@paulo_raca/cdk-skylight 0.0.0

package/lib/skylight-authentication/ad-authentication.js

@@ -0,0 +1,232 @@
+"use strict";
+var _a, _b;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AwsManagedMicrosoftAdR53 = exports.AwsManagedMicrosoftAd = exports.AwsManagedMicrosoftConfigurationStoreType = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+// Imports
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const constructs_1 = require("constructs");
+const skylight = require("../index");
+var AwsManagedMicrosoftConfigurationStoreType;
+(function (AwsManagedMicrosoftConfigurationStoreType) {
+    AwsManagedMicrosoftConfigurationStoreType["SSM"] = "AWS Systems Manager Parameter Store";
+})(AwsManagedMicrosoftConfigurationStoreType || (exports.AwsManagedMicrosoftConfigurationStoreType = AwsManagedMicrosoftConfigurationStoreType = {}));
+/**
+ * A Ad Authentication represents an integration pattern of Managed AD and Route 53 Resolver in a specific VPC
+ *
+ * The Construct creates Managed AD with the provided Secret (Secrets Manager) or generates a new Secret.
+ * The secret saved to SSM parameter store so others can use it with other Constructs (Such as Windows node or FSx)
+ * The provided VPC or the new created VPC will be configured to forward DNS requests to the Managed AD with Route53 Resolvers
+ * The construct also creates (optionally) t3.nano machine that is part of the domain that can be used to run admin-tasks (such as createADGroup)
+ *
+ * The createADGroup() method creates an Active Directory permission group in the domain, using the domain admin user.
+ * Please note: When calling createADGroup() API, a Lambda will be created to start the worker machine (Using AWS-SDK),
+ * then each command will be scheduled with State Manager, and the instance will be shut down after complete.
+ *
+ */
+class AwsManagedMicrosoftAd extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.props = props;
+        this.props.domainName = props.domainName ?? 'domain.aws';
+        this.props.edition = props.edition ?? 'Standard';
+        this.props.secretName = props.secretName ?? `${props.domainName}-secret`;
+        this.props.createWorker = props.createWorker ?? true;
+        this.adParameters = props.configurationStore ?? {
+            configurationStoreType: AwsManagedMicrosoftConfigurationStoreType.SSM,
+        };
+        this.adParameters.secretPointer =
+            this.adParameters.secretPointer ?? 'domain-secret';
+        this.adParameters.directoryIDPointer =
+            this.adParameters.directoryIDPointer ?? 'directoryID';
+        if (this.adParameters.namespace) {
+            this.adParameters.namespace = `${this.adParameters.namespace}/authentication/mad`;
+        }
+        else {
+            this.adParameters.namespace = 'cdk-skylight/authentication/mad';
+        }
+        this.secret =
+            this.props.secret ??
+                new aws_cdk_lib_1.aws_secretsmanager.Secret(this, 'Secret', {
+                    generateSecretString: {
+                        secretStringTemplate: JSON.stringify({
+                            Domain: props.domainName,
+                            UserID: 'Admin',
+                        }),
+                        generateStringKey: 'Password',
+                        excludePunctuation: true,
+                    },
+                    secretName: props.secretName,
+                });
+        new aws_cdk_lib_1.aws_ssm.StringParameter(this, 'mad-secretName-pointer', {
+            parameterName: `/${this.adParameters.namespace}/${this.adParameters.secretPointer}`,
+            stringValue: this.props.secretName,
+        });
+        let subnets;
+        if (props.vpcSubnets) {
+            if (props.vpcSubnets.hasPublic || props.vpcSubnets.subnets.length !== 2) {
+                throw new Error('A public subnet or not exactly 2 subnets where passed in, please pass in two private subnets');
+            }
+            subnets = props.vpcSubnets;
+        }
+        else {
+            subnets =
+                props.vpc.selectSubnets({
+                    subnetType: aws_cdk_lib_1.aws_ec2.SubnetType.PRIVATE_WITH_NAT,
+                }) ??
+                    props.vpc.selectSubnets({
+                        subnetType: aws_cdk_lib_1.aws_ec2.SubnetType.PRIVATE_ISOLATED,
+                    });
+        }
+        new aws_cdk_lib_1.CfnOutput(this, 'secret-value-hint', {
+            value: `aws secretsmanager get-secret-value --secret-id ${this.secret.secretArn} --query SecretString --output text --region ${aws_cdk_lib_1.Stack.of(scope).region}`,
+        });
+        this.microsoftAD = new aws_cdk_lib_1.aws_directoryservice.CfnMicrosoftAD(this, 'AWS-Managed-Microsoft-AD', {
+            password: this.secret
+                .secretValueFromJson('Password')
+                .unsafeUnwrap().toString(),
+            edition: props.edition,
+            name: this.props.domainName,
+            vpcSettings: {
+                subnetIds: [subnets.subnetIds[0], subnets.subnetIds[1]],
+                vpcId: props.vpc.vpcId,
+            },
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'mad-dns-ips', {
+            value: `${aws_cdk_lib_1.Fn.join(',', this.microsoftAD.attrDnsIpAddresses)}`,
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'mad-dns-name', {
+            value: `${this.props.domainName}`,
+        });
+        new aws_cdk_lib_1.CfnOutput(this, 'mad-directoyID', {
+            value: `${this.microsoftAD.ref}`,
+        });
+        new aws_cdk_lib_1.aws_ssm.StringParameter(this, 'mad-directoryID-pointer', {
+            parameterName: `/${this.adParameters.namespace}/${this.adParameters.directoryIDPointer}`,
+            stringValue: this.microsoftAD.ref,
+        });
+        if (this.props.createWorker) {
+            this.domainWindowsNode = this.createWorker(this.props.domainName, this.secret);
+            this.domainWindowsNode.runPSwithDomainAdmin([
+                'Add-WindowsFeature RSAT-AD-PowerShell',
+                'Stop-Computer -ComputerName localhost',
+            ], 'ad-powershell');
+            this.domainWindowsNode.instance.node.addDependency(this.microsoftAD);
+        }
+        else {
+            this.domainWindowsNode = undefined;
+        }
+    }
+    // Creates DomainWindowsNode that will be used to run admin-tasks to this directory
+    createWorker(domainName, domainPassword) {
+        return new skylight.compute.DomainWindowsNode(this, 'madWorker', {
+            domainName: domainName,
+            passwordObject: domainPassword,
+            vpc: this.props.vpc,
+            instanceType: 't3.small',
+            usePrivateSubnet: true,
+        });
+    }
+    // The function creates a Lambda to Start the Windows Worker, then creates SSM Document and Desired state in State Manager to schedule this document on the Worker.
+    createADGroup(groupName, groupDescription) {
+        if (this.domainWindowsNode) {
+            this.domainWindowsNode.startInstance();
+            this.domainWindowsNode.runPSwithDomainAdmin([
+                `New-ADGroup -Name "${groupDescription}" -SamAccountName "${groupName}" -GroupScope DomainLocal`,
+                'Stop-Computer -ComputerName localhost',
+            ], 'createAdGroup');
+        }
+        else {
+            console.log("Can't create AD group when no Worker is defined");
+        }
+    }
+    // Experimental
+    createServiceAccount(adServiceAccountName, servicePrincipalNames, principalsAllowedToRetrieveManagedPassword) {
+        if (this.domainWindowsNode) {
+            this.domainWindowsNode.runPSwithDomainAdmin([
+                `New-ADServiceAccount -Name "${adServiceAccountName}" -DnsHostName "${adServiceAccountName}.${this.props.domainName}" -ServicePrincipalNames "${servicePrincipalNames}" -PrincipalsAllowedToRetrieveManagedPassword "${principalsAllowedToRetrieveManagedPassword}"`,
+            ], 'createServiceAccount');
+        }
+        else {
+            console.log("Can't createServiceAccount when no Worker is defined");
+        }
+    }
+}
+exports.AwsManagedMicrosoftAd = AwsManagedMicrosoftAd;
+_a = JSII_RTTI_SYMBOL_1;
+AwsManagedMicrosoftAd[_a] = { fqn: "cdk-skylight.authentication.AwsManagedMicrosoftAd", version: "0.0.0" };
+/**
+ * A Ad Authentication represents an integration pattern of Managed AD and Route 53 Resolver in a specific VPC
+ *
+ * The Construct creates Managed AD with the provided Secret (Secrets Manager) or generates a new Secret.
+ * The secret saved to SSM parameter store so others can use it with other Constructs (Such as Windows node or FSx)
+ * The provided VPC or the new created VPC will be configured to forward DNS requests to the Managed AD with Route53 Resolvers
+ * The construct also creates (optionally) t3.nano machine that is part of the domain that can be used to run admin-tasks (such as createADGroup)
+ *
+ * The createADGroup() method creates an Active Directory permission group in the domain, using the domain admin user.
+ * Please note: When calling createADGroup() API, a Lambda will be created to start the worker machine (Using AWS-SDK),
+ * then each command will be scheduled with State Manager, and the instance will be shut down after complete.
+ *
+ */
+class AwsManagedMicrosoftAdR53 extends AwsManagedMicrosoftAd {
+    constructor(scope, id, props) {
+        super(scope, id, props);
+        let subnets;
+        if (props.vpcSubnets) {
+            if (props.vpcSubnets.hasPublic || props.vpcSubnets.subnets.length !== 2) {
+                throw new Error('A public subnet or not exactly 2 subnets where passed in, please pass in two private subnets');
+            }
+            subnets = props.vpcSubnets;
+        }
+        else {
+            subnets =
+                props.vpc.selectSubnets({
+                    subnetType: aws_cdk_lib_1.aws_ec2.SubnetType.PRIVATE_WITH_NAT,
+                }) ??
