@rio-cloud/cdk-v2-constructs 1.0.1-alpha.0

package/lib/fargate/datadog.js

@@ -0,0 +1,225 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DataDog = void 0;
+const aws_cdk_lib_1 = require("aws-cdk-lib");
+const ecs = require("aws-cdk-lib/aws-ecs");
+const lambda = require("aws-cdk-lib/aws-lambda");
+const logs = require("aws-cdk-lib/aws-logs");
+const rio_fargate_service_1 = require("./rio-fargate-service");
+class DataDog {
+    static getFargateContainerEnvironmentVariables(scope, stage, serviceName, version, accountName, teamName) {
+        const { account: accountId, region } = aws_cdk_lib_1.Stack.of(scope);
+        return {
+            // unified tagging, see https://docs.datadoghq.com/getting_started/tagging/unified_service_tagging/?tab=ecs
+            DD_ENV: stage,
+            DD_SERVICE: serviceName,
+            DD_VERSION: version,
+            // APM and tracing, see https://docs.datadoghq.com/tracing/setup_overview/setup/java/?tab=containers
+            DD_LOGS_INJECTION: 'true',
+            DD_SERVICE_MAPPING: this.getApmServiceMappingEnvironmentVariableValue(serviceName),
+            DD_TAGS: this.getTagsEnvironmentVariableValue(accountId, accountName, region, teamName, stage, serviceName, version, 'service'),
+            DD_TRACE_SAMPLE_RATE: '1.0',
+        };
+    }
+    // we add all possible service mappings here even if not used in a particular service to get globally unique names
+    static getApmServiceMappingEnvironmentVariableValue(serviceName) {
+        const serviceMapping = {
+            'database': `${serviceName}-aurora`,
+            'java-aws-sdk': `${serviceName}-aws-sdk`,
+            'kafka': `${serviceName}-kafka`,
+            'mysql': `${serviceName}-aurora`,
+            'redis': `${serviceName}-redis`,
+        };
+        return Object.entries(serviceMapping)
+            .map(([key, value]) => `${key}:${value}`)
+            .join(',');
+    }
+    static getFargateDockerLabels(stage, serviceName, version) {
+        return {
+            'com.datadoghq.tags.env': stage,
+            'com.datadoghq.tags.service': serviceName,
+            'com.datadoghq.tags.version': version,
+        };
+    }
+    static addDatadogSidecar(scope, taskDefinition, accountName, teamName, stage, serviceName, version, datadogApiKeyParameter, datadogSite, datadogLoggingMode, apmGetResourcesToIgnore, cpu, memoryLimitMiB, essential, containerTag) {
+        const { account: accountId, region } = aws_cdk_lib_1.Stack.of(scope);
+        const datadogSidecar = taskDefinition.addContainer('datadog-agent', {
+            image: ecs.ContainerImage.fromRegistry(`public.ecr.aws/datadog/agent:${containerTag}`),
+            logging: this.setupLogging(scope, accountName, teamName, stage, serviceName, version, datadogApiKeyParameter, datadogLoggingMode, datadogSite, 'datadog-sidecar'),
+            cpu,
+            memoryLimitMiB,
+            environment: {
+                // unified tagging, see https://docs.datadoghq.com/getting_started/tagging/unified_service_tagging/?tab=ecs
+                DD_ENV: stage,
+                DD_SERVICE: serviceName,
+                DD_VERSION: version,
+                // APM and tracing see https://docs.datadoghq.com/agent/docker/apm/?tab=linux
+                DD_APM_ENABLED: 'true',
+                DD_APM_IGNORE_RESOURCES: apmGetResourcesToIgnore
+                    .map((apmGetResourceToIgnore) => `GET ${apmGetResourceToIgnore}`)
+                    .join(','),
+                // general settings
+                DD_SITE: datadogSite,
+                DD_TAGS: this.getTagsEnvironmentVariableValue(accountId, accountName, region, teamName, stage, serviceName, version, 'datadog-sidecar'),
+                ECS_FARGATE: 'true',
+                DD_COLLECT_GCE_TAGS: 'false',
+            },
+            // see https://github.com/DataDog/datadog-agent/blob/master/Dockerfiles/agent/amd64/Dockerfile#L171-L172
+            healthCheck: {
+                startPeriod: aws_cdk_lib_1.Duration.minutes(2),
+                interval: aws_cdk_lib_1.Duration.seconds(30),
+                timeout: aws_cdk_lib_1.Duration.seconds(5),
+                retries: 2,
+                command: ['CMD-SHELL', '/probe.sh'],
+            },
+            secrets: {
+                DD_API_KEY: ecs.Secret.fromSsmParameter(datadogApiKeyParameter),
+            },
+            essential: essential,
+        });
+        datadogSidecar.addPortMappings({
+            containerPort: 8125,
+            protocol: ecs.Protocol.UDP,
+        });
+        datadogSidecar.addPortMappings({
+            containerPort: 8126,
+            protocol: ecs.Protocol.TCP,
+        });
+        return datadogSidecar;
+    }
+    static getTagsEnvironmentVariableValue(accountId, accountName, region, teamName, stage, serviceName, version, containerType) {
+        let separator;
+        switch (containerType) {
+            case 'service':
