@liflig/cdk 2.18.5 → 2.18.6

package/lib/pipelines/pipeline.js

@@ -0,0 +1,224 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Pipeline = void 0;
+const constructs = require("constructs");
+const events = require("aws-cdk-lib/aws-events");
+const eventsTargets = require("aws-cdk-lib/aws-events-targets");
+const iam = require("aws-cdk-lib/aws-iam");
+const lambda = require("aws-cdk-lib/aws-lambda");
+const sfn = require("aws-cdk-lib/aws-stepfunctions");
+const aws_stepfunctions_1 = require("aws-cdk-lib/aws-stepfunctions");
+const tasks = require("aws-cdk-lib/aws-stepfunctions-tasks");
+const cdk = require("aws-cdk-lib");
+const griid_1 = require("../griid");
+const conventions_1 = require("./conventions");
+const deploy_env_1 = require("./deploy-env");
+/**
+ * Pipeline for doing a multi-account CDK deployment based
+ * on a built CDK Cloud Assembly and parameters stored in S3.
+ *
+ * The accounts being deployed to must be provisioned with
+ * the LifligCdkDeployerDeps construct so expected IAM
+ * roles is present.
+ *
+ * The pipeline starts by writing an empty file to
+ * s3://<artifacts-bucket>/pipelines/<pipeline-name>/trigger
+ *
+ * The CDK deploy process is handled by liflig-cdk-deployer.
+ * See https://github.com/capralifecycle/liflig-cdk-deployer
+ *
+ * Configuration files are read from S3 at the path
+ * s3://<artifacts-bucket>/pipelines/<pipeline-name>/
+ *
+ *  - cloud-assembly.json which has the format described as
+ *    CDK_CLOUD_ASSEMBLY in liflig-cdk-deployer
+ *
+ *  - variables*.json which can be zero or more files
+ *    with string-string map that will be concatenated to
+ *    form the format described as CDK_VARIABLES in
+ *    liflig-cdk-deployer
+ *
+ * The separation of Cloud Assembly details and variables enables
+ * separation of IaC code and application code if they are not
+ * colocated in the same repository.
+ */
+class Pipeline extends constructs.Construct {
+    constructor(scope, id, props) {
+        var _a, _b;
+        super(scope, id);
+        const s3Prefix = (0, conventions_1.pipelineS3Prefix)(props.pipelineName);
+        const s3TriggerKey = (0, conventions_1.pipelineS3TriggerKey)(props.pipelineName);
+        const artifactsBucket = (_a = props.artifactsBucket) !== null && _a !== void 0 ? _a : (0, griid_1.getGriidArtefactBucket)(this);
+        const checkCanRunFn = new lambda.SingletonFunction(this, "CheckCanRunFn", {
+            uuid: "30ad3abb-f774-4804-a6ef-2c2f4a247362",
+            code: new lambda.InlineCode(`exports.handler = ${checkCanRunHandler.toString()};`),
+            runtime: lambda.Runtime.NODEJS_16_X,
+            handler: "index.handler",
+            timeout: cdk.Duration.seconds(10),
+        });
+        const checkCanRunTask = new tasks.LambdaInvoke(this, "Check if the process can run", {
+            lambdaFunction: checkCanRunFn,
+            outputPath: "$.Payload",
+            payload: sfn.TaskInput.fromObject({
+                "stateMachineId.$": "$$.StateMachine.Id",
+                "executionId.$": "$$.Execution.Id",
+            }),
+        });
+        const wait = new sfn.Wait(this, "Wait before rechecking status", {
+            time: sfn.WaitTime.duration(cdk.Duration.seconds(15)),
+        });
+        const skip = new sfn.Succeed(this, "Skip");
+        const collectFilesFn = new lambda.SingletonFunction(this, "CollectFilesFn", {
+            uuid: "c49cbfe1-50e0-4721-8964-fb20f4e5a7ad",
+            code: new lambda.InlineCode(`exports.handler = ${collectFilesHandler.toString()};`),
+            runtime: lambda.Runtime.NODEJS_16_X,
+            handler: "index.handler",
+            timeout: cdk.Duration.seconds(30),
+        });
+        artifactsBucket.grantRead(collectFilesFn);
+        const collectFilesTask = new tasks.LambdaInvoke(this, "Collect files from S3", {
+            lambdaFunction: collectFilesFn,
+            outputPath: "$.Payload",
+            payload: sfn.TaskInput.fromObject({
+                bucketName: artifactsBucket.bucketName,
+                bucketPrefix: s3Prefix,
+                envNames: props.environments.map((it) => it.name),
+            }),
+        });
+        let run = sfn.Chain.start(collectFilesTask);
+        const ifHavingStacks = (name, work) => new sfn.Choice(this, `Check if ${name} has stacks`)
+            .when(aws_stepfunctions_1.Condition.or(aws_stepfunctions_1.Condition.isNull(`$.StackCountPerEnv.${name}`), aws_stepfunctions_1.Condition.numberEquals(`$.StackCountPerEnv.${name}`, 0)), new sfn.Pass(this, `Skip ${name}`))
+            .otherwise(work)
+            .afterwards();
+        for (const env of props.environments) {
+            const it = new deploy_env_1.DeployEnv(this, env.name, {
+                accountId: env.accountId,
+                afterSuccessfulDeploy: env.afterSuccessfulDeploy,
+                artefactBucket: artifactsBucket,
+                envName: env.name,
+                vpc: props.vpc,
+            });
+            run = run.next(ifHavingStacks(env.name, it.chain));
+        }
+        const definition = sfn.Chain.start(checkCanRunTask).next(new sfn.Choice(this, "Can run?")
+            .when(aws_stepfunctions_1.Condition.stringEquals("$.CanRunState", "CONTINUE"), run)
+            .when(aws_stepfunctions_1.Condition.stringEquals("$.CanRunState", "SKIP"), skip)
+            .otherwise(wait.next(checkCanRunTask)));
+        const machine = new sfn.StateMachine(this, "StateMachine", {
+            definition,
+            // https://docs.aws.amazon.com/step-functions/latest/dg/sfn-stuck-execution.html
+            timeout: cdk.Duration.hours(3),
+        });
+        new iam.Policy(this, "CheckCanRunPolicy", {
+            roles: [checkCanRunFn.role],
+            statements: [
+                new iam.PolicyStatement({
+                    actions: ["states:ListExecutions"],
+                    resources: [machine.stateMachineArn],
+                }),
+            ],
+        });
+        if ((_b = props.triggerEnabled) !== null && _b !== void 0 ? _b : true) {
+            artifactsBucket.onCloudTrailWriteObject("Trigger", {
+                paths: [s3TriggerKey],
+                target: new eventsTargets.SfnStateMachine(machine, {
+                    input: events.RuleTargetInput.fromObject({}),
+                }),
+            });
+        }
+    }
+}
+exports.Pipeline = Pipeline;
+// This is a self-contained function that will be serialized as a lambda.
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const collectFilesHandler = async (event) => {
+    var _a;
+    // eslint-disable-next-line @typescript-eslint/no-var-requires,@typescript-eslint/no-unsafe-assignment
+    const AWS = require("aws-sdk");
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-call,@typescript-eslint/no-unsafe-member-access
+    const s3 = new AWS.S3();
+    console.log("Event received: ", event);
+    const bucketName = event.bucketName;
+    const bucketPrefix = event.bucketPrefix;
+    const envNames = event.envNames;
+    if (bucketPrefix.slice(-1) !== "/") {
+        throw new Error(`Expected bucket prefix to end with '/' but its value is '${bucketPrefix}'`);
+    }
+    const files = await s3
+        .listObjectsV2({
+        Bucket: bucketName,
+        Prefix: bucketPrefix,
+    })
+        .promise();
+    async function getData(key) {
+        const result = await s3
+            .getObject({
+            Bucket: bucketName,
+            Key: key,
+        })
+            .promise();
+        return result.Body.toString();
+    }
+    let cloudAssembly = null;
+    let variables = {};
+    for (const file of (_a = files.Contents) !== null && _a !== void 0 ? _a : []) {
+        const key = file.Key;
+        const filename = key.slice(bucketPrefix.length);
+        console.log(`File: ${filename}`);
+        if (filename === "cloud-assembly.json") {
+            console.log("Found Cloud Assembly");
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+            cloudAssembly = JSON.parse(await getData(key));
+        }
+        else if (/^variables.*\.json$/.test(filename)) {
+            console.log("Found variables file");
+            variables = {
+                ...variables,
+                ...JSON.parse(await getData(key)),
+            };
+        }
+        else {
+            console.log("Ignoring unknown file");
+        }
+    }
+    if (cloudAssembly === null) {
+        throw new Error("cloud-assembly.json not found");
+    }
+    return {
+        CloudAssembly: JSON.stringify(cloudAssembly),
+        Variables: JSON.stringify(variables),
+        StackCountPerEnv: Object.fromEntries(envNames.map((name) => {
+            var _a, _b;
+            return [
+                name,
