAgIGJvcnJvd1RpbWVvdXQ6IHByb3h5Q29uZmlnLmNvbm5lY3Rpb25Cb3Jyb3dUaW1lb3V0XG4gICAgICAgICAgPyBEdXJhdGlvbi5zZWNvbmRzKHByb3h5Q29uZmlnLmNvbm5lY3Rpb25Cb3Jyb3dUaW1lb3V0KVxuICAgICAgICAgIDogRHVyYXRpb24uc2Vjb25kcygxMjApLFxuICAgICAgICBtYXhDb25uZWN0aW9uc1BlcmNlbnQ6IHByb3h5Q29uZmlnLm1heENvbm5lY3Rpb25zLFxuICAgICAgICBtYXhJZGxlQ29ubmVjdGlvbnNQZXJjZW50OiBwcm94eUNvbmZpZy5tYXhJZGxlQ29ubmVjdGlvbnNcbiAgICAgIH1cbiAgICApO1xuXG4gICAgYWRkUHJveHlDZm5PdXRwdXQoXG4gICAgICB0aGlzLFxuICAgICAgdGhpcy5jb25zdHJ1Y3RJZCxcbiAgICAgIHByb3BzLmRhdGFiYXNlTmFtZSxcbiAgICAgIHRoaXMuZGF0YWJhc2VQcm94eVxuICAgICk7XG4gIH1cblxuICBwcml2YXRlIGFkZFJlYWRSZXBsaWNhKHByb3BzOiBSZHNQcm9wcykge1xuICAgIGlmICghcHJvcHMucmVhZFJlcGxpY2EpIHJldHVybjtcbiAgICBjb25zdCByZXBsaWNhQ29uZmlnID0gcHJvcHMucmVhZFJlcGxpY2E7XG4gICAgY29uc3QgcmVwbGljYUluc3RhbmNlVHlwZSA9XG4gICAgICByZXBsaWNhQ29uZmlnLmluc3RhbmNlVHlwZSA/PyBwcm9wcy5pbnN0YW5jZVR5cGUgPz8gXCJ0NGcubGFyZ2VcIjtcblxuICAgIGNvbnN0IHsgcGlFbmFibGVkLCBwaUNvbmZpZyB9ID0gcmVzb2x2ZURhdGFiYXNlSW5zaWdodHMoXG4gICAgICBwcm9wcy5kYXRhYmFzZUluc2lnaHRzXG4gICAgKTtcblxuICAgIGNvbnN0IHJlYWRSZXBsaWNhUGVyZm9ybWFuY2VJbnNpZ2h0c0tleSA9XG4gICAgICBwaUVuYWJsZWQgJiYgaXNDTUtSZXF1ZXN0ZWQocGlDb25maWc/LmVuY3J5cHRpb25LZXkpXG4gICAgICAgID8gbmV3IEN1c3RvbWVyTWFuYWdlZEtleShcbiAgICAgICAgICAgIHRoaXMsXG4gICAgICAgICAgICBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9UmVhZFJlcGxpY2FSZWFkZXJJbnNpZ2h0c0tleWAsXG4gICAgICAgICAgICB7XG4gICAgICAgICAgICAgIGFsaWFzTmFtZTogYGNtay9yZHMvJHtwcm9wcy5kYXRhYmFzZU5hbWV9L1JlYWRSZXBsaWNhSW5zaWdodHNLZXlgXG4gICAgICAgICAgICB9XG4gICAgICAgICAgKS5rZXlcbiAgICAgICAgOiB1bmRlZmluZWQ7XG5cbiAgICB0aGlzLnJlYWRSZXBsaWNhU2VjdXJpdHlHcm91cCA9IG5ldyBTZWN1cml0eUdyb3VwKFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1SZWFkUmVwbGljYVNlY3VyaXR5R3JvdXBgLFxuICAgICAge1xuICAgICAgICB2cGM6IHRoaXMudnBjLFxuICAgICAgICBkZXNjcmlwdGlvbjogYFNlY3VyaXR5IGdyb3VwIGZvciBSRFMgcmVhZCByZXBsaWNhIG9mICR7cHJvcHMuZGF0YWJhc2VOYW1lfWBcbiAgICAgIH1cbiAgICApO1xuXG4gICAgLy8gQWxsb3cgcHJpbWFyeSBkYXRhYmFzZSB0byByZXBsaWNhdGUgdG8gcmVhZCByZXBsaWNhXG4gICAgdGhpcy5yZWFkUmVwbGljYVNlY3VyaXR5R3JvdXAuYWRkSW5ncmVzc1J1bGUoXG4gICAgICB0aGlzLmRhdGFiYXNlU2VjdXJpdHlHcm91cCxcbiAgICAgIFBvcnQudGNwKHRoaXMucG9ydCksXG4gICAgICBcIkFsbG93IHByaW1hcnkgZGF0YWJhc2UgdG8gcmVwbGljYXRlIHRvIHJlYWQgcmVwbGljYVwiXG4gICAgKTtcblxuICAgIC8vIERlbGV0aW9uIHdhaXRlciBlbnN1cmVzIHByaW1hcnkgaXMgXCJhdmFpbGFibGVcIiBiZWZvcmUgQ2xvdWRGb3JtYXRpb24gZGVsZXRlcyBpdC5cbiAgICAvLyBXaGVuIHRoZSByZWFkIHJlcGxpY2EgaXMgZGVsZXRlZCwgdGhlIHByaW1hcnkgZW50ZXJzIFwibW9kaWZ5aW5nXCIgc3RhdGUuXG4gICAgLy8gV2l0aG91dCB0aGlzIHdhaXRlciwgdGhlIGZpbmFsIHNuYXBzaG90IGNyZWF0aW9uIGZhaWxzLlxuICAgIGNvbnN0IGluc3RhbmNlSWQgPSBSZXNvdXJjZU5hbWluZy5kYkluc3RhbmNlSWQodGhpcy5jb25zdHJ1Y3RJZCk7XG4gICAgY29uc3Qgd2FpdGVyVGltZW91dCA9IER1cmF0aW9uLm1pbnV0ZXMoMTApO1xuICAgIGNvbnN0IGRlbGV0aW9uV2FpdGVyID0gbmV3IEN1c3RvbVJlc291cmNlKFxuICAgICAgdGhpcyxcbiAgICAgIGAke3Byb3BzLmRhdGFiYXNlTmFtZX1EZWxldGlvbldhaXRlcmAsXG4gICAgICB7XG4gICAgICAgIHJ1bnRpbWU6IFJ1bnRpbWUuTk9ERUpTXzIyX1gsXG4gICAgICAgIHRpbWVvdXQ6IHdhaXRlclRpbWVvdXQucGx1cyhEdXJhdGlvbi5zZWNvbmRzKDMwKSksXG4gICAgICAgIGxhbWJkYURlc2NyaXB0aW9uOiBgJHtwcm9wcy5kYXRhYmFzZU5hbWV9IGRlbGV0aW9uIHdhaXRlcmAsXG4gICAgICAgIGlubGluZUNvZGU6IGBcbmNvbnN0IHsgUkRTQ2xpZW50IH0gPSByZXF1aXJlKCdAYXdzLXNkay9jbGllbnQtcmRzJyk7XG5jb25zdCB7IHdhaXRVbnRpbERCSW5zdGFuY2VBdmFpbGFibGUgfSA9IHJlcXVpcmUoJ0Bhd3Mtc2RrL2NsaWVudC1yZHMnKTtcblxuZXhwb3J0cy5oYW5kbGVyID0gYXN5bmMgKGV2ZW50KSA9PiB7XG4gIGNvbnNvbGUubG9nKCdFdmVudDonLCBKU09OLnN0cmluZ2lmeShldmVudCwgbnVsbCwgMikpO1xuICBjb25zdCBpbnN0YW5jZUlkID0gZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLkluc3RhbmNlSWRlbnRpZmllcjtcbiAgY29uc3QgcGh5c2ljYWxSZXNvdXJjZUlkID0gZXZlbnQuUGh5c2ljYWxSZXNvdXJjZUlkIHx8IGV2ZW50LkxvZ2ljYWxSZXNvdXJjZUlkIHx8