+                separator = ',';
+                break;
+            case 'datadog-sidecar':
+                separator = ' ';
+                break;
+            case 'fluent-bit':
+                separator = ',';
+                break;
+        }
+        const tags = {
+            // unified tagging
+            // overridden by dedicated settings (environment variables/tags)
+            // duplicated here to ensure they are used (and sometimes, not all three values are supported)
+            env: stage,
+            service: serviceName,
+            version,
+            // account/team specific parts
+            account_id: accountId,
+            account_name: accountName,
+            region,
+            team: teamName,
+        };
+        return Object.entries(tags)
+            .map(([key, value]) => `${key}:${value}`)
+            .join(separator);
+    }
+    static addFireLensLogRouter(taskDefinition, cpu, memoryLimitMiB) {
+        return taskDefinition.addFirelensLogRouter('firelens-log-router', {
+            image: ecs.ContainerImage.fromRegistry('public.ecr.aws/aws-observability/aws-for-fluent-bit:latest'),
+            firelensConfig: {
+                type: ecs.FirelensLogRouterType.FLUENTBIT,
+                options: {
+                    configFileType: ecs.FirelensConfigFileType.FILE,
+                    configFileValue: '/fluent-bit/configs/parse-json.conf',
+                    enableECSLogMetadata: true,
+                },
+            },
+            cpu,
+            memoryLimitMiB,
+        });
+    }
+    static setupLogging(scope, accountName, teamName, stage, serviceName, version, datadogApiKeyParameter, datadogLoggingMode, datadogSite, containerType) {
+        let logGroupName;
+        let logGroupId;
+        let containerTypeCamelCase;
+        switch (containerType) {
+            case 'service':
+                logGroupId = 'LogGroupForService';
+                logGroupName = serviceName;
+                containerTypeCamelCase = 'Service';
+                break;
+            case 'datadog-sidecar':
+                logGroupId = 'LogGroupForDatadogSidecar';
+                logGroupName = `${serviceName}-${containerType}`;
+                containerTypeCamelCase = 'DatadogSidecar';
+                break;
+        }
+        const { account: accountId, region } = aws_cdk_lib_1.Stack.of(scope);
+        switch (datadogLoggingMode) {
+            case rio_fargate_service_1.DataDogLoggingMode.AWS_FIRE_LENS:
+                // TODO can we use `secretOptions` here as well, e.g. as in https://github.com/aws-samples/amazon-ecs-firelens-examples/blob/mainline/examples/fluent-bit/datadog/task-definition.json#L33-L36
+                // Probably not, see https://github.com/aws/aws-cdk/issues/8174
+                return ecs.LogDrivers.firelens({
+                    // see https://docs.datadoghq.com/integrations/fluentbit/#configuration-parameters
+                    options: {
+                        Name: 'datadog',
+                        Match: '*',
+                        Host: `http-intake.logs.${datadogSite}`,
+                        TLS: 'on',
+                        apikey: datadogApiKeyParameter.stringValue,
+                        compress: 'gzip',
+                        dd_service: logGroupName,
+                        dd_source: 'rio-fargate',
+                        dd_message_key: 'log',
+                        dd_tags: this.getTagsEnvironmentVariableValue(accountId, accountName, region, teamName, stage, serviceName, version, 'fluent-bit'),
+                        provider: 'ecs',
+                    },
+                });
+            case rio_fargate_service_1.DataDogLoggingMode.FORWARDER_LAMBDA:
+                const logGroupForForwardingLambda = new logs.LogGroup(scope, logGroupId, {
+                    logGroupName,
+                    retention: logs.RetentionDays.ONE_WEEK,
+                });
+                const logForwarderLambdaArn = aws_cdk_lib_1.Fn.importValue('custom-resource-datadog-logforwarder-function-arn');
+                const cfnPermission = new lambda.CfnPermission(scope, `LogForwarderPermission${containerTypeCamelCase}`, {
+                    action: 'lambda:InvokeFunction',
+                    functionName: logForwarderLambdaArn,
+                    principal: `logs.${region}.amazonaws.com`,
+                    sourceArn: logGroupForForwardingLambda.logGroupArn,
+                });
+                const cfnSubscriptionFilter = new logs.CfnSubscriptionFilter(scope, `LogForwarderSubscriptionFilter${containerTypeCamelCase}`, {
+                    destinationArn: logForwarderLambdaArn,
+                    filterPattern: '',
+                    logGroupName: logGroupForForwardingLambda.logGroupName,
+                });
+                cfnSubscriptionFilter.addDependsOn(cfnPermission);
+                return ecs.LogDrivers.awsLogs({