+                    props.vpc.selectSubnets({
+                        subnetType: aws_cdk_lib_1.aws_ec2.SubnetType.PRIVATE_ISOLATED,
+                    });
+        }
+        const sg = new aws_cdk_lib_1.aws_ec2.SecurityGroup(this, 'r53-outbound-resolver-SG', {
+            vpc: props.vpc,
+        });
+        sg.addIngressRule(aws_cdk_lib_1.aws_ec2.Peer.ipv4(props.vpc.vpcCidrBlock), aws_cdk_lib_1.aws_ec2.Port.udp(53));
+        sg.addIngressRule(aws_cdk_lib_1.aws_ec2.Peer.ipv4(props.vpc.vpcCidrBlock), aws_cdk_lib_1.aws_ec2.Port.tcp(53));
+        const outBoundResolver = new aws_cdk_lib_1.aws_route53resolver.CfnResolverEndpoint(this, 'R53-Resolver-Endpoint', {
+            direction: 'OUTBOUND',
+            ipAddresses: subnets.subnetIds.map((s) => {
+                return { subnetId: s };
+            }),
+            securityGroupIds: [sg.securityGroupId],
+        });
+        const resolverRules = new aws_cdk_lib_1.aws_route53resolver.CfnResolverRule(this, 'R53-Resolve-Rule', {
+            domainName: this.props.domainName,
+            resolverEndpointId: outBoundResolver.ref,
+            ruleType: 'FORWARD',
+            targetIps: [
+                { ip: aws_cdk_lib_1.Fn.select(0, this.microsoftAD.attrDnsIpAddresses) },
+                { ip: aws_cdk_lib_1.Fn.select(1, this.microsoftAD.attrDnsIpAddresses) },
+            ],
+        });
+        new aws_cdk_lib_1.aws_route53resolver.CfnResolverRuleAssociation(this, 'R53-Resolver-Association', {
+            resolverRuleId: resolverRules.attrResolverRuleId,
+            vpcId: props.vpc.vpcId,
+        });
+    }
+}
+exports.AwsManagedMicrosoftAdR53 = AwsManagedMicrosoftAdR53;
+_b = JSII_RTTI_SYMBOL_1;
+AwsManagedMicrosoftAdR53[_b] = { fqn: "cdk-skylight.authentication.AwsManagedMicrosoftAdR53", version: "0.0.0" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWQtYXV0aGVudGljYXRpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvc2t5bGlnaHQtYXV0aGVudGljYXRpb24vYWQtYXV0aGVudGljYXRpb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFBQTs7Ozs7Ozs7Ozs7R0FXRztBQUVILFVBQVU7QUFDViw2Q0FTcUI7QUFJckIsMkNBQXVDO0FBQ3ZDLHFDQUFxQztBQWlEckMsSUFBWSx5Q0FFWDtBQUZELFdBQVkseUNBQXlDO0lBQ25ELHdGQUEyQyxDQUFBO0FBQzdDLENBQUMsRUFGVyx5Q0FBeUMseURBQXpDLHlDQUF5QyxRQUVwRDtBQStCRDs7Ozs7Ozs7Ozs7O0dBWUc7QUFDSCxNQUFhLHFCQUFzQixTQUFRLHNCQUFTO0lBTWxELFlBQ0UsS0FBZ0IsRUFDaEIsRUFBVSxFQUNWLEtBQWtDO1FBRWxDLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFDakIsSUFBSSxDQUFDLEtBQUssR0FBRyxLQUFLLENBQUM7UUFDbkIsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEdBQUcsS0FBSyxDQUFDLFVBQVUsSUFBSSxZQUFZLENBQUM7UUFDekQsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEdBQUcsS0FBSyxDQUFDLE9BQU8sSUFBSSxVQUFVLENBQUM7UUFDakQsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEdBQUcsS0FBSyxDQUFDLFVBQVUsSUFBSSxHQUFHLEtBQUssQ0FBQyxVQUFVLFNBQVMsQ0FBQztRQUN6RSxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksR0FBRyxLQUFLLENBQUMsWUFBWSxJQUFJLElBQUksQ0FBQztRQUVyRCxJQUFJLENBQUMsWUFBWSxHQUFHLEtBQUssQ0FBQyxrQkFBa0IsSUFBSTtZQUM5QyxzQkFBc0IsRUFBRSx5Q0FBeUMsQ0FBQyxHQUFHO1NBQ3RFLENBQUM7UUFDRixJQUFJLENBQUMsWUFBWSxDQUFDLGFBQWE7WUFDN0IsSUFBSSxDQUFDLFlBQVksQ0FBQyxhQUFhLElBQUksZUFBZSxDQUFDO1FBRXJELElBQUksQ0FBQyxZQUFZLENBQUMsa0JBQWtCO1lBQ2xDLElBQUksQ0FBQyxZQUFZLENBQUMsa0JBQWtCLElBQUksYUFBYSxDQUFDO1FBRXhELElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNoQyxJQUFJLENBQUMsWUFBWSxDQUFDLFNBQVMsR0FBRyxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsU0FBUyxxQkFBcUIsQ0FBQztRQUNwRixDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksQ0FBQyxZQUFZLENBQUMsU0FBUyxHQUFHLGlDQUFpQyxDQUFDO1FBQ2xFLENBQUM7UUFFRCxJQUFJLENBQUMsTUFBTTtZQUNULElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTTtnQkFDakIsSUFBSSxnQ0FBYyxDQUFDLE1BQU0sQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFO29CQUN4QyxvQkFBb0IsRUFBRTt3QkFDcEIsb0JBQW9CLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQzs0QkFDbkMsTUFBTSxFQUFFLEtBQUssQ0FBQyxVQUFVOzRCQUN4QixNQUFNLEVBQUUsT0FBTzt5QkFDaEIsQ0FBQzt3QkFDRixpQkFBaUIsRUFBRSxVQUFVO3dCQUM3QixrQkFBa0IsRUFBRSxJQUFJO3FCQUN6QjtvQkFDRCxVQUFVLEVBQUUsS0FBSyxDQUFDLFVBQVU7aUJBQzdCLENBQUMsQ0FBQztRQUVMLElBQUkscUJBQU8sQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLHdCQUF3QixFQUFFO1lBQzFELGFBQWEsRUFBRSxJQUFJLElBQUksQ0FBQyxZQUFZLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxZQUFZLENBQUMsYUFBYSxFQUFFO1lBQ25GLFdBQVcsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFVBQVU7U0FDbkMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxPQUF3QixDQUFDO1FBQzdCLElBQUksS0FBSyxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3JCLElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQyxTQUFTLElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUN4RSxNQUFNLElBQUksS0FBSyxDQUNiLDhGQUE4RixDQUMvRixDQUFDO1lBQ0osQ0FBQztZQUNELE9BQU8sR0FBRyxLQUFLLENBQUMsVUFBVSxDQUFDO1FBQzdCLENBQUM7YUFBTSxDQUFDO1lBQ04sT0FBTztnQkFDTCxLQUFLLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQztvQkFDdEIsVUFBVSxFQUFFLHFCQUFHLENBQUMsVUFBVSxDQUFDLGdCQUFnQjtpQkFDNUMsQ0FBQztvQkFDRixLQUFLLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQzt3QkFDdEIsVUFBVSxFQUFFLHFCQUFHLENBQUMsVUFBVSxDQUFDLGdCQUFnQjtxQkFDNUMsQ0FBQyxDQUFDO1FBQ1AsQ0FBQztRQUVELElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsbUJBQW1CLEVBQUU7WUFDdkMsS0FBSyxFQUFFLG1EQUNMLElBQUksQ0FBQyxNQUFNLENBQUMsU0FDZCxnREFBZ0QsbUJBQUssQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLENBQUMsTUFBTSxFQUFFO1NBQ3pFLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxXQUFXLEdBQUcsSUFBSSxrQ0FBRyxDQUFDLGNBQWMsQ0FDdkMsSUFBSSxFQUNKLDBCQUEwQixFQUMxQjtZQUNFLFFBQVEsRUFBRSxJQUFJLENBQUMsTUFBTTtpQkFDbEIsbUJBQW1CLENBQUMsVUFBVSxDQUFDO2lCQUMvQixZQUFZLEVBQUUsQ0FBQyxRQUFRLEVBQUU7WUFDNUIsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO1lBQ3RCLElBQUksRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFVBQVU7WUFDM0IsV0FBVyxFQUFFO2dCQUNYLFNBQVMsRUFBRSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQztnQkFDdkQsS0FBSyxFQUFFLEtBQUssQ0FBQyxHQUFHLENBQUMsS0FBSzthQUN2QjtTQUNGLENBQ0YsQ0FBQztRQUVGLElBQUksdUJBQVMsQ0FBQyxJQUFJLEVBQUUsYUFBYSxFQUFFO1lBQ2pDLEtBQUssRUFBRSxHQUFHLGdCQUFFLENBQUMsSUFBSSxDQUFDLEdBQUcsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLGtCQUFrQixDQUFDLEVBQUU7U0FDOUQsQ0FBQyxDQUFDO1FBRUgsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxjQUFjLEVBQUU7WUFDbEMsS0FBSyxFQUFFLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEVBQUU7U0FDbEMsQ0FBQyxDQUFDO1FBRUgsSUFBSSx1QkFBUyxDQUFDLElBQUksRUFBRSxnQkFBZ0IsRUFBRTtZQUNwQyxLQUFLLEVBQUUsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsRUFBRTtTQUNqQyxDQUFDLENBQUM7UUFFSCxJQUFJLHFCQUFPLENBQUMsZUFBZSxDQUFDLElBQUksRUFBRSx5QkFBeUIsRUFBRTtZQUMzRCxhQUFhLEVBQUUsSUFBSSxJQUFJLENBQUMsWUFBWSxDQUFDLFNBQVMsSUFBSSxJQUFJLENBQUMsWUFBWSxDQUFDLGtCQUFrQixFQUFFO1lBQ3hGLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUc7U0FDbEMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQzVCLElBQUksQ0FBQyxpQkFBaUIsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUN4QyxJQUFJLENBQUMsS0FBSyxDQUFDLFVBQVUsRUFDckIsSUFBSSxDQUFDLE1BQU0sQ0FDWixDQUFDO1lBQ0YsSUFBSSxDQUFDLGlCQUFpQixDQUFDLG9CQUFvQixDQUN6QztnQkFDRSx1Q0FBdUM7Z0JBQ3ZDLHVDQUF1QzthQUN4QyxFQUNELGVBQWUsQ0FDaEIsQ0FBQztZQUNGLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDdkUsQ0FBQzthQUFNLENBQUM7WUFDTixJQUFJLENBQUMsaUJBQWlCLEdBQUcsU0FBUyxDQUFDO1FBQ3JDLENBQUM7SUFDSCxDQUFDO0lBRUQsbUZBQW1GO0lBQ25GLFlBQVksQ0FDVixVQUFrQixFQUNsQixjQUF1QjtRQUV2QixPQUFPLElBQUksUUFBUSxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsV0FBVyxFQUFFO1lBQy9ELFVBQVUsRUFBRSxVQUFVO1lBQ3RCLGNBQWMsRUFBRSxjQUFjO1lBQzlCLEdBQUcsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUc7WUFDbkIsWUFBWSxFQUFFLFVBQVU7WUFDeEIsZ0JBQWdCLEVBQUUsSUFBSTtTQUN2QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsbUtBQW1LO0lBQ25LLGFBQWEsQ0FBQyxTQUFpQixFQUFFLGdCQUF3QjtRQUN2RCxJQUFJLElBQUksQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQzNCLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxhQUFhLEVBQUUsQ0FBQztZQUN2QyxJQUFJLENBQUMsaUJBQWlCLENBQUMsb0JBQW9CLENBQ3pDO2dCQUNFLHNCQUFzQixnQkFBZ0Isc0JBQXNCLFNBQVMsMkJBQTJCO2dCQUNoRyx1Q0FBdUM7YUFDeEMsRUFDRCxlQUFlLENBQ2hCLENBQUM7UUFDSixDQUFDO2FBQU0sQ0FBQztZQUNOLE9BQU8sQ0FBQyxHQUFHLENBQUMsaURBQWlELENBQUMsQ0FBQztRQUNqRSxDQUFDO0lBQ0gsQ0FBQztJQUVELGVBQWU7SUFDZixvQkFBb0IsQ0FDbEIsb0JBQTRCLEVBQzVCLHFCQUE2QixFQUM3QiwwQ0FBa0Q7UUFFbEQsSUFBSSxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztZQUMzQixJQUFJLENBQUMsaUJBQWlCLENBQUMsb0JBQW9CLENBQ3pDO2dCQUNFLCtCQUErQixvQkFBb0IsbUJBQW1CLG9CQUFvQixJQUFJLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSw2QkFBNkIscUJBQXFCLGtEQUFrRCwwQ0FBMEMsR0FBRzthQUNyUSxFQUNELHNCQUFzQixDQUN2QixDQUFDO1FBQ0osQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLENBQUMsR0FBRyxDQUFDLHNEQUFzRCxDQUFDLENBQUM7UUFDdEUsQ0FBQztJQUNILENBQUM7O0FBN0tILHNEQThLQzs7O0FBRUQ7Ozs7Ozs7Ozs7OztHQVlHO0FBQ0gsTUFBYSx3QkFBeUIsU0FBUSxxQkFBcUI7SUFDakUsWUFDRSxLQUFnQixFQUNoQixFQUFVLEVBQ1YsS0FBa0M7UUFFbEMsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLEVBQUUsS0FBSyxDQUFDLENBQUM7UUFFeEIsSUFBSSxPQUF3QixDQUFDO1FBQzdCLElBQUksS0FBSyxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3JCLElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQyxTQUFTLElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUN4RSxNQUFNLElBQUksS0FBSyxDQUNiLDhGQUE4RixDQUMvRixDQUFDO1lBQ0osQ0FBQztZQUNELE9BQU8sR0FBRyxLQUFLLENBQUMsVUFBVSxDQUFDO1FBQzdCLENBQUM7YUFBTSxDQUFDO1lBQ04sT0FBTztnQkFDTCxLQUFLLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQztvQkFDdEIsVUFBVSxFQUFFLHFCQUFHLENBQUMsVUFBVSxDQUFDLGdCQUFnQjtpQkFDNUMsQ0FBQztvQkFDRixLQUFLLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQzt3QkFDdEIsVUFBVSxFQUFFLHFCQUFHLENBQUMsVUFBVSxDQUFDLGdCQUFnQjtxQkFDNUMsQ0FBQyxDQUFDO1FBQ1AsQ0FBQztRQUVELE1BQU0sRUFBRSxHQUFHLElBQUkscUJBQUcsQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLDBCQUEwQixFQUFFO1lBQ2pFLEdBQUcsRUFBRSxLQUFLLENBQUMsR0FBRztTQUNmLENBQUMsQ0FBQztRQUNILEVBQUUsQ0FBQyxjQUFjLENBQUMscUJBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsWUFBWSxDQUFDLEVBQUUscUJBQUcsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDM0UsRUFBRSxDQUFDLGNBQWMsQ0FBQyxxQkFBRyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxZQUFZLENBQUMsRUFBRSxxQkFBRyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUUzRSxNQUFNLGdCQUFnQixHQUFHLElBQUksaUNBQVcsQ0FBQyxtQkFBbUIsQ0FDMUQsSUFBSSxFQUNKLHVCQUF1QixFQUN2QjtZQUNFLFNBQVMsRUFBRSxVQUFVO1lBQ3JCLFdBQVcsRUFBRSxPQUFPLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO2dCQUN2QyxPQUFPLEVBQUUsUUFBUSxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ3pCLENBQUMsQ0FBQztZQUNGLGdCQUFnQixFQUFFLENBQUMsRUFBRSxDQUFDLGVBQWUsQ0FBQztTQUN2QyxDQUNGLENBQUM7UUFFRixNQUFNLGFBQWEsR0FBRyxJQUFJLGlDQUFXLENBQUMsZUFBZSxDQUNuRCxJQUFJLEVBQ0osa0JBQWtCLEVBQ2xCO1lBQ0UsVUFBVSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVztZQUNsQyxrQkFBa0IsRUFBRSxnQkFBZ0IsQ0FBQyxHQUFHO1lBQ3hDLFFBQVEsRUFBRSxTQUFTO1lBQ25CLFNBQVMsRUFBRTtnQkFDVCxFQUFFLEVBQUUsRUFBRSxnQkFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFO2dCQUN6RCxFQUFFLEVBQUUsRUFBRSxnQkFBRSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFO2FBQzFEO1NBQ0YsQ0FDRixDQUFDO1FBRUYsSUFBSSxpQ0FBVyxDQUFDLDBCQUEwQixDQUN4QyxJQUFJLEVBQ0osMEJBQTBCLEVBQzFCO1lBQ0UsY0FBYyxFQUFFLGFBQWEsQ0FBQyxrQkFBa0I7WUFDaEQsS0FBSyxFQUFFLEtBQUssQ0FBQyxHQUFHLENBQUMsS0FBSztTQUN2QixDQUNGLENBQUM7SUFDSixDQUFDOztBQWxFSCw0REFtRUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqICBDb3B5cmlnaHQgMjAyMSBBbWF6b24uY29tLCBJbmMuIG9yIGl0cyBhZmZpbGlhdGVzLiBBbGwgUmlnaHRzIFJlc2VydmVkLlxuICpcbiAqICBMaWNlbnNlZCB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24gMi4wICh0aGUgXCJMaWNlbnNlXCIpLiBZb3UgbWF5IG5vdCB1c2UgdGhpcyBmaWxlIGV4Y2VwdCBpbiBjb21wbGlhbmNlXG4gKiAgd2l0aCB0aGUgTGljZW5zZS4gQSBjb3B5IG9mIHRoZSBMaWNlbnNlIGlzIGxvY2F0ZWQgYXRcbiAqXG4gKiAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMFxuICpcbiAqICBvciBpbiB0aGUgJ2xpY2Vuc2UnIGZpbGUgYWNjb21wYW55aW5nIHRoaXMgZmlsZS4gVGhpcyBmaWxlIGlzIGRpc3RyaWJ1dGVkIG9uIGFuICdBUyBJUycgQkFTSVMsIFdJVEhPVVQgV0FSUkFOVElFU1xuICogIE9SIENPTkRJVElPTlMgT0YgQU5ZIEtJTkQsIGV4cHJlc3Mgb3IgaW1wbGllZC4gU2VlIHRoZSBMaWNlbnNlIGZvciB0aGUgc3BlY2lmaWMgbGFuZ3VhZ2UgZ292ZXJuaW5nIHBlcm1pc3Npb25zXG4gKiAgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLlxuICovXG5cbi8vIEltcG9ydHNcbmltcG9ydCB7XG4gIGF3c19kaXJlY3RvcnlzZXJ2aWNlIGFzIG1hZCxcbiAgYXdzX2VjMiBhcyBlYzIsXG4gIGF3c19yb3V0ZTUzcmVzb2x2ZXIgYXMgcjUzcmVzb2x2ZXIsXG4gIGF3c19zZWNyZXRzbWFuYWdlciBhcyBzZWNyZXRzbWFuYWdlcixcbiAgYXdzX3NzbSxcbiAgQ2ZuT3V0cHV0LFxuICBGbixcbiAgU3RhY2ssXG59IGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCB7IENmbk1pY3Jvc29mdEFEIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWRpcmVjdG9yeXNlcnZpY2UnO1xuaW1wb3J0IHsgU2VsZWN0ZWRTdWJuZXRzIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWVjMic7XG5pbXBvcnQgeyBJU2VjcmV0IH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLXNlY3JldHNtYW5hZ2VyJztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuaW1wb3J0ICogYXMgc2t5bGlnaHQgZnJvbSAnLi4vaW5kZXgnO1xuLyoqXG4gKiBUaGUgcHJvcGVydGllcyBmb3IgdGhlIEF3c01hbmFnZWRNaWNyb3NvZnRBZCBjbGFzcy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBJQXdzTWFuYWdlZE1pY3Jvc29mdEFkUHJvcHMge1xuICAvKipcbiAgICogVGhlIGRvbWFpbiBuYW1lIGZvciB0aGUgQWN0aXZlIERpcmVjdG9yeSBEb21haW4uXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gJ2RvbWFpbi5hd3MnLlxuICAgKi9cbiAgZG9tYWluTmFtZT86IHN0cmluZztcbiAgLyoqXG4gICAqIFRoZSBlZGl0aW9uIHRvIHVzZSBmb3IgdGhlIEFjdGl2ZSBEaXJlY3RvcnkgRG9tYWluLlxuICAgKiBBbGxvd2VkIHZhbHVlczogRW50ZXJwcmlzZSB8IFN0YW5kYXJkXG4gICAqIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9BV1NDbG91ZEZvcm1hdGlvbi9sYXRlc3QvVXNlckd1aWRlL2F3cy1yZXNvdXJjZS1kaXJlY3RvcnlzZXJ2aWNlLW1pY3Jvc29mdGFkLmh0bWwjY2ZuLWRpcmVjdG9yeXNlcnZpY2UtbWljcm9zb2Z0YWQtZWRpdGlvblxuICAgKiBAZGVmYXVsdCAtICdTdGFuZGFyZCcuXG4gICAqL1xuICBlZGl0aW9uPzogc3RyaW5nO1xuICAvKipcbiAgICogVGhlIHNlY3JldHMgbWFuYWdlciBzZWNyZXQgdG8gdXNlIG11c3QgYmUgaW4gZm9ybWF0OlxuICAgKiAne0RvbWFpbjogPGRvbWFpbi5uYW1lPiwgVXNlcklEOiAnQWRtaW4nLCBQYXNzd29yZDogJzxwYXNzd29yZD4nfSdcbiAgICogQGRlZmF1bHQgLSAnUmFuZG9tbHkgZ2VuZXJhdGVkIGFuZCBzdG9yZWQgaW4gU2VjcmV0IE1hbmFnZXInLlxuICAgKi9cbiAgc2VjcmV0Pzogc2VjcmV0c21hbmFnZXIuSVNlY3JldDtcbiAgLyoqXG4gICAqIFRoZSBzZWNyZXQgbmFtZSB0byBzYXZlIHRoZSBEb21haW4gQWRtaW4gb2JqZWN0XG4gICAqIEBkZWZhdWx0IC0gJzxkb21haW4ubmFtZT4tc2VjcmV0Jy5cbiAgICovXG4gIHNlY3JldE5hbWU/OiBzdHJpbmc7XG4gIC8qKlxuICAgKiBUaGUgVlBDIHRvIHVzZSwgbXVzdCBoYXZlIHByaXZhdGUgc3VibmV0cy5cbiAgICovXG4gIHZwYzogZWMyLklWcGM7XG4gIC8qKlxuICAgKiBWUEMgc3VibmV0IHNlbGVjdGlvbiwgc3VibmV0cyBtdXN0IGJlIHByaXZhdGUgYW5kIGV4YWN0bHkgMlxuICAgKi9cbiAgdnBjU3VibmV0cz86IGVjMi5TZWxlY3RlZFN1Ym5ldHM7XG4gIC8qKlxuICAgKiBUaGUgY29uZmlndXJhdGlvbiBzdG9yZSB0byBzYXZlIHRoZSBkaXJlY3RvcnkgcGFyYW1ldGVycyAoQWZ0ZXIgZGVwbG95ZWQpXG4gICAqL1xuICBjb25maWd1cmF0aW9uU3RvcmU/OiBJQXdzTWFuYWdlZE1pY3Jvc29mdEFkUGFyYW1ldGVycztcblxuICAvKipcbiAgICogQ3JlYXRlIERvbWFpbiBqb2luZWQgbWFjaGluZSB0byBiZSB1c2VkIHRvIHJ1biBQb3dlcnNoZWxsIGNvbW1hbmRzIHRvIHRoYXQgZGlyZWN0b3J5LiAoaS5lIENyZWF0ZSBBZCBHcm91cClcbiAgICogQGRlZmF1bHQgLSAndHJ1ZScuXG4gICAqL1xuICBjcmVhdGVXb3JrZXI/OiBib29sZWFuO1xufVxuXG5leHBvcnQgZW51bSBBd3NNYW5hZ2VkTWljcm9zb2Z0Q29uZmlndXJhdGlvblN0b3JlVHlwZSB7XG4gIFNTTSA9ICdBV1MgU3lzdGVtcyBNYW5hZ2VyIFBhcmFtZXRlciBTdG9yZScsXG59XG5cbi8qKlxuICogVGhlIHByb3BlcnRpZXMgb2YgYW4gRG9tYWluV2luZG93c05vZGVQcm9wcywgcmVxdWlyZXMgQWN0aXZlIERpcmVjdG9yeSBwYXJhbWV0ZXIgdG8gcmVhZCB0aGUgU2VjcmV0IHRvIGpvaW4gdGhlIGRvbWFpblxuICogRGVmYXVsdCBzZXR0aW5nOiBEb21haW4gam9pbmVkLCBtNS4yeGxhcmdlLCBsYXRlc3Qgd2luZG93cywgTWFuYWdlZCBieSBTU00uXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSUF3c01hbmFnZWRNaWNyb3NvZnRBZFBhcmFtZXRlcnMge1xuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIENvbmZpZ3VyYXRpb24gU3RvcmUgVHlwZSB0byB1c2VcbiAgICogQGRlZmF1bHQgLSAnQVdTIFN5c3RlbXMgTWFuYWdlciBQYXJhbWV0ZXIgU3RvcmUnLlxuICAgKi9cbiAgY29uZmlndXJhdGlvblN0b3JlVHlwZT86IEF3c01hbmFnZWRNaWNyb3NvZnRDb25maWd1cmF0aW9uU3RvcmVUeXBlO1xuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIFNTTSBPYmplY3QgdGhhdCBjb250YWlucyB0aGUgc2VjcmV0IG5hbWUgaW4gU2VjcmV0cyBNYW5hZ2VyXG4gICAqIEBkZWZhdWx0IC0gJ2RvbWFpbi1zZWNyZXQnLlxuICAgKi9cbiAgc2VjcmV0UG9pbnRlcj86IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIG5hbWUgb2YgdGhlIFNTTSBPYmplY3QgdGhhdCBjb250YWlucyB0aGUgRGlyZWN0b3J5IElEXG4gICAqIEBkZWZhdWx0IC0gJ2RpcmVjdG9yeUlEJy5cbiAgICovXG4gIGRpcmVjdG9yeUlEUG9pbnRlcj86IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIFNTTSBuYW1lc3BhY2UgdG8gcmVhZC93cml0ZSBwYXJhbWV0ZXJzIHRvXG4gICAqIEBkZWZhdWx0IC0gJ2Nkay1za3lsaWdodCcuXG4gICAqL1xuICBuYW1lc3BhY2U/OiBzdHJpbmc7XG59XG5cbi8qKlxuICogQSBBZCBBdXRoZW50aWNhdGlvbiByZXByZXNlbnRzIGFuIGludGVncmF0aW9uIHBhdHRlcm4gb2YgTWFuYWdlZCBBRCBhbmQgUm91dGUgNTMgUmVzb2x2ZXIgaW4gYSBzcGVjaWZpYyBWUENcbiAqXG4gKiBUaGUgQ29uc3RydWN0IGNyZWF0ZXMgTWFuYWdlZCBBRCB3aXRoIHRoZSBwcm92aWRlZCBTZWNyZXQgKFNlY3JldHMgTWFuYWdlcikgb3IgZ2VuZXJhdGVzIGEgbmV3IFNlY3JldC5cbiAqIFRoZSBzZWNyZXQgc2F2ZWQgdG8gU1NNIHBhcmFtZXRlciBzdG9yZSBzbyBvdGhlcnMgY2FuIHVzZSBpdCB3aXRoIG90aGVyIENvbnN0cnVjdHMgKFN1Y2ggYXMgV2luZG93cyBub2RlIG9yIEZTeClcbiAqIFRoZSBwcm92aWRlZCBWUEMgb3IgdGhlIG5ldyBjcmVhdGVkIFZQQyB3aWxsIGJlIGNvbmZpZ3VyZWQgdG8gZm9yd2FyZCBETlMgcmVxdWVzdHMgdG8gdGhlIE1hbmFnZWQgQUQgd2l0aCBSb3V0ZTUzIFJlc29sdmVyc1xuICogVGhlIGNvbnN0cnVjdCBhbHNvIGNyZWF0ZXMgKG9wdGlvbmFsbHkpIHQzLm5hbm8gbWFjaGluZSB0aGF0IGlzIHBhcnQgb2YgdGhlIGRvbWFpbiB0aGF0IGNhbiBiZSB1c2VkIHRvIHJ1biBhZG1pbi10YXNrcyAoc3VjaCBhcyBjcmVhdGVBREdyb3VwKVxuICpcbiAqIFRoZSBjcmVhdGVBREdyb3VwKCkgbWV0aG9kIGNyZWF0ZXMgYW4gQWN0aXZlIERpcmVjdG9yeSBwZXJtaXNzaW9uIGdyb3VwIGluIHRoZSBkb21haW4sIHVzaW5nIHRoZSBkb21haW4gYWRtaW4gdXNlci5cbiAqIFBsZWFzZSBub3RlOiBXaGVuIGNhbGxpbmcgY3JlYXRlQURHcm91cCgpIEFQSSwgYSBMYW1iZGEgd2lsbCBiZSBjcmVhdGVkIHRvIHN0YXJ0IHRoZSB3b3JrZXIgbWFjaGluZSAoVXNpbmcgQVdTLVNESyksXG4gKiB0aGVuIGVhY2ggY29tbWFuZCB3aWxsIGJlIHNjaGVkdWxlZCB3aXRoIFN0YXRlIE1hbmFnZXIsIGFuZCB0aGUgaW5zdGFuY2Ugd2lsbCBiZSBzaHV0IGRvd24gYWZ0ZXIgY29tcGxldGUuXG4gKlxuICovXG5leHBvcnQgY2xhc3MgQXdzTWFuYWdlZE1pY3Jvc29mdEFkIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcmVhZG9ubHkgbWljcm9zb2Z0QUQ6IENmbk1pY3Jvc29mdEFEO1xuICByZWFkb25seSBhZFBhcmFtZXRlcnM6IElBd3NNYW5hZ2VkTWljcm9zb2Z0QWRQYXJhbWV0ZXJzO1xuICByZWFkb25seSBwcm9wczogSUF3c01hbmFnZWRNaWNyb3NvZnRBZFByb3BzO1xuICByZWFkb25seSBkb21haW5XaW5kb3dzTm9kZT86IHNreWxpZ2h0LmNvbXB1dGUuRG9tYWluV2luZG93c05vZGU7XG4gIHJlYWRvbmx5IHNlY3JldDogSVNlY3JldDtcbiAgY29uc3RydWN0b3IoXG4gICAgc2NvcGU6IENvbnN0cnVjdCxcbiAgICBpZDogc3RyaW5nLFxuICAgIHByb3BzOiBJQXdzTWFuYWdlZE1pY3Jvc29mdEFkUHJvcHMsXG4gICkge1xuICAgIHN1cGVyKHNjb3BlLCBpZCk7XG4gICAgdGhpcy5wcm9wcyA9IHByb3BzO1xuICAgIHRoaXMucHJvcHMuZG9tYWluTmFtZSA9IHByb3BzLmRvbWFpbk5hbWUgPz8gJ2RvbWFpbi5hd3MnO1xuICAgIHRoaXMucHJvcHMuZWRpdGlvbiA9IHByb3BzLmVkaXRpb24gPz8gJ1N0YW5kYXJkJztcbiAgICB0aGlzLnByb3BzLnNlY3JldE5hbWUgPSBwcm9wcy5zZWNyZXROYW1lID8/IGAke3Byb3BzLmRvbWFpbk5hbWV9LXNlY3JldGA7XG4gICAgdGhpcy5wcm9wcy5jcmVhdGVXb3JrZXIgPSBwcm9wcy5jcmVhdGVXb3JrZXIgPz8gdHJ1ZTtcblxuICAgIHRoaXMuYWRQYXJhbWV0ZXJzID0gcHJvcHMuY29uZmlndXJhdGlvblN0b3JlID8/IHtcbiAgICAgIGNvbmZpZ3VyYXRpb25TdG9yZVR5cGU6IEF3c01hbmFnZWRNaWNyb3NvZnRDb25maWd1cmF0aW9uU3RvcmVUeXBlLlNTTSxcbiAgICB9