ICdyZHMtZGVsZXRpb24td2FpdGVyJztcblxuICBpZiAoZXZlbnQuUmVxdWVzdFR5cGUgPT09ICdEZWxldGUnKSB7XG4gICAgY29uc29sZS5sb2coJ1dhaXRpbmcgZm9yIGluc3RhbmNlIHRvIGJlIGF2YWlsYWJsZTonLCBpbnN0YW5jZUlkKTtcbiAgICBjb25zdCBjbGllbnQgPSBuZXcgUkRTQ2xpZW50KHt9KTtcbiAgICB0cnkge1xuICAgICAgYXdhaXQgd2FpdFVudGlsREJJbnN0YW5jZUF2YWlsYWJsZShcbiAgICAgICAgeyBjbGllbnQsIG1heFdhaXRUaW1lOiAke3dhaXRlclRpbWVvdXQudG9TZWNvbmRzKCl9LCBtaW5EZWxheTogMTAsIG1heERlbGF5OiAzMCB9LFxuICAgICAgICB7IERCSW5zdGFuY2VJZGVudGlmaWVyOiBpbnN0YW5jZUlkIH1cbiAgICAgICk7XG4gICAgICBjb25zb2xlLmxvZygnSW5zdGFuY2UgaXMgYXZhaWxhYmxlLCBkZWxldGlvbiBjYW4gcHJvY2VlZCcpO1xuICAgIH0gY2F0Y2ggKGVycm9yKSB7XG4gICAgICBpZiAoZXJyb3IubmFtZSA9PT0gJ1Jlc291cmNlTm90Rm91bmRFcnJvcicgfHxcbiAgICAgICAgICBlcnJvci5tZXNzYWdlPy5pbmNsdWRlcygnREJJbnN0YW5jZU5vdEZvdW5kJykgfHxcbiAgICAgICAgICBlcnJvci5zdGF0ZSA9PT0gJ0ZBSUxVUkUnKSB7XG4gICAgICAgIGNvbnNvbGUubG9nKCdJbnN0YW5jZSBub3QgZm91bmQgb3Igd2FpdGVyIGZhaWxlZCwgcHJvY2VlZGluZyB3aXRoIGRlbGV0aW9uJyk7XG4gICAgICB9IGVsc2Uge1xuICAgICAgICBjb25zb2xlLmVycm9yKCdFcnJvciB3YWl0aW5nIGZvciBpbnN0YW5jZTonLCBlcnJvcik7XG4gICAgICAgIHRocm93IGVycm9yO1xuICAgICAgfVxuICAgIH1cbiAgfVxuICByZXR1cm4geyBQaHlzaWNhbFJlc291cmNlSWQ6IHBoeXNpY2FsUmVzb3VyY2VJZCB9O1xufTtcbiAgICAgICAgYCxcbiAgICAgICAgaW5saW5lUG9saWN5OiBbXG4gICAgICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgICAgICBlZmZlY3Q6IEVmZmVjdC5BTExPVyxcbiAgICAgICAgICAgIGFjdGlvbnM6IFtcInJkczpEZXNjcmliZURCSW5zdGFuY2VzXCJdLFxuICAgICAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdXG4gICAgICAgICAgfSlcbiAgICAgICAgXSxcbiAgICAgICAgcHJvcGVydGllczoge1xuICAgICAgICAgIEluc3RhbmNlSWRlbnRpZmllcjogaW5zdGFuY2VJZCxcbiAgICAgICAgICBWZXJzaW9uOiBcIjEuMC4wXCJcbiAgICAgICAgfVxuICAgICAgfVxuICAgICk7XG5cbiAgICBkZWxldGlvbldhaXRlci5yZXNvdXJjZS5ub2RlLmFkZERlcGVuZGVuY3kodGhpcy5kYXRhYmFzZSk7XG5cbiAgICBjb25zdCByZWFkUmVwbGljYSA9IG5ldyBEYXRhYmFzZUluc3RhbmNlUmVhZFJlcGxpY2EoXG4gICAgICB0aGlzLFxuICAgICAgYCR7cHJvcHMuZGF0YWJhc2VOYW1lfVJlYWRSZXBsaWNhYCxcbiAgICAgIHtcbiAgICAgICAgc291cmNlRGF0YWJhc2VJbnN0YW5jZTogdGhpcy5kYXRhYmFzZSxcbiAgICAgICAgdnBjOiB0aGlzLnZwYyxcbiAgICAgICAgdnBjU3VibmV0czoge1xuICAgICAgICAgIHN1Ym5ldFR5cGU6IFN1Ym5ldFR5cGUuUFJJVkFURV9XSVRIX0VHUkVTU1xuICAgICAgICB9LFxuICAgICAgICBzZWN1cml0eUdyb3VwczogW3RoaXMucmVhZFJlcGxpY2FTZWN1cml0eUdyb3VwXSxcbiAgICAgICAgYWxsb2NhdGVkU3RvcmFnZTogcHJvcHMuYWxsb2NhdGVkU3RvcmFnZSxcbiAgICAgICAgc3RvcmFnZUVuY3J5cHRlZDogdHJ1ZSxcbiAgICAgICAgc3RvcmFnZVR5cGU6IFN0b3JhZ2VUeXBlLkdQMyxcbiAgICAgICAgY2FDZXJ0aWZpY2F0ZTogQ2FDZXJ0aWZpY2F0ZS5SRFNfQ0FfUlNBNDA5Nl9HMSxcbiAgICAgICAgcmVtb3ZhbFBvbGljeTogUmVtb3ZhbFBvbGljeS5ERVNUUk9ZLFxuICAgICAgICBkZWxldGVBdXRvbWF0ZWRCYWNrdXBzOiBmYWxzZSxcbiAgICAgICAgZW5hYmxlUGVyZm9ybWFuY2VJbnNpZ2h0czogcGlFbmFibGVkLFxuICAgICAgICBwZXJmb3JtYW5jZUluc2lnaHRFbmNyeXB0aW9uS2V5OiByZWFkUmVwbGljYVBlcmZvcm1hbmNlSW5zaWdodHNLZXksXG4gICAgICAgIHBlcmZvcm1hbmNlSW5zaWdodFJldGVudGlvbjogcGlFbmFibGVkXG4gICAgICAgICAgPyBnZXREYXRhYmFzZUluc2lnaHRzUmV0ZW50aW9uKHBpQ29uZmlnPy5tb2RlID8/IFwic3RhbmRhcmRcIilcbiAgICAgICAgICA6IHVuZGVmaW5lZCxcbiAgICAgICAgaW5zdGFuY2VJZGVudGlmaWVyOiBSZXNvdXJjZU5hbWluZy5yZWFkUmVwbGljYUlkKHRoaXMuY29uc3RydWN0SWQpLFxuICAgICAgICBpbnN0YW5jZVR5cGU6IG5ldyBJbnN0YW5jZVR5cGUocmVwbGljYUluc3RhbmNlVHlwZSksXG4gICAgICAgIGF2YWlsYWJpbGl0eVpvbmU6IHJlcGxpY2FDb25maWcuYXZhaWxhYmlsaXR5Wm9uZSxcbiAgICAgICAgbWF4QWxsb2NhdGVkU3RvcmFnZTogcHJvcHMubWF4QWxsb2NhdGVkU3RvcmFnZSB8fCA1MDAsXG4gICAgICAgIG1vbml0b3JpbmdJbnRlcnZhbDpcbiAgICAgICAgICBwcm9wcy5tb25pdG9yaW5nSW50ZXJ2YWwgfHwgUkRTX0RFRkFVTFRTLk1PTklUT1JJTkdfSU5URVJWQUwsXG4gICAgICAgIG11bHRpQXo6IHByb3BzLm11bHRpQXogIT09IGZhbHNlLFxuICAgICAgICBwb3J0OiB0aGlzLnBvcnQsXG4gICAgICAgIGRlbGV0aW9uUHJvdGVjdGlvbjogcHJvcHMuZGVsZXRpb25Qcm90ZWN0aW9uID8/IHRydWUsXG4gICAgICAgIHByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