+                    streamPrefix: containerType,
+                    logGroup: logGroupForForwardingLambda,
+                });
+            case rio_fargate_service_1.DataDogLoggingMode.NONE:
+                const logGroupInCloudwatchOnly = new logs.LogGroup(scope, logGroupId, {
+                    retention: logs.RetentionDays.ONE_WEEK,
+                });
+                return ecs.LogDrivers.awsLogs({
+                    streamPrefix: containerType,
+                    logGroup: logGroupInCloudwatchOnly,
+                });
+        }
+    }
+    static ensureLoggingAndMonitoringAreReadyBeforeServiceStarts(rioFargateService) {
+        var _a;
+        rioFargateService.serviceContainerDefinition.addContainerDependencies({
+            container: rioFargateService.datadogSideCarContainerDefinition,
+            condition: ecs.ContainerDependencyCondition.HEALTHY,
+        });
+        if (rioFargateService.logRouterContainerDefinition) {
+            rioFargateService.serviceContainerDefinition.addContainerDependencies({
+                container: rioFargateService.logRouterContainerDefinition,
+                condition: ecs.ContainerDependencyCondition.START,
+            });
+            if (((_a = rioFargateService.datadogSideCarContainerDefinition.logDriverConfig) === null || _a === void 0 ? void 0 : _a.logDriver) === 'awsfirelens') {
+                rioFargateService.datadogSideCarContainerDefinition.addContainerDependencies({
+                    container: rioFargateService.logRouterContainerDefinition,
+                    condition: ecs.ContainerDependencyCondition.START,
+                });
+            }
+        }
+    }
+}
+exports.DataDog = DataDog;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZGF0YWRvZy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9mYXJnYXRlL2RhdGFkb2cudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsNkNBQWtEO0FBQ2xELDJDQUEyQztBQUMzQyxpREFBaUQ7QUFDakQsNkNBQTZDO0FBRzdDLCtEQUE4RTtBQUU5RSxNQUFhLE9BQU87SUFFWCxNQUFNLENBQUMsdUNBQXVDLENBQ25ELEtBQWdCLEVBQ2hCLEtBQWEsRUFDYixXQUFtQixFQUNuQixPQUFlLEVBQ2YsV0FBbUIsRUFDbkIsUUFBZ0I7UUFHaEIsTUFBTSxFQUFFLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxFQUFFLEdBQUcsbUJBQUssQ0FBQyxFQUFFLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFdkQsT0FBTztZQUNMLDJHQUEyRztZQUMzRyxNQUFNLEVBQUUsS0FBSztZQUNiLFVBQVUsRUFBRSxXQUFXO1lBQ3ZCLFVBQVUsRUFBRSxPQUFPO1lBQ25CLG9HQUFvRztZQUNwRyxpQkFBaUIsRUFBRSxNQUFNO1lBQ3pCLGtCQUFrQixFQUFFLElBQUksQ0FBQyw0Q0FBNEMsQ0FBQyxXQUFXLENBQUM7WUFDbEYsT0FBTyxFQUFFLElBQUksQ0FBQywrQkFBK0IsQ0FDM0MsU0FBUyxFQUNULFdBQVcsRUFDWCxNQUFNLEVBQ04sUUFBUSxFQUNSLEtBQUssRUFDTCxXQUFXLEVBQ1gsT0FBTyxFQUNQLFNBQVMsQ0FDVjtZQUNELG9CQUFvQixFQUFFLEtBQUs7U0FDNUIsQ0FBQztJQUNKLENBQUM7SUFFRCxrSEFBa0g7SUFDbEgsTUFBTSxDQUFDLDRDQUE0QyxDQUFDLFdBQW1CO1FBRXJFLE1BQU0sY0FBYyxHQUFHO1lBQ3JCLFVBQVUsRUFBRSxHQUFHLFdBQVcsU0FBUztZQUNuQyxjQUFjLEVBQUUsR0FBRyxXQUFXLFVBQVU7WUFDeEMsT0FBTyxFQUFFLEdBQUcsV0FBVyxRQUFRO1lBQy9CLE9BQU8sRUFBRSxHQUFHLFdBQVcsU0FBUztZQUNoQyxPQUFPLEVBQUUsR0FBRyxXQUFXLFFBQVE7U0FDaEMsQ0FBQztRQUVGLE9BQU8sTUFBTSxDQUFDLE9BQU8sQ0FBQyxjQUFjLENBQUM7YUFDbEMsR0FBRyxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsS0FBSyxDQUFDLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxJQUFJLEtBQUssRUFBRSxDQUFDO2FBQ3hDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNmLENBQUM7SUFFTSxNQUFNLENBQUMsc0JBQXNCLENBQUMsS0FBYSxFQUFFLFdBQW1CLEVBQUUsT0FBZTtRQUN0RixPQUFPO1lBQ0wsd0JBQXdCLEVBQUUsS0FBSztZQUMvQiw0QkFBNEIsRUFBRSxXQUFXO1lBQ3pDLDRCQUE0QixFQUFFLE9BQU87U0FDdEMsQ0FBQztJQUNKLENBQUM7SUFFTSxNQUFNLENBQUMsaUJBQWlCLENBQzdCLEtBQWdCLEVBQ2hCLGNBQWtDLEVBQ2xDLFdBQW1CLEVBQ25CLFFBQWdCLEVBQ2hCLEtBQWEsRUFDYixXQUFtQixFQUNuQixPQUFlLEVBQ2Ysc0JBQTRDLEVBQzVDLFdBQW1CLEVBQ25CLGtCQUFzQyxFQUN0Qyx1QkFBaUMsRUFDakMsR0FBVyxFQUNYLGNBQXNCLEVBQ3RCLFNBQWtCLEVBQ2xCLFlBQW9CO1FBR3BCLE1BQU0sRUFBRSxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxHQUFHLG1CQUFLLENBQUMsRUFBRSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3ZELE1BQU0sY0FBYyxHQUFHLGNBQWMsQ0FBQyxZQUFZLENBQUMsZUFBZSxFQUFFO1lBQ2xFLEtBQUssRUFBRSxHQUFHLENBQUMsY0FBYyxDQUFDLFlBQVksQ0FBQyxnQ0FBZ0MsWUFBWSxFQUFFLENBQUM7WUFDdEYsT0FBTyxFQUFFLElBQUksQ0FBQyxZQUFZLENBQ3hCLEtBQUssRUFDTCxXQUFXLEVBQ1gsUUFBUSxFQUNSLEtBQUssRUFDTCxXQUFXLEVBQ1gsT0FBTyxFQUNQLHNCQUFzQixFQUN0QixrQkFBa0IsRUFDbEIsV0FBVyxFQUNYLGlCQUFpQixDQUNsQjtZQUNELEdBQUc7WUFDSCxjQUFjO1lBQ2QsV0FBVyxFQUFFO2dCQUNYLDJHQUEyRztnQkFDM0csTUFBTSxFQUFFLEtBQUs7Z0JBQ2IsVUFBVSxFQUFFLFdBQVc7Z0JBQ3ZCLFVBQVUsRUFBRSxPQUFPO2dCQUNuQiw2RUFBNkU7Z0JBQzdFLGNBQWMsRUFBRSxNQUFNO2dCQUN0Qix1QkFBdUIsRUFBRSx1QkFBdUI7cUJBQzdDLEdBQUcsQ0FBQyxDQUFDLHNCQUFzQixFQUFFLEVBQUUsQ0FBQyxPQUFPLHNCQUFzQixFQUFFLENBQUM7cUJBQ2hFLElBQUksQ0FBQyxHQUFHLENBQUM7Z0JBQ1osbUJBQW1CO2dCQUNuQixPQUFPLEVBQUUsV0FBVztnQkFDcEIsT0FBTyxFQUFFLElBQUksQ0FBQywrQkFBK0IsQ0FDM0MsU0FBUyxFQUNULFdBQVcsRUFDWCxNQUFNLEVBQ04sUUFBUSxFQUNSLEtBQUssRUFDTCxXQUFXLEVBQ1gsT0FBTyxFQUNQLGlCQUFpQixDQUNsQjtnQkFDRCxXQUFXLEVBQUUsTUFBTTtnQkFDbkIsbUJBQW1CLEVBQUUsT0FBTzthQUM3QjtZQUNELHdHQUF3RztZQUN4RyxXQUFXLEVBQUU7Z0JBQ1gsV0FBVyxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztnQkFDaEMsUUFBUSxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDOUIsT0FBTyxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztnQkFDNUIsT0FBTyxFQUFFLENBQUM7Z0JBQ1YsT0FBTyxFQUFFLENBQUMsV0FBVyxFQUFFLFdBQVcsQ0FBQzthQUNwQztZQUNELE9BQU8sRUFBRTtnQkFDUCxVQUFVLEVBQUUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxzQkFBc0IsQ0FBQzthQUNoRTtZQUNELFNBQVMsRUFBRSxTQUFTO1NBQ3JCLENBQUMsQ0FBQztRQUVILGNBQWMsQ0FBQyxlQUFlLENBQUM7WUFDN0IsYUFBYSxFQUFFLElBQUk7WUFDbkIsUUFBUSxFQUFFLEdBQUcsQ0FBQyxRQUFRLENBQUMsR0FBRztTQUMzQixDQUFDLENBQUM7UUFFSCxjQUFjLENBQUMsZUFBZSxDQUFDO1lBQzdCLGFBQWEsRUFBRSxJQUFJO1lBQ25CLFFBQVEsRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLEdBQUc7U0FDM0IsQ0FBQyxDQUFDO1FBRUgsT0FBTyxjQUFjLENBQUM7SUFDeEIsQ0FBQztJQUVELE1BQU0sQ0FBQywrQkFBK0IsQ0FDcEMsU0FBaUIsRUFDakIsV0FBbUIsRUFDbkIsTUFBYyxFQUNkLFFBQWdCLEVBQ2hCLEtBQWEsRUFDYixXQUFtQixFQUNuQixPQUFlLEVBQ2YsYUFBMkQ7UUFHM0QsSUFBSSxTQUFpQixDQUFDO1FBRXRCLFFBQVEsYUFBYSxFQUFFO1lBRXJCLEtBQUssU0FBUztnQkFDWixTQUFTLEdBQUcsR0FBRyxDQUFDO2dCQUNoQixNQUFNO1lBRVIsS0FBSyxpQkFBaUI7Z0JBQ3BCLFNBQVMsR0FBRyxHQUFHLENBQUM7Z0JBQ2hCLE1BQU07WUFFUixLQUFLLFlBQVk7Z0JBQ2YsU0FBUyxHQUFHLEdBQUcsQ0FBQztnQkFDaEIsTUFBTTtTQUNUO1FBRUQsTUFBTSxJQUFJLEdBQUc7WUFDWCxrQkFBa0I7WUFDbEIsZ0VBQWdFO1lBQ2hFLDhGQUE4RjtZQUM5RixHQUFHLEVBQUUsS0FBSztZQUNWLE9BQU8sRUFBRSxXQUFXO1lBQ3BCLE9BQU87WUFDUCw4QkFBOEI7WUFDOUIsVUFBVSxFQUFFLFNBQVM7WUFDckIsWUFBWSxFQUFFLFdBQVc7WUFDekIsTUFBTTtZQUNOLElBQUksRUFBRSxRQUFRO1NBQ2YsQ0FBQztRQUNGLE9BQU8sTUFBTSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7YUFDeEIsR0FBRyxDQUFDLENBQUMsQ0FBQyxHQUFHLEVBQUUsS0FBSyxDQUFDLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxJQUFJLEtBQUssRUFBRSxDQUFDO2FBQ3hDLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUNyQixDQUFDO0lBRU0sTUFBTSxDQUFDLG9CQUFvQixDQUNoQyxjQUFrQyxFQUNsQyxHQUFXLEVBQ1gsY0FBc0I7UUFHdEIsT0FBTyxjQUFjLENBQUMsb0JBQW9CLENBQUMscUJBQXFCLEVBQUU7WUFDaEUsS0FBSyxFQUFFLEdBQUcsQ0FBQyxjQUFjLENBQUMsWUFBWSxDQUFDLDREQUE0RCxDQUFDO1lBQ3BHLGNBQWMsRUFBRTtnQkFDZCxJQUFJLEVBQUUsR0FBRyxDQUFDLHFCQUFxQixDQUFDLFNBQVM7Z0JBQ3pDLE9BQU8sRUFBRTtvQkFDUCxjQUFjLEVBQUUsR0FBRyxDQUFDLHNCQUFzQixDQUFDLElBQUk7b0JBQy9DLGVBQWUsRUFBRSxxQ0FBcUM7b0JBQ3RELG9CQUFvQixFQUFFLElBQUk7aUJBQzNCO2FBQ0Y7WUFDRCxHQUFHO1lBQ0gsY0FBYztTQUNmLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFTSxNQUFNLENBQUMsWUFBWSxDQUN4QixLQUFnQixFQUNoQixXQUFtQixFQUNuQixRQUFnQixFQUNoQixLQUFhLEVBQ2IsV0FBbUIsRUFDbkIsT0FBZSxFQUNmLHNCQUE0QyxFQUM1QyxrQkFBc0MsRUFDdEMsV0FBbUIsRUFDbkIsYUFBNEM7UUFHNUMsSUFBSSxZQUFvQixDQUFDO1FBQ3pCLElBQUksVUFBa0IsQ0FBQztRQUN2QixJQUFJLHNCQUFzQixDQUFDO1FBRTNCLFFBQVEsYUFBYSxFQUFFO1lBRXJCLEtBQUssU0FBUztnQkFDWixVQUFVLEdBQUcsb0JBQW9CLENBQUM7Z0JBQ2xDLFlBQVksR0FBRyxXQUFXLENBQUM7Z0JBQzNCLHNCQUFzQixHQUFHLFNBQVMsQ0FBQztnQkFDbkMsTUFBTTtZQUVSLEtBQUssaUJBQWlCO2dCQUNwQixVQUFVLEdBQUcsMkJBQTJCLENBQUM7Z0JBQ3pDLFlBQVksR0FBRyxHQUFHLFdBQVcsSUFBSSxhQUFhLEVBQUUsQ0FBQztnQkFDakQsc0JBQXNCLEdBQUcsZ0JBQWdCLENBQUM7Z0JBQzFDLE1BQU07U0FDVDtRQUVELE1BQU0sRUFBRSxPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxHQUFHLG1CQUFLLENBQUMsRUFBRSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRXZELFFBQVEsa0JBQWtCLEVBQUU7WUFFMUIsS0FBSyx3Q0FBa0IsQ0FBQyxhQUFhO2dCQUNuQyw4TEFBOEw7Z0JBQzlMLCtEQUErRDtnQkFDL0QsT0FBTyxHQUFHLENBQUMsVUFBVSxDQUFDLFFBQVEsQ0FBQztvQkFDN0Isa0ZBQWtGO29CQUNsRixPQUFPLEVBQUU7d0JBQ1AsSUFBSSxFQUFFLFNBQVM7d0JBQ2YsS0FBSyxFQUFFLEdBQUc7d0JBQ1YsSUFBSSxFQUFFLG9CQUFvQixXQUFXLEVBQUU7d0JBQ3ZDLEdBQUcsRUFBRSxJQUFJO3dCQUNULE1BQU0sRUFBRSxzQkFBc0IsQ0FBQyxXQUFXO3dCQUMxQyxRQUFRLEVBQUUsTUFBTTt3QkFDaEIsVUFBVSxFQUFFLFlBQVk7d0JBQ3hCLFNBQVMsRUFBRSxhQUFhO3dCQUN4QixjQUFjLEVBQUUsS0FBSzt3QkFDckIsT0FBTyxFQUFFLElBQUksQ0FBQywrQkFBK0IsQ0FDM0MsU0FBUyxFQUNULFdBQVcsRUFDWCxNQUFNLEVBQ04sUUFBUSxFQUNSLEtBQUssRUFDTCxXQUFXLEVBQ1gsT0FBTyxFQUNQLFlBQVksQ0FDYjt3QkFDRCxRQUFRLEVBQUUsS0FBSztxQkFDaEI7aUJBQ0YsQ0FBQyxDQUFDO1lBRUwsS0FBSyx3Q0FBa0IsQ0FBQyxnQkFBZ0I7Z0JBQ3RDLE1BQU0sMkJBQTJCLEdBQUcsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLEtBQUssRUFBRSxVQUFVLEVBQUU7b0JBQ3ZFLFlBQVk7b0JBQ1osU0FBUyxFQUFFLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUTtpQkFDdkMsQ0FBQyxDQUFDO2dCQUNILE1BQU0scUJBQXFCLEdBQUcsZ0JBQUUsQ0FBQyxXQUFXLENBQUMsbURBQW1ELENBQUMsQ0FBQztnQkFDbEcsTUFBTSxhQUFhLEdBQUcsSUFBSSxNQUFNLENBQUMsYUFBYSxDQUFDLEtBQUssRUFBRSx5QkFBeUIsc0JBQXNCLEVBQUUsRUFBRTtvQkFDdkcsTUFBTSxFQUFFLHVCQUF1QjtvQkFDL0IsWUFBWSxFQUFFLHFCQUFxQjtvQkFDbkMsU0FBUyxFQUFFLFFBQVEsTUFBTSxnQkFBZ0I7b0JBQ3pDLFNBQVMsRUFBRSwyQkFBMkIsQ0FBQyxXQUFXO2lCQUNuRCxDQUFDLENBQUM7Z0JBQ0gsTUFBTSxxQkFBcUIsR0FBRyxJQUFJLElBQUksQ0FBQyxxQkFBcUIsQ0FDMUQsS0FBSyxFQUNMLGlDQUFpQyxzQkFBc0IsRUFBRSxFQUN6RDtvQkFDRSxjQUFjLEVBQUUscUJBQXFCO29CQUNyQyxhQUFhLEVBQUUsRUFBRTtvQkFDakIsWUFBWSxFQUFFLDJCQUEyQixDQUFDLFlBQVk7aUJBQ3ZELENBQ0YsQ0FBQztnQkFDRixxQkFBcUIsQ0FBQyxZQUFZLENBQUMsYUFBYSxDQUFDLENBQUM7Z0JBQ2xELE9BQU8sR0FBRyxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUM7b0JBQzVCLFlBQVksRUFBRSxhQUFhO29CQUMzQixRQUFRLEVBQUUsMkJBQTJCO2lCQUN0QyxDQUFDLENBQUM7WUFFTCxLQUFLLHdDQUFrQixDQUFDLElBQUk7Z0JBQzFCLE1BQU0sd0JBQXdCLEdBQUcsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLEtBQUssRUFBRSxVQUFVLEVBQUU7b0JBQ3BFLFNBQVMsRUFBRSxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVE7aUJBQ3ZDLENBQUMsQ0FBQztnQkFDSCxPQUFPLEdBQUcsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDO29CQUM1QixZQUFZLEVBQUUsYUFBYTtvQkFDM0IsUUFBUSxFQUFFLHdCQUF3QjtpQkFDbkMsQ0FBQyxDQUFDO1NBQ047SUFDSCxDQUFDO0lBRU0sTUFBTSxDQUFDLHFEQUFxRCxDQUFDLGlCQUFvQzs7UUFFdEcsaUJBQWlCLENBQUMsMEJBQTBCLENBQUMsd0JBQXdCLENBQUM7WUFDcEUsU0FBUyxFQUFFLGlCQUFpQixDQUFDLGlDQUFpQztZQUM5RCxTQUFTLEVBQUUsR0FBRyxDQUFDLDRCQUE0QixDQUFDLE9BQU87U0FDcEQsQ0FBQyxDQUFDO1FBRUgsSUFBSSxpQkFBaUIsQ0FBQyw0QkFBNEIsRUFBRTtZQUNsRCxpQkFBaUIsQ0FBQywwQkFBMEIsQ0FBQyx3QkFBd0IsQ0FBQztnQkFDcEUsU0FBUyxFQUFFLGlCQUFpQixDQUFDLDRCQUE0QjtnQkFDekQsU0FBUyxFQUFFLEdBQUcsQ0FBQyw0QkFBNEIsQ0FBQyxLQUFLO2FBQ2xELENBQUMsQ0FBQztZQUVILElBQUksT0FBQSxpQkFBaUIsQ0FBQyxpQ0FBaUMsQ0FBQyxlQUFlLDBDQUFFLFNBQVMsTUFBSyxhQUFhLEVBQUU7Z0JBQ3BHLGlCQUFpQixDQUFDLGlDQUFpQyxDQUFDLHdCQUF3QixDQUFDO29CQUMzRSxTQUFTLEVBQUUsaUJBQWlCLENBQUMsNEJBQTRCO29CQUN6RCxTQUFTLEVBQUUsR0FBRyxDQUFDLDRCQUE0QixDQUFDLEtBQUs7aUJBQ2xELENBQUMsQ0FBQzthQUNKO1NBQ0Y7SUFDSCxDQUFDO0NBQ0Y7QUFqVkQsMEJBaVZDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgU3RhY2ssIER1cmF0aW9uLCBGbiB9IGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIGVjcyBmcm9tICdhd3MtY2RrLWxpYi9hd3MtZWNzJztcbmltcG9ydCAqIGFzIGxhbWJkYSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtbGFtYmRhJztcbmltcG9ydCAqIGFzIGxvZ3MgZnJvbSAnYXdzLWNkay1saWIvYXdzLWxvZ3MnO1xuaW1wb3J0ICogYXMgc3NtIGZyb20gJ2F3cy1jZGstbGliL2F3cy1zc20nO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5pbXBvcnQgeyBEYXRhRG9nTG9nZ2luZ01vZGUsIFJpb0ZhcmdhdGVTZXJ2aWNlIH0gZnJvbSAnLi9yaW8tZmFyZ2F0ZS1zZXJ2aWNlJztcblxuZXhwb3J0IGNsYXNzIERhdGFEb2cge1xuXG4gIHB1YmxpYyBzdGF0aWMgZ2V0RmFyZ2F0ZUNvbnRhaW5lckVudmlyb25tZW50VmFyaWFibGVzKFxuICAgIHNjb3BlOiBDb25zdHJ1Y3QsXG4gICAgc3RhZ2U6IHN0cmluZyxcbiAgICBzZXJ2aWNlTmFtZTogc3RyaW5nLFxuICAgIHZlcnNpb246IHN0cmluZyxcbiAgICBhY2NvdW50TmFtZTogc3RyaW5nLFxuICAgIHRlYW1OYW1lOiBzdHJpbmcsXG4gICk6IHsgW2tleTogc3RyaW5nXTogc3RyaW5nIH0ge1xuXG4gICAgY29uc3QgeyBhY2NvdW50OiBhY2NvdW50SWQsIHJlZ2lvbiB9ID0gU3RhY2sub2Yoc2NvcGUpO1xuXG4gICAgcmV0dXJuIHtcbiAgICAgIC8vIHVuaWZpZWQgdGFnZ2luZywgc2VlIGh0dHBzOi8vZG9jcy5kYXRhZG9naHEuY29tL2dldHRpbmdfc3RhcnRlZC90YWdnaW5nL3VuaWZpZWRfc2VydmljZV90YWdnaW5nLz90YWI9ZWNzXG4gICAgICBERF9FTlY6IHN0YWdlLFxuICAgICAgRERfU0VSVklDRTogc2VydmljZU5hbWUsXG4gICAgICBERF9WRVJTSU9OOiB2ZXJzaW9uLFxuICAgICAgLy8gQVBNIGFuZCB0cmFjaW5nLCBzZWUgaHR0cHM6Ly9kb2NzLmRhdGFkb2docS5jb20vdHJhY2luZy9zZXR1cF9vdmVydmlldy9zZXR1cC9qYXZhLz90YWI9Y29udGFpbmVyc1xuICAgICAgRERfTE9HU19JTkpFQ1RJT046ICd0cnVlJyxcbiAgICAgIEREX1NFUlZJQ0VfTUFQUElORzogdGhpcy5nZXRBcG1TZXJ2aWNlTWFwcGluZ0Vudmlyb25tZW50VmFyaWFibGVWYWx1ZShzZXJ2aWNlTmFtZSksXG4gICAgICBERF9UQUdTOiB0aGlzLmdldFRhZ3NFbnZpcm9ubWVudFZhcmlhYmxlVmFsdWUoXG4gICAgICAgIGFjY291bnRJZCxcbiAgICAgICAgYWNjb3VudE5hbWUsXG4gICAgICAgIHJlZ2lvbixcbiAgICAgICAgdGVhbU5hbWUsXG4gICAgICAgIHN0YWdlLFxuICAgICAgICBzZXJ2aWNlTmFtZSxcbiAgICAgICAgdmVyc2lvbixcbiAgICAgICAgJ3NlcnZpY2UnLFxuICAgICAgKSxcbiAgICAgIEREX1RSQUNFX1NBTVBMRV9SQVRFOiAnMS4wJywgLy8gc2VlIGh0dHBzOi8vZGR0cmFjZS5yZWFkdGhlZG9jcy5pby9lbi9zdGFibGUvY29uZmlndXJhdGlvbi5odG1sXG4gICAgfTtcbiAgfVxuXG4gIC8vIHdlIGFkZCBhbGwgcG9zc2libGUgc2VydmljZSBtYXBwaW5ncyBoZXJlIGV2ZW4gaWYgbm90IHVzZWQgaW4gYSBwYXJ0aWN1bGFyIHNlcnZpY2UgdG8gZ2V0IGdsb2JhbGx5IHVuaXF1ZSBuYW1lc1xuICBzdGF0aWMgZ2V0QXBtU2VydmljZU1hcHBpbmdFbnZpcm9ubWVudFZhcmlhYmxlVmFsdWUoc2VydmljZU5hbWU6IHN0cmluZyk6IHN0cmluZyB7XG5cbiAgICBjb25zdCBzZXJ2aWNlTWFwcGluZyA9IHtcbiAgICAgICdkYXRhYmFzZSc6IGAke3NlcnZpY2VOYW1lfS1hdXJvcmFgLFxuICAgICAgJ2phdmEtYXdzLXNkayc6IGAke3NlcnZpY2VOYW1lfS1hd3Mtc2RrYCxcbiAgICAgICdrYWZrYSc6IGAke3NlcnZpY2VOYW1lfS1rYWZrYWAsXG4gICAgICAnbXlzcWwnOiBgJHtzZXJ2aWNlTmFtZX0tYXVyb3JhYCxcbiAgICAgICdyZWRpcyc6IGAke3NlcnZpY2VOYW1lfS1yZWRpc2AsXG4gICAgfTtcblxuICAgIHJldHVybiBPYmplY3QuZW50cmllcyhzZXJ2aWNlTWFwcGluZylcbiAgICAgIC5tYXAoKFtrZXksIHZhbHVlXSkgPT4gYCR7a2V5fToke3ZhbHVlfWApXG4gICAgICAuam9pbignLCcpO1xuICB9XG5cbiAgcHVibGljIHN0YXRpYyBnZXRGYXJnYXRlRG9ja2VyTGFiZWxzKHN0YWdlOiBzdHJpbmcsIHNlcnZpY2VOYW1lOiBzdHJpbmcsIHZlcnNpb246IHN0cmluZyk6IHsgW2tleTogc3RyaW5nXTogc3RyaW5nIH0ge1xuICAgIHJldHVybiB7XG4gICAgICAnY29tLmRhdGFkb2docS50YWdzLmVudic6IHN0YWdlLFxuICAgICAgJ2NvbS5kYXRhZG9naHEudGFncy5zZXJ2aWNlJzogc2VydmljZU5hbWUsXG4gICAgICAnY29tLmRhdGFkb2docS50YWdzLnZlcnNpb24nOiB2ZXJzaW9uLFxuICAgIH07XG4gIH1cblxuICBwdWJsaWMgc3RhdGljIGFkZERhdGFkb2dTaWRlY2FyKFxuICAgIHNjb3BlOiBDb25zdHJ1Y3QsXG4gICAgdGFza0RlZmluaXRpb246IGVjcy5UYXNrRGVmaW5pdGlvbixcbiAgICBhY2NvdW50TmFtZTogc3RyaW5nLFxuICAgIHRlYW1OYW1lOiBzdHJpbmcsXG4gICAgc3RhZ2U6IHN0cmluZyxcbiAgICBzZXJ2aWNlTmFtZTogc3RyaW5nLFxuICAgIHZlcnNpb246IHN0cmluZyxcbiAgICBkYXRhZG9nQXBpS2V5UGFyYW1ldGVyOiBzc20uSVN0cmluZ1BhcmFtZXRlcixcbiAgICBkYXRhZG9nU2l0ZTogc3RyaW5nLFxuICAgIGRhdGFkb2dMb2dnaW5nTW9kZTogRGF0YURvZ0xvZ2dpbmdNb2RlLFxuICAgIGFwbUdldFJlc291cmNlc1RvSWdub3JlOiBzdHJpbmdbXSxcbiAgICBjcHU6IG51bWJlcixcbiAgICBtZW1vcnlMaW1pdE1pQjogbnVtYmVyLFxuICAgIGVzc2VudGlhbDogYm9vbGVhbixcbiAgICBjb250YWluZXJUYWc6IHN0cmluZyxcbiAgKTogZWNzLkNvbnRhaW5lckRlZmluaXRpb24ge1xuXG4gICAgY29uc3QgeyBhY2NvdW50OiBhY2NvdW50SWQsIHJlZ2lvbiB9ID0gU3RhY2sub2Yoc2NvcGUpO1xuICAgIGNvbnN0IGRhdGFkb2dTaWRlY2FyID0gdGFza0RlZmluaXRpb24uYWRkQ29udGFpbmVyKCdkYXRhZG9nLWFnZW50Jywge1xuICAgICAgaW1hZ2U6IGVjcy5Db250YWluZXJJbWFnZS5mcm9tUmVnaXN0cnkoYHB1YmxpYy5lY3IuYXdzL2RhdGFkb2cvYWdlbnQ6JHtjb250YWluZXJUYWd9YCksXG4gICAgICBsb2dnaW5nOiB0aGlzLnNldHVwTG9nZ2luZyhcbiAgICAgICAgc2NvcGUsXG4gICAgICAgIGFjY291bnROYW1lLFxuICAgICAgICB0ZWFtTmFtZSxcbiAgICAgICAgc3RhZ2UsXG4gICAgICAgIHNlcnZpY2VOYW1lLFxuICAgICAgICB2ZXJzaW9uLFxuICAgICAgICBkYXRhZG9nQXBpS2V5UGFyYW1ldGVyLFxuICAgICAgICBkYXRhZG9nTG9nZ2luZ01vZGUsXG4gICAgICAgIGRhdGFkb2dTaXRlLFxuICAgICAgICAnZGF0YWRvZy1zaWRlY2FyJyxcbiAgICAgICksXG4gICAgICBjcHUsXG4gICAgICBtZW1vcnlMaW1pdE1pQixcbiAgICAgIGVudmlyb25tZW50OiB7XG4gICAgICAgIC8vIHVuaWZpZWQgdGFnZ2luZywgc2VlIGh0dHBzOi8vZG9jcy5kYXRhZG9naHEuY29tL2dldHRpbmdfc3RhcnRlZC90YWdnaW5nL3VuaWZpZWRfc2VydmljZV90YWdnaW5nLz90YWI9ZWNzXG4gICAgICAgIEREX0VOVjogc3RhZ2UsXG4gICAgICAgIEREX1NFUlZJQ0U6IHNlcnZpY2VOYW1lLFxuICAgICAgICBERF9WRVJTSU9OOiB2ZXJzaW9uLFxuICAgICAgICAvLyBBUE0gYW5kIHRyYWNpbmcgc2VlIGh0dHBzOi8vZG9jcy5kYXRhZG9naHEuY29tL2FnZW50L2RvY2tlci9hcG0vP3RhYj1saW51eFxuICAgICAgICBERF9BUE1fRU5BQkxFRDogJ3RydWUnLFxuICAgICAgICBERF9BUE1fSUdOT1JFX1JFU09VUkNFUzogYXBtR2V0UmVzb3VyY2VzVG9JZ25vcmVcbiAgICAgICAgICAubWFwKChhcG1HZXRSZXNvdXJjZVRvSWdub3JlKSA9PiBgR0VUICR7YXBtR2V0UmVzb3VyY2VUb0lnbm9yZX1gKVxuICAgICAgICAgIC5qb2luKCcsJyksXG4gICAgICAgIC8vIGdlbmVyYWwgc2V0dGluZ3NcbiAgICAgICAgRERfU0lURTogZGF0YWRvZ1NpdGUsXG4gICAgICAgIEREX1RBR1M6IHRoaXMuZ2V0VGFnc0Vudmlyb25tZW50VmFyaWFibGVWYWx1ZShcbiAgICAgICAgICBhY2NvdW50SWQsXG4gICAgICAgICAgYWNjb3VudE5hbWUsXG4gICAgICAgICAgcmVnaW9uLFxuICAgICAgICAgIHRlYW1OYW1lLFxuICAgICAgICAgIHN0YWdlLFxuICAgICAgICAgIHNlcnZpY2VOYW1lLFxuICAgICAgICAgIHZlcnNpb24sXG4gICAgICAgICAgJ2RhdGFkb2ctc2lkZWNhcicsXG4gICAgICAgICksXG4gICAgICAgIEVDU19GQVJHQVRFOiAndHJ1ZScsXG4gICAgICAgIEREX0NPTExFQ1RfR0NFX1RBR1M6ICdmYWxzZScsXG4gICAgICB9LFxuICAgICAgLy8gc2VlIGh0dHBzOi8vZ2l0aHViLmNvbS9EYXRhRG9nL2RhdGFkb2ctYWdlbnQvYmxvYi9tYXN0ZXIvRG9ja2VyZmlsZXMvYWdlbnQvYW1kNjQvRG9ja2VyZmlsZSNMMTcxLUwxNzJcbiAgICAgIGhlYWx0aENoZWNrOiB7XG4gICAgICAgIHN0YXJ0UGVyaW9kOiBEdXJhdGlvbi5taW51dGVzKDIpLFxuICAgICAgICBpbnRlcnZhbDogRHVyYXRpb24uc2Vjb25kcygzMCksXG4gICAgICAgIHRpbWVvdXQ6IER1cmF0aW9uLnNlY29uZHMoNSksXG4gICAgICAgIHJldHJpZXM6IDIsXG4gICAgICAgIGNvbW1hbmQ6IFsnQ01ELVNIRUxMJywgJy9wcm9iZS5zaCddLFxuICAgICAgfSxcbiAgICAgIHNlY3JldHM6IHtcbiAgICAgICAgRERfQVBJX0tFWTogZWNzLlNlY3JldC5mcm9tU3NtUGFyYW1ldGVyKGRhdGFkb2dBcGlLZXlQYXJhbWV0ZXIpLFxuICAgICAgfSxcbiAgICAgIGVzc2VudGlhbDogZXNzZW50aWFsLFxuICAgIH0pO1xuXG4gICAgZGF0YWRvZ1NpZGVjYXIuYWRkUG9ydE1hcHBpbmdzKHtcbiAgICAgIGNvbnRhaW5lclBvcnQ6IDgxMjUsXG4gICAgICBwcm90b2NvbDogZWNzLlByb3RvY29sLlVEUCxcbiAgICB9KTtcblxuICAgIGRhdGFkb2dTaWRlY2FyLmFkZFBvcnRNYXBwaW5ncyh7XG4gICAgICBjb250YWluZXJQb3J0OiA4MTI2LFxuICAgICAgcHJvdG9jb2w6IGVjcy5Qcm90b2NvbC5UQ1AsXG4gICAgfSk7XG5cbiAgICByZXR1cm4gZGF0YWRvZ1NpZGVjYXI7XG4gIH1cblxuICBzdGF0aWMgZ2V0VGFnc0Vudmlyb25tZW50VmFyaWFibGVWYWx1ZShcbiAgICBhY2NvdW50SWQ6IHN0cmluZyxcbiAgICBhY2NvdW50TmFtZTogc3RyaW5nLFxuICAgIHJlZ2lvbjogc3RyaW5nLFxuICAgIHRlYW1OYW1lOiBzdHJpbmcsXG4gICAgc3RhZ2U6IHN0cmluZyxcbiAgICBzZXJ2aWNlTmFtZTogc3RyaW5nLFxuICAgIHZlcnNpb246IHN0cmluZyxcbiAgICBjb250YWluZXJUeXBlOiAnc2VydmljZScgfCAnZGF0YWRvZy1zaWRlY2FyJyB8ICdmbHVlbnQtYml0JyxcbiAgKTogc3RyaW5nIHtcblxuICAgIGxldCBzZXBhcmF0b3I6IHN0cmluZztcblxuICAgIHN3aXRjaCAoY29udGFpbmVyVHlwZSkge1xuXG4gICAgICBjYXNlICdzZXJ2aWNlJzpcbiAgICAgICAgc2VwYXJhdG9yID0gJywnO1xuICAgICAgICBicmVhaztcblxuICAgICAgY2FzZSAnZGF0YWRvZy1zaWRlY2FyJzpcbiAgICAgICAgc2VwYXJhdG9yID0gJyAnO1xuICAgICAgICBicmVhaztcblxuICAgICAgY2FzZSAnZmx1ZW50LWJpdCc6XG4gICAgICAgIHNlcGFyYXRvciA9ICcsJztcbiAgICAgICAgYnJlYWs7XG4gICAgfVxuXG4gICAgY29uc3QgdGFncyA9IHtcbiAgICAgIC8vIHVuaWZpZWQgdGFnZ2luZ1xuICAgICAgLy8gb3ZlcnJpZGRlbiBieSBkZWRpY2F0ZWQgc2V0dGluZ3MgKGVudmlyb25tZW50IHZhcmlhYmxlcy90YWdzKVxuICAgICAgLy8gZHVwbGljYXRlZCBoZXJlIHRvIGVuc3VyZSB0aGV5IGFyZSB1c2VkIChhbmQgc29tZXRpbWVzLCBub3QgYWxsIHRocmVlIHZhbHVlcyBhcmUgc3VwcG9ydGVkKVxuICAgICAgZW52OiBzdGFnZSxcbiAgICAgIHNlcnZpY2U6IHNlcnZpY2VOYW1lLFxuICAgICAgdmVyc2lvbixcbiAgICAgIC8vIGFjY291bnQvdGVhbSBzcGVjaWZpYyBwYXJ0c1xuICAgICAgYWNjb3VudF9pZDogYWNjb3VudElkLFxuICAgICAgYWNjb3VudF9uYW1lOiBhY2NvdW50TmFtZSxcbiAgICAgIHJlZ2lvbixcbiAgICAgIHRlYW06IHRlYW1OYW1lLFxuICAgIH07XG4gICAgcmV0dXJuIE9iamVjdC5lbnRyaWVzKHRhZ3MpXG4gICAgICAubWFwKChba2V5LCB2YWx1ZV0pID0+IGAke2tleX06JHt2YWx1ZX1gKVxuICAgICAgLmpvaW4oc2VwYXJhdG9yKTtcbiAgfVxuXG4gIHB1YmxpYyBzdGF0aWMgYWRkRmlyZUxlbnNMb2dSb3V0ZXIoXG4gICAgdGFza0RlZmluaXRpb246IGVjcy5UYXNrRGVmaW5pdGlvbixcbiAgICBjcHU6IG51bWJlcixcbiAgICBtZW1vcnlMaW1pdE1pQjogbnVtYmVyLFxuICApOiBlY3MuQ29udGFpbmVyRGVmaW5pdGlvbiB7XG5cbiAgICByZXR1cm4gdGFza0RlZmluaXRpb24uYWRkRmlyZWxlbnNMb2dSb3V0ZXIoJ2ZpcmVsZW5zLWxvZy1yb3V0ZXInLCB7XG4gICAgICBpbWFnZTogZWNzLkNvbnRhaW5lckltYWdlLmZyb21SZWdpc3RyeSgncHVibGljLmVjci5hd3MvYXdzLW9ic2VydmFiaWxpdHkvYXdzLWZvci1mbHVlbnQtYml0OmxhdGVzdCcpLFxuICAgICAgZmlyZWxlbnNDb25maWc6IHtcbiAgICAgICAgdHlwZTogZWNzLkZpcmVsZW5zTG9nUm91dGVyVHlwZS5GTFVFTlRCSVQsXG4gICAgICAgIG9wdGlvbnM6IHtcbiAgICAgICAgICBjb25maWdGaWxlVHlwZTogZWNzLkZpcmVsZW5zQ29uZmlnRmlsZVR5cGUuRklMRSxcbiAgICAgICAgICBjb25maWdGaWxlVmFsdWU6ICcvZmx1ZW50LWJpdC9jb25maWdzL3BhcnNlLWpzb24uY29uZicsXG4gICAgICAgICAgZW5hYmxlRUNTTG9nTWV0YWRhdGE6IHRydWUsXG4gICAgICAgIH0sXG4gICAgICB9LFxuICAgICAgY3B1LFxuICAgICAgbWVtb3J5TGltaXRNaUIsXG4gICAgfSk7XG4gIH1cblxuICBwdWJsaWMgc3RhdGljIHNldHVwTG9nZ2luZyhcbiAgICBzY29wZTogQ29uc3RydWN0LFxuICAgIGFjY291bnROYW1lOiBzdHJpbmcsXG4gICAgdGVhbU5hbWU6IHN0cmluZyxcbiAgICBzdGFnZTogc3RyaW5nLFxuICAgIHNlcnZpY2VOYW1lOiBzdHJpbmcsXG4gICAgdmVyc2lvbjogc3RyaW5nLFxuICAgIGRhdGFkb2dBcGlLZXlQYXJhbWV0ZXI6IHNzbS5JU3RyaW5nUGFyYW1ldGVyLFxuICAgIGRhdGFkb2dMb2dnaW5nTW9kZTogRGF0YURvZ0xvZ2dpbmdNb2RlLFxuICAgIGRhdGFkb2dTaXRlOiBzdHJpbmcsXG4gICAgY29udGFpbmVyVHlwZTogJ3NlcnZpY2UnIHwgJ2RhdGFkb2ctc2lkZWNhcicsXG4gICk6IGVjcy5Mb2dEcml2ZXIge1xuXG4gICAgbGV0IGxvZ0dyb3VwTmFtZTogc3RyaW5nO1xuICAgIGxldCBsb2dHcm91cElkOiBzdHJpbmc7XG4gICAgbGV0IGNvbnRhaW5lclR5cGVDYW1lbENhc2U7XG5cbiAgICBzd2l0Y2ggKGNvbnRhaW5lclR5cGUpIHtcblxuICAgICAgY2FzZSAnc2VydmljZSc6XG4gICAgICAgIGxvZ0dyb3VwSWQgPSAnTG9nR3JvdXBGb3JTZXJ2aWNlJztcbiAgICAgICAgbG9nR3JvdXBOYW1lID0gc2VydmljZU5hbWU7XG4gICAgICAgIGNvbnRhaW5lclR5cGVDYW1lbENhc2UgPSAnU2VydmljZSc7XG4gICAgICAgIGJyZWFrO1xuXG4gICAgICBjYXNlICdkYXRhZG9nLXNpZGVjYXInOlxuICAgICAgICBsb2dHcm91cElkID0gJ0xvZ0dyb3VwRm9yRGF0YWRvZ1NpZGVjYXInO1xuICAgICAgICBsb2dHcm91cE5hbWUgPSBgJHtzZXJ2aWNlTmFtZX0tJHtjb250YWluZXJUeXBlfWA7XG4gICAgICAgIGNvbnRhaW5lclR5cGVDYW1lbENhc2UgPSAnRGF0YWRvZ1NpZGVjYXInO1xuICAgICAgICBicmVhaztcbiAgICB9XG5cbiAgICBjb25zdCB7IGFjY291bnQ6IGFjY291bnRJZCwgcmVnaW9uIH0gPSBTdGFjay5vZihzY29wZSk7XG5cbiAgICBzd2l0Y2ggKGRhdGFkb2dMb2dnaW5nTW9kZSkge1xuXG4gICAgICBjYXNlIERhdGFEb2dMb2dnaW5nTW9kZS5BV1NfRklSRV9MRU5TOlxuICAgICAgICAvLyBUT0RPIGNhbiB3ZSB1c2UgYHNlY3JldE9wdGlvbnNgIGhlcmUgYXMgd2VsbCwgZS5nLiBhcyBpbiBodHRwczovL2dpdGh1Yi5jb20vYXdzLXNhbXBsZXMvYW1hem9uLWVjcy1maXJlbGVucy1leGFtcGxlcy9ibG9iL21haW5saW5lL2V4YW1wbGVzL2ZsdWVudC1iaXQvZGF0YWRvZy90YXNrLWRlZmluaXRpb24uanNvbiNMMzMtTDM2XG4gICAgICAgIC8vIFByb2JhYmx5IG5vdCwgc2VlIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9pc3N1ZXMvODE3NFxuICAgICAgICByZXR1cm4gZWNzLkxvZ0RyaXZlcnMuZmlyZWxlbnMoe1xuICAgICAgICAgIC8vIHNlZSBodHRwczovL2RvY3MuZGF0YWRvZ2hxLmNvbS9pbnRlZ3JhdGlvbnMvZmx1ZW50Yml0LyNjb25maWd1cmF0aW9uLXBhcmFtZXRlcnNcbiAgICAgICAgICBvcHRpb25zOiB7XG4gICAgICAgICAgICBOYW1lOiAnZGF0YWRvZycsXG4gICAgICAgICAgICBNYXRjaDogJyonLFxuICAgICAgICAgICAgSG9zdDogYGh0dHAtaW50YWtlLmxvZ3MuJHtkYXRhZG9nU2l0ZX1gLFxuICAgICAgICAgICAgVExTOiAnb24nLFxuICAgICAgICAgICAgYXBpa2V5OiBkYXRhZG9nQXBpS2V5UGFyYW1ldGVyLnN0cmluZ1ZhbHVlLFxuICAgICAgICAgICAgY29tcHJlc3M6ICdnemlwJyxcbiAgICAgICAgICAgIGRkX3NlcnZpY2U6IGxvZ0dyb3VwTmFtZSxcbiAgICAgICAgICAgIGRkX3NvdXJjZTogJ3Jpby1mYXJnYXRlJyxcbiAgICAgICAgICAgIGRkX21lc3NhZ2Vfa2V5OiAnbG9nJyxcbiAgICAgICAgICAgIGRkX3RhZ3M6IHRoaXMuZ2V0VGFnc0Vudmlyb25tZW50VmFyaWFibGVWYWx1ZShcbiAgICAgICAgICAgICAgYWNjb3VudElkLFxuICAgICAgICAgICAgICBhY2NvdW50TmFtZSxcbiAgICAgICAgICAgICAgcmVnaW9uLFxuICAgICAgICAgICAgICB0ZWFtTmFtZSxcbiAgICAgICAgICAgICAgc3RhZ2UsXG4gICAgICAgICAgICAgIHNlcnZpY2VOYW1lLFxuICAgICAgICAgICAgICB2ZXJzaW9uLFxuICAgICAgICAgICAgICAnZmx1ZW50LWJpdCcsXG4gICAgICAgICAgICApLFxuICAgICAgICAgICAgcHJvdmlkZXI6ICdlY3MnLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0pO1xuXG4gICAgICBjYXNlIERhdGFEb2dMb2dnaW5nTW9kZS5GT1JXQVJERVJfTEFNQkRBOlxuICAgICAgICBjb25zdCBsb2dHcm91cEZvckZvcndhcmRpbmdMYW1iZGEgPSBuZXcgbG9ncy5Mb2dHcm91cChzY29wZSwgbG9nR3JvdXBJZCwge1xuICAgICAgICAgIGxvZ0dyb3VwTmFtZSxcbiAgICAgICAgICByZXRlbnRpb246IGxvZ3MuUmV0ZW50aW9uRGF5cy5PTkVfV0VFSyxcbiAgICAgICAgfSk7XG4gICAgICAgIGNvbnN0IGxvZ0ZvcndhcmRlckxhbWJkYUFybiA9IEZuLmltcG9ydFZhbHVlKCdjdXN0b20tcmVzb3VyY2UtZGF0YWRvZy1sb2dmb3J3YXJkZXItZnVuY3Rpb24tYXJuJyk7XG4gICAgICAgIGNvbnN0IGNmblBlcm1pc3Npb24gPSBuZXcgbGFtYmRhLkNmblBlcm1pc3Npb24oc2NvcGUsIGBMb2dGb3J3YXJkZXJQZXJtaXNzaW9uJHtjb250YWluZXJUeXBlQ2FtZWxDYXNlfWAsIHtcbiAgICAgICAgICBhY3Rpb246ICdsYW1iZGE6SW52b2tlRnVuY3Rpb24nLFxuICAgICAgICAgIGZ1bmN0aW9uTmFtZTogbG9nRm9yd2FyZGVyTGFtYmRhQXJuLFxuICAgICAgICAgIHByaW5jaXBhbDogYGxvZ3MuJHtyZWdpb259LmFtYXpvbmF3cy5jb21gLFxuICAgICAgICAgIHNvdXJjZUFybjogbG9nR3JvdXBGb3JGb3J3YXJkaW5nTGFtYmRhLmxvZ0dyb3VwQXJuLFxuICAgICAgICB9KTtcbiAgICAgICAgY29uc3QgY2ZuU3Vic2NyaXB0aW9uRmlsdGVyID0gbmV3IGxvZ3MuQ2ZuU3Vic2NyaXB0aW9uRmlsdGVyKFxuICAgICAgICAgIHNjb3BlLFxuICAgICAgICAgIGBMb2dGb3J3YXJkZXJTdWJzY3JpcHRpb25GaWx0ZXIke2NvbnRhaW5lclR5cGVDYW1lbENhc2V9YCxcbiAgICAgICAgICB7XG4gICAgICAgICAgICBkZXN0aW5hdGlvbkFybjogbG9nRm9yd2FyZGVyTGFtYmRhQXJuLFxuICAgICAgICAgICAgZmlsdGVyUGF0dGVybjogJycsXG4gICAgICAgICAgICBsb2dHcm91cE5hbWU6IGxvZ0dyb3VwRm9yRm9yd2FyZGluZ0xhbWJkYS5sb2dHcm91cE5hbWUsXG4gICAgICAgICAgfSxcbiAgICAgICAgKTtcbiAgICAgICAgY2ZuU3Vic2NyaXB0aW9uRmlsdGVyLmFkZERlcGVuZHNPbihjZm5QZXJtaXNzaW9uKTtcbiAgICAgICAgcmV0dXJuIGVjcy5Mb2dEcml2ZXJzLmF3c0xvZ3Moe1xuICAgICAgICAgIHN0cmVhbVByZWZpeDogY29udGFpbmVyVHlwZSxcbiAgICAgICAgICBsb2dHcm91cDogbG9nR3JvdXBGb3JGb3J3YXJkaW5