+                (_b = (_a = cloudAssembly.environments.find((it) => it.name === name)) === null || _a === void 0 ? void 0 : _a.stackNames.length) !== null && _b !== void 0 ? _b : 0,
+            ];
+        })),
+    };
+};
+// This is a self-contained function that will be serialized as a lambda.
+const checkCanRunHandler = async (event) => {
+    // eslint-disable-next-line @typescript-eslint/no-var-requires,@typescript-eslint/no-unsafe-assignment
+    const AWS = require("aws-sdk");
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-call,@typescript-eslint/no-unsafe-member-access
+    const sf = new AWS.StepFunctions();
+    console.log("Event received: ", event);
+    const stateMachineArn = event["stateMachineId"];
+    const currentExecutionArn = event["executionId"];
+    const executions = (await sf
+        .listExecutions({
+        stateMachineArn,
+        statusFilter: "RUNNING",
+    })
+        .promise()).executions;
+    console.log("Executions: ", executions);
+    const currentExecution = executions.find((it) => it.executionArn == currentExecutionArn);
+    if (!currentExecution) {
+        throw new Error("Could not find current execution");
+    }
+    const newer = executions.filter((it) => it.startDate > currentExecution.startDate).length;
+    return {
+        CanRunState: newer > 0 ? "SKIP" : executions.length == 1 ? "CONTINUE" : "WAIT",
+    };
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGlwZWxpbmUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcGlwZWxpbmVzL3BpcGVsaW5lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLHlDQUF3QztBQUV4QyxpREFBZ0Q7QUFDaEQsZ0VBQStEO0FBQy9ELDJDQUEwQztBQUMxQyxpREFBZ0Q7QUFFaEQscURBQW9EO0FBQ3BELHFFQUF5RDtBQUN6RCw2REFBNEQ7QUFDNUQsbUNBQWtDO0FBR2xDLG9DQUFpRDtBQUNqRCwrQ0FBc0U7QUFDdEUsNkNBQXdDO0FBOEN4Qzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztHQTRCRztBQUNILE1BQWEsUUFBUyxTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBQ2hELFlBQVksS0FBMkIsRUFBRSxFQUFVLEVBQUUsS0FBb0I7O1FBQ3ZFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFFaEIsTUFBTSxRQUFRLEdBQUcsSUFBQSw4QkFBZ0IsRUFBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUE7UUFDckQsTUFBTSxZQUFZLEdBQUcsSUFBQSxrQ0FBb0IsRUFBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUE7UUFFN0QsTUFBTSxlQUFlLEdBQ25CLE1BQUEsS0FBSyxDQUFDLGVBQWUsbUNBQUksSUFBQSw4QkFBc0IsRUFBQyxJQUFJLENBQUMsQ0FBQTtRQUV2RCxNQUFNLGFBQWEsR0FBRyxJQUFJLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsZUFBZSxFQUFFO1lBQ3hFLElBQUksRUFBRSxzQ0FBc0M7WUFDNUMsSUFBSSxFQUFFLElBQUksTUFBTSxDQUFDLFVBQVUsQ0FDekIscUJBQXFCLGtCQUFrQixDQUFDLFFBQVEsRUFBRSxHQUFHLENBQ3REO1lBQ0QsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPLENBQUMsV0FBVztZQUNuQyxPQUFPLEVBQUUsZUFBZTtZQUN4QixPQUFPLEVBQUUsR0FBRyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1NBQ2xDLENBQUMsQ0FBQTtRQUVGLE1BQU0sZUFBZSxHQUFHLElBQUksS0FBSyxDQUFDLFlBQVksQ0FDNUMsSUFBSSxFQUNKLDhCQUE4QixFQUM5QjtZQUNFLGNBQWMsRUFBRSxhQUFhO1lBQzdCLFVBQVUsRUFBRSxXQUFXO1lBQ3ZCLE9BQU8sRUFBRSxHQUFHLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQztnQkFDaEMsa0JBQWtCLEVBQUUsb0JBQW9CO2dCQUN4QyxlQUFlLEVBQUUsaUJBQWlCO2FBQ25DLENBQUM7U0FDSCxDQUNGLENBQUE7UUFFRCxNQUFNLElBQUksR0FBRyxJQUFJLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLCtCQUErQixFQUFFO1lBQy9ELElBQUksRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUMsQ0FBQztTQUN0RCxDQUFDLENBQUE7UUFFRixNQUFNLElBQUksR0FBRyxJQUFJLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFBO1FBRTFDLE1BQU0sY0FBYyxHQUFHLElBQUksTUFBTSxDQUFDLGlCQUFpQixDQUNqRCxJQUFJLEVBQ0osZ0JBQWdCLEVBQ2hCO1lBQ0UsSUFBSSxFQUFFLHNDQUFzQztZQUM1QyxJQUFJLEVBQUUsSUFBSSxNQUFNLENBQUMsVUFBVSxDQUN6QixxQkFBcUIsbUJBQW1CLENBQUMsUUFBUSxFQUFFLEdBQUcsQ0FDdkQ7WUFDRCxPQUFPLEVBQUUsTUFBTSxDQUFDLE9BQU8sQ0FBQyxXQUFXO1lBQ25DLE9BQU8sRUFBRSxlQUFlO1lBQ3hCLE9BQU8sRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7U0FDbEMsQ0FDRixDQUFBO1FBRUQsZUFBZSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUMsQ0FBQTtRQUV6QyxNQUFNLGdCQUFnQixHQUFHLElBQUksS0FBSyxDQUFDLFlBQVksQ0FDN0MsSUFBSSxFQUNKLHVCQUF1QixFQUN2QjtZQUNFLGNBQWMsRUFBRSxjQUFjO1lBQzlCLFVBQVUsRUFBRSxXQUFXO1lBQ3ZCLE9BQU8sRUFBRSxHQUFHLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQztnQkFDaEMsVUFBVSxFQUFFLGVBQWUsQ0FBQyxVQUFVO2dCQUN0QyxZQUFZLEVBQUUsUUFBUTtnQkFDdEIsUUFBUSxFQUFFLEtBQUssQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDO2FBQ2xELENBQUM7U0FDSCxDQUNGLENBQUE7UUFFRCxJQUFJLEdBQUcsR0FBYyxHQUFHLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxDQUFBO1FBRXRELE1BQU0sY0FBYyxHQUFHLENBQUMsSUFBWSxFQUFFLElBQWUsRUFBRSxFQUFFLENBQ3ZELElBQUksR0FBRyxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsWUFBWSxJQUFJLGFBQWEsQ0FBQzthQUNoRCxJQUFJLENBQ0gsNkJBQVMsQ0FBQyxFQUFFLENBQ1YsNkJBQVMsQ0FBQyxNQUFNLENBQUMsc0JBQXNCLElBQUksRUFBRSxDQUFDLEVBQzlDLDZCQUFTLENBQUMsWUFBWSxDQUFDLHNCQUFzQixJQUFJLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FDeEQsRUFDRCxJQUFJLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLFFBQVEsSUFBSSxFQUFFLENBQUMsQ0FDbkM7YUFDQSxTQUFTLENBQUMsSUFBSSxDQUFDO2FBQ2YsVUFBVSxFQUFFLENBQUE7UUFFakIsS0FBSyxNQUFNLEdBQUcsSUFBSSxLQUFLLENBQUMsWUFBWSxFQUFFLENBQUM7WUFDckMsTUFBTSxFQUFFLEdBQUcsSUFBSSxzQkFBUyxDQUFDLElBQUksRUFBRSxHQUFHLENBQUMsSUFBSSxFQUFFO2dCQUN2QyxTQUFTLEVBQUUsR0FBRyxDQUFDLFNBQVM7Z0JBQ3hCLHFCQUFxQixFQUFFLEdBQUcsQ0FBQyxxQkFBcUI7Z0JBQ2hELGNBQWMsRUFBRSxlQUFlO2dCQUMvQixPQUFPLEVBQUUsR0FBRyxDQUFDLElBQUk7Z0JBQ2pCLEdBQUcsRUFBRSxLQUFLLENBQUMsR0FBRzthQUNmLENBQUMsQ0FBQTtZQUVGLEdBQUcsR0FBRyxHQUFHLENBQUMsSUFBSSxDQUFDLGNBQWMsQ0FBQyxHQUFHLENBQUMsSUFBSSxFQUFFLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFBO1FBQ3BELENBQUM7UUFFRCxNQUFNLFVBQVUsR0FBYyxHQUFHLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxlQUFlLENBQUMsQ0FBQyxJQUFJLENBQ2pFLElBQUksR0FBRyxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsVUFBVSxDQUFDO2FBQzdCLElBQUksQ0FBQyw2QkFBUyxDQUFDLFlBQVksQ0FBQyxlQUFlLEVBQUUsVUFBVSxDQUFDLEVBQUUsR0FBRyxDQUFDO2FBQzlELElBQUksQ0FBQyw2QkFBUyxDQUFDLFlBQVksQ0FBQyxlQUFlLEVBQUUsTUFBTSxDQUFDLEVBQUUsSUFBSSxDQUFDO2FBQzNELFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQ3pDLENBQUE7UUFFRCxNQUFNLE9BQU8sR0FBRyxJQUFJLEdBQUcsQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRTtZQUN6RCxVQUFVO1lBQ1YsZ0ZBQWdGO1lBQ2hGLE9BQU8sRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUM7U0FDL0IsQ0FBQyxDQUFBO1FBRUYsSUFBSSxHQUFHLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRTtZQUN4QyxLQUFLLEVBQUUsQ0FBQyxhQUFhLENBQUMsSUFBSyxDQUFDO1lBQzVCLFVBQVUsRUFBRTtnQkFDVixJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7b0JBQ3RCLE9BQU8sRUFBRSxDQUFDLHVCQUF1QixDQUFDO29CQUNsQyxTQUFTLEVBQUUsQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUFDO2lCQUNyQyxDQUFDO2FBQ0g7U0FDRixDQUFDLENBQUE7UUFFRixJQUFJLE1BQUEsS0FBSyxDQUFDLGNBQWMsbUNBQUksSUFBSSxFQUFFLENBQUM7WUFDakMsZUFBZSxDQUFDLHVCQUF1QixDQUFDLFNBQVMsRUFBRTtnQkFDakQsS0FBSyxFQUFFLENBQUMsWUFBWSxDQUFDO2dCQUNyQixNQUFNLEVBQUUsSUFBSSxhQUFhLENBQUMsZUFBZSxDQUFDLE9BQU8sRUFBRTtvQkFDakQsS0FBSyxFQUFFLE1BQU0sQ0FBQyxlQUFlLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztpQkFDN0MsQ0FBQzthQUNILENBQUMsQ0FBQTtRQUNKLENBQUM7SUFDSCxDQUFDO0NBQ0Y7QUEvSEQsNEJBK0hDO0FBZUQseUVBQXlFO0FBQ3pFLDhEQUE4RDtBQUM5RCxNQUFNLG1CQUFtQixHQUFZLEtBQUssRUFBRSxLQUEwQixFQUFFLEVBQUU7O0lBQ3hFLHNHQUFzRztJQUN0RyxNQUFNLEdBQUcsR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUE7SUFDOUIsd0dBQXdHO0lBQ3hHLE1BQU0sRUFBRSxHQUFHLElBQUksR0FBRyxDQUFDLEVBQUUsRUFBYSxDQUFBO0lBRWxDLE9BQU8sQ0FBQyxHQUFHLENBQUMsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLENBQUE7SUFFdEMsTUFBTSxVQUFVLEdBQUcsS0FBSyxDQUFDLFVBQW9CLENBQUE7SUFDN0MsTUFBTSxZQUFZLEdBQUcsS0FBSyxDQUFDLFlBQXNCLENBQUE7SUFDakQsTUFBTSxRQUFRLEdBQUcsS0FBSyxDQUFDLFFBQW9CLENBQUE7SUFFM0MsSUFBSSxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssR0FBRyxFQUFFLENBQUM7UUFDbkMsTUFBTSxJQUFJLEtBQUssQ0FDYiw0REFBNEQsWUFBWSxHQUFHLENBQzVFLENBQUE7SUFDSCxDQUFDO0lBRUQsTUFBTSxLQUFLLEdBQUcsTUFBTSxFQUFFO1NBQ25CLGFBQWEsQ0FBQztRQUNiLE1BQU0sRUFBRSxVQUFVO1FBQ2xCLE1BQU0sRUFBRSxZQUFZO0tBQ3JCLENBQUM7U0FDRCxPQUFPLEVBQUUsQ0FBQTtJQUVaLEtBQUssVUFBVSxPQUFPLENBQUMsR0FBVztRQUNoQyxNQUFNLE1BQU0sR0FBRyxNQUFNLEVBQUU7YUFDcEIsU0FBUyxDQUFDO1lBQ1QsTUFBTSxFQUFFLFVBQVU7WUFDbEIsR0FBRyxFQUFFLEdBQUc7U0FDVCxDQUFDO2FBQ0QsT0FBTyxFQUFFLENBQUE7UUFDWixPQUFPLE1BQU0sQ0FBQyxJQUFLLENBQUMsUUFBUSxFQUFFLENBQUE7SUFDaEMsQ0FBQztJQUVELElBQUksYUFBYSxHQUF5QixJQUFJLENBQUE7SUFDOUMsSUFBSSxTQUFTLEdBQTJCLEVBQUUsQ0FBQTtJQUUxQyxLQUFLLE1BQU0sSUFBSSxJQUFJLE1BQUEsS0FBSyxDQUFDLFFBQVEsbUNBQUksRUFBRSxFQUFFLENBQUM7UUFDeEMsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUksQ0FBQTtRQUNyQixNQUFNLFFBQVEsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQTtRQUUvQyxPQUFPLENBQUMsR0FBRyxDQUFDLFNBQVMsUUFBUSxFQUFFLENBQUMsQ0FBQTtRQUVoQyxJQUFJLFFBQVEsS0FBSyxxQkFBcUIsRUFBRSxDQUFDO1lBQ3ZDLE9BQU8sQ0FBQyxHQUFHLENBQUMsc0JBQXNCLENBQUMsQ0FBQTtZQUNuQyxtRUFBbUU7WUFDbkUsYUFBYSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQTtRQUNoRCxDQUFDO2FBQU0sSUFBSSxxQkFBcUIsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztZQUNoRCxPQUFPLENBQUMsR0FBRyxDQUFDLHNCQUFzQixDQUFDLENBQUE7WUFDbkMsU0FBUyxHQUFHO2dCQUNWLEdBQUcsU0FBUztnQkFDWixHQUFJLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLENBQTRCO2FBQzlELENBQUE7UUFDSCxDQUFDO2FBQU0sQ0FBQztZQUNOLE9BQU8sQ0FBQyxHQUFHLENBQUMsdUJBQXVCLENBQUMsQ0FBQTtRQUN0QyxDQUFDO0lBQ0gsQ0FBQztJQUVELElBQUksYUFBYSxLQUFLLElBQUksRUFBRSxDQUFDO1FBQzNCLE1BQU0sSUFBSSxLQUFLLENBQUMsK0JBQStCLENBQUMsQ0FBQTtJQUNsRCxDQUFDO0lBRUQsT0FBTztRQUNMLGFBQWEsRUFBRSxJQUFJLENBQUMsU0FBUyxDQUFDLGFBQWEsQ0FBQztRQUM1QyxTQUFTLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxTQUFTLENBQUM7UUFDcEMsZ0JBQWdCLEVBQUUsTUFBTSxDQUFDLFdBQVcsQ0FDbEMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFOztZQUFDLE9BQUE7Z0JBQ3JCLElBQUk7Z0JBQ0osTUFBQSxNQUFBLGFBQWMsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLENBQUMsRUFBRSxFQUFFLEVBQUUsQ0FBQyxFQUFFLENBQUMsSUFBSSxLQUFLLElBQUksQ0FBQywwQ0FBRSxVQUFVLENBQ25FLE1BQU0sbUNBQUksQ0FBQzthQUNmLENBQUE7U0FBQSxDQUFDLENBQ0g7S0FDRixDQUFBO0FBQ0gsQ0FBQyxDQUFBO0FBRUQseUVBQXlFO0FBQ3pFLE1BQU0sa0JBQWtCLEdBQVksS0FBSyxFQUFFLEtBQTZCLEVBQUUsRUFBRTtJQUMxRSxzR0FBc0c7SUFDdEcsTUFBTSxHQUFHLEdBQUcsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFBO0lBQzlCLHdHQUF3RztJQUN4RyxNQUFNLEVBQUUsR0FBRyxJQUFJLEdBQUcsQ0FBQyxhQUFhLEVBQXdCLENBQUE7SUFFeEQsT0FBTyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsRUFBRSxLQUFLLENBQUMsQ0FBQTtJQUV0QyxNQUFNLGVBQWUsR0FBRyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsQ0FBQTtJQUMvQyxNQUFNLG1CQUFtQixHQUFHLEtBQUssQ0FBQyxhQUFhLENBQUMsQ0FBQTtJQUVoRCxNQUFNLFVBQVUsR0FBRyxDQUNqQixNQUFNLEVBQUU7U0FDTCxjQUFjLENBQUM7UUFDZCxlQUFlO1FBQ2YsWUFBWSxFQUFFLFNBQVM7S0FDeEIsQ0FBQztTQUNELE9BQU8sRUFBRSxDQUNiLENBQUMsVUFBVSxDQUFBO0lBRVosT0FBTyxDQUFDLEdBQUcsQ0FBQyxjQUFjLEVBQUUsVUFBVSxDQUFDLENBQUE7SUFFdkMsTUFBTSxnQkFBZ0IsR0FBRyxVQUFVLENBQUMsSUFBSSxDQUN0QyxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsRUFBRSxDQUFDLFlBQVksSUFBSSxtQkFBbUIsQ0FDL0MsQ0FBQTtJQUVELElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQ3RCLE1BQU0sSUFBSSxLQUFLLENBQUMsa0NBQWtDLENBQUMsQ0FBQTtJQUNyRCxDQUFDO0lBRUQsTUFBTSxLQUFLLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FDN0IsQ0FBQyxFQUFFLEVBQUUsRUFBRSxDQUFDLEVBQUUsQ0FBQyxTQUFTLEdBQUcsZ0JBQWdCLENBQUMsU0FBUyxDQUNsRCxDQUFDLE1BQU0sQ0FBQTtJQUVSLE9BQU87UUFDTCxXQUFXLEVBQ1QsS0FBSyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsTUFBTSxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxNQUFNO0tBQ3BFLENBQUE7QUFDSCxDQUFDLENBQUEiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gXCJjb25zdHJ1Y3RzXCJcbmltcG9ydCAqIGFzIGVjMiBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWVjMlwiXG5pbXBvcnQgKiBhcyBldmVudHMgZnJvbSBcImF3cy1jZGstbGliL2F3cy1ldmVudHNcIlxuaW1wb3J0ICogYXMgZXZlbnRzVGFyZ2V0cyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50cy10YXJnZXRzXCJcbmltcG9ydCAqIGFzIGlhbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiXG5pbXBvcnQgKiBhcyBsYW1iZGEgZnJvbSBcImF3cy1jZGstbGliL2F3cy1sYW1iZGFcIlxuaW1wb3J0ICogYXMgczMgZnJvbSBcImF3cy1jZGstbGliL2F3cy1zM1wiXG5pbXBvcnQgKiBhcyBzZm4gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zdGVwZnVuY3Rpb25zXCJcbmltcG9ydCB7IENvbmRpdGlvbiB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtc3RlcGZ1bmN0aW9uc1wiXG5pbXBvcnQgKiBhcyB0YXNrcyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXN0ZXBmdW5jdGlvbnMtdGFza3NcIlxuaW1wb3J0ICogYXMgY2RrIGZyb20gXCJhd3MtY2RrLWxpYlwiXG5pbXBvcnQgdHlwZSB7IEhhbmRsZXIgfSBmcm9tIFwiYXdzLWxhbWJkYVwiXG5pbXBvcnQgdHlwZSAqIGFzIF9BV1MgZnJvbSBcImF3cy1zZGtcIlxuaW1wb3J0IHsgZ2V0R3JpaWRBcnRlZmFjdEJ1Y2tldCB9IGZyb20gXCIuLi9ncmlpZFwiXG5pbXBvcnQgeyBwaXBlbGluZVMzUHJlZml4LCBwaXBlbGluZVMzVHJpZ2dlcktleSB9IGZyb20gXCIuL2NvbnZlbnRpb25zXCJcbmltcG9ydCB7IERlcGxveUVudiB9IGZyb20gXCIuL2RlcGxveS1lbnZcIlxuXG5leHBvcnQgaW50ZXJmYWNlIFBpcGVsaW5lUHJvcHMge1xuICAvKipcbiAgICogQnVja2V0IGhvbGRpbmcgcGlwZWxpbmUgY29uZmlndXJhdGlvbiBhbmQgdHJpZ2dlciBmaWxlLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIHVzZSBleGlzdGluZyBidWNrZXQgYmFzZWQgb24gR3JpaWQgY29udmVudGlvbnNcbiAgICovXG4gIGFydGlmYWN0c0J1Y2tldD86IHMzLklCdWNrZXRcbiAgLyoqXG4gICAqIEVudmlyb25tZW50cyBmb3IgdGhpcyBwaXBlbGluZS4gRWFjaCBlbnZpcm9ubWVudCBpcyBkZXBsb3llZCBzZXF1ZW50aWFsbHlcbiAgICogaW4gdGhlIG9yZGVyIGdpdmVuLlxuICAgKi9cbiAgZW52aXJvbm1lbnRzOiBQaXBlbGluZUVudmlyb25tZW50W11cbiAgLyoqXG4gICAqIE5hbWUgb2YgcGlwZWxpbmUuIFRoaXMgaXMgdXNlZCBmb3IgdGhlIHBhdGggd2hlcmUgY29uZmlndXJhdGlvblxuICAgKiBpcyBzdG9yZWQgaW4gUzMuXG4gICAqL1xuICBwaXBlbGluZU5hbWU6IHN0cmluZ1xuICAvKipcbiAgICogVHJpZ2dlciB0aGUgcGlwZWxpbmUgd2hlbiB0aGUgdHJpZ2dlciBmaWxlIGlzIHdyaXR0ZW4uXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gdHJ1ZVxuICAgKi9cbiAgdHJpZ2dlckVuYWJsZWQ/OiBib29sZWFuXG4gIC8qKlxuICAgKiBWUEMgdXNlZCBmb3IgRmFyZ2F0ZSByZXNvdXJjZXMuXG4gICAqL1xuICB2cGM6IGVjMi5JVnBjXG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUGlwZWxpbmVFbnZpcm9ubWVudCB7XG4gIC8qKlxuICAgKiBBY2NvdW50IG51bWJlciBob3N0aW5nIHRoZSBlbnZpcm9ubWVudC5cbiAgICovXG4gIGFjY291bnRJZDogc3RyaW5nXG4gIC8qKlxuICAgKiBBZGRpdGlvbmFsIHRhc2tzIHRvIHJ1biBhZnRlciB0aGUgZW52aXJvbm1lbnQgaGFzIGJlZW4gZGVwbG95ZWQuXG4gICAqL1xuICBhZnRlclN1Y2Nlc3NmdWxEZXBsb3k/OiBzZm4uQ2hhaW5cbiAgLyoqXG4gICAqIE5hbWUgb2YgZW52aXJvbm1lbnQuXG4gICAqL1xuICBuYW1lOiBzdHJpbmdcbn1cblxuLyoqXG4gKiBQaXBlbGluZSBmb3IgZG9pbmcgYSBtdWx0aS1hY2NvdW50IENESyBkZXBsb3ltZW50IGJhc2VkXG4gKiBvbiBhIGJ1aWx0IENESyBDbG91ZCBBc3NlbWJseSBhbmQgcGFyYW1ldGVycyBzdG9yZWQgaW4gUzMuXG4gKlxuICogVGhlIGFjY291bnRzIGJlaW5nIGRlcGxveWVkIHRvIG11c3QgYmUgcHJvdmlzaW9uZWQgd2l0aFxuICogdGhlIExpZmxpZ0Nka0RlcGxveWVyRGVwcyBjb25zdHJ1Y3Qgc28gZXhwZWN0ZWQgSUFNXG4gKiByb2xlcyBpcyBwcmVzZW50LlxuICpcbiAqIFRoZSBwaXBlbGluZSBzdGFydHMgYnkgd3JpdGluZyBhbiBlbXB0eSBmaWxlIHRvXG4gKiBzMzovLzxhcnRpZmFjdHMtYnVja2V0Pi9waXBlbGluZXMvPHBpcGVsaW5lLW5hbWU+L3RyaWdnZXJcbiAqXG4gKiBUaGUgQ0RLIGRlcGxveSBwcm9jZXNzIGlzIGhhbmRsZWQgYnkgbGlmbGlnLWNkay1kZXBsb3llci5cbiAqIFNlZSBodHRwczovL2dpdGh1Yi5jb20vY2FwcmFsaWZlY3ljbGUvbGlmbGlnLWNkay1kZXBsb3llclxuICpcbiAqIENvbmZpZ3VyYXRpb24gZmlsZXMgYXJlIHJlYWQgZnJvbSBTMyBhdCB0aGUgcGF0aFxuICogczM6Ly88YXJ0aWZhY3RzLWJ1Y2tldD4vcGlwZWxpbmVzLzxwaXBlbGluZS1uYW1lPi9cbiAqXG4gKiAgLSBjbG91ZC1hc3NlbWJseS5qc29uIHdoaWNoIGhhcyB0aGUgZm9ybWF0IGRlc2NyaWJlZCBhc1xuICogICAgQ0RLX0NMT1VEX0FTU0VNQkxZIGluIGxpZmxpZy1jZGstZGVwbG95ZXJcbiAqXG4gKiAgLSB2YXJpYWJsZXMqLmpzb24gd2hpY2ggY2FuIGJlIHplcm8gb3IgbW9yZSBmaWxlc1xuICogICAgd2l0aCBzdHJpbmctc3RyaW5nIG1hcCB0aGF0IHdpbGwgYmUgY29uY2F0ZW5hdGVkIHRvXG4gKiAgICBmb3JtIHRoZSBmb3JtYXQgZGVzY3JpYmVkIGFzIENES19WQVJJQUJMRVMgaW5cbiAqICAgIGxpZmxpZy1jZGstZGVwbG95ZXJcbiAqXG4gKiBUaGUgc2VwYXJhdGlvbiBvZiBDbG91ZCBBc3NlbWJseSBkZXRhaWxzIGFuZCB2YXJpYWJsZXMgZW5hYmxlc1xuICogc2VwYXJhdGlvbiBvZiBJYUMgY29kZSBhbmQgYXBwbGljYXRpb24gY29kZSBpZiB0aGV5IGFyZSBub3RcbiAqIGNvbG9jYXRlZCBpbiB0aGUgc2FtZSByZXBvc2l0b3J5LlxuICovXG5leHBvcnQgY2xhc3MgUGlwZWxpbmUgZXh0ZW5kcyBjb25zdHJ1Y3RzLkNvbnN0cnVjdCB7XG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFBpcGVsaW5lUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpXG5cbiAgICBjb25zdCBzM1ByZWZpeCA9IHBpcGVsaW5lUzNQcmVmaXgocHJvcHMucGlwZWxpbmVOYW1lKVxuICAgIGNvbnN0IHMzVHJpZ2dlcktleSA9IHBpcGVsaW5lUzNUcmlnZ2VyS2V5KHByb3BzLnBpcGVsaW5lTmFtZSlcblxuICAgIGNvbnN0IGFydGlmYWN0c0J1Y2tldCA9XG4gICAgICBwcm9wcy5hcnRpZmFjdHNCdWNrZXQgPz8gZ2V0R3JpaWRBcnRlZmFjdEJ1Y2tldCh0aGlzKVxuXG4gICAgY29uc3QgY2hlY2tDYW5SdW5GbiA9IG5ldyBsYW1iZGEuU2luZ2xldG9uRnVuY3Rpb24odGhpcywgXCJDaGVja0NhblJ1bkZuXCIsIHtcbiAgICAgIHV1aWQ6IFwiMzBhZDNhYmItZjc3NC00ODA0LWE2ZWYtMmMyZjRhMjQ3MzYyXCIsXG4gICAgICBjb2RlOiBuZXcgbGFtYmRhLklubGluZUNvZGUoXG4gICAgICAgIGBleHBvcnRzLmhhbmRsZXIgPSAke2NoZWNrQ2FuUnVuSGFuZGxlci50b1N0cmluZygpfTtgLFxuICAgICAgKSxcbiAgICAgIHJ1bnRpbWU6IGxhbWJkYS5SdW50aW1lLk5PREVKU18xNl9YLFxuICAgICAgaGFuZGxlcjogXCJpbmRleC5oYW5kbGVyXCIsXG4gICAgICB0aW1lb3V0OiBjZGsuRHVyYXRpb24uc2Vjb25kcygxMCksXG4gICAgfSlcblxuICAgIGNvbnN0IGNoZWNrQ2FuUnVuVGFzayA9IG5ldyB0YXNrcy5MYW1iZGFJbnZva2UoXG4gICAgICB0aGlzLFxuICAgICAgXCJDaGVjayBpZiB0aGUgcHJvY2VzcyBjYW4gcnVuXCIsXG4gICAgICB7XG4gICAgICAgIGxhbWJkYUZ1bmN0aW9uOiBjaGVja0NhblJ1bkZuLFxuICAgICAgICBvdXRwdXRQYXRoOiBcIiQuUGF5bG9hZFwiLFxuICAgICAgICBwYXlsb2FkOiBzZm4uVGFza0lucHV0LmZyb21PYmplY3Qoe1xuICAgICAgICAgIFwic3RhdGVNYWNoaW5lSWQuJFwiOiBcIiQkLlN0YXRlTWFjaGluZS5JZFwiLFxuICAgICAgICAgIFwiZXhlY3V0aW9uSWQuJFwiOiBcIiQkLkV4ZWN1dGlvbi5JZFwiLFxuICAgICAgICB9KSxcbiAgICAgIH0sXG4gICAgKVxuXG4gICAgY29uc3Qgd2FpdCA9IG5ldyBzZm4uV2FpdCh0aGlzLCBcIldhaXQgYmVmb3JlIHJlY2hlY2tpbmcgc3RhdHVzXCIsIHtcbiAgICAgIHRpbWU6IHNmbi5XYWl0VGltZS5kdXJhdGlvbihjZGsuRHVyYXRpb24uc2Vjb25kcygxNSkpLFxuICAgIH0pXG5cbiAgICBjb25zdCBza2lwID0gbmV3IHNmbi5TdWNjZWVkKHRoaXMsIFwiU2tpcFwiKVxuXG4gICAgY29uc3QgY29sbGVjdEZpbGVzRm4gPSBuZXcgbGFtYmRhLlNpbmdsZXRvbkZ1bmN0aW9uKFxuICAgICAgdGhpcyxcbiAgICAgIFwiQ29sbGVjdEZpbGVzRm5cIixcbiAgICAgIHtcbiAgICAgICAgdXVpZDogXCJjNDljYmZlMS01MGUwLTQ3MjEtODk2NC1mYjIwZjRlNWE3YWRcIixcbiAgICAgICAgY29kZTogbmV3IGxhbWJkYS5JbmxpbmVDb2RlKFxuICAgICAgICAgIGBleHBvcnRzLmhhbmRsZXIgPSAke2NvbGxlY3RGaWxlc0hhbmRsZXIudG9TdHJpbmcoKX07YCxcbiAgICAgICAgKSxcbiAgICAgICAgcnVudGltZTogbGFtYmRhLlJ1bnRpbWUuTk9ERUpTXzE2X1gsXG4gICAgICAgIGhhbmRsZXI6IFwiaW5kZXguaGFuZGxlclwiLFxuICAgICAgICB0aW1lb3V0OiBjZGsuRHVyYXRpb24uc2Vjb25kcygzMCksXG4gICAgICB9LFxuICAgIClcblxuICAgIGFydGlmYWN0c0J1Y2tldC5ncmFudFJlYWQoY29sbGVjdEZpbGVzRm4pXG5cbiAgICBjb25zdCBjb2xsZWN0RmlsZXNUYXNrID0gbmV3IHRhc2tzLkxhbWJkYUludm9rZShcbiAgICAgIHRoaXMsXG4gICAgICBcIkNvbGxlY3QgZmlsZXMgZnJvbSBTM1wiLFxuICAgICAge1xuICAgICAgICBsYW1iZGFGdW5jdGlvbjogY29sbGVjdEZpbGVzRm4sXG4gICAgICAgIG91dHB1dFBhdGg6IFwiJC5QYXlsb2FkXCIsXG4gICAgICAgIHBheWxvYWQ6IHNmbi5UYXNrSW5wdXQuZnJvbU9iamVjdCh7XG4gICAgICAgICAgYnVja2V0TmFtZTogYXJ0aWZhY3RzQnVja2V0LmJ1Y2tldE5hbWUsXG4gICAgICAgICAgYnVja2V0UHJlZml4OiBzM1ByZWZpeCxcbiAgICAgICAgICBlbnZOYW1lczogcHJvcHMuZW52aXJvbm1lbnRzLm1hcCgoaXQpID0+IGl0Lm5hbWUpLFxuICAgICAgICB9KSxcbiAgICAgIH0sXG4gICAgKVxuXG4gICAgbGV0IHJ1bjogc2ZuLkNoYWluID0gc2ZuLkNoYWluLnN0YXJ0KGNvbGxlY3RGaWxlc1Rhc2spXG5cbiAgICBjb25zdCBpZkhhdmluZ1N0YWNrcyA9IChuYW1lOiBzdHJpbmcsIHdvcms6IHNmbi5DaGFpbikgPT5cbiAgICAgIG5ldyBzZm4uQ2hvaWNlKHRoaXMsIGBDaGVjayBpZiAke25hbWV9IGhhcyBzdGFja3NgKVxuICAgICAgICAud2hlbihcbiAgICAgICAgICBDb25kaXRpb24ub3IoXG4gICAgICAgICAgICBDb25kaXRpb24uaXNOdWxsKGAkLlN0YWNrQ291bnRQZXJFbnYuJHtuYW1lfWApLFxuICAgICAgICAgICAgQ29uZGl0aW9uLm51bWJlckVxdWFscyhgJC5TdGFja0NvdW50UGVyRW52LiR7bmFtZX1gLCAwKSxcbiAgICAgICAgICApLFxuICAgICAgICAgIG5ldyBzZm4uUGFzcyh0aGlzLCBgU2tpcCAke25hbWV9YCksXG4gICAgICAgIClcbiAgICAgICAgLm90aGVyd2lzZSh3b3JrKVxuICAgICAgICAuYWZ0ZXJ3YXJkcygpXG5cbiAgICBmb3IgKGNvbnN0IGVudiBvZiBwcm9wcy5lbnZpcm9ubWVudHMpIHtcbiAgICAgIGNvbnN0IGl0ID0gbmV3IERlcGxveUVudih0aGlzLCBlbnYubmFtZSwge1xuICAgICAgICBhY2NvdW50SWQ6IGVudi5hY2NvdW50SWQsXG4gICAgICAgIGFmdGVyU3VjY2Vzc2Z1bERlcGxveTogZW52LmFmdGVyU3VjY2Vzc2Z1bERlcGxveSxcbiAgICAgICAgYXJ0ZWZhY3RCdWNrZXQ6IGFydGlmYWN0c0J1Y2tldCxcbiAgICAgICAgZW52TmFtZTogZW52Lm5hbWUsXG4gICAgICAgIHZwYzogcHJvcHMudnBjLFxuICAgICAgfSlcblxuICAgICAgcnVuID0gcnVuLm5leHQoaWZIYXZpbmdTdGFja3MoZW52Lm5hbWUsIGl0LmNoYWluKSlcbiAgICB9XG5cbiAgICBjb25zdCBkZWZpbml0aW9uOiBzZm4uQ2hhaW4gPSBzZm4uQ2hhaW4uc3RhcnQoY2hlY2tDYW5SdW5UYXNrKS5uZXh0KFxuICAgICAgbmV3IHNmbi5DaG9pY2UodGhpcywgXCJDYW4gcnVuP1wiKVxuICAgICAgICAud2hlbihDb25kaXRpb24uc3RyaW5nRXF1YWxzKFwiJC5DYW5SdW5TdGF0ZVwiLCBcIkNPTlRJTlVFXCIpLCBydW4pXG4gICAgICAgIC53aGVuKENvbmRpdGlvbi5zdHJpbmdFcXVhbHMoXCIkLkNhblJ1blN0YXRlXCIsIFwiU0tJUFwiKSwgc2tpcClcbiAgICAgICAgLm90aGVyd2lzZSh3YWl0Lm5leHQoY2hlY2tDYW5SdW5UYXNrKSksXG4gICAgKVxuXG4gICAgY29uc3QgbWFjaGluZSA9IG5ldyBzZm4uU3RhdGVNYWNoaW5lKHRoaXMsIFwiU3RhdGVNYWNoaW5lXCIsIHtcbiAgICAgIGRlZmluaXRpb24sXG4gICAgICAvLyBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vc3RlcC1mdW5jdGlvbnMvbGF0ZXN0L2RnL3Nmbi1zdHVjay1leGVjdXRpb24uaHRtbFxuICAgICAgdGltZW91dDogY2RrLkR1cmF0aW9uLmhvdXJzKDMpLFxuICAgIH0pXG5cbiAgICBuZXcgaWFtLlBvbGljeSh0aGlzLCBcIkNoZWNrQ2FuUnVuUG9saWN5XCIsIHtcbiAgICAgIHJvbGVzOiBbY2hlY2tDYW5SdW5Gbi5yb2xlIV0sXG4gICAgICBzdGF0ZW1lbnRzOiBbXG4gICAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXCJzdGF0ZXM6TGlzdEV4ZWN1dGlvbnNcIl0sXG4gICAgICAgICAgcmVzb3VyY2VzOiBbbWFjaGluZS5zdGF0ZU1hY2hpbmVBcm5dLFxuICAgICAgICB9KSxcbiAgICAgIF0sXG4gICAgfSlcblxuICAgIGlmIChwcm9wcy50cmlnZ2VyRW5hYmxlZCA/PyB0cnVlKSB7XG4gICAgICBhcnRpZmFjdHNCdWNrZXQub25DbG91ZFRyYWlsV3JpdGVPYmplY3QoXCJUcmlnZ2VyXCIsIHtcbiAgICAgICAgcGF0aHM6IFtzM1RyaWdnZXJLZXldLFxuICAgICAgICB0YXJnZXQ6IG5ldyBldmVudHNUYXJnZXRzLlNmblN0YXRlTWFjaGluZShtYWNoaW5lLCB7XG4gICAgICAgICAgaW5wdXQ6IGV2ZW50cy5SdWxlVGFyZ2V0SW5wdXQuZnJvbU9iamVjdCh7fSksXG4gICAgICAgIH0pLFxuICAgICAgfSlcbiAgICB9XG4gIH1cbn1cblxuaW50ZXJmYWNlIENsb3VkQXNzZW1ibHkge1xuICBjbG91ZEFzc2VtYmx5QnVja2V0TmFtZTogc3RyaW5nXG4gIGNsb3VkQXNzZW1ibHlCdWNrZXRLZXk6IHN0cmluZ1xuICBlbnZpcm9ubWVudHM6IHtcbiAgICBuYW1lOiBzdHJpbmdcbiAgICBzdGFja05hbWVzOiBzdHJpbmdbXVxuICB9W11cbiAgcGFyYW1ldGVyczoge1xuICAgIG5hbWU6IHN0cmluZ1xuICAgIHZhbHVlOiB1bmtub3duIHwgeyB0eXBlOiBcInZhcmlhYmxlXCI7IHZhcmlhYmxlOiBzdHJpbmcgfVxuICB9W11cbn1cblxuLy8gVGhpcyBpcyBhIHNlbGYtY29udGFpbmVkIGZ1bmN0aW9uIHRoYXQgd2lsbCBiZSBzZXJpYWxpemVkIGFzIGEgbGFtYmRhLlxuLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby1leHBsaWNpdC1hbnlcbmNvbnN0IGNvbGxlY3RGaWxlc0hhbmRsZXI6IEhhbmRsZXIgPSBhc3luYyAoZXZlbnQ6IFJlY29yZDxzdHJpbmcsIGFueT4pID0+IHtcbiAgLy8gZXNsaW50LWRpc2FibGUtbmV4dC1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby12YXItcmVxdWlyZXMsQHR5cGVzY3JpcHQtZXNsaW50L25vLXVuc2FmZS1hc3NpZ25tZW50XG4gIGNvbnN0IEFXUyA9IHJlcXVpcmUoXCJhd3Mtc2RrXCIpXG4gIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBAdHlwZXNjcmlwdC1lc2xpbnQvbm8tdW5zYWZlLWNhbGwsQHR5cGVzY3JpcHQtZXNsaW50L25vLXVuc2FmZS1tZW1iZXItYWNjZXNzXG4gIGNvbnN0IHMzID0gbmV3IEFXUy5TMygpIGFzIF9BV1MuUzNcblxuICBjb25zb2xlLmxvZyhcIkV2ZW50IHJlY2VpdmVkOiBcIiwgZXZlbnQpXG5cbiAgY29uc3QgYnVja2V0TmFtZSA9IGV2ZW50LmJ1Y2tldE5hbWUgYXMgc3RyaW5nXG4gIGNvbnN0IGJ1Y2tldFByZWZpeCA9IGV2ZW50LmJ1Y2tldFByZWZpeCBhcyBzdHJpbmdcbiAgY29uc3QgZW52TmFtZXMgPSBldmVudC5lbnZOYW1lcyBhcyBzdHJpbmdbXVxuXG4gIGlmIChidWNrZXRQcmVmaXguc2xpY2UoLTEpICE9PSBcIi9cIikge1xuICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgIGBFeHBlY3RlZCBidWNrZXQgcHJlZml4IHRvIGVuZCB3aXRoICcvJyBidXQgaXRzIHZhbHVlIGlzICcke2J1Y2tldFByZWZpeH0nYCxcbiAgICApXG4gIH1cblxuICBjb25zdCBmaWxlcyA9IGF3YWl0IHMzXG4gICAgLmxpc3RPYmplY3RzVjIoe1xuICAgICAgQnVja2V0OiBidWNrZXROYW1lLFxuICAgICAgUHJlZml4OiBidWNrZXRQcmVmaXgsXG4gICAgfSlcbiAgICAucHJvbWlzZSgpXG5cbiAgYXN5bmMgZnVuY3Rpb24gZ2V0RGF0YShrZXk6IHN0cmluZyk6IFByb21pc2U8c3RyaW5nPiB7XG4gICAgY29uc3QgcmVzdWx0ID0gYXdhaXQgczNcbiAgICAgIC5nZXRPYmplY3Qoe1xuICAgICAgICBCdWNrZXQ6IGJ1Y2tldE5hbWUsXG4gICAgICAgIEtleToga2V5LFxuICAgICAgfSlcbiAgICAgIC5wcm9taXNlKClcbiAgICByZXR1cm4gcmVzdWx0LkJvZHkhLnRvU3RyaW5nKClcbiAgfVxuXG4gIGxldCBjbG91ZEFzc2VtYmx5OiBDbG91ZEFzc2VtYmx5IHwgbnVsbCA9IG51bGxcbiAgbGV0IHZhcmlhYmxlczogUmVjb3JkPHN0cmluZywgc3RyaW5nPiA9IHt9XG5cbiAgZm9yIChjb25zdCBmaWxlIG9mIGZpbGVzLkNvbnRlbnRzID8/IFtdKSB7XG4gICAgY29uc3Qga2V5ID0gZmlsZS5LZXkhXG4gICAgY29uc3QgZmlsZW5hbWUgPSBrZXkuc2xpY2UoYnVja2V0UHJlZml4Lmxlbmd0aClcblxuICAgIGNvbnNvbGUubG9nKGBGaWxlOiAke2ZpbGVuYW1lfWApXG5cbiAgICBpZiAoZmlsZW5hbWUgPT09IFwiY2xvdWQtYXNzZW1ibHkuanNvblwiKSB7XG4gICAgICBjb25zb2xlLmxvZyhcIkZvdW5kIENsb3VkIEFzc2VtYmx5XCIpXG4gICAgICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXVuc2FmZS1hc3NpZ25tZW50XG4gICAgICBjbG91ZEFzc2VtYmx5ID0gSlNPTi5wYXJzZShhd2FpdCBnZXREYXRhKGtleSkpXG4gICAgfSBlbHNlIGlmICgvXnZhcmlhYmxlcy4qXFwuanNvbiQvLnRlc3QoZmlsZW5hbWUpKSB7XG4gICAgICBjb25zb2xlLmxvZyhcIkZvdW5kIHZhcmlhYmxlcyBmaWxlXCIpXG4gICAgICB2YXJpYWJsZXMgPSB7XG4gICAgICAgIC4uLnZhcmlhYmxlcyxcbiAgICAgICAgLi4uKEpTT04ucGFyc2UoYXdhaXQgZ2V0RGF0YShrZXkpKSBhcyBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+KSxcbiAgICAgIH1cbiAgICB9IGVsc2Uge1xuICAgICAgY29uc29sZS5sb2coXCJJZ25vcmluZyB1bmtub3duIGZpbGVcIilcbiAgICB9XG4gIH1cblxuICBpZiAoY2xvdWRBc3NlbWJseSA9PT0gbnVsbCkge1xuICAgIHRocm93IG5ldyBFcnJvcihcImNsb3VkLWFzc2VtYmx5Lmpzb24gbm90IGZvdW5kXCIpXG4gIH1cblxuICByZXR1cm4ge1xuICAgIENsb3VkQXNzZW1ibHk6IEpTT04uc3RyaW5naWZ5KGNsb3VkQXNzZW1ibHkpLFxuICAgIFZhcmlhYmxlczogSlNPTi5zdHJpbmdpZnkodmFyaWFibGVzKSxcbiAgICBTdGFja0NvdW50UGVyRW52OiBPYmplY3QuZnJvbUVudHJpZXMoXG4gICAgICBlbnZOYW1lcy5tYXAoKG5hbWUpID0+IFtcbiAgICAgICAgbmFtZSxcbiAgICAgICAgY2xvdWRBc3NlbWJseSEuZW52aXJvbm1lbnRzLmZpbmQoKGl0KSA9PiBpdC5uYW1lID09PSBuYW1lKT8uc3RhY2tOYW1lc1xuICAgICAgICAgIC5sZW5ndGggPz8gMCxcbiAgICAgIF0pLFxuICAgICksXG4gIH1cbn1cblxuLy8gVGhpcyBpcyBhIHNlbGYtY29udGFpbmVkIGZ1bmN0aW9uIHRoYXQgd2lsbCBiZSBzZXJpYWxpemVkIGFzIGEgbGFtYmRhLlxuY29uc3QgY2hlY2tDYW5SdW5IYW5kbGVyOiBIYW5kbGVyID0gYXN5bmMgKGV2ZW50OiBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+KSA9PiB7XG4gIC8vIGVzbGludC1kaXNhYmxlLW5leHQtbGluZSBAdHlwZXNjcmlwdC1lc2xpbnQvbm8tdmFyLXJlcXVpcmVzLEB0eXBlc2NyaXB0LWVzbGludC9uby11bnNhZmUtYXNzaWdubWVudFxuICBjb25zdCBBV1MgPSByZXF1aXJlKFwiYXdzLXNka1wiKVxuICAvLyBlc2xpbnQtZGlzYWJsZS1uZXh0LWxpbmUgQHR5cGVzY3JpcHQtZXNsaW50L25vLXVuc2FmZS1jYWxsLEB0eXBlc2NyaXB0LWVzbGludC9uby11bnNhZmUtbWVtYmVyLWFjY2Vzc1xuICBjb25zdCBzZiA9IG5ldyBBV1MuU3RlcEZ1bmN0aW9ucygpIGFzIF9BV1MuU3RlcEZ1bmN0aW9uc1xuXG4gIGNvbnNvbGUubG9nKFwiRXZlbnQgcmVjZWl2ZWQ6IFwiLCBldmVudClcblxuICBjb25zdCBzdGF0ZU1hY2hpbmVBcm4gPSBldmVudFtcInN0YXRlTWFjaGluZUlkXCJdXG4gIGNvbnN0IGN1cnJlbnRFeGVjdXRpb25Bcm4gPSBldmVudFtcImV4ZWN1dGlvbklkXCJdXG5cbiAgY29uc3QgZXhlY3V0aW9ucyA9IChcbiAgICBhd2FpdCBzZlxuICAgICAgLmxpc3RFeGVjdXRpb25zKHtcbiAgICAgICAgc3RhdGVNYWNoaW5lQXJuLFxuICAgICAgICBzdGF0dXNGaWx0ZXI6IFwiUlVOTklOR1wiLFxuICAgICAgfSlcbiAgICAgIC5wcm9taXNlKClcbiAgKS5leGVjdXRpb25zXG5cbiAgY29uc29sZS5sb2coXCJFeGVjdXRpb25zOiBcIiwgZXhlY3V0aW9ucylcblxuICBjb25zdCBjdXJyZW50RXhlY3V0aW9uID0gZXhlY3V0aW9ucy5maW5kKFxuICAgIChpdCkgPT4gaXQuZXhlY3V0aW9uQXJuID09IGN1cnJlbnRFeGVjdXRpb25Bcm4sXG4gIClcblxuICBpZiAoIWN1cnJlbnRFeGVjdXRpb24pIHtcbiAgICB0aHJvdyBuZXcgRXJyb3IoXCJDb3VsZCBub3QgZmluZCBjdXJyZW50IGV4ZWN1dGlvblwiKVxuICB9XG5cbiAgY29uc3QgbmV3ZXIgPSBleGVjdXRpb25zLmZpbHRlcihcbiAgICAoaXQpID0+IGl0LnN0YXJ0RGF0ZSA+IGN1cnJlbnRFeGVjdXRpb24uc3RhcnREYXRlLFxuICApLmxlbmd0aFxuXG4gIHJldHVybiB7XG4gICAgQ2FuUnVuU3RhdGU6XG4gICAgICBuZXdlciA+IDAgPyBcIlNLSVBcIiA6IGV4ZWN1dGlvbnMubGVuZ3RoID09IDEgPyBcIkNPTlRJTlVFXCIgOiBcIldBSVRcIixcbiAgfVxufVxuIl19