O1xuICAgIHRoaXMuYWRQYXJhbWV0ZXJzLnNlY3JldFBvaW50ZXIgPVxuICAgICAgdGhpcy5hZFBhcmFtZXRlcnMuc2VjcmV0UG9pbnRlciA/PyAnZG9tYWluLXNlY3JldCc7XG5cbiAgICB0aGlzLmFkUGFyYW1ldGVycy5kaXJlY3RvcnlJRFBvaW50ZXIgPVxuICAgICAgdGhpcy5hZFBhcmFtZXRlcnMuZGlyZWN0b3J5SURQb2ludGVyID8/ICdkaXJlY3RvcnlJRCc7XG5cbiAgICBpZiAodGhpcy5hZFBhcmFtZXRlcnMubmFtZXNwYWNlKSB7XG4gICAgICB0aGlzLmFkUGFyYW1ldGVycy5uYW1lc3BhY2UgPSBgJHt0aGlzLmFkUGFyYW1ldGVycy5uYW1lc3BhY2V9L2F1dGhlbnRpY2F0aW9uL21hZGA7XG4gICAgfSBlbHNlIHtcbiAgICAgIHRoaXMuYWRQYXJhbWV0ZXJzLm5hbWVzcGFjZSA9ICdjZGstc2t5bGlnaHQvYXV0aGVudGljYXRpb24vbWFkJztcbiAgICB9XG5cbiAgICB0aGlzLnNlY3JldCA9XG4gICAgICB0aGlzLnByb3BzLnNlY3JldCA/P1xuICAgICAgbmV3IHNlY3JldHNtYW5hZ2VyLlNlY3JldCh0aGlzLCAnU2VjcmV0Jywge1xuICAgICAgICBnZW5lcmF0ZVNlY3JldFN0cmluZzoge1xuICAgICAgICAgIHNlY3JldFN0cmluZ1RlbXBsYXRlOiBKU09OLnN0cmluZ2lmeSh7XG4gICAgICAgICAgICBEb21haW46IHByb3BzLmRvbWFpbk5hbWUsXG4gICAgICAgICAgICBVc2VySUQ6ICdBZG1pbicsXG4gICAgICAgICAgfSksXG4gICAgICAgICAgZ2VuZXJhdGVTdHJpbmdLZXk6ICdQYXNzd29yZCcsXG4gICAgICAgICAgZXhjbHVkZVB1bmN0dWF0aW9uOiB0cnVlLFxuICAgICAgICB9LFxuICAgICAgICBzZWNyZXROYW1lOiBwcm9wcy5zZWNyZXROYW1lLFxuICAgICAgfSk7XG5cbiAgICBuZXcgYXdzX3NzbS5TdHJpbmdQYXJhbWV0ZXIodGhpcywgJ21hZC1zZWNyZXROYW1lLXBvaW50ZXInLCB7XG4gICAgICBwYXJhbWV0ZXJOYW1lOiBgLyR7dGhpcy5hZFBhcmFtZXRlcnMubmFtZXNwYWNlfS8ke3RoaXMuYWRQYXJhbWV0ZXJzLnNlY3JldFBvaW50ZXJ9YCxcbiAgICAgIHN0cmluZ1ZhbHVlOiB0aGlzLnByb3BzLnNlY3JldE5hbWUsXG4gICAgfSk7XG5cbiAgICBsZXQgc3VibmV0czogU2VsZWN0ZWRTdWJuZXRzO1xuICAgIGlmIChwcm9wcy52cGNTdWJuZXRzKSB7XG4gICAgICBpZiAocHJvcHMudnBjU3VibmV0cy5oYXNQdWJsaWMgfHwgcHJvcHMudnBjU3VibmV0cy5zdWJuZXRzLmxlbmd0aCAhPT0gMikge1xuICAgICAgICB0aHJvdyBuZXcgRXJyb3IoXG4gICAgICAgICAgJ0EgcHVibGljIHN1Ym5ldCBvciBub3QgZXhhY3RseSAyIHN1Ym5ldHMgd2hlcmUgcGFzc2VkIGluLCBwbGVhc2UgcGFzcyBpbiB0d28gcHJpdmF0ZSBzdWJuZXRzJyxcbiAgICAgICAgKTtcbiAgICAgIH1cbiAgICAgIHN1Ym5ldHMgPSBwcm9wcy52cGNTdWJuZXRzO1xuICAgIH0gZWxzZSB7XG4gICAgICBzdWJuZXRzID1cbiAgICAgICAgcHJvcHMudnBjLnNlbGVjdFN1Ym5ldHMoe1xuICAgICAgICAgIHN1Ym5ldFR5cGU6IGVjMi5TdWJuZXRUeXBlLlBSSVZBVEVfV0lUSF9OQVQsXG4gICAgICAgIH0pID8/XG4gICAgICAgIHByb3BzLnZwYy5zZWxlY3RTdWJuZXRzKHtcbiAgICAgICAgICBzdWJuZXRUeXBlOiBlYzIuU3VibmV0VHlwZS5QUklWQVRFX0lTT0xBVEVELFxuICAgICAgICB9KTtcbiAgICB9XG5cbiAgICBuZXcgQ2ZuT3V0cHV0KHRoaXMsICdzZWNyZXQtdmFsdWUtaGludCcsIHtcbiAgICAgIHZhbHVlOiBgYXdzIHNlY3JldHNtYW5hZ2VyIGdldC1zZWNyZXQtdmFsdWUgLS1zZWNyZXQtaWQgJHtcbiAgICAgICAgdGhpcy5zZWNyZXQuc2VjcmV0QXJuXG4gICAgICB9IC0tcXVlcnkgU2VjcmV0U3RyaW5nIC0tb3V0cHV0IHRleHQgLS1yZWdpb24gJHtTdGFjay5vZihzY29wZSkucmVnaW9ufWAsXG4gICAgfSk7XG5cbiAgICB0aGlzLm1pY3Jvc29mdEFEID0gbmV3IG1hZC5DZm5NaWNyb3NvZnRBRChcbiAgICAgIHRoaXMsXG4gICAgICAnQVdTLU1hbmFnZWQtTWljcm9zb2Z0LUFEJyxcbiAgICAgIHtcbiAgICAgICAgcGFzc3dvcmQ6IHRoaXMuc2VjcmV0XG4gICAgICAgICAgLnNlY3JldFZhbHVlRnJvbUpzb24oJ1Bhc3N3b3JkJylcbiAgICAgICAgICAudW5zYWZlVW53cmFwKCkudG9TdHJpbmcoKSxcbiAgICAgICAgZWRpdGlvbjogcHJvcHMuZWRpdGlvbixcbiAgICAgICAgbmFtZTogdGhpcy5wcm9wcy5kb21haW5OYW1lLFxuICAgICAgICB2cGNTZXR0aW5nczoge1xuICAgICAgICAgIHN1Ym5ldElkczogW3N1Ym5ldHMuc3VibmV0SWRzWzBdLCBzdWJuZXRzLnN1Ym5ldElkc1sxXV0sXG4gICAgICAgICAgdnBjSWQ6IHByb3BzLnZwYy52cGNJZCxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgKTtcblxuICAgIG5ldyBDZm5PdXRwdXQodGhpcywgJ21hZC1kbnMtaXBzJywge1xuICAgICAgdmFsdWU6IGAke0ZuLmpvaW4oJywnLCB0aGlzLm1pY3Jvc29mdEFELmF0dHJEbnNJcEFkZHJlc3Nlcyl9YCxcbiAgICB9KTtcblxuICAgIG5ldyBDZm5PdXRwdXQodGhpcywgJ21hZC1kbnMtbmFtZScsIHtcbiAgICAgIHZhbHVlOiBgJHt0aGlzLnByb3BzLmRvbWFpbk5hbWV9YCxcbiAgICB9KTtcblxuICAgIG5ldyBDZm5PdXRwdXQodGhpcywgJ21hZC1kaXJlY3RveUlEJywge1xuICAgICAgdmFsdWU6IGAke3RoaXMubWljcm9zb2Z0QUQucmVmfWAsXG4gICAgfSk7XG5cbiAgICBuZXcgYXdzX3NzbS5TdHJpbmdQYXJhbWV0ZXIodGhpcywgJ21hZC1kaXJlY3RvcnlJRC1wb2ludGVyJywge1xuICAgICAgcGFyYW1ldGVyTmFtZTogYC8ke3RoaXMuYWRQYXJhbWV0ZXJzLm5hbWVzcGFjZX0vJHt0aGlzLmFkUGFyYW1ldGVycy5kaXJlY3RvcnlJRFBvaW50ZXJ9YCxcbiAgICAgIHN0cmluZ1ZhbHVlOiB0aGlzLm1pY3Jvc29mdEFELnJlZixcbiAgICB9KTtcblxuICAgIGlmICh0aGlzLnByb3BzLmNyZWF0ZVdvcmtlcikge1xuICAgICAgdGhpcy5kb21haW5XaW5kb3dzTm9kZSA9IHRoaXMuY3JlYXRlV29ya2VyKFxuICAgICAgICB0aGlzLnByb3BzLmRvbWFpbk5hbWUsXG4gICAgICAgIHRoaXMuc2VjcmV0LFxuICAgICAgKTtcbiAgICAgIHRoaXMuZG9tYWluV2luZG93c05vZGUucnVuUFN3aXRoRG9tYWluQWRtaW4oXG4gICAgICAgIFtcbiAgICAgICAgICAnQWRkLVdpbmRvd3NGZWF0dXJlIFJTQVQtQUQtUG93ZXJTaGVsbCcsXG4gICAgICAgICAgJ1N0b3AtQ29tcHV0ZXIgLUNvbXB1dGVyTmFtZSBsb2NhbGhvc3QnLFxuICAgICAgICBdLFxuICAgICAgICAnYWQtcG93ZXJzaGVsbCcsXG4gICAgICApO1xuICAgICAgdGhpcy5kb21haW5XaW5kb3dzTm9kZS5pbnN0YW5jZS5ub2RlLmFkZERlcGVuZGVuY3kodGhpcy5taWNyb3NvZnRBRCk7XG4gICAgfSBlbHNlIHtcbiAgICAgIHRoaXMuZG9tYWluV2luZG93c05vZGUgPSB1bmRlZmluZWQ7XG4gICAgfVxuICB9XG5cbiAgLy8gQ3JlYXRlcyBEb21haW5XaW5kb3dzTm9kZSB0aGF0IHdpbGwgYmUgdXNlZCB0byBydW4gYWRtaW4tdGFza3MgdG8gdGhpcyBkaXJlY3RvcnlcbiAgY3JlYXRlV29ya2VyKFxuICAgIGRvbWFpbk5hbWU6IHN0cmluZyxcbiAgICBkb21haW5QYXNzd29yZDogSVNlY3JldCxcbiAgKTogc2t5bGlnaHQuY29tcHV0ZS5Eb21haW5XaW5kb3dzTm9kZSB7XG4gICAgcmV0dXJuIG5ldyBza3lsaWdodC5jb21wdXRlLkRvbWFpbldpbmRvd3NOb2RlKHRoaXMsICdtYWRXb3JrZXInLCB7XG4gICAgICBkb21haW5OYW1lOiBkb21haW5OYW1lLFxuICAgICAgcGFzc3dvcmRPYmplY3Q6IGRvbWFpblBhc3N3b3JkLFxuICAgICAgdnBjOiB0aGlzLnByb3BzLnZwYyxcbiAgICAgIGluc3RhbmNlVHlwZTogJ3QzLnNtYWxsJyxcbiAgICAgIHVzZVByaXZhdGVTdWJuZXQ6IHRydWUsXG4gICAgfSk7XG4gIH1cblxuICAvLyBUaGUgZnVuY3Rpb24gY3JlYXRlcyBhIExhbWJkYSB0byBTdGFydCB0aGUgV2luZG93cyBXb3JrZXIsIHRoZW4gY3JlYXRlcyBTU00gRG9jdW1lbnQgYW5kIERlc2lyZWQgc3RhdGUgaW4gU3RhdGUgTWFuYWdlciB0byBzY2hlZHVsZSB0aGlzIGRvY3VtZW50IG9uIHRoZSBXb3JrZXIuXG4gIGNyZWF0ZUFER3JvdXAoZ3JvdXBOYW1lOiBzdHJpbmcsIGdyb3VwRGVzY3JpcHRpb246IHN0cmluZykge1xuICAgIGlmICh0aGlzLmRvbWFpbldpbmRvd3NOb2RlKSB7XG4gICAgICB0aGlzLmRvbWFpbldpbmRvd3NOb2RlLnN0YXJ0SW5zdGFuY2UoKTtcbiAgICAgIHRoaXMuZG9tYWluV2luZG93c05vZGUucnVuUFN3aXRoRG9tYWluQWRtaW4oXG4gICAgICAgIFtcbiAgICAgICAgICBgTmV3LUFER3JvdXAgLU5hbWUgXCIke2dyb3VwRGVzY3JpcHRpb259XCIgLVNhbUFjY291bnROYW1lIFwiJHtncm91cE5hbWV9XCIgLUdyb3VwU2NvcGUgRG9tYWluTG9jYWxgLFxuICAgICAgICAgICdTdG9wLUNvbXB1dGVyIC1Db21wdXRlck5hbWUgbG9jYWxob3N0JyxcbiAgICAgICAgXSxcbiAgICAgICAgJ2NyZWF0ZUFkR3JvdXAnLFxuICAgICAgKTtcbiAgICB9IGVsc2Uge1xuICAgICAgY29uc29sZS5sb2coXCJDYW4ndCBjcmVhdGUgQUQgZ3JvdXAgd2hlbiBubyBXb3JrZXIgaXMgZGVmaW5lZFwiKTtcbiAgICB9XG4gIH1cblxuICAvLyBFeHBlcmltZW50YWxcbiAgY3JlYXRlU2VydmljZUFjY291bnQoXG4gICAgYWRTZXJ2aWNlQWNjb3VudE5hbWU6IHN0cmluZyxcbiAgICBzZXJ2aWNlUHJpbmNpcGFsTmFtZXM6IHN0cmluZyxcbiAgICBwcmluY2lwYWxzQWxsb3dlZFRvUmV0cmlldmVNYW5hZ2VkUGFzc3dvcmQ6IHN0cmluZyxcbiAgKSB7XG4gICAgaWYgKHRoaXMuZG9tYWluV2luZG93c05vZGUpIHtcbiAgICAgIHRoaXMuZG9tYWluV2luZG93c05vZGUucnVuUFN3aXRoRG9tYWluQWRtaW4oXG4gICAgICAgIFtcbiAgICAgICAgICBgTmV3LUFEU2VydmljZUFjY291bnQgLU5hbWUgXCIke2FkU2VydmljZUFjY291bnROYW1lfVwiIC1EbnNIb3N0TmFtZSBcIiR7YWRTZXJ2aWNlQWNjb3VudE5hbWV9LiR7dGhpcy5wcm9wcy5kb21haW5OYW1lfVwiIC1TZXJ2aWNlUHJpbmNpcGFsTmFtZXMgXCIke3NlcnZpY2VQcmluY2lwYWxOYW1lc31cIiAtUHJpbmNpcGFsc0FsbG93ZWRUb1JldHJpZXZlTWFuYWdlZFBhc3N3b3JkIFwiJHtwcmluY2lwYWxzQWxsb3dlZFRvUmV0cmlldmVNYW5hZ2VkUGFzc3dvcmR9XCJgLFxuICAgICAgICBdLFxuICAgICAgICAnY3JlYXRlU2VydmljZUFjY291bnQnLFxuICAgICAgKTtcbiAgICB9IGVsc2Uge1xuICAgICAgY29uc29sZS5sb2coXCJDYW4ndCBjcmVhdGVTZXJ2aWNlQWNjb3VudCB3aGVuIG5vIFdvcmtlciBpcyBkZWZpbmVkXCIpO1xuICAgIH1cbiAgfVxufVxuXG4vKipcbiAqIEEgQWQgQXV0aGVudGljYXRpb24gcmVwcmVzZW50cyBhbiBpbnRlZ3JhdGlvbiBwYXR0ZXJuIG9mIE1hbmFnZWQgQUQgYW5kIFJvdXRlIDUzIFJlc29sdmVyIGluIGEgc3BlY2lmaWMgVlBDXG4gKlxuICogVGhlIENvbnN0cnVjdCBjcmVhdGVzIE1hbmFnZWQgQUQgd2l0aCB0aGUgcHJvdmlkZWQgU2VjcmV0IChTZWNyZXRzIE1hbmFnZXIpIG9yIGdlbmVyYXRlcyBhIG5ldyBTZWNyZXQuXG4gKiBUaGUgc2VjcmV0IHNhdmVkIHRvIFNTTSBwYXJhbWV0ZXIgc3RvcmUgc28gb3RoZXJzIGNhbiB1c2UgaXQgd2l0aCBvdGhlciBDb25zdHJ1Y3RzIChTdWNoIGFzIFdpbmRvd3Mgbm9kZSBvciBGU3gpXG4gKiBUaGUgcHJvdmlkZWQgVlBDIG9yIHRoZSBuZXcgY3JlYXRlZCBWUEMgd2lsbCBiZSBjb25maWd1cmVkIHRvIGZvcndhcmQgRE5TIHJlcXVlc3RzIHRvIHRoZSBNYW5hZ2VkIEFEIHdpdGggUm91dGU1MyBSZXNvbHZlcnNcbiAqIFRoZSBjb25zdHJ1Y3QgYWxzbyBjcmVhdGVzIChvcHRpb25hbGx5KSB0My5uYW5vIG1hY2hpbmUgdGhhdCBpcyBwYXJ0IG9mIHRoZSBkb21haW4gdGhhdCBjYW4gYmUgdXNlZCB0byBydW4gYWRtaW4tdGFza3MgKHN1Y2ggYXMgY3JlYXRlQURHcm91cClcbiAqXG4gKiBUaGUgY3JlYXRlQURHcm91cCgpIG1ldGhvZCBjcmVhdGVzIGFuIEFjdGl2ZSBEaXJlY3RvcnkgcGVybWlzc2lvbiBncm91cCBpbiB0aGUgZG9tYWluLCB1c2luZyB0aGUgZG9tYWluIGFkbWluIHVzZXIuXG4gKiBQbGVhc2Ugbm90ZTogV2hlbiBjYWxsaW5nIGNyZWF0ZUFER3JvdXAoKSBBUEksIGEgTGFtYmRhIHdpbGwgYmUgY3JlYXRlZCB0byBzdGFydCB0aGUgd29ya2VyIG1hY2hpbmUgKFVzaW5nIEFXUy1TREspLFxuICogdGhlbiBlYWNoIGNvbW1hbmQgd2lsbCBiZSBzY2hlZHVsZWQgd2l0aCBTdGF0ZSBNYW5hZ2VyLCBhbmQgdGhlIGluc3RhbmNlIHdpbGwgYmUgc2h1dCBkb3duIGFmdGVyIGNvbXBsZXRlLlxuICpcbiAqL1xuZXhwb3J0IGNsYXNzIEF3c01hbmFnZWRNaWNyb3NvZnRBZFI1MyBleHRlbmRzIEF3c01hbmFnZWRNaWNyb3NvZnRBZCB7XG4gIGNvbnN0cnVjdG9yKFxuICAgIHNjb3BlOiBDb25zdHJ1Y3QsXG4gICAgaWQ6IHN0cmluZyxcbiAgICBwcm9wczogSUF3c01hbmFnZWRNaWNyb3NvZnRBZFByb3BzLFxuICApIHtcbiAgICBzdXBlcihzY29wZSwgaWQsIHByb3BzKTtcblxuICAgIGxldCBzdWJuZXRzOiBTZWxlY3RlZFN1Ym5ldHM7XG4gICAgaWYgKHByb3BzLnZwY1N1Ym5ldHMpIHtcbiAgICAgIGlmIChwcm9wcy52cGNTdWJuZXRzLmhhc1B1YmxpYyB8fCBwcm9wcy52cGNTdWJuZXRzLnN1Ym5ldHMubGVuZ3RoICE9PSAyKSB7XG4gICAgICAgIHRocm93IG5ldyBFcnJvcihcbiAgICAgICAgICAnQSBwdWJsaWMgc3VibmV0IG9yIG5vdCBleGFjdGx5IDIgc3VibmV0cyB3aGVyZSBwYXNzZWQgaW4sIHBsZWFzZSBwYXNzIGluIHR3byBwcml2YXRlIHN1Ym5ldHMnLFxuICAgICAgICApO1xuICAgICAgfVxuICAgICAgc3VibmV0cyA9IHByb3BzLnZwY1N1Ym5ldHM7XG4gICAgfSBlbHNlIHtcbiAgICAgIHN1Ym5ldHMgPVxuICAgICAgICBwcm9wcy52cGMuc2VsZWN0U3VibmV0cyh7XG4gICAgICAgICAgc3VibmV0VHlwZTogZWMyLlN1Ym5ldFR5cGUuUFJJVkFURV9XSVRIX05BVCxcbiAgICAgICAgfSkgPz9cbiAgICAgICAgcHJvcHMudnBjLnNlbGVjdFN1Ym5ldHMoe1xuICAgICAgICAgIHN1Ym5ldFR5cGU6IGVjMi5TdWJuZXRUeXBlLlBSSVZBVEVfSVNPTEFURUQsXG4gICAgICAgIH0pO1xuICAgIH1cblxuICAgIGNvbnN0IHNnID0gbmV3IGVjMi5TZWN1cml0eUdyb3VwKHRoaXMsICdyNTMtb3V0Ym91bmQtcmVzb2x2ZXItU0cnLCB7XG4gICAgICB2cGM6IHByb3BzLnZwYyxcbiAgICB9KTtcbiAgICBzZy5hZGRJbmdyZXNzUnVsZShlYzIuUGVlci5pcHY0KHByb3BzLnZwYy52cGNDaWRyQmxvY2spLCBlYzIuUG9ydC51ZHAoNTMpKTtcbiAgICBzZy5hZGRJbmdyZXNzUnVsZShlYzIuUGVlci5pcHY0KHByb3BzLnZwYy52cGNDaWRyQmxvY2spLCBlYzIuUG9ydC50Y3AoNTMpKTtcblxuICAgIGNvbnN0IG91dEJvdW5kUmVzb2x2ZXIgPSBuZXcgcjUzcmVzb2x2ZXIuQ2ZuUmVzb2x2ZXJFbmRwb2ludChcbiAgICAgIHRoaXMsXG4gICAgICAnUjUzLVJlc29sdmVyLUVuZHBvaW50JyxcbiAgICAgIHtcbiAgICAgICAgZGlyZWN0aW9uOiAnT1VUQk9VTkQnLFxuICAgICAgICBpcEFkZHJlc3Nlczogc3VibmV0cy5zdWJuZXRJZHMubWFwKChzKSA9PiB7XG4gICAgICAgICAgcmV0dXJuIHsgc3VibmV0SWQ6IHMgfTtcbiAgICAgICAgfSksXG4gICAgICAgIHNlY3VyaXR5R3JvdXBJZHM6IFtzZy5zZWN1cml0eUdyb3VwSWRdLFxuICAgICAgfSxcbiAgICApO1xuXG4gICAgY29uc3QgcmVzb2x2ZXJSdWxlcyA9IG5ldyByNTNyZXNvbHZlci5DZm5SZXNvbHZlclJ1bGUoXG4gICAgICB0aGlzLFxuICAgICAgJ1I1My1SZXNvbHZlLVJ1bGUnLFxuICAgICAge1xuICAgICAgICBkb21haW5OYW1lOiB0aGlzLnByb3BzLmRvbWFpbk5hbWUhLFxuICAgICAgICByZXNvbHZlckVuZHBvaW50SWQ6IG91dEJvdW5kUmVzb2x2ZXIucmVmLFxuICAgICAgICBydWxlVHlwZTogJ0ZPUldBUkQnLFxuICAgICAgICB0YXJnZXRJcHM6IFtcbiAgICAgICAgICB7IGlwOiBGbi5zZWxlY3QoMCwgdGhpcy5taWNyb3NvZnRBRC5hdHRyRG5zSXBBZGRyZXNzZXMpIH0sXG4gICAgICAgICAgeyBpcDogRm4uc2VsZWN0KDEsIHRoaXMubWljcm9zb2Z0QUQuYXR0ckRuc0lwQWRkcmVzc2VzKSB9LFxuICAgICAgICBdLFxuICAgICAgfSxcbiAgICApO1xuXG4gICAgbmV3IHI1M3Jlc29sdmVyLkNmblJlc29sdmVyUnVsZUFzc29jaWF0aW9uKFxuICAgICAgdGhpcyxcbiAgICAgICdSNTMtUmVzb2x2ZXItQXNzb2NpYXRpb24nLFxuICAgICAge1xuICAgICAgICByZXNvbHZlclJ1bGVJZDogcmVzb2x2ZXJSdWxlcy5hdHRyUmVzb2x2ZXJSdWxlSWQsXG4gICAgICAgIHZwY0lkOiBwcm9wcy52cGMudnBjSWQsXG4gICAgICB9LFxuICAgICk7XG4gIH1cbn1cbiJdfQ==

package/lib/skylight-authentication/index.d.ts

@@ -0,0 +1 @@
+export * from './ad-authentication';

package/lib/skylight-authentication/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./ad-authentication"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvc2t5bGlnaHQtYXV0aGVudGljYXRpb24vaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHNEQUFvQyIsInNvdXJjZXNDb250ZW50IjpbImV4cG9ydCAqIGZyb20gJy4vYWQtYXV0aGVudGljYXRpb24nOyJdfQ==

package/lib/skylight-compute/eks/index.d.ts

@@ -0,0 +1,2 @@
+export * from './windows-eks-cluster';
+export * from './windows-eks-nodes';

package/lib/skylight-compute/eks/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./windows-eks-cluster"), exports);
+__exportStar(require("./windows-eks-nodes"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2t5bGlnaHQtY29tcHV0ZS9la3MvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHdEQUFzQztBQUN0QyxzREFBb0MiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgKiBmcm9tICcuL3dpbmRvd3MtZWtzLWNsdXN0ZXInO1xuZXhwb3J0ICogZnJvbSAnLi93aW5kb3dzLWVrcy1ub2Rlcyc7Il19

package/lib/skylight-compute/eks/windows-eks-cluster.d.ts

@@ -0,0 +1,38 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+import { aws_ec2, aws_eks } from 'aws-cdk-lib';
+import { Construct } from 'constructs';
+export interface IWindowsEKSClusterProps {
+    vpc: aws_ec2.IVpc;
+    /**
+       * The Windows EKS Cluster parameters
+       * @default - 'No default'.