93OlxuICAgICAgICAgIHByb3BzLnByZWZlcnJlZE1haW50ZW5hbmNlV2luZG93IHx8XG4gICAgICAgICAgUkRTX0RFRkFVTFRTLlBSRUZFUlJFRF9NQUlOVEVOQU5DRV9XSU5ET1dcbiAgICAgIH1cbiAgICApO1xuXG4gICAgcmVhZFJlcGxpY2Eubm9kZS5hZGREZXBlbmRlbmN5KGRlbGV0aW9uV2FpdGVyLnJlc291cmNlKTtcbiAgfVxuXG4gIGdldEhvc3RFbmRwb2ludCgpIHtcbiAgICBpZiAodGhpcy5kYXRhYmFzZVByb3h5KSB7XG4gICAgICByZXR1cm4gdGhpcy5kYXRhYmFzZVByb3h5LmVuZHBvaW50O1xuICAgIH0gZWxzZSB7XG4gICAgICByZXR1cm4gdGhpcy5kYXRhYmFzZS5kYkluc3RhbmNlRW5kcG9pbnRBZGRyZXNzO1xuICAgIH1cbiAgfVxuXG4gIGdldEhvc3RQb3J0KCk6IHN0cmluZyB7XG4gICAgcmV0dXJuIFN0cmluZyh0aGlzLnBvcnQpO1xuICB9XG5cbiAgZ2V0Q3JlZGVudGlhbHMoKTogU2VjcmV0IHtcbiAgICByZXR1cm4gdGhpcy5kYXRhYmFzZUNyZWRlbnRpYWxzO1xuICB9XG5cbiAgc3RhdGljIGJ1aWxkKGlkOiBzdHJpbmcsIHByb3BzOiBSZHNQcm9wcyk6IChzYjogU3RhY2tCdWlsZGVyKSA9PiBDb25zdHJ1Y3Qge1xuICAgIHJldHVybiAoc2I6IFN0YWNrQnVpbGRlcikgPT4ge1xuICAgICAgY29uc3QgbmV3UHJvcHM6IFJkc1Byb3BzID0ge1xuICAgICAgICAuLi5wcm9wcyxcbiAgICAgICAgLi4ue1xuICAgICAgICAgIHZwYzogc2IuZ2V0TmV0d29yaygpIHx8IHByb3BzLnZwYyxcbiAgICAgICAgICBzZWN1cml0eUdyb3VwSWRzOiBwcm9wcz8uc2VjdXJpdHlHcm91cElkcyA/PyBbXSxcbiAgICAgICAgICBkYXRhYmFzZU5hbWU6IHByb3BzLmRhdGFiYXNlTmFtZSB8fCBgJHtpZC5yZXBsYWNlKFwiUmRzXCIsIFwiXCIpfWBcbiAgICAgICAgfVxuICAgICAgfTtcblxuICAgICAgcmV0dXJuIG5ldyB0aGlzKHNiLmdldFN0YWNrKCksIGlkLCBuZXdQcm9wcyk7XG4gICAgfTtcbiAgfVxufVxuIl19

package/dist/lib/resources/aws/database/rdsProxyOutput.js

@@ -1,18 +1,14 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.addProxyCfnOutput = addProxyCfnOutput;
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const capitaliseString_1 = require("../../../utils/capitaliseString");
+import { CfnOutput } from "aws-cdk-lib";
+import { toPascalCase } from "../../../utils/capitaliseString.js";
 /**
  * Add a CfnOutput for the RDS proxy endpoint.
  * Shared by RdsAurora and RdsInstance constructs.