package/lib/platform/index.d.ts

@@ -0,0 +1 @@
+export { PlatformProducer, PlatformConsumer, PlatformProducerProps, PlatformConsumerProps, } from "./platform";

package/lib/platform/index.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PlatformConsumer = exports.PlatformProducer = void 0;
+var platform_1 = require("./platform");
+Object.defineProperty(exports, "PlatformProducer", { enumerable: true, get: function () { return platform_1.PlatformProducer; } });
+Object.defineProperty(exports, "PlatformConsumer", { enumerable: true, get: function () { return platform_1.PlatformConsumer; } });
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcGxhdGZvcm0vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsdUNBS21CO0FBSmpCLDRHQUFBLGdCQUFnQixPQUFBO0FBQ2hCLDRHQUFBLGdCQUFnQixPQUFBIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IHtcbiAgUGxhdGZvcm1Qcm9kdWNlcixcbiAgUGxhdGZvcm1Db25zdW1lcixcbiAgUGxhdGZvcm1Qcm9kdWNlclByb3BzLFxuICBQbGF0Zm9ybUNvbnN1bWVyUHJvcHMsXG59IGZyb20gXCIuL3BsYXRmb3JtXCJcbiJdfQ==

package/lib/platform/platform.d.ts

@@ -0,0 +1,37 @@
+import * as constructs from "constructs";
+import * as ssm from "aws-cdk-lib/aws-ssm";
+export interface PlatformProducerProps {
+    platformNamespace: string;
+    platformName: string;
+}
+/**
+ *
+ * Produces the resources that will be consumed in PlatformConsumer.
+ * In other words; this must run before PlatformConsumer.
+ *
+ * Used for producing references to the core resources.
+ */
+export declare abstract class PlatformProducer extends constructs.Construct {
+    private platformNamespace;
+    private platformName;
+    constructor(scope: constructs.Construct, id: string, props: PlatformProducerProps);
+    protected putParam(name: string, value: string): ssm.StringParameter;
+}
+export interface PlatformConsumerProps {
+    platformNamespace: string;
+    platformName: string;
+}
+/**
+ *
+ * Consumes the resources that have been produced by PlatformProducer.
+ * In other words; this must run after PlatformProducer.
+ *
+ * Used for consuming the core resources, which PlatformProducer creates references to.
+ */
+export declare abstract class PlatformConsumer extends constructs.Construct {
+    private platformNamespace;
+    private platformName;
+    constructor(scope: constructs.Construct, id: string, props: PlatformConsumerProps);
+    protected lazy<T>(producer: () => T): () => T;
+    protected getParam(name: string): string;
+}