+       */
+    eksSsmParameters?: IWindowsEKSClusterParameters;
+}
+export interface IWindowsEKSClusterParameters {
+    /**
+       * The name of the SSM Object that contains the EKS Cluster name
+       * @default - 'windows-eks-cluster-name'.
+       */
+    clusterNamePointer?: string;
+    /**
+       * The SSM namespace to read/write parameters to
+       * @default - 'cdk-skylight/compute/eks'.
+       */
+    namespace?: string;
+}
+export declare class WindowsEKSCluster extends Construct {
+    readonly eksCluster: aws_eks.Cluster;
+    constructor(scope: Construct, id: string, props: IWindowsEKSClusterProps);
+}

package/lib/skylight-compute/eks/windows-eks-cluster.js

@@ -0,0 +1,77 @@
+"use strict";
+var _a;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WindowsEKSCluster = void 0;
+const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+// Imports
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const constructs_1 = require("constructs");
+class WindowsEKSCluster extends constructs_1.Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        props.eksSsmParameters = props.eksSsmParameters ?? {};
+        props.eksSsmParameters.clusterNamePointer =
+            props.eksSsmParameters.clusterNamePointer ?? 'windows-eks-cluster-name';
+        if (props.eksSsmParameters.namespace) {
+            props.eksSsmParameters.namespace = `${props.eksSsmParameters.namespace}/compute/eks`;
+        }
+        else {
+            props.eksSsmParameters.namespace = 'cdk-skylight/compute/eks';
+        }
+        const eks_role = new aws_cdk_lib_1.aws_iam.Role(this, 'eks-instance-role', {
+            assumedBy: new aws_cdk_lib_1.aws_iam.ServicePrincipal('ec2.amazonaws.com'),
+            roleName: 'eks-node-role' + id,
+            managedPolicies: [
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEKSWorkerNodePolicy'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEC2ContainerRegistryReadOnly'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEKS_CNI_Policy'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMDirectoryServiceAccess'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AWSKeyManagementServicePowerUser'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEKSClusterPolicy'),
+                aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEKSVPCResourceController'),
+            ],
+        });
+        this.eksCluster = new aws_cdk_lib_1.aws_eks.Cluster(this, 'WindowsEKSCluster', {
+            version: aws_cdk_lib_1.aws_eks.KubernetesVersion.V1_21,
+            vpc: props.vpc,
+        });
+        this.eksCluster.awsAuth.addRoleMapping(eks_role, {
+            groups: ['system:bootstrappers', 'system:nodes'],
+            username: 'system:node:{{EC2PrivateDNSName}}',
+        });
+        // https://docs.aws.amazon.com/eks/latest/userguide/windows-support.html#enable-windows-support
+        const yaml_file = {
+            apiVersion: 'v1',
+            kind: 'ConfigMap',
+            metadata: {
+                name: 'amazon-vpc-cni',
+                namespace: 'kube-system',
+            },
+            data: {
+                'enable-windows-ipam': 'true',
+            },
+        };
+        this.eksCluster.addManifest('WindowsSupport', yaml_file);
+        new aws_cdk_lib_1.aws_ssm.StringParameter(this, 'clusterNamePointer', {
+            parameterName: `/${props.eksSsmParameters.namespace}/${props.eksSsmParameters.clusterNamePointer}`,
+            stringValue: this.eksCluster.clusterName,
+        });
+    }
+}
+exports.WindowsEKSCluster = WindowsEKSCluster;
+_a = JSII_RTTI_SYMBOL_1;
+WindowsEKSCluster[_a] = { fqn: "cdk-skylight.compute.WindowsEKSCluster", version: "0.0.0" };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2luZG93cy1la3MtY2x1c3Rlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9za3lsaWdodC1jb21wdXRlL2Vrcy93aW5kb3dzLWVrcy1jbHVzdGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUE7Ozs7Ozs7Ozs7O0dBV0c7QUFFSCxVQUFVO0FBQ1YsNkNBQWlFO0FBQ2pFLDJDQUF1QztBQTBCdkMsTUFBYSxpQkFBa0IsU0FBUSxzQkFBUztJQUU5QyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQThCO1FBQ3RFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsS0FBSyxDQUFDLGdCQUFnQixHQUFHLEtBQUssQ0FBQyxnQkFBZ0IsSUFBSSxFQUFFLENBQUM7UUFDdEQsS0FBSyxDQUFDLGdCQUFnQixDQUFDLGtCQUFrQjtZQUMxQyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsa0JBQWtCLElBQUksMEJBQTBCLENBQUM7UUFFdkUsSUFBSSxLQUFLLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDckMsS0FBSyxDQUFDLGdCQUFnQixDQUFDLFNBQVMsR0FBRyxHQUFHLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLGNBQWMsQ0FBQztRQUN2RixDQUFDO2FBQU0sQ0FBQztZQUNOLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLEdBQUcsMEJBQTBCLENBQUM7UUFDaEUsQ0FBQztRQUVELE1BQU0sUUFBUSxHQUFHLElBQUkscUJBQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLG1CQUFtQixFQUFFO1lBQzNELFNBQVMsRUFBRSxJQUFJLHFCQUFPLENBQUMsZ0JBQWdCLENBQUMsbUJBQW1CLENBQUM7WUFDNUQsUUFBUSxFQUFFLGVBQWUsR0FBRyxFQUFFO1lBQzlCLGVBQWUsRUFBRTtnQkFDZixxQkFBTyxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FDNUMsOEJBQThCLENBQy9CO2dCQUNELHFCQUFPLENBQUMsYUFBYSxDQUFDLHdCQUF3QixDQUM1QywyQkFBMkIsQ0FDNUI7Z0JBQ0QscUJBQU8sQ0FBQyxhQUFhLENBQUMsd0JBQXdCLENBQzVDLG9DQUFvQyxDQUNyQztnQkFDRCxxQkFBTyxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FBQyxzQkFBc0IsQ0FBQztnQkFDdEUscUJBQU8sQ0FBQyxhQUFhLENBQUMsd0JBQXdCLENBQzVDLGlDQUFpQyxDQUNsQztnQkFDRCxxQkFBTyxDQUFDLGFBQWEsQ0FBQyx3QkFBd0IsQ0FDNUMsa0NBQWtDLENBQ25DO2dCQUNELHFCQUFPLENBQUMsYUFBYSxDQUFDLHdCQUF3QixDQUM1Qyx3QkFBd0IsQ0FDekI7Z0JBQ0QscUJBQU8sQ0FBQyxhQUFhLENBQUMsd0JBQXdCLENBQzVDLGdDQUFnQyxDQUNqQzthQUNGO1NBQ0YsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLHFCQUFPLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRTtZQUMvRCxPQUFPLEVBQUUscUJBQU8sQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLO1lBQ3hDLEdBQUcsRUFBRSxLQUFLLENBQUMsR0FBRztTQUNmLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUU7WUFDL0MsTUFBTSxFQUFFLENBQUMsc0JBQXNCLEVBQUUsY0FBYyxDQUFDO1lBQ2hELFFBQVEsRUFBRSxtQ0FBbUM7U0FDOUMsQ0FBQyxDQUFDO1FBRUgsK0ZBQStGO1FBQy9GLE1BQU0sU0FBUyxHQUFHO1lBQ2hCLFVBQVUsRUFBRSxJQUFJO1lBQ2hCLElBQUksRUFBRSxXQUFXO1lBQ2pCLFFBQVEsRUFBRTtnQkFDUixJQUFJLEVBQUUsZ0JBQWdCO2dCQUN0QixTQUFTLEVBQUUsYUFBYTthQUN6QjtZQUNELElBQUksRUFBRTtnQkFDSixxQkFBcUIsRUFBRSxNQUFNO2FBQzlCO1NBQ0YsQ0FBQztRQUNGLElBQUksQ0FBQyxVQUFVLENBQUMsV0FBVyxDQUFDLGdCQUFnQixFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBRXpELElBQUkscUJBQU8sQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLG9CQUFvQixFQUFFO1lBQ3RELGFBQWEsRUFBRSxJQUFJLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLElBQUksS0FBSyxDQUFDLGdCQUFnQixDQUFDLGtCQUFrQixFQUFFO1lBQ2xHLFdBQVcsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLFdBQVc7U0FDekMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQzs7QUF4RUgsOENBeUVDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiAgQ29weXJpZ2h0IDIwMjEgQW1hem9uLmNvbSwgSW5jLiBvciBpdHMgYWZmaWxpYXRlcy4gQWxsIFJpZ2h0cyBSZXNlcnZlZC5cbiAqXG4gKiAgTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSBMaWNlbnNlLCBWZXJzaW9uIDIuMCAodGhlIFwiTGljZW5zZVwiKS4gWW91IG1heSBub3QgdXNlIHRoaXMgZmlsZSBleGNlcHQgaW4gY29tcGxpYW5jZVxuICogIHdpdGggdGhlIExpY2Vuc2UuIEEgY29weSBvZiB0aGUgTGljZW5zZSBpcyBsb2NhdGVkIGF0XG4gKlxuICogICAgICBodHRwOi8vd3d3LmFwYWNoZS5vcmcvbGljZW5zZXMvTElDRU5TRS0yLjBcbiAqXG4gKiAgb3IgaW4gdGhlICdsaWNlbnNlJyBmaWxlIGFjY29tcGFueWluZyB0aGlzIGZpbGUuIFRoaXMgZmlsZSBpcyBkaXN0cmlidXRlZCBvbiBhbiAnQVMgSVMnIEJBU0lTLCBXSVRIT1VUIFdBUlJBTlRJRVNcbiAqICBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBleHByZXNzIG9yIGltcGxpZWQuIFNlZSB0aGUgTGljZW5zZSBmb3IgdGhlIHNwZWNpZmljIGxhbmd1YWdlIGdvdmVybmluZyBwZXJtaXNzaW9uc1xuICogIGFuZCBsaW1pdGF0aW9ucyB1bmRlciB0aGUgTGljZW5zZS5cbiAqL1xuXG4vLyBJbXBvcnRzXG5pbXBvcnQgeyBhd3NfZWMyLCBhd3NfZWtzLCBhd3NfaWFtLCBhd3Nfc3NtIH0gZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgSVdpbmRvd3NFS1NDbHVzdGVyUHJvcHMge1xuICB2cGM6IGF3c19lYzIuSVZwYztcblxuICAvKipcblx0ICogVGhlIFdpbmRvd3MgRUtTIENsdXN0ZXIgcGFyYW1ldGVyc1xuXHQgKiBAZGVmYXVsdCAtICdObyBkZWZhdWx0Jy5cblx0ICovXG4gIGVrc1NzbVBhcmFtZXRlcnM/OiBJV2luZG93c0VLU0NsdXN0ZXJQYXJhbWV0ZXJzO1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIElXaW5kb3dzRUtTQ2x1c3RlclBhcmFtZXRlcnMge1xuICAvKipcblx0ICogVGhlIG5hbWUgb2YgdGhlIFNTTSBPYmplY3QgdGhhdCBjb250YWlucyB0aGUgRUtTIENsdXN0ZXIgbmFtZVxuXHQgKiBAZGVmYXVsdCAtICd3aW5kb3dzLWVrcy1jbHVzdGVyLW5hbWUnLlxuXHQgKi9cbiAgY2x1c3Rlck5hbWVQb2ludGVyPzogc3RyaW5nO1xuXG4gIC8qKlxuXHQgKiBUaGUgU1NNIG5hbWVzcGFjZSB0byByZWFkL3dyaXRlIHBhcmFtZXRlcnMgdG9cblx0ICogQGRlZmF1bHQgLSAnY2RrLXNreWxpZ2h0L2NvbXB1dGUvZWtzJy5cblx0ICovXG4gIG5hbWVzcGFjZT86IHN0cmluZztcbn1cblxuZXhwb3J0IGNsYXNzIFdpbmRvd3NFS1NDbHVzdGVyIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcmVhZG9ubHkgZWtzQ2x1c3RlcjogYXdzX2Vrcy5DbHVzdGVyO1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogSVdpbmRvd3NFS1NDbHVzdGVyUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgcHJvcHMuZWtzU3NtUGFyYW1ldGVycyA9IHByb3BzLmVrc1NzbVBhcmFtZXRlcnMgPz8ge307XG4gICAgcHJvcHMuZWtzU3NtUGFyYW1ldGVycy5jbHVzdGVyTmFtZVBvaW50ZXIgPVxuXHRcdFx0cHJvcHMuZWtzU3NtUGFyYW1ldGVycy5jbHVzdGVyTmFtZVBvaW50ZXIgPz8gJ3dpbmRvd3MtZWtzLWNsdXN0ZXItbmFtZSc7XG5cbiAgICBpZiAocHJvcHMuZWtzU3NtUGFyYW1ldGVycy5uYW1lc3BhY2UpIHtcbiAgICAgIHByb3BzLmVrc1NzbVBhcmFtZXRlcnMubmFtZXNwYWNlID0gYCR7cHJvcHMuZWtzU3NtUGFyYW1ldGVycy5uYW1lc3BhY2V9L2NvbXB1dGUvZWtzYDtcbiAgICB9IGVsc2Uge1xuICAgICAgcHJvcHMuZWtzU3NtUGFyYW1ldGVycy5uYW1lc3BhY2UgPSAnY2RrLXNreWxpZ2h0L2NvbXB1dGUvZWtzJztcbiAgICB9XG5cbiAgICBjb25zdCBla3Nfcm9sZSA9IG5ldyBhd3NfaWFtLlJvbGUodGhpcywgJ2Vrcy1pbnN0YW5jZS1yb2xlJywge1xuICAgICAgYXNzdW1lZEJ5OiBuZXcgYXdzX2lhbS5TZXJ2aWNlUHJpbmNpcGFsKCdlYzIuYW1hem9uYXdzLmNvbScpLFxuICAgICAgcm9sZU5hbWU6ICdla3Mtbm9kZS1yb2xlJyArIGlkLFxuICAgICAgbWFuYWdlZFBvbGljaWVzOiBbXG4gICAgICAgIGF3c19pYW0uTWFuYWdlZFBvbGljeS5mcm9tQXdzTWFuYWdlZFBvbGljeU5hbWUoXG4gICAgICAgICAgJ0FtYXpvblNTTU1hbmFnZWRJbnN0YW5jZUNvcmUnLFxuICAgICAgICApLFxuICAgICAgICBhd3NfaWFtLk1hbmFnZWRQb2xpY3kuZnJvbUF3c01hbmFnZWRQb2xpY3lOYW1lKFxuICAgICAgICAgICdBbWF6b25FS1NXb3JrZXJOb2RlUG9saWN5JyxcbiAgICAgICAgKSxcbiAgICAgICAgYXdzX2lhbS5NYW5hZ2VkUG9saWN5LmZyb21Bd3NNYW5hZ2VkUG9saWN5TmFtZShcbiAgICAgICAgICAnQW1hem9uRUMyQ29udGFpbmVyUmVnaXN0cnlSZWFkT25seScsXG4gICAgICAgICksXG4gICAgICAgIGF3c19pYW0uTWFuYWdlZFBvbGljeS5mcm9tQXdzTWFuYWdlZFBvbGljeU5hbWUoJ0FtYXpvbkVLU19DTklfUG9saWN5JyksXG4gICAgICAgIGF3c19pYW0uTWFuYWdlZFBvbGljeS5mcm9tQXdzTWFuYWdlZFBvbGljeU5hbWUoXG4gICAgICAgICAgJ0FtYXpvblNTTURpcmVjdG9yeVNlcnZpY2VBY2Nlc3MnLFxuICAgICAgICApLFxuICAgICAgICBhd3NfaWFtLk1hbmFnZWRQb2xpY3kuZnJvbUF3c01hbmFnZWRQb2xpY3lOYW1lKFxuICAgICAgICAgICdBV1NLZXlNYW5hZ2VtZW50U2VydmljZVBvd2VyVXNlcicsXG4gICAgICAgICksXG4gICAgICAgIGF3c19pYW0uTWFuYWdlZFBvbGljeS5mcm9tQXdzTWFuYWdlZFBvbGljeU5hbWUoXG4gICAgICAgICAgJ0FtYXpvbkVLU0NsdXN0ZXJQb2xpY3knLFxuICAgICAgICApLFxuICAgICAgICBhd3NfaWFtLk1hbmFnZWRQb2xpY3kuZnJvbUF3c01hbmFnZWRQb2xpY3lOYW1lKFxuICAgICAgICAgICdBbWF6b25FS1NWUENSZXNvdXJjZUNvbnRyb2xsZXInLFxuICAgICAgICApLFxuICAgICAgXSxcbiAgICB9KTtcblxuICAgIHRoaXMuZWtzQ2x1c3RlciA9IG5ldyBhd3NfZWtzLkNsdXN0ZXIodGhpcywgJ1dpbmRvd3NFS1NDbHVzdGVyJywge1xuICAgICAgdmVyc2lvbjogYXdzX2Vrcy5LdWJlcm5ldGVzVmVyc2lvbi5WMV8yMSxcbiAgICAgIHZwYzogcHJvcHMudnBjLFxuICAgIH0pO1xuXG4gICAgdGhpcy5la3NDbHVzdGVyLmF3c0F1dGguYWRkUm9sZU1hcHBpbmcoZWtzX3JvbGUsIHtcbiAgICAgIGdyb3VwczogWydzeXN0ZW06Ym9vdHN0cmFwcGVycycsICdzeXN0ZW06bm9kZXMnXSxcbiAgICAgIHVzZXJuYW1lOiAnc3lzdGVtOm5vZGU6e3tFQzJQcml2YXRlRE5TTmFtZX19JyxcbiAgICB9KTtcblxuICAgIC8vIGh0dHBzOi8vZG9jcy5hd3MuYW1hem9uLmNvbS9la3MvbGF0ZXN0L3VzZXJndWlkZS93aW5kb3dzLXN1cHBvcnQuaHRtbCNlbmFibGUtd2luZG93cy1zdXBwb3J0XG4gICAgY29uc3QgeWFtbF9maWxlID0ge1xuICAgICAgYXBpVmVyc2lvbjogJ3YxJyxcbiAgICAgIGtpbmQ6ICdDb25maWdNYXAnLFxuICAgICAgbWV0YWRhdGE6IHtcbiAgICAgICAgbmFtZTogJ2FtYXpvbi12cGMtY25pJyxcbiAgICAgICAgbmFtZXNwYWNlOiAna3ViZS1zeXN0ZW0nLFxuICAgICAgfSxcbiAgICAgIGRhdGE6IHtcbiAgICAgICAgJ2VuYWJsZS13aW5kb3dzLWlwYW0nOiAndHJ1ZScsXG4gICAgICB9LFxuICAgIH07XG4gICAgdGhpcy5la3NDbHVzdGVyLmFkZE1hbmlmZXN0KCdXaW5kb3dzU3VwcG9ydCcsIHlhbWxfZmlsZSk7XG5cbiAgICBuZXcgYXdzX3NzbS5TdHJpbmdQYXJhbWV0ZXIodGhpcywgJ2NsdXN0ZXJOYW1lUG9pbnRlcicsIHtcbiAgICAgIHBhcmFtZXRlck5hbWU6IGAvJHtwcm9wcy5la3NTc21QYXJhbWV0ZXJzLm5hbWVzcGFjZX0vJHtwcm9wcy5la3NTc21QYXJhbWV0ZXJzLmNsdXN0ZXJOYW1lUG9pbnRlcn1gLFxuICAgICAgc3RyaW5nVmFsdWU6IHRoaXMuZWtzQ2x1c3Rlci5jbHVzdGVyTmFtZSxcbiAgICB9KTtcbiAgfVxufVxuIl19

package/lib/skylight-compute/eks/windows-eks-nodes.d.ts

@@ -0,0 +1,68 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+import { aws_autoscaling, aws_ec2, aws_eks, aws_iam } from 'aws-cdk-lib';
+import { AutoScalingGroup } from 'aws-cdk-lib/aws-autoscaling';
+import { Construct } from 'constructs';
+import * as skylight from '../../index';
+export interface IRuntimeNodes {
+    /**
+     * Method to add userData to the nodes
+     */
+    addUserData(...commands: string[]): void;
+    /**
+     * Method to configure the Nodes to part of AD Domain
+     * Secret: The secrets manager secret to use must be in format:
+     * '{Domain: <domain.name>, UserID: 'Admin', Password: '<password>'}' (From cdk-skylight.AwsManagedMicrosoftAdR53 Object)
+     */
+    addAdDependency?(adParametersStore: skylight.authentication.IAwsManagedMicrosoftAdParameters): void;
+    /**
+     * Method to configure persistent storage dependency to the hosts by using Global Mapping.
+     */
+    addStorageDependency(adParametersStore: skylight.authentication.IAwsManagedMicrosoftAdParameters, fsxParametersStore: skylight.storage.IFSxWindowsParameters, folderName: string): void;
+    /**
+     * Method to add the nodes to specific Cluster
+     */
+    addEKSDependency?(eksCluster: aws_eks.Cluster): void;
+    /**
+     * Method to add support for LocalCredFile <Experimental>
+     */
+    addLocalCredFile?(adParametersStore: skylight.authentication.IAwsManagedMicrosoftAdParameters, ADGroupName: string, AccountName: string): void;
+}
+export interface IWindowsEKSNodesProps {
+    vpc: aws_ec2.IVpc;
+    /**
+     * The SSM namespace to save parameters to
+     * @default - 'cdk-skylight'.
+     */
+    namespace?: string;
+    /**
+     * The instance to use
+     * @default - 'm5.large'.
+     */
+    instanceType?: aws_ec2.InstanceType;
+}
+export declare class WindowsEKSNodes extends Construct implements IRuntimeNodes {
+    readonly asg: AutoScalingGroup;
+    readonly windowsWorkersRole: aws_iam.Role;
+    readonly asgResource: aws_autoscaling.CfnAutoScalingGroup;
+    readonly vpc: aws_ec2.IVpc;
+    readonly nodesSg: aws_ec2.SecurityGroup;
+    constructor(scope: Construct, id: string, props: IWindowsEKSNodesProps);
+    addUserData(...commands: string[]): void;
+    addAdDependency(adParametersStore: skylight.authentication.IAwsManagedMicrosoftAdParameters): void;
+    runPowerShellSSMDocument(name: string, commands: string[]): void;
+    gMSAWebHookAutoInstall(eksCluster: aws_eks.Cluster, privateSignerName: string, awsaccountid: string, awsregion: string): void;
+    addStorageDependency(adParametersStore: skylight.authentication.IAwsManagedMicrosoftAdParameters, fsxParametersStore: skylight.storage.IFSxWindowsParameters, folderName: string): void;
+    addEKSDependency(eksCluster: aws_eks.Cluster): void;
+    addLocalCredFile(adParametersStore: skylight.authentication.IAwsManagedMicrosoftAdParameters, ADGroupName: string, AccountName: string): void;
+}