@microsoft/terraform-cdk-constructs 1.2.0 → 1.3.0

package/lib/azure-virtualnetworkmanager/lib/security-admin-rule-schemas.js

@@ -0,0 +1,359 @@
+"use strict";
+/**
+ * API schemas for Azure Virtual Network Manager Security Admin Rules across all supported versions
+ *
+ * This file defines the complete API schemas for Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules
+ * across all supported API versions. The schemas are used by the AzapiResource
+ * framework for validation, transformation, and version management.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SECURITY_ADMIN_RULE_TYPE = exports.ALL_SECURITY_ADMIN_RULE_VERSIONS = exports.SECURITY_ADMIN_RULE_VERSION_2023_11_01 = exports.SECURITY_ADMIN_RULE_VERSION_2024_05_01 = exports.SECURITY_ADMIN_RULE_SCHEMA_2023_11_01 = exports.SECURITY_ADMIN_RULE_SCHEMA_2024_05_01 = void 0;
+const version_interfaces_1 = require("../../core-azure/lib/version-manager/interfaces/version-interfaces");
+// =============================================================================
+// COMMON PROPERTY DEFINITIONS
+// =============================================================================
+/**
+ * Common property definitions shared across all Security Admin Rule versions
+ */
+const COMMON_PROPERTIES = {
+    name: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: true,
+        description: "Name of the security admin rule",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Security admin rule name is required",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.PATTERN_MATCH,
+                value: "^[a-zA-Z0-9][a-zA-Z0-9._-]{0,62}[a-zA-Z0-9_]$",
+                message: "Security admin rule name must be 2-64 chars, alphanumeric, periods, underscores, hyphens",
+            },
+        ],
+    },
+    ruleCollectionId: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: true,
+        description: "Resource ID of the parent Rule Collection",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Rule Collection ID is required",
+            },
+        ],
+    },
+    description: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: false,
+        description: "Description of the security admin rule",
+    },
+    priority: {
+        dataType: version_interfaces_1.PropertyType.NUMBER,
+        required: true,
+        description: "Priority of the rule (1-4096, lower number = higher priority)",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Priority is required",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.VALUE_RANGE,
+                value: { min: 1, max: 4096 },
+                message: "Priority must be between 1 and 4096",
+            },
+        ],
+    },
+    action: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: true,
+        description: "Action to take (Allow, Deny, or AlwaysAllow)",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Action is required",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.PATTERN_MATCH,
+                value: "^(Allow|Deny|AlwaysAllow)$",
+                message: "Action must be 'Allow', 'Deny', or 'AlwaysAllow'",
+            },
+        ],
+    },
+    direction: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: true,
+        description: "Direction of traffic (Inbound or Outbound)",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Direction is required",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.PATTERN_MATCH,
+                value: "^(Inbound|Outbound)$",
+                message: "Direction must be 'Inbound' or 'Outbound'",
+            },
+        ],
+    },
+    protocol: {
+        dataType: version_interfaces_1.PropertyType.STRING,
+        required: true,
+        description: "Protocol (Tcp, Udp, Icmp, Esp, Ah, or Any)",
+        validation: [
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                message: "Protocol is required",
+            },
+            {
+                ruleType: version_interfaces_1.ValidationRuleType.PATTERN_MATCH,
+                value: "^(Tcp|Udp|Icmp|Esp|Ah|Any)$",
+                message: "Protocol must be Tcp, Udp, Icmp, Esp, Ah, or Any",
+            },
+        ],
+    },
+    sourcePortRanges: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: false,
+        description: "Source port ranges (e.g., ['*'], ['80', '443'])",
+    },
+    destinationPortRanges: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: false,