package/lib/platform/platform.js

@@ -0,0 +1,57 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PlatformConsumer = exports.PlatformProducer = void 0;
+const constructs = require("constructs");
+const ssm = require("aws-cdk-lib/aws-ssm");
+function paramName(platformNamespace, platformName, resourceName) {
+    return `/liflig-cdk/${platformNamespace}/platform/${platformName}/${resourceName}`;
+}
+/**
+ *
+ * Produces the resources that will be consumed in PlatformConsumer.
+ * In other words; this must run before PlatformConsumer.
+ *
+ * Used for producing references to the core resources.
+ */
+class PlatformProducer extends constructs.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.platformNamespace = props.platformNamespace;
+        this.platformName = props.platformName;
+    }
+    putParam(name, value) {
+        return new ssm.StringParameter(this, name, {
+            stringValue: value,
+            parameterName: paramName(this.platformNamespace, this.platformName, name),
+        });
+    }
+}
+exports.PlatformProducer = PlatformProducer;
+/**
+ *
+ * Consumes the resources that have been produced by PlatformProducer.
+ * In other words; this must run after PlatformProducer.
+ *
+ * Used for consuming the core resources, which PlatformProducer creates references to.
+ */
+class PlatformConsumer extends constructs.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.platformNamespace = props.platformNamespace;
+        this.platformName = props.platformName;
+    }
+    lazy(producer) {
+        let value = null;
+        return () => {
+            if (value == null) {
+                value = producer();
+            }
+            return value;
+        };
+    }
+    getParam(name) {
+        return ssm.StringParameter.valueForStringParameter(this, paramName(this.platformNamespace, this.platformName, name));
+    }
+}
+exports.PlatformConsumer = PlatformConsumer;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGxhdGZvcm0uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcGxhdGZvcm0vcGxhdGZvcm0udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseUNBQXdDO0FBQ3hDLDJDQUEwQztBQUUxQyxTQUFTLFNBQVMsQ0FDaEIsaUJBQXlCLEVBQ3pCLFlBQW9CLEVBQ3BCLFlBQW9CO0lBRXBCLE9BQU8sZUFBZSxpQkFBaUIsYUFBYSxZQUFZLElBQUksWUFBWSxFQUFFLENBQUE7QUFDcEYsQ0FBQztBQU9EOzs7Ozs7R0FNRztBQUNILE1BQXNCLGdCQUFpQixTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBSWpFLFlBQ0UsS0FBMkIsRUFDM0IsRUFBVSxFQUNWLEtBQTRCO1FBRTVCLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFFaEIsSUFBSSxDQUFDLGlCQUFpQixHQUFHLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQTtRQUVoRCxJQUFJLENBQUMsWUFBWSxHQUFHLEtBQUssQ0FBQyxZQUFZLENBQUE7SUFDeEMsQ0FBQztJQUVTLFFBQVEsQ0FBQyxJQUFZLEVBQUUsS0FBYTtRQUM1QyxPQUFPLElBQUksR0FBRyxDQUFDLGVBQWUsQ0FBQyxJQUFJLEVBQUUsSUFBSSxFQUFFO1lBQ3pDLFdBQVcsRUFBRSxLQUFLO1lBQ2xCLGFBQWEsRUFBRSxTQUFTLENBQUMsSUFBSSxDQUFDLGlCQUFpQixFQUFFLElBQUksQ0FBQyxZQUFZLEVBQUUsSUFBSSxDQUFDO1NBQzFFLENBQUMsQ0FBQTtJQUNKLENBQUM7Q0FDRjtBQXRCRCw0Q0FzQkM7QUFNRDs7Ozs7O0dBTUc7QUFDSCxNQUFzQixnQkFBaUIsU0FBUSxVQUFVLENBQUMsU0FBUztJQUlqRSxZQUNFLEtBQTJCLEVBQzNCLEVBQVUsRUFDVixLQUE0QjtRQUU1QixLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBRWhCLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxLQUFLLENBQUMsaUJBQWlCLENBQUE7UUFFaEQsSUFBSSxDQUFDLFlBQVksR0FBRyxLQUFLLENBQUMsWUFBWSxDQUFBO0lBQ3hDLENBQUM7SUFFUyxJQUFJLENBQUksUUFBaUI7UUFDakMsSUFBSSxLQUFLLEdBQWEsSUFBSSxDQUFBO1FBRTFCLE9BQU8sR0FBRyxFQUFFO1lBQ1YsSUFBSSxLQUFLLElBQUksSUFBSSxFQUFFLENBQUM7Z0JBQ2xCLEtBQUssR0FBRyxRQUFRLEVBQUUsQ0FBQTtZQUNwQixDQUFDO1lBQ0QsT0FBTyxLQUFLLENBQUE7UUFDZCxDQUFDLENBQUE7SUFDSCxDQUFDO0lBRVMsUUFBUSxDQUFDLElBQVk7UUFDN0IsT0FBTyxHQUFHLENBQUMsZUFBZSxDQUFDLHVCQUF1QixDQUNoRCxJQUFJLEVBQ0osU0FBUyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxJQUFJLENBQUMsWUFBWSxFQUFFLElBQUksQ0FBQyxDQUMzRCxDQUFBO0lBQ0gsQ0FBQztDQUNGO0FBakNELDRDQWlDQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGNvbnN0cnVjdHMgZnJvbSBcImNvbnN0cnVjdHNcIlxuaW1wb3J0ICogYXMgc3NtIGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtc3NtXCJcblxuZnVuY3Rpb24gcGFyYW1OYW1lKFxuICBwbGF0Zm9ybU5hbWVzcGFjZTogc3RyaW5nLFxuICBwbGF0Zm9ybU5hbWU6IHN0cmluZyxcbiAgcmVzb3VyY2VOYW1lOiBzdHJpbmcsXG4pOiBzdHJpbmcge1xuICByZXR1cm4gYC9saWZsaWctY2RrLyR7cGxhdGZvcm1OYW1lc3BhY2V9L3BsYXRmb3JtLyR7cGxhdGZvcm1OYW1lfS8ke3Jlc291cmNlTmFtZX1gXG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUGxhdGZvcm1Qcm9kdWNlclByb3BzIHtcbiAgcGxhdGZvcm1OYW1lc3BhY2U6IHN0cmluZ1xuICBwbGF0Zm9ybU5hbWU6IHN0cmluZ1xufVxuXG4vKipcbiAqXG4gKiBQcm9kdWNlcyB0aGUgcmVzb3VyY2VzIHRoYXQgd2lsbCBiZSBjb25zdW1lZCBpbiBQbGF0Zm9ybUNvbnN1bWVyLlxuICogSW4gb3RoZXIgd29yZHM7IHRoaXMgbXVzdCBydW4gYmVmb3JlIFBsYXRmb3JtQ29uc3VtZXIuXG4gKlxuICogVXNlZCBmb3IgcHJvZHVjaW5nIHJlZmVyZW5jZXMgdG8gdGhlIGNvcmUgcmVzb3VyY2VzLlxuICovXG5leHBvcnQgYWJzdHJhY3QgY2xhc3MgUGxhdGZvcm1Qcm9kdWNlciBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgcHJpdmF0ZSBwbGF0Zm9ybU5hbWVzcGFjZTogc3RyaW5nXG4gIHByaXZhdGUgcGxhdGZvcm1OYW1lOiBzdHJpbmdcblxuICBjb25zdHJ1Y3RvcihcbiAgICBzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsXG4gICAgaWQ6IHN0cmluZyxcbiAgICBwcm9wczogUGxhdGZvcm1Qcm9kdWNlclByb3BzLFxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpXG5cbiAgICB0aGlzLnBsYXRmb3JtTmFtZXNwYWNlID0gcHJvcHMucGxhdGZvcm1OYW1lc3BhY2VcblxuICAgIHRoaXMucGxhdGZvcm1OYW1lID0gcHJvcHMucGxhdGZvcm1OYW1lXG4gIH1cblxuICBwcm90ZWN0ZWQgcHV0UGFyYW0obmFtZTogc3RyaW5nLCB2YWx1ZTogc3RyaW5nKTogc3NtLlN0cmluZ1BhcmFtZXRlciB7XG4gICAgcmV0dXJuIG5ldyBzc20uU3RyaW5nUGFyYW1ldGVyKHRoaXMsIG5hbWUsIHtcbiAgICAgIHN0cmluZ1ZhbHVlOiB2YWx1ZSxcbiAgICAgIHBhcmFtZXRlck5hbWU6IHBhcmFtTmFtZSh0aGlzLnBsYXRmb3JtTmFtZXNwYWNlLCB0aGlzLnBsYXRmb3JtTmFtZSwgbmFtZSksXG4gICAgfSlcbiAgfVxufVxuXG5leHBvcnQgaW50ZXJmYWNlIFBsYXRmb3JtQ29uc3VtZXJQcm9wcyB7XG4gIHBsYXRmb3JtTmFtZXNwYWNlOiBzdHJpbmdcbiAgcGxhdGZvcm1OYW1lOiBzdHJpbmdcbn1cbi8qKlxuICpcbiAqIENvbnN1bWVzIHRoZSByZXNvdXJjZXMgdGhhdCBoYXZlIGJlZW4gcHJvZHVjZWQgYnkgUGxhdGZvcm1Qcm9kdWNlci5cbiAqIEluIG90aGVyIHdvcmRzOyB0aGlzIG11c3QgcnVuIGFmdGVyIFBsYXRmb3JtUHJvZHVjZXIuXG4gKlxuICogVXNlZCBmb3IgY29uc3VtaW5nIHRoZSBjb3JlIHJlc291cmNlcywgd2hpY2ggUGxhdGZvcm1Qcm9kdWNlciBjcmVhdGVzIHJlZmVyZW5jZXMgdG8uXG4gKi9cbmV4cG9ydCBhYnN0cmFjdCBjbGFzcyBQbGF0Zm9ybUNvbnN1bWVyIGV4dGVuZHMgY29uc3RydWN0cy5Db25zdHJ1Y3Qge1xuICBwcml2YXRlIHBsYXRmb3JtTmFtZXNwYWNlOiBzdHJpbmdcbiAgcHJpdmF0ZSBwbGF0Zm9ybU5hbWU6IHN0cmluZ1xuXG4gIGNvbnN0cnVjdG9yKFxuICAgIHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiBQbGF0Zm9ybUNvbnN1bWVyUHJvcHMsXG4gICkge1xuICAgIHN1cGVyKHNjb3BlLCBpZClcblxuICAgIHRoaXMucGxhdGZvcm1OYW1lc3BhY2UgPSBwcm9wcy5wbGF0Zm9ybU5hbWVzcGFjZVxuXG4gICAgdGhpcy5wbGF0Zm9ybU5hbWUgPSBwcm9wcy5wbGF0Zm9ybU5hbWVcbiAgfVxuXG4gIHByb3RlY3RlZCBsYXp5PFQ+KHByb2R1Y2VyOiAoKSA9PiBUKTogKCkgPT4gVCB7XG4gICAgbGV0IHZhbHVlOiBUIHwgbnVsbCA9IG51bGxcblxuICAgIHJldHVybiAoKSA9PiB7XG4gICAgICBpZiAodmFsdWUgPT0gbnVsbCkge1xuICAgICAgICB2YWx1ZSA9IHByb2R1Y2VyKClcbiAgICAgIH1cbiAgICAgIHJldHVybiB2YWx1ZVxuICAgIH1cbiAgfVxuXG4gIHByb3RlY3RlZCBnZXRQYXJhbShuYW1lOiBzdHJpbmcpOiBzdHJpbmcge1xuICAgIHJldHVybiBzc20uU3RyaW5nUGFyYW1ldGVyLnZhbHVlRm9yU3RyaW5nUGFyYW1ldGVyKFxuICAgICAgdGhpcyxcbiAgICAgIHBhcmFtTmFtZSh0aGlzLnBsYXRmb3JtTmFtZXNwYWNlLCB0aGlzLnBsYXRmb3JtTmFtZSwgbmFtZSksXG4gICAgKVxuICB9XG59XG4iXX0=

package/lib/rds/database.d.ts

@@ -0,0 +1,49 @@
+import * as constructs from "constructs";
+import * as ec2 from "aws-cdk-lib/aws-ec2";
+import * as rds from "aws-cdk-lib/aws-rds";
+import * as sm from "aws-cdk-lib/aws-secretsmanager";
+import * as cdk from "aws-cdk-lib";
+export interface DatabaseProps extends cdk.StackProps {
+    vpc: ec2.IVpc;
+    engine: rds.IInstanceEngine;
+    /**
+     * @default master
+     */
+    masterUsername?: string;
+    /**
+     * @default app
+     */
+    databaseName?: string;
+    /**
+     * @default 25
+     */
+    allocatedStorageGb?: number;
+    instanceType: ec2.InstanceType;
+    instanceIdentifier: string;
+    /**
+     * @default true
+     */
+    isMultiAz?: boolean;
+    /**
+     * Must not be removed once it has been set, as changing this
+     * results in a new DB instance being created.
+     *
+     * Also, remember to give database a new name when changing this prop, or else
+     * the new instance name will crash with the existing instance.
+     */
+    snapshotIdentifier?: string;
+    /**
+     * @default false
+     */
+    usePublicSubnets?: boolean;
+    overrideDbOptions?: Partial<rds.DatabaseInstanceSourceProps>;
+}
+export declare class Database extends constructs.Construct {
+    readonly secret: sm.ISecret;
+    readonly connections: ec2.Connections;
+    readonly databaseInstance: rds.IDatabaseInstance;
+    readonly instanceType: ec2.InstanceType;
+    readonly allocatedStorage: cdk.Size;
+    constructor(scope: constructs.Construct, id: string, props: DatabaseProps);
+    allowConnectionFrom(source: ec2.ISecurityGroup): void;
+}