  */
-function addProxyCfnOutput(scope, constructId, databaseName, proxy) {
-    const outputName = (0, capitaliseString_1.toPascalCase)(databaseName || constructId);
-    new aws_cdk_lib_1.CfnOutput(scope, `${outputName}ProxyEndpointOutput`, {
+export function addProxyCfnOutput(scope, constructId, databaseName, proxy) {
+    const outputName = toPascalCase(databaseName || constructId);
+    new CfnOutput(scope, `${outputName}ProxyEndpointOutput`, {
         key: `${outputName}ProxyEndpoint`,
         exportName: `${outputName}ProxyEndpoint`,
         value: proxy.endpoint
     });
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmRzUHJveHlPdXRwdXQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9saWIvcmVzb3VyY2VzL2F3cy9kYXRhYmFzZS9yZHNQcm94eU91dHB1dC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQVNBLDhDQVlDO0FBckJELDZDQUF3QztBQUd4QyxzRUFBK0Q7QUFFL0Q7OztHQUdHO0FBQ0gsU0FBZ0IsaUJBQWlCLENBQy9CLEtBQWdCLEVBQ2hCLFdBQW1CLEVBQ25CLFlBQWdDLEVBQ2hDLEtBQW9CO0lBRXBCLE1BQU0sVUFBVSxHQUFHLElBQUEsK0JBQVksRUFBQyxZQUFZLElBQUksV0FBVyxDQUFDLENBQUM7SUFDN0QsSUFBSSx1QkFBUyxDQUFDLEtBQUssRUFBRSxHQUFHLFVBQVUscUJBQXFCLEVBQUU7UUFDdkQsR0FBRyxFQUFFLEdBQUcsVUFBVSxlQUFlO1FBQ2pDLFVBQVUsRUFBRSxHQUFHLFVBQVUsZUFBZTtRQUN4QyxLQUFLLEVBQUUsS0FBSyxDQUFDLFFBQVE7S0FDdEIsQ0FBQyxDQUFDO0FBQ0wsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IENmbk91dHB1dCB9IGZyb20gXCJhd3MtY2RrLWxpYlwiO1xuaW1wb3J0IHR5cGUgeyBDb25zdHJ1Y3QgfSBmcm9tIFwiY29uc3RydWN0c1wiO1xuaW1wb3J0IHR5cGUgeyBEYXRhYmFzZVByb3h5IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1yZHNcIjtcbmltcG9ydCB7IHRvUGFzY2FsQ2FzZSB9IGZyb20gXCIuLi8uLi8uLi91dGlscy9jYXBpdGFsaXNlU3RyaW5nXCI7XG5cbi8qKlxuICogQWRkIGEgQ2ZuT3V0cHV0IGZvciB0aGUgUkRTIHByb3h5IGVuZHBvaW50LlxuICogU2hhcmVkIGJ5IFJkc0F1cm9yYSBhbmQgUmRzSW5zdGFuY2UgY29uc3RydWN0cy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGFkZFByb3h5Q2ZuT3V0cHV0KFxuICBzY29wZTogQ29uc3RydWN0LFxuICBjb25zdHJ1Y3RJZDogc3RyaW5nLFxuICBkYXRhYmFzZU5hbWU6IHN0cmluZyB8IHVuZGVmaW5lZCxcbiAgcHJveHk6IERhdGFiYXNlUHJveHlcbik6IHZvaWQge1xuICBjb25zdCBvdXRwdXROYW1lID0gdG9QYXNjYWxDYXNlKGRhdGFiYXNlTmFtZSB8fCBjb25zdHJ1Y3RJZCk7XG4gIG5ldyBDZm5PdXRwdXQoc2NvcGUsIGAke291dHB1dE5hbWV9UHJveHlFbmRwb2ludE91dHB1dGAsIHtcbiAgICBrZXk6IGAke291dHB1dE5hbWV9UHJveHlFbmRwb2ludGAsXG4gICAgZXhwb3J0TmFtZTogYCR7b3V0cHV0TmFtZX1Qcm94eUVuZHBvaW50YCxcbiAgICB2YWx1ZTogcHJveHkuZW5kcG9pbnRcbiAgfSk7XG59XG4iXX0=

package/dist/lib/resources/aws/iam/delegationRole.d.ts

@@ -0,0 +1,18 @@
+import { Construct } from "constructs";
+import { type IRole } from "aws-cdk-lib/aws-iam";
+import type { IHostedZone } from "aws-cdk-lib/aws-route53";
+export interface DelegationRoleProps {
+    readonly zoneName: string;
+    readonly hostedZone: IHostedZone;
+    readonly organisationIdExportName?: string;
+    readonly description?: string;
+    readonly costAllocationEnvironment?: string;
+    readonly costAllocationDomain?: string;
+}
+export declare class DelegationRole extends Construct {
+    readonly role: IRole;
+    readonly roleArn: string;
+    readonly description: string;
+    readonly exportName: string;
+    constructor(scope: Construct, id: string, props: DelegationRoleProps);
+}