+        description: "Destination port ranges (e.g., ['*'], ['22', '3389'])",
+    },
+    sources: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: false,
+        description: "Source addresses or network groups",
+    },
+    destinations: {
+        dataType: version_interfaces_1.PropertyType.ARRAY,
+        required: false,
+        description: "Destination addresses or network groups",
+    },
+};
+// =============================================================================
+// VERSION-SPECIFIC SCHEMAS
+// =============================================================================
+/**
+ * API Schema for Security Admin Rule version 2024-05-01
+ */
+exports.SECURITY_ADMIN_RULE_SCHEMA_2024_05_01 = {
+    resourceType: "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
+    version: "2024-05-01",
+    properties: {
+        ...COMMON_PROPERTIES,
+    },
+    required: [
+        "name",
+        "ruleCollectionId",
+        "priority",
+        "action",
+        "direction",
+        "protocol",
+    ],
+    optional: [
+        "description",
+        "sourcePortRanges",
+        "destinationPortRanges",
+        "sources",
+        "destinations",
+    ],
+    deprecated: [],
+    transformationRules: {},
+    validationRules: [
+        {
+            property: "name",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Security admin rule name is required",
+                },
+            ],
+        },
+        {
+            property: "ruleCollectionId",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Rule Collection ID is required",
+                },
+            ],
+        },
+        {
+            property: "priority",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Priority is required",
+                },
+            ],
+        },
+        {
+            property: "action",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Action is required",
+                },
+            ],
+        },
+        {
+            property: "direction",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Direction is required",
+                },
+            ],
+        },
+        {
+            property: "protocol",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Protocol is required",
+                },
+            ],
+        },
+    ],
+};
+/**
+ * API Schema for Security Admin Rule version 2023-11-01
+ */
+exports.SECURITY_ADMIN_RULE_SCHEMA_2023_11_01 = {
+    resourceType: "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules",
+    version: "2023-11-01",
+    properties: {
+        ...COMMON_PROPERTIES,
+    },
+    required: [
+        "name",
+        "ruleCollectionId",
+        "priority",
+        "action",
+        "direction",
+        "protocol",
+    ],
+    optional: [
+        "description",
+        "sourcePortRanges",
+        "destinationPortRanges",
+        "sources",
+        "destinations",
+    ],
+    deprecated: [],
+    transformationRules: {},
+    validationRules: [
+        {
+            property: "name",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Security admin rule name is required",
+                },
+            ],
+        },
+        {
+            property: "ruleCollectionId",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Rule Collection ID is required",
+                },
+            ],
+        },
+        {
+            property: "priority",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Priority is required",
+                },
+            ],
+        },
+        {
+            property: "action",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Action is required",
+                },
+            ],
+        },
+        {
+            property: "direction",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Direction is required",
+                },
+            ],
+        },
+        {
+            property: "protocol",
+            rules: [
+                {
+                    ruleType: version_interfaces_1.ValidationRuleType.REQUIRED,
+                    message: "Protocol is required",
+                },
+            ],
+        },
+    ],
+};
+// =============================================================================
+// VERSION CONFIGURATIONS
+// =============================================================================
+/**
+ * Version configuration for Security Admin Rule 2024-05-01
+ */
+exports.SECURITY_ADMIN_RULE_VERSION_2024_05_01 = {