package/lib/rds/database.js

@@ -0,0 +1,60 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Database = void 0;
+const constructs = require("constructs");
+const ec2 = require("aws-cdk-lib/aws-ec2");
+const rds = require("aws-cdk-lib/aws-rds");
+const cdk = require("aws-cdk-lib");
+class Database extends constructs.Construct {
+    constructor(scope, id, props) {
+        var _a, _b, _c, _d;
+        super(scope, id);
+        const masterUsername = (_a = props.masterUsername) !== null && _a !== void 0 ? _a : "master";
+        const databaseName = (_b = props.databaseName) !== null && _b !== void 0 ? _b : "app";
+        const secret = new rds.DatabaseSecret(this, "Secret", {
+            username: masterUsername,
+        });
+        const options = {
+            engine: props.engine,
+            allowMajorVersionUpgrade: true,
+            instanceIdentifier: props.instanceIdentifier,
+            instanceType: props.instanceType,
+            vpc: props.vpc,
+            vpcSubnets: props.usePublicSubnets
+                ? {
+                    subnetType: ec2.SubnetType.PUBLIC,
+                }
+                : undefined,
+            multiAz: (_c = props.isMultiAz) !== null && _c !== void 0 ? _c : true,
+            // We default to 25 GiB storage instead of 100 GiB
+            // if we do not specify.
+            allocatedStorage: (_d = props.allocatedStorageGb) !== null && _d !== void 0 ? _d : 25,
+            // We specify maximum backup retention.
+            backupRetention: cdk.Duration.days(35),
+            ...props.overrideDbOptions,
+        };
+        this.allocatedStorage = cdk.Size.gibibytes(options.allocatedStorage);
+        this.instanceType = options.instanceType;
+        const db = props.snapshotIdentifier
+            ? new rds.DatabaseInstanceFromSnapshot(this, "Resource", {
+                ...options,
+                snapshotIdentifier: props.snapshotIdentifier,
+                credentials: rds.SnapshotCredentials.fromSecret(secret),
+            })
+            : new rds.DatabaseInstance(this, "Resource", {
+                ...options,
+                databaseName,
+                credentials: rds.Credentials.fromSecret(secret),
+                storageEncrypted: true,
+            });
+        this.databaseInstance = db;
+        this.secret = db.secret;
+        this.connections = db.connections;
+        db.node.defaultChild.publiclyAccessible = false;
+    }
+    allowConnectionFrom(source) {
+        this.connections.allowDefaultPortFrom(source);
+    }
+}
+exports.Database = Database;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGF0YWJhc2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcmRzL2RhdGFiYXNlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLHlDQUF3QztBQUN4QywyQ0FBMEM7QUFDMUMsMkNBQTBDO0FBRTFDLG1DQUFrQztBQXNDbEMsTUFBYSxRQUFTLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFPaEQsWUFBWSxLQUEyQixFQUFFLEVBQVUsRUFBRSxLQUFvQjs7UUFDdkUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQTtRQUVoQixNQUFNLGNBQWMsR0FBRyxNQUFBLEtBQUssQ0FBQyxjQUFjLG1DQUFJLFFBQVEsQ0FBQTtRQUN2RCxNQUFNLFlBQVksR0FBRyxNQUFBLEtBQUssQ0FBQyxZQUFZLG1DQUFJLEtBQUssQ0FBQTtRQUVoRCxNQUFNLE1BQU0sR0FBRyxJQUFJLEdBQUcsQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUNwRCxRQUFRLEVBQUUsY0FBYztTQUN6QixDQUFDLENBQUE7UUFFRixNQUFNLE9BQU8sR0FBb0M7WUFDL0MsTUFBTSxFQUFFLEtBQUssQ0FBQyxNQUFNO1lBQ3BCLHdCQUF3QixFQUFFLElBQUk7WUFDOUIsa0JBQWtCLEVBQUUsS0FBSyxDQUFDLGtCQUFrQjtZQUM1QyxZQUFZLEVBQUUsS0FBSyxDQUFDLFlBQVk7WUFDaEMsR0FBRyxFQUFFLEtBQUssQ0FBQyxHQUFHO1lBQ2QsVUFBVSxFQUFFLEtBQUssQ0FBQyxnQkFBZ0I7Z0JBQ2hDLENBQUMsQ0FBQztvQkFDRSxVQUFVLEVBQUUsR0FBRyxDQUFDLFVBQVUsQ0FBQyxNQUFNO2lCQUNsQztnQkFDSCxDQUFDLENBQUMsU0FBUztZQUNiLE9BQU8sRUFBRSxNQUFBLEtBQUssQ0FBQyxTQUFTLG1DQUFJLElBQUk7WUFDaEMsa0RBQWtEO1lBQ2xELHdCQUF3QjtZQUN4QixnQkFBZ0IsRUFBRSxNQUFBLEtBQUssQ0FBQyxrQkFBa0IsbUNBQUksRUFBRTtZQUNoRCx1Q0FBdUM7WUFDdkMsZUFBZSxFQUFFLEdBQUcsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztZQUN0QyxHQUFHLEtBQUssQ0FBQyxpQkFBaUI7U0FDM0IsQ0FBQTtRQUNELElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxHQUFHLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsZ0JBQWlCLENBQUMsQ0FBQTtRQUNyRSxJQUFJLENBQUMsWUFBWSxHQUFHLE9BQU8sQ0FBQyxZQUFhLENBQUE7UUFFekMsTUFBTSxFQUFFLEdBQUcsS0FBSyxDQUFDLGtCQUFrQjtZQUNqQyxDQUFDLENBQUMsSUFBSSxHQUFHLENBQUMsNEJBQTRCLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtnQkFDckQsR0FBRyxPQUFPO2dCQUNWLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxrQkFBa0I7Z0JBQzVDLFdBQVcsRUFBRSxHQUFHLENBQUMsbUJBQW1CLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQzthQUN4RCxDQUFDO1lBQ0osQ0FBQyxDQUFDLElBQUksR0FBRyxDQUFDLGdCQUFnQixDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7Z0JBQ3pDLEdBQUcsT0FBTztnQkFDVixZQUFZO2dCQUNaLFdBQVcsRUFBRSxHQUFHLENBQUMsV0FBVyxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUM7Z0JBQy9DLGdCQUFnQixFQUFFLElBQUk7YUFDdkIsQ0FBQyxDQUFBO1FBRU4sSUFBSSxDQUFDLGdCQUFnQixHQUFHLEVBQUUsQ0FBQTtRQUUxQixJQUFJLENBQUMsTUFBTSxHQUFHLEVBQUUsQ0FBQyxNQUFPLENBQUE7UUFDeEIsSUFBSSxDQUFDLFdBQVcsR0FBRyxFQUFFLENBQUMsV0FBVyxDQUloQztRQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsWUFBa0MsQ0FBQyxrQkFBa0IsR0FBRyxLQUFLLENBQUE7SUFDekUsQ0FBQztJQUVNLG1CQUFtQixDQUFDLE1BQTBCO1FBQ25ELElBQUksQ0FBQyxXQUFXLENBQUMsb0JBQW9CLENBQUMsTUFBTSxDQUFDLENBQUE7SUFDL0MsQ0FBQztDQUNGO0FBakVELDRCQWlFQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGNvbnN0cnVjdHMgZnJvbSBcImNvbnN0cnVjdHNcIlxuaW1wb3J0ICogYXMgZWMyIGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtZWMyXCJcbmltcG9ydCAqIGFzIHJkcyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXJkc1wiXG5pbXBvcnQgKiBhcyBzbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyXCJcbmltcG9ydCAqIGFzIGNkayBmcm9tIFwiYXdzLWNkay1saWJcIlxuXG5leHBvcnQgaW50ZXJmYWNlIERhdGFiYXNlUHJvcHMgZXh0ZW5kcyBjZGsuU3RhY2tQcm9wcyB7XG4gIHZwYzogZWMyLklWcGNcbiAgZW5naW5lOiByZHMuSUluc3RhbmNlRW5naW5lXG4gIC8qKlxuICAgKiBAZGVmYXVsdCBtYXN0ZXJcbiAgICovXG4gIG1hc3RlclVzZXJuYW1lPzogc3RyaW5nXG4gIC8qKlxuICAgKiBAZGVmYXVsdCBhcHBcbiAgICovXG4gIGRhdGFiYXNlTmFtZT86IHN0cmluZ1xuICAvKipcbiAgICogQGRlZmF1bHQgMjVcbiAgICovXG4gIGFsbG9jYXRlZFN0b3JhZ2VHYj86IG51bWJlclxuICBpbnN0YW5jZVR5cGU6IGVjMi5JbnN0YW5jZVR5cGVcbiAgaW5zdGFuY2VJZGVudGlmaWVyOiBzdHJpbmdcbiAgLyoqXG4gICAqIEBkZWZhdWx0IHRydWVcbiAgICovXG4gIGlzTXVsdGlBej86IGJvb2xlYW5cbiAgLyoqXG4gICAqIE11c3Qgbm90IGJlIHJlbW92ZWQgb25jZSBpdCBoYXMgYmVlbiBzZXQsIGFzIGNoYW5naW5nIHRoaXNcbiAgICogcmVzdWx0cyBpbiBhIG5ldyBEQiBpbnN0YW5jZSBiZWluZyBjcmVhdGVkLlxuICAgKlxuICAgKiBBbHNvLCByZW1lbWJlciB0byBnaXZlIGRhdGFiYXNlIGEgbmV3IG5hbWUgd2hlbiBjaGFuZ2luZyB0aGlzIHByb3AsIG9yIGVsc2VcbiAgICogdGhlIG5ldyBpbnN0YW5jZSBuYW1lIHdpbGwgY3Jhc2ggd2l0aCB0aGUgZXhpc3RpbmcgaW5zdGFuY2UuXG4gICAqL1xuICBzbmFwc2hvdElkZW50aWZpZXI/OiBzdHJpbmdcbiAgLyoqXG4gICAqIEBkZWZhdWx0IGZhbHNlXG4gICAqL1xuICB1c2VQdWJsaWNTdWJuZXRzPzogYm9vbGVhblxuICBvdmVycmlkZURiT3B0aW9ucz86IFBhcnRpYWw8cmRzLkRhdGFiYXNlSW5zdGFuY2VTb3VyY2VQcm9wcz5cbn1cblxuZXhwb3J0IGNsYXNzIERhdGFiYXNlIGV4dGVuZHMgY29uc3RydWN0cy5Db25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgc2VjcmV0OiBzbS5JU2VjcmV0XG4gIHB1YmxpYyByZWFkb25seSBjb25uZWN0aW9uczogZWMyLkNvbm5lY3Rpb25zXG4gIHB1YmxpYyByZWFkb25seSBkYXRhYmFzZUluc3RhbmNlOiByZHMuSURhdGFiYXNlSW5zdGFuY2VcbiAgcHVibGljIHJlYWRvbmx5IGluc3RhbmNlVHlwZTogZWMyLkluc3RhbmNlVHlwZVxuICBwdWJsaWMgcmVhZG9ubHkgYWxsb2NhdGVkU3RvcmFnZTogY2RrLlNpemVcblxuICBjb25zdHJ1Y3RvcihzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBEYXRhYmFzZVByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKVxuXG4gICAgY29uc3QgbWFzdGVyVXNlcm5hbWUgPSBwcm9wcy5tYXN0ZXJVc2VybmFtZSA/PyBcIm1hc3RlclwiXG4gICAgY29uc3QgZGF0YWJhc2VOYW1lID0gcHJvcHMuZGF0YWJhc2VOYW1lID8/IFwiYXBwXCJcblxuICAgIGNvbnN0IHNlY3JldCA9IG5ldyByZHMuRGF0YWJhc2VTZWNyZXQodGhpcywgXCJTZWNyZXRcIiwge1xuICAgICAgdXNlcm5hbWU6IG1hc3RlclVzZXJuYW1lLFxuICAgIH0pXG5cbiAgICBjb25zdCBvcHRpb25zOiByZHMuRGF0YWJhc2VJbnN0YW5jZVNvdXJjZVByb3BzID0ge1xuICAgICAgZW5naW5lOiBwcm9wcy5lbmdpbmUsXG4gICAgICBhbGxvd01ham9yVmVyc2lvblVwZ3JhZGU6IHRydWUsXG4gICAgICBpbnN0YW5jZUlkZW50aWZpZXI6IHByb3BzLmluc3RhbmNlSWRlbnRpZmllcixcbiAgICAgIGluc3RhbmNlVHlwZTogcHJvcHMuaW5zdGFuY2VUeXBlLFxuICAgICAgdnBjOiBwcm9wcy52cGMsXG4gICAgICB2cGNTdWJuZXRzOiBwcm9wcy51c2VQdWJsaWNTdWJuZXRzXG4gICAgICAgID8ge1xuICAgICAgICAgICAgc3VibmV0VHlwZTogZWMyLlN1Ym5ldFR5cGUuUFVCTElDLFxuICAgICAgICAgIH1cbiAgICAgICAgOiB1bmRlZmluZWQsXG4gICAgICBtdWx0aUF6OiBwcm9wcy5pc011bHRpQXogPz8gdHJ1ZSxcbiAgICAgIC8vIFdlIGRlZmF1bHQgdG8gMjUgR2lCIHN0b3JhZ2UgaW5zdGVhZCBvZiAxMDAgR2lCXG4gICAgICAvLyBpZiB3ZSBkbyBub3Qgc3BlY2lmeS5cbiAgICAgIGFsbG9jYXRlZFN0b3JhZ2U6IHByb3BzLmFsbG9jYXRlZFN0b3JhZ2VHYiA/PyAyNSxcbiAgICAgIC8vIFdlIHNwZWNpZnkgbWF4aW11bSBiYWNrdXAgcmV0ZW50aW9uLlxuICAgICAgYmFja3VwUmV0ZW50aW9uOiBjZGsuRHVyYXRpb24uZGF5cygzNSksXG4gICAgICAuLi5wcm9wcy5vdmVycmlkZURiT3B0aW9ucyxcbiAgICB9XG4gICAgdGhpcy5hbGxvY2F0ZWRTdG9yYWdlID0gY2RrLlNpemUuZ2liaWJ5dGVzKG9wdGlvbnMuYWxsb2NhdGVkU3RvcmFnZSEpXG4gICAgdGhpcy5pbnN0YW5jZVR5cGUgPSBvcHRpb25zLmluc3RhbmNlVHlwZSFcblxuICAgIGNvbnN0IGRiID0gcHJvcHMuc25hcHNob3RJZGVudGlmaWVyXG4gICAgICA/IG5ldyByZHMuRGF0YWJhc2VJbnN0YW5jZUZyb21TbmFwc2hvdCh0aGlzLCBcIlJlc291cmNlXCIsIHtcbiAgICAgICAgICAuLi5vcHRpb25zLFxuICAgICAgICAgIHNuYXBzaG90SWRlbnRpZmllcjogcHJvcHMuc25hcHNob3RJZGVudGlmaWVyLFxuICAgICAgICAgIGNyZWRlbnRpYWxzOiByZHMuU25hcHNob3RDcmVkZW50aWFscy5mcm9tU2VjcmV0KHNlY3JldCksXG4gICAgICAgIH0pXG4gICAgICA6IG5ldyByZHMuRGF0YWJhc2VJbnN0YW5jZSh0aGlzLCBcIlJlc291cmNlXCIsIHtcbiAgICAgICAgICAuLi5vcHRpb25zLFxuICAgICAgICAgIGRhdGFiYXNlTmFtZSxcbiAgICAgICAgICBjcmVkZW50aWFsczogcmRzLkNyZWRlbnRpYWxzLmZyb21TZWNyZXQoc2VjcmV0KSxcbiAgICAgICAgICBzdG9yYWdlRW5jcnlwdGVkOiB0cnVlLFxuICAgICAgICB9KVxuXG4gICAgdGhpcy5kYXRhYmFzZUluc3RhbmNlID0gZGJcblxuICAgIHRoaXMuc2VjcmV0ID0gZGIuc2VjcmV0IVxuICAgIHRoaXMuY29ubmVjdGlvbnMgPSBkYi5jb25uZWN0aW9uc1xuXG4gICAgLy8gT3ZlcnJpZGUgaW4gY2FzZSB3ZSBoYXZlIHBsYWNlZCBpdCBpbiBhIHB1YmxpYyBzdWJuZXQuXG4gICAgLy8gSXQgd291bGQgZGVmYXVsdCB0byBiZWluZyBwdWJsaWMgYWNjZXNzaWJsZSB3aGljaCB3ZSBkbyBub3Qgd2FudC5cbiAgICA7KGRiLm5vZGUuZGVmYXVsdENoaWxkIGFzIHJkcy5DZm5EQkluc3RhbmNlKS5wdWJsaWNseUFjY2Vzc2libGUgPSBmYWxzZVxuICB9XG5cbiAgcHVibGljIGFsbG93Q29ubmVjdGlvbkZyb20oc291cmNlOiBlYzIuSVNlY3VyaXR5R3JvdXApOiB2b2lkIHtcbiAgICB0aGlzLmNvbm5lY3Rpb25zLmFsbG93RGVmYXVsdFBvcnRGcm9tKHNvdXJjZSlcbiAgfVxufVxuIl19

package/lib/rds/index.d.ts

@@ -0,0 +1 @@
+export { Database, DatabaseProps } from "./database";

package/lib/rds/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Database = void 0;
+var database_1 = require("./database");
+Object.defineProperty(exports, "Database", { enumerable: true, get: function () { return database_1.Database; } });
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcmRzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLHVDQUFvRDtBQUEzQyxvR0FBQSxRQUFRLE9BQUEiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgeyBEYXRhYmFzZSwgRGF0YWJhc2VQcm9wcyB9IGZyb20gXCIuL2RhdGFiYXNlXCJcbiJdfQ==

package/lib/ses/configurationsetdeliveryoptions/index.d.ts

@@ -0,0 +1,26 @@
+import * as constructs from "constructs";
+export type TlsPolicy = "Require" | "Optional";
+export interface ConfigurationSetDeliveryOptionsProps {
+    /**
+     * The name of an existing SES configuration set to update delivery options on
+     */
+    configurationSetName: string;
+    /**
+     * The TLS policy for outgoing emails
+     *
+     * Setting this to "Require" will make mail delivery fail if SES cannot
+     * establish a TLS-encrypted connection to the receiving mail server.
+     */
+    tlsPolicy: TlsPolicy;
+}
+/**
+ * Set Delivery Options for a SES Configuration Set.
+ *
+ * Currently the only delivery option that can be set is the TLS Policy, which
+ * can be set to either "Require" or "Optional". If set to "Require" SES
+ * will refuse to deliver mail to mail servers it cannot connect to using
+ * an encrypted connection.
+ */
+export declare class ConfigurationSetDeliveryOptions extends constructs.Construct {
+    constructor(scope: constructs.Construct, id: string, props: ConfigurationSetDeliveryOptionsProps);
+}

package/lib/ses/configurationsetdeliveryoptions/index.js

@@ -0,0 +1,48 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ConfigurationSetDeliveryOptions = void 0;
+const constructs = require("constructs");
+const cr = require("aws-cdk-lib/custom-resources");
+const iam = require("aws-cdk-lib/aws-iam");
+/**
+ * Set Delivery Options for a SES Configuration Set.
+ *
+ * Currently the only delivery option that can be set is the TLS Policy, which
+ * can be set to either "Require" or "Optional". If set to "Require" SES
+ * will refuse to deliver mail to mail servers it cannot connect to using
+ * an encrypted connection.
+ */
+class ConfigurationSetDeliveryOptions extends constructs.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        new cr.AwsCustomResource(this, "Resource", {
+            policy: cr.AwsCustomResourcePolicy.fromStatements([
+                new iam.PolicyStatement({
+                    actions: ["ses:PutConfigurationSetDeliveryOptions"],
+                    resources: ["*"],
+                }),
+            ]),
+            // Handles both onCreate and onUpdate
+            onUpdate: {
+                service: "SES",
+                action: "putConfigurationSetDeliveryOptions",
+                parameters: {
+                    ConfigurationSetName: props.configurationSetName,
+                    DeliveryOptions: {
+                        TlsPolicy: props.tlsPolicy,
+                    },
+                },
+                physicalResourceId: cr.PhysicalResourceId.of(props.configurationSetName),
+            },
+            onDelete: {
+                service: "SES",
+                action: "putConfigurationSetDeliveryOptions",
+                parameters: {
+                    ConfigurationSetName: props.configurationSetName,
+                },
+            },
+        });
+    }
+}
+exports.ConfigurationSetDeliveryOptions = ConfigurationSetDeliveryOptions;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2VzL2NvbmZpZ3VyYXRpb25zZXRkZWxpdmVyeW9wdGlvbnMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseUNBQXdDO0FBQ3hDLG1EQUFrRDtBQUNsRCwyQ0FBMEM7QUFrQjFDOzs7Ozs7O0dBT0c7QUFDSCxNQUFhLCtCQUFnQyxTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBQ3ZFLFlBQ0UsS0FBMkIsRUFDM0IsRUFBVSxFQUNWLEtBQTJDO1FBRTNDLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFFaEIsSUFBSSxFQUFFLENBQUMsaUJBQWlCLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtZQUN6QyxNQUFNLEVBQUUsRUFBRSxDQUFDLHVCQUF1QixDQUFDLGNBQWMsQ0FBQztnQkFDaEQsSUFBSSxHQUFHLENBQUMsZUFBZSxDQUFDO29CQUN0QixPQUFPLEVBQUUsQ0FBQyx3Q0FBd0MsQ0FBQztvQkFDbkQsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO2lCQUNqQixDQUFDO2FBQ0gsQ0FBQztZQUNGLHFDQUFxQztZQUNyQyxRQUFRLEVBQUU7Z0JBQ1IsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsTUFBTSxFQUFFLG9DQUFvQztnQkFDNUMsVUFBVSxFQUFFO29CQUNWLG9CQUFvQixFQUFFLEtBQUssQ0FBQyxvQkFBb0I7b0JBQ2hELGVBQWUsRUFBRTt3QkFDZixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7cUJBQzNCO2lCQUNGO2dCQUNELGtCQUFrQixFQUFFLEVBQUUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFLENBQzFDLEtBQUssQ0FBQyxvQkFBb0IsQ0FDM0I7YUFDRjtZQUNELFFBQVEsRUFBRTtnQkFDUixPQUFPLEVBQUUsS0FBSztnQkFDZCxNQUFNLEVBQUUsb0NBQW9DO2dCQUM1QyxVQUFVLEVBQUU7b0JBQ1Ysb0JBQW9CLEVBQUUsS0FBSyxDQUFDLG9CQUFvQjtpQkFDakQ7YUFDRjtTQUNGLENBQUMsQ0FBQTtJQUNKLENBQUM7Q0FDRjtBQXRDRCwwRUFzQ0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gXCJjb25zdHJ1Y3RzXCJcbmltcG9ydCAqIGFzIGNyIGZyb20gXCJhd3MtY2RrLWxpYi9jdXN0b20tcmVzb3VyY2VzXCJcbmltcG9ydCAqIGFzIGlhbSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWlhbVwiXG5cbmV4cG9ydCB0eXBlIFRsc1BvbGljeSA9IFwiUmVxdWlyZVwiIHwgXCJPcHRpb25hbFwiXG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29uZmlndXJhdGlvblNldERlbGl2ZXJ5T3B0aW9uc1Byb3BzIHtcbiAgLyoqXG4gICAqIFRoZSBuYW1lIG9mIGFuIGV4aXN0aW5nIFNFUyBjb25maWd1cmF0aW9uIHNldCB0byB1cGRhdGUgZGVsaXZlcnkgb3B0aW9ucyBvblxuICAgKi9cbiAgY29uZmlndXJhdGlvblNldE5hbWU6IHN0cmluZ1xuICAvKipcbiAgICogVGhlIFRMUyBwb2xpY3kgZm9yIG91dGdvaW5nIGVtYWlsc1xuICAgKlxuICAgKiBTZXR0aW5nIHRoaXMgdG8gXCJSZXF1aXJlXCIgd2lsbCBtYWtlIG1haWwgZGVsaXZlcnkgZmFpbCBpZiBTRVMgY2Fubm90XG4gICAqIGVzdGFibGlzaCBhIFRMUy1lbmNyeXB0ZWQgY29ubmVjdGlvbiB0byB0aGUgcmVjZWl2aW5nIG1haWwgc2VydmVyLlxuICAgKi9cbiAgdGxzUG9saWN5OiBUbHNQb2xpY3lcbn1cblxuLyoqXG4gKiBTZXQgRGVsaXZlcnkgT3B0aW9ucyBmb3IgYSBTRVMgQ29uZmlndXJhdGlvbiBTZXQuXG4gKlxuICogQ3VycmVudGx5IHRoZSBvbmx5IGRlbGl2ZXJ5IG9wdGlvbiB0aGF0IGNhbiBiZSBzZXQgaXMgdGhlIFRMUyBQb2xpY3ksIHdoaWNoXG4gKiBjYW4gYmUgc2V0IHRvIGVpdGhlciBcIlJlcXVpcmVcIiBvciBcIk9wdGlvbmFsXCIuIElmIHNldCB0byBcIlJlcXVpcmVcIiBTRVNcbiAqIHdpbGwgcmVmdXNlIHRvIGRlbGl2ZXIgbWFpbCB0byBtYWlsIHNlcnZlcnMgaXQgY2Fubm90IGNvbm5lY3QgdG8gdXNpbmdcbiAqIGFuIGVuY3J5cHRlZCBjb25uZWN0aW9uLlxuICovXG5leHBvcnQgY2xhc3MgQ29uZmlndXJhdGlvblNldERlbGl2ZXJ5T3B0aW9ucyBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IGNvbnN0cnVjdHMuQ29uc3RydWN0LFxuICAgIGlkOiBzdHJpbmcsXG4gICAgcHJvcHM6IENvbmZpZ3VyYXRpb25TZXREZWxpdmVyeU9wdGlvbnNQcm9wcyxcbiAgKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKVxuXG4gICAgbmV3IGNyLkF3c0N1c3RvbVJlc291cmNlKHRoaXMsIFwiUmVzb3VyY2VcIiwge1xuICAgICAgcG9saWN5OiBjci5Bd3NDdXN0b21SZXNvdXJjZVBvbGljeS5mcm9tU3RhdGVtZW50cyhbXG4gICAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgICBhY3Rpb25zOiBbXCJzZXM6UHV0Q29uZmlndXJhdGlvblNldERlbGl2ZXJ5T3B0aW9uc1wiXSxcbiAgICAgICAgICByZXNvdXJjZXM6IFtcIipcIl0sXG4gICAgICAgIH0pLFxuICAgICAgXSksXG4gICAgICAvLyBIYW5kbGVzIGJvdGggb25DcmVhdGUgYW5kIG9uVXBkYXRlXG4gICAgICBvblVwZGF0ZToge1xuICAgICAgICBzZXJ2aWNlOiBcIlNFU1wiLFxuICAgICAgICBhY3Rpb246IFwicHV0Q29uZmlndXJhdGlvblNldERlbGl2ZXJ5T3B0aW9uc1wiLFxuICAgICAgICBwYXJhbWV0ZXJzOiB7XG4gICAgICAgICAgQ29uZmlndXJhdGlvblNldE5hbWU6IHByb3BzLmNvbmZpZ3VyYXRpb25TZXROYW1lLFxuICAgICAgICAgIERlbGl2ZXJ5T3B0aW9uczoge1xuICAgICAgICAgICAgVGxzUG9saWN5OiBwcm9wcy50bHNQb2xpY3ksXG4gICAgICAgICAgfSxcbiAgICAgICAgfSxcbiAgICAgICAgcGh5c2ljYWxSZXNvdXJjZUlkOiBjci5QaHlzaWNhbFJlc291cmNlSWQub2YoXG4gICAgICAgICAgcHJvcHMuY29uZmlndXJhdGlvblNldE5hbWUsXG4gICAgICAgICksXG4gICAgICB9LFxuICAgICAgb25EZWxldGU6IHtcbiAgICAgICAgc2VydmljZTogXCJTRVNcIixcbiAgICAgICAgYWN0aW9uOiBcInB1dENvbmZpZ3VyYXRpb25TZXREZWxpdmVyeU9wdGlvbnNcIixcbiAgICAgICAgcGFyYW1ldGVyczoge1xuICAgICAgICAgIENvbmZpZ3VyYXRpb25TZXROYW1lOiBwcm9wcy5jb25maWd1cmF0aW9uU2V0TmFtZSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfSlcbiAgfVxufVxuIl19

package/lib/ses/configurationsetsnsdestination/handler.d.ts

@@ -0,0 +1,17 @@
+interface ResourceProps {
+    ConfigurationSetName: string;
+    EventDestinationName: string;
+    SnsTopicArn: string;
+    MatchingEventTypes: string[];
+}
+type OnEventHandler = (event: {
+    PhysicalResourceId?: string;
+    RequestType: "Create" | "Update" | "Delete";
+    ResourceProperties: ResourceProps;
+    OldResourceProperties?: ResourceProps;
+}) => Promise<{
+    PhysicalResourceId?: string;
+    Data?: Record<string, any>;
+}>;
+export declare const configurationSetSnsDestinationHandler: OnEventHandler;
+export {};