+    version: "2024-05-01",
+    schema: exports.SECURITY_ADMIN_RULE_SCHEMA_2024_05_01,
+    supportLevel: version_interfaces_1.VersionSupportLevel.ACTIVE,
+    releaseDate: "2024-05-01",
+    deprecationDate: undefined,
+    sunsetDate: undefined,
+    breakingChanges: [],
+    migrationGuide: "/docs/virtual-network-manager/migration-2024-05-01",
+    changeLog: [
+        {
+            changeType: "added",
+            description: "Latest stable release with full security admin rule support",
+            breaking: false,
+        },
+    ],
+};
+/**
+ * Version configuration for Security Admin Rule 2023-11-01
+ */
+exports.SECURITY_ADMIN_RULE_VERSION_2023_11_01 = {
+    version: "2023-11-01",
+    schema: exports.SECURITY_ADMIN_RULE_SCHEMA_2023_11_01,
+    supportLevel: version_interfaces_1.VersionSupportLevel.MAINTENANCE,
+    releaseDate: "2023-11-01",
+    deprecationDate: undefined,
+    sunsetDate: undefined,
+    breakingChanges: [],
+    migrationGuide: "/docs/virtual-network-manager/migration-2023-11-01",
+    changeLog: [
+        {
+            changeType: "added",
+            description: "Stable release with core security admin rule features",
+            breaking: false,
+        },
+    ],
+};
+/**
+ * All supported Security Admin Rule versions for registration
+ */
+exports.ALL_SECURITY_ADMIN_RULE_VERSIONS = [
+    exports.SECURITY_ADMIN_RULE_VERSION_2024_05_01,
+    exports.SECURITY_ADMIN_RULE_VERSION_2023_11_01,
+];
+/**
+ * Resource type constant
+ */
+exports.SECURITY_ADMIN_RULE_TYPE = "Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktYWRtaW4tcnVsZS1zY2hlbWFzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2F6dXJlLXZpcnR1YWxuZXR3b3JrbWFuYWdlci9saWIvc2VjdXJpdHktYWRtaW4tcnVsZS1zY2hlbWFzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7Ozs7O0dBTUc7OztBQUVILDJHQU80RTtBQWM1RSxnRkFBZ0Y7QUFDaEYsOEJBQThCO0FBQzlCLGdGQUFnRjtBQUVoRjs7R0FFRztBQUNILE1BQU0saUJBQWlCLEdBQTBDO0lBQy9ELElBQUksRUFBRTtRQUNKLFFBQVEsRUFBRSxpQ0FBWSxDQUFDLE1BQU07UUFDN0IsUUFBUSxFQUFFLElBQUk7UUFDZCxXQUFXLEVBQUUsaUNBQWlDO1FBQzlDLFVBQVUsRUFBRTtZQUNWO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxRQUFRO2dCQUNyQyxPQUFPLEVBQUUsc0NBQXNDO2FBQ2hEO1lBQ0Q7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLGFBQWE7Z0JBQzFDLEtBQUssRUFBRSwrQ0FBK0M7Z0JBQ3RELE9BQU8sRUFDTCwwRkFBMEY7YUFDN0Y7U0FDRjtLQUNGO0lBQ0QsZ0JBQWdCLEVBQUU7UUFDaEIsUUFBUSxFQUFFLGlDQUFZLENBQUMsTUFBTTtRQUM3QixRQUFRLEVBQUUsSUFBSTtRQUNkLFdBQVcsRUFBRSwyQ0FBMkM7UUFDeEQsVUFBVSxFQUFFO1lBQ1Y7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7Z0JBQ3JDLE9BQU8sRUFBRSxnQ0FBZ0M7YUFDMUM7U0FDRjtLQUNGO0lBQ0QsV0FBVyxFQUFFO1FBQ1gsUUFBUSxFQUFFLGlDQUFZLENBQUMsTUFBTTtRQUM3QixRQUFRLEVBQUUsS0FBSztRQUNmLFdBQVcsRUFBRSx3Q0FBd0M7S0FDdEQ7SUFDRCxRQUFRLEVBQUU7UUFDUixRQUFRLEVBQUUsaUNBQVksQ0FBQyxNQUFNO1FBQzdCLFFBQVEsRUFBRSxJQUFJO1FBQ2QsV0FBVyxFQUNULCtEQUErRDtRQUNqRSxVQUFVLEVBQUU7WUFDVjtnQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtnQkFDckMsT0FBTyxFQUFFLHNCQUFzQjthQUNoQztZQUNEO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxXQUFXO2dCQUN4QyxLQUFLLEVBQUUsRUFBRSxHQUFHLEVBQUUsQ0FBQyxFQUFFLEdBQUcsRUFBRSxJQUFJLEVBQUU7Z0JBQzVCLE9BQU8sRUFBRSxxQ0FBcUM7YUFDL0M7U0FDRjtLQUNGO0lBQ0QsTUFBTSxFQUFFO1FBQ04sUUFBUSxFQUFFLGlDQUFZLENBQUMsTUFBTTtRQUM3QixRQUFRLEVBQUUsSUFBSTtRQUNkLFdBQVcsRUFBRSw4Q0FBOEM7UUFDM0QsVUFBVSxFQUFFO1lBQ1Y7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7Z0JBQ3JDLE9BQU8sRUFBRSxvQkFBb0I7YUFDOUI7WUFDRDtnQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsYUFBYTtnQkFDMUMsS0FBSyxFQUFFLDRCQUE0QjtnQkFDbkMsT0FBTyxFQUFFLGtEQUFrRDthQUM1RDtTQUNGO0tBQ0Y7SUFDRCxTQUFTLEVBQUU7UUFDVCxRQUFRLEVBQUUsaUNBQVksQ0FBQyxNQUFNO1FBQzdCLFFBQVEsRUFBRSxJQUFJO1FBQ2QsV0FBVyxFQUFFLDRDQUE0QztRQUN6RCxVQUFVLEVBQUU7WUFDVjtnQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtnQkFDckMsT0FBTyxFQUFFLHVCQUF1QjthQUNqQztZQUNEO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxhQUFhO2dCQUMxQyxLQUFLLEVBQUUsc0JBQXNCO2dCQUM3QixPQUFPLEVBQUUsMkNBQTJDO2FBQ3JEO1NBQ0Y7S0FDRjtJQUNELFFBQVEsRUFBRTtRQUNSLFFBQVEsRUFBRSxpQ0FBWSxDQUFDLE1BQU07UUFDN0IsUUFBUSxFQUFFLElBQUk7UUFDZCxXQUFXLEVBQUUsNENBQTRDO1FBQ3pELFVBQVUsRUFBRTtZQUNWO2dCQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxRQUFRO2dCQUNyQyxPQUFPLEVBQUUsc0JBQXNCO2FBQ2hDO1lBQ0Q7Z0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLGFBQWE7Z0JBQzFDLEtBQUssRUFBRSw2QkFBNkI7Z0JBQ3BDLE9BQU8sRUFBRSxrREFBa0Q7YUFDNUQ7U0FDRjtLQUNGO0lBQ0QsZ0JBQWdCLEVBQUU7UUFDaEIsUUFBUSxFQUFFLGlDQUFZLENBQUMsS0FBSztRQUM1QixRQUFRLEVBQUUsS0FBSztRQUNmLFdBQVcsRUFBRSxpREFBaUQ7S0FDL0Q7SUFDRCxxQkFBcUIsRUFBRTtRQUNyQixRQUFRLEVBQUUsaUNBQVksQ0FBQyxLQUFLO1FBQzVCLFFBQVEsRUFBRSxLQUFLO1FBQ2YsV0FBVyxFQUFFLHVEQUF1RDtLQUNyRTtJQUNELE9BQU8sRUFBRTtRQUNQLFFBQVEsRUFBRSxpQ0FBWSxDQUFDLEtBQUs7UUFDNUIsUUFBUSxFQUFFLEtBQUs7UUFDZixXQUFXLEVBQUUsb0NBQW9DO0tBQ2xEO0lBQ0QsWUFBWSxFQUFFO1FBQ1osUUFBUSxFQUFFLGlDQUFZLENBQUMsS0FBSztRQUM1QixRQUFRLEVBQUUsS0FBSztRQUNmLFdBQVcsRUFBRSx5Q0FBeUM7S0FDdkQ7Q0FDRixDQUFDO0FBRUYsZ0ZBQWdGO0FBQ2hGLDJCQUEyQjtBQUMzQixnRkFBZ0Y7QUFFaEY7O0dBRUc7QUFDVSxRQUFBLHFDQUFxQyxHQUFjO0lBQzlELFlBQVksRUFDVixxRkFBcUY7SUFDdkYsT0FBTyxFQUFFLFlBQVk7SUFDckIsVUFBVSxFQUFFO1FBQ1YsR0FBRyxpQkFBaUI7S0FDckI7SUFDRCxRQUFRLEVBQUU7UUFDUixNQUFNO1FBQ04sa0JBQWtCO1FBQ2xCLFVBQVU7UUFDVixRQUFRO1FBQ1IsV0FBVztRQUNYLFVBQVU7S0FDWDtJQUNELFFBQVEsRUFBRTtRQUNSLGFBQWE7UUFDYixrQkFBa0I7UUFDbEIsdUJBQXVCO1FBQ3ZCLFNBQVM7UUFDVCxjQUFjO0tBQ2Y7SUFDRCxVQUFVLEVBQUUsRUFBRTtJQUNkLG1CQUFtQixFQUFFLEVBQUU7SUFDdkIsZUFBZSxFQUFFO1FBQ2Y7WUFDRSxRQUFRLEVBQUUsTUFBTTtZQUNoQixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSxzQ0FBc0M7aUJBQ2hEO2FBQ0Y7U0FDRjtRQUNEO1lBQ0UsUUFBUSxFQUFFLGtCQUFrQjtZQUM1QixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSxnQ0FBZ0M7aUJBQzFDO2FBQ0Y7U0FDRjtRQUNEO1lBQ0UsUUFBUSxFQUFFLFVBQVU7WUFDcEIsS0FBSyxFQUFFO2dCQUNMO29CQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxRQUFRO29CQUNyQyxPQUFPLEVBQUUsc0JBQXNCO2lCQUNoQzthQUNGO1NBQ0Y7UUFDRDtZQUNFLFFBQVEsRUFBRSxRQUFRO1lBQ2xCLEtBQUssRUFBRTtnQkFDTDtvQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtvQkFDckMsT0FBTyxFQUFFLG9CQUFvQjtpQkFDOUI7YUFDRjtTQUNGO1FBQ0Q7WUFDRSxRQUFRLEVBQUUsV0FBVztZQUNyQixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSx1QkFBdUI7aUJBQ2pDO2FBQ0Y7U0FDRjtRQUNEO1lBQ0UsUUFBUSxFQUFFLFVBQVU7WUFDcEIsS0FBSyxFQUFFO2dCQUNMO29CQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxRQUFRO29CQUNyQyxPQUFPLEVBQUUsc0JBQXNCO2lCQUNoQzthQUNGO1NBQ0Y7S0FDRjtDQUNGLENBQUM7QUFFRjs7R0FFRztBQUNVLFFBQUEscUNBQXFDLEdBQWM7SUFDOUQsWUFBWSxFQUNWLHFGQUFxRjtJQUN2RixPQUFPLEVBQUUsWUFBWTtJQUNyQixVQUFVLEVBQUU7UUFDVixHQUFHLGlCQUFpQjtLQUNyQjtJQUNELFFBQVEsRUFBRTtRQUNSLE1BQU07UUFDTixrQkFBa0I7UUFDbEIsVUFBVTtRQUNWLFFBQVE7UUFDUixXQUFXO1FBQ1gsVUFBVTtLQUNYO0lBQ0QsUUFBUSxFQUFFO1FBQ1IsYUFBYTtRQUNiLGtCQUFrQjtRQUNsQix1QkFBdUI7UUFDdkIsU0FBUztRQUNULGNBQWM7S0FDZjtJQUNELFVBQVUsRUFBRSxFQUFFO0lBQ2QsbUJBQW1CLEVBQUUsRUFBRTtJQUN2QixlQUFlLEVBQUU7UUFDZjtZQUNFLFFBQVEsRUFBRSxNQUFNO1lBQ2hCLEtBQUssRUFBRTtnQkFDTDtvQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtvQkFDckMsT0FBTyxFQUFFLHNDQUFzQztpQkFDaEQ7YUFDRjtTQUNGO1FBQ0Q7WUFDRSxRQUFRLEVBQUUsa0JBQWtCO1lBQzVCLEtBQUssRUFBRTtnQkFDTDtvQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtvQkFDckMsT0FBTyxFQUFFLGdDQUFnQztpQkFDMUM7YUFDRjtTQUNGO1FBQ0Q7WUFDRSxRQUFRLEVBQUUsVUFBVTtZQUNwQixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSxzQkFBc0I7aUJBQ2hDO2FBQ0Y7U0FDRjtRQUNEO1lBQ0UsUUFBUSxFQUFFLFFBQVE7WUFDbEIsS0FBSyxFQUFFO2dCQUNMO29CQUNFLFFBQVEsRUFBRSx1Q0FBa0IsQ0FBQyxRQUFRO29CQUNyQyxPQUFPLEVBQUUsb0JBQW9CO2lCQUM5QjthQUNGO1NBQ0Y7UUFDRDtZQUNFLFFBQVEsRUFBRSxXQUFXO1lBQ3JCLEtBQUssRUFBRTtnQkFDTDtvQkFDRSxRQUFRLEVBQUUsdUNBQWtCLENBQUMsUUFBUTtvQkFDckMsT0FBTyxFQUFFLHVCQUF1QjtpQkFDakM7YUFDRjtTQUNGO1FBQ0Q7WUFDRSxRQUFRLEVBQUUsVUFBVTtZQUNwQixLQUFLLEVBQUU7Z0JBQ0w7b0JBQ0UsUUFBUSxFQUFFLHVDQUFrQixDQUFDLFFBQVE7b0JBQ3JDLE9BQU8sRUFBRSxzQkFBc0I7aUJBQ2hDO2FBQ0Y7U0FDRjtLQUNGO0NBQ0YsQ0FBQztBQUVGLGdGQUFnRjtBQUNoRix5QkFBeUI7QUFDekIsZ0ZBQWdGO0FBRWhGOztHQUVHO0FBQ1UsUUFBQSxzQ0FBc0MsR0FBa0I7SUFDbkUsT0FBTyxFQUFFLFlBQVk7SUFDckIsTUFBTSxFQUFFLDZDQUFxQztJQUM3QyxZQUFZLEVBQUUsd0NBQW1CLENBQUMsTUFBTTtJQUN4QyxXQUFXLEVBQUUsWUFBWTtJQUN6QixlQUFlLEVBQUUsU0FBUztJQUMxQixVQUFVLEVBQUUsU0FBUztJQUNyQixlQUFlLEVBQUUsRUFBRTtJQUNuQixjQUFjLEVBQUUsb0RBQW9EO0lBQ3BFLFNBQVMsRUFBRTtRQUNUO1lBQ0UsVUFBVSxFQUFFLE9BQU87WUFDbkIsV0FBVyxFQUNULDZEQUE2RDtZQUMvRCxRQUFRLEVBQUUsS0FBSztTQUNoQjtLQUNGO0NBQ0YsQ0FBQztBQUVGOztHQUVHO0FBQ1UsUUFBQSxzQ0FBc0MsR0FBa0I7SUFDbkUsT0FBTyxFQUFFLFlBQVk7SUFDckIsTUFBTSxFQUFFLDZDQUFxQztJQUM3QyxZQUFZLEVBQUUsd0NBQW1CLENBQUMsV0FBVztJQUM3QyxXQUFXLEVBQUUsWUFBWTtJQUN6QixlQUFlLEVBQUUsU0FBUztJQUMxQixVQUFVLEVBQUUsU0FBUztJQUNyQixlQUFlLEVBQUUsRUFBRTtJQUNuQixjQUFjLEVBQUUsb0RBQW9EO0lBQ3BFLFNBQVMsRUFBRTtRQUNUO1lBQ0UsVUFBVSxFQUFFLE9BQU87WUFDbkIsV0FBVyxFQUFFLHVEQUF1RDtZQUNwRSxRQUFRLEVBQUUsS0FBSztTQUNoQjtLQUNGO0NBQ0YsQ0FBQztBQUVGOztHQUVHO0FBQ1UsUUFBQSxnQ0FBZ0MsR0FBb0I7SUFDL0QsOENBQXNDO0lBQ3RDLDhDQUFzQztDQUN2QyxDQUFDO0FBRUY7O0dBRUc7QUFDVSxRQUFBLHdCQUF3QixHQUNuQyxxRkFBcUYsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogQVBJIHNjaGVtYXMgZm9yIEF6dXJlIFZpcnR1YWwgTmV0d29yayBNYW5hZ2VyIFNlY3VyaXR5IEFkbWluIFJ1bGVzIGFjcm9zcyBhbGwgc3VwcG9ydGVkIHZlcnNpb25zXG4gKlxuICogVGhpcyBmaWxlIGRlZmluZXMgdGhlIGNvbXBsZXRlIEFQSSBzY2hlbWFzIGZvciBNaWNyb3NvZnQuTmV0d29yay9uZXR3b3JrTWFuYWdlcnMvc2VjdXJpdHlBZG1pbkNvbmZpZ3VyYXRpb25zL3J1bGVDb2xsZWN0aW9ucy9ydWxlc1xuICogYWNyb3NzIGFsbCBzdXBwb3J0ZWQgQVBJIHZlcnNpb25zLiBUaGUgc2NoZW1hcyBhcmUgdXNlZCBieSB0aGUgQXphcGlSZXNvdXJjZVxuICogZnJhbWV3b3JrIGZvciB2YWxpZGF0aW9uLCB0cmFuc2Zvcm1hdGlvbiwgYW5kIHZlcnNpb24gbWFuYWdlbWVudC5cbiAqL1xuXG5pbXBvcnQge1xuICBBcGlTY2hlbWEsXG4gIFByb3BlcnR5RGVmaW5pdGlvbixcbiAgUHJvcGVydHlUeXBlLFxuICBWYWxpZGF0aW9uUnVsZVR5cGUsXG4gIFZlcnNpb25Db25maWcsXG4gIFZlcnNpb25TdXBwb3J0TGV2ZWwsXG59IGZyb20gXCIuLi8uLi9jb3JlLWF6dXJlL2xpYi92ZXJzaW9uLW1hbmFnZXIvaW50ZXJmYWNlcy92ZXJzaW9uLWludGVyZmFjZXNcIjtcblxuLy8gPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT1cbi8vIFRZUEVTQ1JJUFQgSU5URVJGQUNFUyBGT1IgTkVTVEVEIE9CSkVDVFNcbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG5cbi8qKlxuICogQWRkcmVzcyBwcmVmaXggaXRlbSBmb3Igc291cmNlcyBvciBkZXN0aW5hdGlvbnNcbiAqL1xuZXhwb3J0IGludGVyZmFjZSBBZGRyZXNzUHJlZml4SXRlbSB7XG4gIHJlYWRvbmx5IGFkZHJlc3NQcmVmaXg/OiBzdHJpbmc7XG4gIHJlYWRvbmx5IGFkZHJlc3NQcmVmaXhUeXBlPzogXCJJUFByZWZpeFwiIHwgXCJTZXJ2aWNlVGFnXCI7XG59XG5cbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG4vLyBDT01NT04gUFJPUEVSVFkgREVGSU5JVElPTlNcbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG5cbi8qKlxuICogQ29tbW9uIHByb3BlcnR5IGRlZmluaXRpb25zIHNoYXJlZCBhY3Jvc3MgYWxsIFNlY3VyaXR5IEFkbWluIFJ1bGUgdmVyc2lvbnNcbiAqL1xuY29uc3QgQ09NTU9OX1BST1BFUlRJRVM6IHsgW2tleTogc3RyaW5nXTogUHJvcGVydHlEZWZpbml0aW9uIH0gPSB7XG4gIG5hbWU6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLlNUUklORyxcbiAgICByZXF1aXJlZDogdHJ1ZSxcbiAgICBkZXNjcmlwdGlvbjogXCJOYW1lIG9mIHRoZSBzZWN1cml0eSBhZG1pbiBydWxlXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICBtZXNzYWdlOiBcIlNlY3VyaXR5IGFkbWluIHJ1bGUgbmFtZSBpcyByZXF1aXJlZFwiLFxuICAgICAgfSxcbiAgICAgIHtcbiAgICAgICAgcnVsZVR5cGU6IFZhbGlkYXRpb25SdWxlVHlwZS5QQVRURVJOX01BVENILFxuICAgICAgICB2YWx1ZTogXCJeW2EtekEtWjAtOV1bYS16QS1aMC05Ll8tXXswLDYyfVthLXpBLVowLTlfXSRcIixcbiAgICAgICAgbWVzc2FnZTpcbiAgICAgICAgICBcIlNlY3VyaXR5IGFkbWluIHJ1bGUgbmFtZSBtdXN0IGJlIDItNjQgY2hhcnMsIGFscGhhbnVtZXJpYywgcGVyaW9kcywgdW5kZXJzY29yZXMsIGh5cGhlbnNcIixcbiAgICAgIH0sXG4gICAgXSxcbiAgfSxcbiAgcnVsZUNvbGxlY3Rpb25JZDoge1xuICAgIGRhdGFUeXBlOiBQcm9wZXJ0eVR5cGUuU1RSSU5HLFxuICAgIHJlcXVpcmVkOiB0cnVlLFxuICAgIGRlc2NyaXB0aW9uOiBcIlJlc291cmNlIElEIG9mIHRoZSBwYXJlbnQgUnVsZSBDb2xsZWN0aW9uXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICBtZXNzYWdlOiBcIlJ1bGUgQ29sbGVjdGlvbiBJRCBpcyByZXF1aXJlZFwiLFxuICAgICAgfSxcbiAgICBdLFxuICB9LFxuICBkZXNjcmlwdGlvbjoge1xuICAgIGRhdGFUeXBlOiBQcm9wZXJ0eVR5cGUuU1RSSU5HLFxuICAgIHJlcXVpcmVkOiBmYWxzZSxcbiAgICBkZXNjcmlwdGlvbjogXCJEZXNjcmlwdGlvbiBvZiB0aGUgc2VjdXJpdHkgYWRtaW4gcnVsZVwiLFxuICB9LFxuICBwcmlvcml0eToge1xuICAgIGRhdGFUeXBlOiBQcm9wZXJ0eVR5cGUuTlVNQkVSLFxuICAgIHJlcXVpcmVkOiB0cnVlLFxuICAgIGRlc2NyaXB0aW9uOlxuICAgICAgXCJQcmlvcml0eSBvZiB0aGUgcnVsZSAoMS00MDk2LCBsb3dlciBudW1iZXIgPSBoaWdoZXIgcHJpb3JpdHkpXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICBtZXNzYWdlOiBcIlByaW9yaXR5IGlzIHJlcXVpcmVkXCIsXG4gICAgICB9LFxuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlZBTFVFX1JBTkdFLFxuICAgICAgICB2YWx1ZTogeyBtaW46IDEsIG1heDogNDA5NiB9LFxuICAgICAgICBtZXNzYWdlOiBcIlByaW9yaXR5IG11c3QgYmUgYmV0d2VlbiAxIGFuZCA0MDk2XCIsXG4gICAgICB9LFxuICAgIF0sXG4gIH0sXG4gIGFjdGlvbjoge1xuICAgIGRhdGFUeXBlOiBQcm9wZXJ0eVR5cGUuU1RSSU5HLFxuICAgIHJlcXVpcmVkOiB0cnVlLFxuICAgIGRlc2NyaXB0aW9uOiBcIkFjdGlvbiB0byB0YWtlIChBbGxvdywgRGVueSwgb3IgQWx3YXlzQWxsb3cpXCIsXG4gICAgdmFsaWRhdGlvbjogW1xuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICBtZXNzYWdlOiBcIkFjdGlvbiBpcyByZXF1aXJlZFwiLFxuICAgICAgfSxcbiAgICAgIHtcbiAgICAgICAgcnVsZVR5cGU6IFZhbGlkYXRpb25SdWxlVHlwZS5QQVRURVJOX01BVENILFxuICAgICAgICB2YWx1ZTogXCJeKEFsbG93fERlbnl8QWx3YXlzQWxsb3cpJFwiLFxuICAgICAgICBtZXNzYWdlOiBcIkFjdGlvbiBtdXN0IGJlICdBbGxvdycsICdEZW55Jywgb3IgJ0Fsd2F5c0FsbG93J1wiLFxuICAgICAgfSxcbiAgICBdLFxuICB9LFxuICBkaXJlY3Rpb246IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLlNUUklORyxcbiAgICByZXF1aXJlZDogdHJ1ZSxcbiAgICBkZXNjcmlwdGlvbjogXCJEaXJlY3Rpb24gb2YgdHJhZmZpYyAoSW5ib3VuZCBvciBPdXRib3VuZClcIixcbiAgICB2YWxpZGF0aW9uOiBbXG4gICAgICB7XG4gICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgIG1lc3NhZ2U6IFwiRGlyZWN0aW9uIGlzIHJlcXVpcmVkXCIsXG4gICAgICB9LFxuICAgICAge1xuICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlBBVFRFUk5fTUFUQ0gsXG4gICAgICAgIHZhbHVlOiBcIl4oSW5ib3VuZHxPdXRib3VuZCkkXCIsXG4gICAgICAgIG1lc3NhZ2U6IFwiRGlyZWN0aW9uIG11c3QgYmUgJ0luYm91bmQnIG9yICdPdXRib3VuZCdcIixcbiAgICAgIH0sXG4gICAgXSxcbiAgfSxcbiAgcHJvdG9jb2w6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLlNUUklORyxcbiAgICByZXF1aXJlZDogdHJ1ZSxcbiAgICBkZXNjcmlwdGlvbjogXCJQcm90b2NvbCAoVGNwLCBVZHAsIEljbXAsIEVzcCwgQWgsIG9yIEFueSlcIixcbiAgICB2YWxpZGF0aW9uOiBbXG4gICAgICB7XG4gICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgIG1lc3NhZ2U6IFwiUHJvdG9jb2wgaXMgcmVxdWlyZWRcIixcbiAgICAgIH0sXG4gICAgICB7XG4gICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUEFUVEVSTl9NQVRDSCxcbiAgICAgICAgdmFsdWU6IFwiXihUY3B8VWRwfEljbXB8RXNwfEFofEFueSkkXCIsXG4gICAgICAgIG1lc3NhZ2U6IFwiUHJvdG9jb2wgbXVzdCBiZSBUY3AsIFVkcCwgSWNtcCwgRXNwLCBBaCwgb3IgQW55XCIsXG4gICAgICB9LFxuICAgIF0sXG4gIH0sXG4gIHNvdXJjZVBvcnRSYW5nZXM6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLkFSUkFZLFxuICAgIHJlcXVpcmVkOiBmYWxzZSxcbiAgICBkZXNjcmlwdGlvbjogXCJTb3VyY2UgcG9ydCByYW5nZXMgKGUuZy4sIFsnKiddLCBbJzgwJywgJzQ0MyddKVwiLFxuICB9LFxuICBkZXN0aW5hdGlvblBvcnRSYW5nZXM6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLkFSUkFZLFxuICAgIHJlcXVpcmVkOiBmYWxzZSxcbiAgICBkZXNjcmlwdGlvbjogXCJEZXN0aW5hdGlvbiBwb3J0IHJhbmdlcyAoZS5nLiwgWycqJ10sIFsnMjInLCAnMzM4OSddKVwiLFxuICB9LFxuICBzb3VyY2VzOiB7XG4gICAgZGF0YVR5cGU6IFByb3BlcnR5VHlwZS5BUlJBWSxcbiAgICByZXF1aXJlZDogZmFsc2UsXG4gICAgZGVzY3JpcHRpb246IFwiU291cmNlIGFkZHJlc3NlcyBvciBuZXR3b3JrIGdyb3Vwc1wiLFxuICB9LFxuICBkZXN0aW5hdGlvbnM6IHtcbiAgICBkYXRhVHlwZTogUHJvcGVydHlUeXBlLkFSUkFZLFxuICAgIHJlcXVpcmVkOiBmYWxzZSxcbiAgICBkZXNjcmlwdGlvbjogXCJEZXN0aW5hdGlvbiBhZGRyZXNzZXMgb3IgbmV0d29yayBncm91cHNcIixcbiAgfSxcbn07XG5cbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG4vLyBWRVJTSU9OLVNQRUNJRklDIFNDSEVNQVNcbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG5cbi8qKlxuICogQVBJIFNjaGVtYSBmb3IgU2VjdXJpdHkgQWRtaW4gUnVsZSB2ZXJzaW9uIDIwMjQtMDUtMDFcbiAqL1xuZXhwb3J0IGNvbnN0IFNFQ1VSSVRZX0FETUlOX1JVTEVfU0NIRU1BXzIwMjRfMDVfMDE6IEFwaVNjaGVtYSA9IHtcbiAgcmVzb3VyY2VUeXBlOlxuICAgIFwiTWljcm9zb2Z0Lk5ldHdvcmsvbmV0d29ya01hbmFnZXJzL3NlY3VyaXR5QWRtaW5Db25maWd1cmF0aW9ucy9ydWxlQ29sbGVjdGlvbnMvcnVsZXNcIixcbiAgdmVyc2lvbjogXCIyMDI0LTA1LTAxXCIsXG4gIHByb3BlcnRpZXM6IHtcbiAgICAuLi5DT01NT05fUFJPUEVSVElFUyxcbiAgfSxcbiAgcmVxdWlyZWQ6IFtcbiAgICBcIm5hbWVcIixcbiAgICBcInJ1bGVDb2xsZWN0aW9uSWRcIixcbiAgICBcInByaW9yaXR5XCIsXG4gICAgXCJhY3Rpb25cIixcbiAgICBcImRpcmVjdGlvblwiLFxuICAgIFwicHJvdG9jb2xcIixcbiAgXSxcbiAgb3B0aW9uYWw6IFtcbiAgICBcImRlc2NyaXB0aW9uXCIsXG4gICAgXCJzb3VyY2VQb3J0UmFuZ2VzXCIsXG4gICAgXCJkZXN0aW5hdGlvblBvcnRSYW5nZXNcIixcbiAgICBcInNvdXJjZXNcIixcbiAgICBcImRlc3RpbmF0aW9uc1wiLFxuICBdLFxuICBkZXByZWNhdGVkOiBbXSxcbiAgdHJhbnNmb3JtYXRpb25SdWxlczoge30sXG4gIHZhbGlkYXRpb25SdWxlczogW1xuICAgIHtcbiAgICAgIHByb3BlcnR5OiBcIm5hbWVcIixcbiAgICAgIHJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICAgIG1lc3NhZ2U6IFwiU2VjdXJpdHkgYWRtaW4gcnVsZSBuYW1lIGlzIHJlcXVpcmVkXCIsXG4gICAgICAgIH0sXG4gICAgICBdLFxuICAgIH0sXG4gICAge1xuICAgICAgcHJvcGVydHk6IFwicnVsZUNvbGxlY3Rpb25JZFwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJSdWxlIENvbGxlY3Rpb24gSUQgaXMgcmVxdWlyZWRcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJwcmlvcml0eVwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJQcmlvcml0eSBpcyByZXF1aXJlZFwiLFxuICAgICAgICB9LFxuICAgICAgXSxcbiAgICB9LFxuICAgIHtcbiAgICAgIHByb3BlcnR5OiBcImFjdGlvblwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJBY3Rpb24gaXMgcmVxdWlyZWRcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJkaXJlY3Rpb25cIixcbiAgICAgIHJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICAgIG1lc3NhZ2U6IFwiRGlyZWN0aW9uIGlzIHJlcXVpcmVkXCIsXG4gICAgICAgIH0sXG4gICAgICBdLFxuICAgIH0sXG4gICAge1xuICAgICAgcHJvcGVydHk6IFwicHJvdG9jb2xcIixcbiAgICAgIHJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICAgIG1lc3NhZ2U6IFwiUHJvdG9jb2wgaXMgcmVxdWlyZWRcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgXSxcbn07XG5cbi8qKlxuICogQVBJIFNjaGVtYSBmb3IgU2VjdXJpdHkgQWRtaW4gUnVsZSB2ZXJzaW9uIDIwMjMtMTEtMDFcbiAqL1xuZXhwb3J0IGNvbnN0IFNFQ1VSSVRZX0FETUlOX1JVTEVfU0NIRU1BXzIwMjNfMTFfMDE6IEFwaVNjaGVtYSA9IHtcbiAgcmVzb3VyY2VUeXBlOlxuICAgIFwiTWljcm9zb2Z0Lk5ldHdvcmsvbmV0d29ya01hbmFnZXJzL3NlY3VyaXR5QWRtaW5Db25maWd1cmF0aW9ucy9ydWxlQ29sbGVjdGlvbnMvcnVsZXNcIixcbiAgdmVyc2lvbjogXCIyMDIzLTExLTAxXCIsXG4gIHByb3BlcnRpZXM6IHtcbiAgICAuLi5DT01NT05fUFJPUEVSVElFUyxcbiAgfSxcbiAgcmVxdWlyZWQ6IFtcbiAgICBcIm5hbWVcIixcbiAgICBcInJ1bGVDb2xsZWN0aW9uSWRcIixcbiAgICBcInByaW9yaXR5XCIsXG4gICAgXCJhY3Rpb25cIixcbiAgICBcImRpcmVjdGlvblwiLFxuICAgIFwicHJvdG9jb2xcIixcbiAgXSxcbiAgb3B0aW9uYWw6IFtcbiAgICBcImRlc2NyaXB0aW9uXCIsXG4gICAgXCJzb3VyY2VQb3J0UmFuZ2VzXCIsXG4gICAgXCJkZXN0aW5hdGlvblBvcnRSYW5nZXNcIixcbiAgICBcInNvdXJjZXNcIixcbiAgICBcImRlc3RpbmF0aW9uc1wiLFxuICBdLFxuICBkZXByZWNhdGVkOiBbXSxcbiAgdHJhbnNmb3JtYXRpb25SdWxlczoge30sXG4gIHZhbGlkYXRpb25SdWxlczogW1xuICAgIHtcbiAgICAgIHByb3BlcnR5OiBcIm5hbWVcIixcbiAgICAgIHJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICAgIG1lc3NhZ2U6IFwiU2VjdXJpdHkgYWRtaW4gcnVsZSBuYW1lIGlzIHJlcXVpcmVkXCIsXG4gICAgICAgIH0sXG4gICAgICBdLFxuICAgIH0sXG4gICAge1xuICAgICAgcHJvcGVydHk6IFwicnVsZUNvbGxlY3Rpb25JZFwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJSdWxlIENvbGxlY3Rpb24gSUQgaXMgcmVxdWlyZWRcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJwcmlvcml0eVwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJQcmlvcml0eSBpcyByZXF1aXJlZFwiLFxuICAgICAgICB9LFxuICAgICAgXSxcbiAgICB9LFxuICAgIHtcbiAgICAgIHByb3BlcnR5OiBcImFjdGlvblwiLFxuICAgICAgcnVsZXM6IFtcbiAgICAgICAge1xuICAgICAgICAgIHJ1bGVUeXBlOiBWYWxpZGF0aW9uUnVsZVR5cGUuUkVRVUlSRUQsXG4gICAgICAgICAgbWVzc2FnZTogXCJBY3Rpb24gaXMgcmVxdWlyZWRcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgICB7XG4gICAgICBwcm9wZXJ0eTogXCJkaXJlY3Rpb25cIixcbiAgICAgIHJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICAgIG1lc3NhZ2U6IFwiRGlyZWN0aW9uIGlzIHJlcXVpcmVkXCIsXG4gICAgICAgIH0sXG4gICAgICBdLFxuICAgIH0sXG4gICAge1xuICAgICAgcHJvcGVydHk6IFwicHJvdG9jb2xcIixcbiAgICAgIHJ1bGVzOiBbXG4gICAgICAgIHtcbiAgICAgICAgICBydWxlVHlwZTogVmFsaWRhdGlvblJ1bGVUeXBlLlJFUVVJUkVELFxuICAgICAgICAgIG1lc3NhZ2U6IFwiUHJvdG9jb2wgaXMgcmVxdWlyZWRcIixcbiAgICAgICAgfSxcbiAgICAgIF0sXG4gICAgfSxcbiAgXSxcbn07XG5cbi8vID09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09XG4vLyBWRVJTSU9OIENPTkZJR1VSQVRJT05TXG4vLyA9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PVxuXG4vKipcbiAqIFZlcnNpb24gY29uZmlndXJhdGlvbiBmb3IgU2VjdXJpdHkgQWRtaW4gUnVsZSAyMDI0LTA1LTAxXG4gKi9cbmV4cG9ydCBjb25zdCBTRUNVUklUWV9BRE1JTl9SVUxFX1ZFUlNJT05fMjAyNF8wNV8wMTogVmVyc2lvbkNvbmZpZyA9IHtcbiAgdmVyc2lvbjogXCIyMDI0LTA1LTAxXCIsXG4gIHNjaGVtYTogU0VDVVJJVFlfQURNSU5fUlVMRV9TQ0hFTUFfMjAyNF8wNV8wMSxcbiAgc3VwcG9ydExldmVsOiBWZXJzaW9uU3VwcG9ydExldmVsLkFDVElWRSxcbiAgcmVsZWFzZURhdGU6IFwiMjAyNC0wNS0wMVwiLFxuICBkZXByZWNhdGlvbkRhdGU6IHVuZGVmaW5lZCxcbiAgc3Vuc2V0RGF0ZTogdW5kZWZpbmVkLFxuICBicmVha2luZ0NoYW5nZXM6IFtdLFxuICBtaWdyYXRpb25HdWlkZTogXCIvZG9jcy92aXJ0dWFsLW5ldHdvcmstbWFuYWdlci9taWdyYXRpb24tMjAyNC0wNS0wMVwiLFxuICBjaGFuZ2VMb2c6IFtcbiAgICB7XG4gICAgICBjaGFuZ2VUeXBlOiBcImFkZGVkXCIsXG4gICAgICBkZXNjcmlwdGlvbjpcbiAgICAgICAgXCJMYXRlc3Qgc3RhYmxlIHJlbGVhc2Ugd2l0aCBmdWxsIHNlY3VyaXR5IGFkbWluIHJ1bGUgc3VwcG9ydFwiLFxuICAgICAgYnJlYWtpbmc6IGZhbHNlLFxuICAgIH0sXG4gIF0sXG59O1xuXG4vKipcbiAqIFZlcnNpb24gY29uZmlndXJhdGlvbiBmb3IgU2VjdXJpdHkgQWRtaW4gUnVsZSAyMDIzLTExLTAxXG4gKi9cbmV4cG9ydCBjb25zdCBTRUNVUklUWV9BRE1JTl9SVUxFX1ZFUlNJT05fMjAyM18xMV8wMTogVmVyc2lvbkNvbmZpZyA9IHtcbiAgdmVyc2lvbjogXCIyMDIzLTExLTAxXCIsXG4gIHNjaGVtYTogU0VDVVJJVFlfQURNSU5fUlVMRV9TQ0hFTUFfMjAyM18xMV8wMSxcbiAgc3VwcG9ydExldmVsOiBWZXJzaW9uU3VwcG9ydExldmVsLk1BSU5URU5BTkNFLFxuICByZWxlYXNlRGF0ZTogXCIyMDIzLTExLTAxXCIsXG4gIGRlcHJlY2F0aW9uRGF0ZTogdW5kZWZpbmVkLFxuICBzdW5zZXREYXRlOiB1bmRlZmluZWQsXG4gIGJyZWFraW5nQ2hhbmdlczogW10sXG4gIG1pZ3JhdGlvbkd1aWRlOiBcIi9kb2NzL3ZpcnR1YWwtbmV0d29yay1tYW5hZ2VyL21pZ3JhdGlvbi0yMDIzLTExLTAxXCIsXG4gIGNoYW5nZUxvZzogW1xuICAgIHtcbiAgICAgIGNoYW5nZVR5cGU6IFwiYWRkZWRcIixcbiAgICAgIGRlc2NyaXB0aW9uOiBcIlN0YWJsZSByZWxlYXNlIHdpdGggY29yZSBzZWN1cml0eSBhZG1pbiBydWxlIGZlYXR1cmVzXCIsXG4gICAgICBicmVha2luZzogZmFsc2UsXG4gICAgfSxcbiAgXSxcbn07XG5cbi8qKlxuICogQWxsIHN1cHBvcnRlZCBTZWN1cml0eSBBZG1pbiBSdWxlIHZlcnNpb25zIGZvciByZWdpc3RyYXRpb25cbiAqL1xuZXhwb3J0IGNvbnN0IEFMTF9TRUNVUklUWV9BRE1JTl9SVUxFX1ZFUlNJT05TOiBWZXJzaW9uQ29uZmlnW10gPSBbXG4gIFNFQ1VSSVRZX0FETUlOX1JVTEVfVkVSU0lPTl8yMDI0XzA1XzAxLFxuICBTRUNVUklUWV9BRE1JTl9SVUxFX1ZFUlNJT05fMjAyM18xMV8wMSxcbl07XG5cbi8qKlxuICogUmVzb3VyY2UgdHlwZSBjb25zdGFudFxuICovXG5leHBvcnQgY29uc3QgU0VDVVJJVFlfQURNSU5fUlVMRV9UWVBFID1cbiAgXCJNaWNyb3NvZnQuTmV0d29yay9uZXR3b3JrTWFuYWdlcnMvc2VjdXJpdHlBZG1pbkNvbmZpZ3VyYXRpb25zL3J1bGVDb2xsZWN0aW9ucy9ydWxlc1wiO1xuIl19

package/lib/azure-virtualnetworkmanager/lib/security-admin-rule.d.ts

@@ -0,0 +1,221 @@
+/**
+ * Azure Virtual Network Manager Security Admin Rule implementation using AzapiResource framework
+ *
+ * This class provides a unified implementation for individual security admin rules that define
+ * high-priority security policies. These rules are evaluated BEFORE traditional NSGs and can
+ * enforce organization-wide security requirements.
+ *
+ * Supported API Versions:
+ * - 2023-11-01 (Maintenance)
+ * - 2024-05-01 (Active, Latest)
+ *
+ * Features:
+ * - Automatic latest version resolution when no version is specified
+ * - Explicit version pinning for stability requirements
+ * - Schema-driven validation and transformation
+ * - Three action types: Allow, Deny, AlwaysAllow
+ * - Full backward compatibility
+ * - JSII compliance for multi-language support
+ */
+import * as cdktf from "cdktf";
+import { Construct } from "constructs";
+import { AddressPrefixItem } from "./security-admin-rule-schemas";
+import { AzapiResource, AzapiResourceProps } from "../../core-azure/lib/azapi/azapi-resource";
+import { ApiSchema } from "../../core-azure/lib/version-manager/interfaces/version-interfaces";
+/**
+ * Properties for the Azure Virtual Network Manager Security Admin Rule
+ *
+ * Extends AzapiResourceProps with Security Admin Rule specific properties
+ */
+export interface SecurityAdminRuleProps extends AzapiResourceProps {
+    /**
+     * Resource ID of the parent Rule Collection
+     * @example "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg/providers/Microsoft.Network/networkManagers/vnm/securityAdminConfigurations/config/ruleCollections/collection"
+     */
+    readonly ruleCollectionId: string;
+    /**
+     * Optional description of the security admin rule
+     * @example "Block SSH access from internet"
+     */
+    readonly description?: string;
+    /**
+     * Priority of the rule (1-4096, lower number = higher priority)
+     * Rules with lower priority numbers are evaluated first
+     * @example 100
+     */
+    readonly priority: number;
+    /**
+     * Action to take when the rule matches
+     * - Allow: Allow traffic (NSG can still deny)
+     * - Deny: Deny traffic (stops evaluation)
+     * - AlwaysAllow: Force allow (overrides NSG denies)
+     * @example "Deny"
+     * @example "AlwaysAllow"
+     */
+    readonly action: "Allow" | "Deny" | "AlwaysAllow";
+    /**
+     * Direction of traffic this rule applies to
+     * @example "Inbound"
+     * @example "Outbound"
+     */
+    readonly direction: "Inbound" | "Outbound";
+    /**
+     * Protocol this rule applies to
+     * @example "Tcp"
+     * @example "Any"
+     */
+    readonly protocol: "Tcp" | "Udp" | "Icmp" | "Esp" | "Ah" | "Any";
+    /**
+     * Source port ranges
+     * Use ["*"] for all ports or specify ranges like ["80", "443", "8000-8999"]
+     * @default ["*"]
+     * @example ["*"]
+     * @example ["80", "443"]
+     */
+    readonly sourcePortRanges?: string[];
+    /**
+     * Destination port ranges
+     * Use ["*"] for all ports or specify ranges
+     * @default ["*"]
+     * @example ["22"]
+     * @example ["3389", "5985-5986"]
+     */
+    readonly destinationPortRanges?: string[];
+    /**
+     * Source addresses or network groups
+     * @example [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }]
+     * @example [{ addressPrefix: "10.0.0.0/8", addressPrefixType: "IPPrefix" }]
+     */
+    readonly sources?: AddressPrefixItem[];
+    /**
+     * Destination addresses or network groups
+     * @example [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }]
+     * @example [{ addressPrefix: "Internet", addressPrefixType: "ServiceTag" }]
+     */
+    readonly destinations?: AddressPrefixItem[];
+    /**
+     * The lifecycle rules to ignore changes
+     * @example ["tags"]
+     */
+    readonly ignoreChanges?: string[];
+}
+/**
+ * Properties for Security Admin Rule body
+ */
+export interface SecurityAdminRuleProperties {
+    readonly description?: string;
+    readonly priority: number;
+    readonly action: string;
+    readonly direction: string;
+    readonly protocol: string;
+    readonly sourcePortRanges?: string[];
+    readonly destinationPortRanges?: string[];
+    readonly sources?: AddressPrefixItem[];
+    readonly destinations?: AddressPrefixItem[];
+}
+/**
+ * The resource body interface for Azure Security Admin Rule API calls
+ */
+export interface SecurityAdminRuleBody {
+    readonly kind: "Custom";
+    readonly properties: SecurityAdminRuleProperties;
+}
+/**
+ * Azure Virtual Network Manager Security Admin Rule implementation
+ *
+ * Security admin rules define high-priority security policies that are evaluated BEFORE
+ * traditional Network Security Groups (NSGs). This enables centralized security enforcement
+ * that cannot be overridden by individual teams.
+ *
+ * Key concepts:
+ * - Priority: Lower numbers = higher priority (evaluated first)
+ * - Allow: Permits traffic, but NSG can still deny it
+ * - Deny: Blocks traffic immediately, no further evaluation
+ * - AlwaysAllow: Forces traffic to be allowed, overriding NSG denies
+ *
+ * @example
+ * // Block SSH from internet:
+ * const blockSSH = new SecurityAdminRule(this, "block-ssh", {
+ *   name: "block-ssh-from-internet",
+ *   ruleCollectionId: ruleCollection.id,
+ *   description: "Block SSH access from internet",
+ *   priority: 100,
+ *   action: "Deny",
+ *   direction: "Inbound",
+ *   protocol: "Tcp",
+ *   destinationPortRanges: ["22"],
+ *   sources: [{ addressPrefix: "Internet", addressPrefixType: "ServiceTag" }],
+ *   destinations: [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }]
+ * });
+ *
+ * @example
+ * // Always allow monitoring traffic:
+ * const allowMonitoring = new SecurityAdminRule(this, "allow-monitoring", {
+ *   name: "always-allow-monitoring",
+ *   ruleCollectionId: ruleCollection.id,
+ *   description: "Always allow traffic from monitoring systems",
+ *   priority: 50,
+ *   action: "AlwaysAllow",
+ *   direction: "Inbound",
+ *   protocol: "Any",
+ *   sources: [{ addressPrefix: "10.0.0.0/24", addressPrefixType: "IPPrefix" }],
+ *   destinations: [{ addressPrefix: "*", addressPrefixType: "IPPrefix" }]
+ * });
+ *
+ * @stability stable
+ */
+export declare class SecurityAdminRule extends AzapiResource {
+    /**
+     * The input properties for this Security Admin Rule instance
+     */
+    readonly props: SecurityAdminRuleProps;
+    readonly idOutput: cdktf.TerraformOutput;
+    readonly nameOutput: cdktf.TerraformOutput;
+    readonly provisioningStateOutput: cdktf.TerraformOutput;
+    readonly resourceName: string;
+    /**
+     * Creates a new Azure Virtual Network Manager Security Admin Rule using the AzapiResource framework
+     *
+     * @param scope - The scope in which to define this construct
+     * @param id - The unique identifier for this instance
+     * @param props - Configuration properties for the Security Admin Rule
+     */
+    constructor(scope: Construct, id: string, props: SecurityAdminRuleProps);
+    /**
+     * Resolves the parent resource ID for the Security Admin Rule
+     * Security Admin Rules are scoped to Rule Collections
+     */
+    protected resolveParentId(props: any): string;
+    /**
+     * Gets the default API version to use when no explicit version is specified
+     */
+    protected defaultVersion(): string;
+    /**
+     * Gets the Azure resource type for Security Admin Rules
+     */
+    protected resourceType(): string;
+    /**
+     * Gets the API schema for the resolved version
+     */
+    protected apiSchema(): ApiSchema;
+    /**
+     * Creates the resource body for the Azure API call
+     */
+    protected createResourceBody(props: any): any;
+    /**
+     * Get the provisioning state of the Security Admin Rule
+     */
+    get provisioningState(): string;
+    /**
+     * Get the priority of the rule
+     */
+    get rulePriority(): number;
+    /**
+     * Get the action of the rule
+     */
+    get ruleAction(): "Allow" | "Deny" | "AlwaysAllow";
+    /**
+     * Applies ignore changes lifecycle rules if specified in props
+     */
+    private _applyIgnoreChanges;
+}