nTGFtYmRhLFxuICAgICAgICB9KTtcblxuICAgICAgY2FzZSBEYXRhRG9nTG9nZ2luZ01vZGUuTk9ORTpcbiAgICAgICAgY29uc3QgbG9nR3JvdXBJbkNsb3Vkd2F0Y2hPbmx5ID0gbmV3IGxvZ3MuTG9nR3JvdXAoc2NvcGUsIGxvZ0dyb3VwSWQsIHtcbiAgICAgICAgICByZXRlbnRpb246IGxvZ3MuUmV0ZW50aW9uRGF5cy5PTkVfV0VFSyxcbiAgICAgICAgfSk7XG4gICAgICAgIHJldHVybiBlY3MuTG9nRHJpdmVycy5hd3NMb2dzKHtcbiAgICAgICAgICBzdHJlYW1QcmVmaXg6IGNvbnRhaW5lclR5cGUsXG4gICAgICAgICAgbG9nR3JvdXA6IGxvZ0dyb3VwSW5DbG91ZHdhdGNoT25seSxcbiAgICAgICAgfSk7XG4gICAgfVxuICB9XG5cbiAgcHVibGljIHN0YXRpYyBlbnN1cmVMb2dnaW5nQW5kTW9uaXRvcmluZ0FyZVJlYWR5QmVmb3JlU2VydmljZVN0YXJ0cyhyaW9GYXJnYXRlU2VydmljZTogUmlvRmFyZ2F0ZVNlcnZpY2UpIHtcblxuICAgIHJpb0ZhcmdhdGVTZXJ2aWNlLnNlcnZpY2VDb250YWluZXJEZWZpbml0aW9uLmFkZENvbnRhaW5lckRlcGVuZGVuY2llcyh7XG4gICAgICBjb250YWluZXI6IHJpb0ZhcmdhdGVTZXJ2aWNlLmRhdGFkb2dTaWRlQ2FyQ29udGFpbmVyRGVmaW5pdGlvbixcbiAgICAgIGNvbmRpdGlvbjogZWNzLkNvbnRhaW5lckRlcGVuZGVuY3lDb25kaXRpb24uSEVBTFRIWSxcbiAgICB9KTtcblxuICAgIGlmIChyaW9GYXJnYXRlU2VydmljZS5sb2dSb3V0ZXJDb250YWluZXJEZWZpbml0aW9uKSB7XG4gICAgICByaW9GYXJnYXRlU2VydmljZS5zZXJ2aWNlQ29udGFpbmVyRGVmaW5pdGlvbi5hZGRDb250YWluZXJEZXBlbmRlbmNpZXMoe1xuICAgICAgICBjb250YWluZXI6IHJpb0ZhcmdhdGVTZXJ2aWNlLmxvZ1JvdXRlckNvbnRhaW5lckRlZmluaXRpb24sXG4gICAgICAgIGNvbmRpdGlvbjogZWNzLkNvbnRhaW5lckRlcGVuZGVuY3lDb25kaXRpb24uU1RBUlQsXG4gICAgICB9KTtcblxuICAgICAgaWYgKHJpb0ZhcmdhdGVTZXJ2aWNlLmRhdGFkb2dTaWRlQ2FyQ29udGFpbmVyRGVmaW5pdGlvbi5sb2dEcml2ZXJDb25maWc/LmxvZ0RyaXZlciA9PT0gJ2F3c2ZpcmVsZW5zJykge1xuICAgICAgICByaW9GYXJnYXRlU2VydmljZS5kYXRhZG9nU2lkZUNhckNvbnRhaW5lckRlZmluaXRpb24uYWRkQ29udGFpbmVyRGVwZW5kZW5jaWVzKHtcbiAgICAgICAgICBjb250YWluZXI6IHJpb0ZhcmdhdGVTZXJ2aWNlLmxvZ1JvdXRlckNvbnRhaW5lckRlZmluaXRpb24sXG4gICAgICAgICAgY29uZGl0aW9uOiBlY3MuQ29udGFpbmVyRGVwZW5kZW5jeUNvbmRpdGlvbi5TVEFSVCxcbiAgICAgICAgfSk7XG4gICAgICB9XG4gICAgfVxuICB9XG59XG5cbiJdfQ==

package/lib/fargate/rio-fargate-service.d.ts

@@ -0,0 +1,276 @@
+import { Duration } from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as ecs from 'aws-cdk-lib/aws-ecs';
+import * as elbv2 from 'aws-cdk-lib/aws-elasticloadbalancingv2';
+import { Construct } from 'constructs';
+/**
+ * Fargate Task Definition Properties.
+ */
+export interface RioFargateServiceProps {
+    /**
+     * The stage of the service, e.g. 'prod'.
+     */
+    readonly stage: string;
+    /**
+     * The Name of the service.
+     */
+    readonly serviceName: string;
+    /**
+     * The version of the service, e.g. the git hash of the corresponding commit.
+     */
+    readonly version: string;
+    /**
+     * The frameworks in uses.
+     *
+     * @default - No frameworks.
+     */
+    readonly frameworks?: Framework[];
+    /**
+     * The VPC of the service.
+     */
+    readonly vpc: ec2.IVpc;
+    /**
+     * Container definition options like image, cpu, memory.
+     */
+    readonly containerDefinitionOption: ContainerDefinitionOptions;
+    /**
+     * Fargate Task Definition Properties.
+     */
+    readonly fargateOptions: FargateTaskDefinitionProps;
+    /**
+     * Loadbalancer options.
+     */
+    readonly loadBalancerOptions?: LoadBalancerOptions;
+    /**
+     * Datadog integration properties
+     */
+    readonly datadogOptions?: DatadogIntegrationProps;
+}
+export declare enum Framework {
+    /**
+     * Spring Framework, Spring Boot, and Spring Cloud AWS.
+     */
+    SPRING = 0
+}
+export interface ContainerDefinitionOptions {
+    /**
+     * The image used to start a container.
+     *
+     * This string is passed directly to the Docker daemon.
+     * Images in the Docker Hub registry are available by default.
+     * Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
+     */
+    readonly image: ecs.ContainerImage;
+    /**
+     * The environment variables to pass to the container.
+     *
+     * Environment variables set by default are overwritten if passed.
+     *
+     * The default environment variables set are
+     *
+     * DD_ENV: Set same as prop stage
+     *
+     * DD_SERVICE: Set same as prop serviceName
+     *
+     * DD_VERSION: Set same as prop version
+     *
+     * DD_LOGS_INJECTION: true
+     *
+     * DD_SERVICE_MAPPING: database:fargate-web-app-aurora,java-aws-sdk:fargate-web-app-aws-sdk,kafka:fargate-web-app-kafka,mysql:fargate-web-app-aurora
+     *
+     * DD_TAGS: env:prod,service:fargate-web-app,version:notag,account_id:${accountID},account_name:${accountName},region:${AWSRegion},team:${teamName from ssm param /config/team/name}
+     *
+     * DD_TRACE_SAMPLE_RATE: 1.0
+     *
+     * @default - No environment variables.
+     */
+    readonly environment?: {
+        [key: string]: string;
+    };
+    /**
+     * The secret environment variables to pass to the container.
+     *
+     * @default - No secret environment variables.
+     */
+    readonly secrets?: {
+        [key: string]: ecs.Secret;
+    };
+    /**
+     * The health check command and associated configuration parameters for the container.
+     *
+     * @default - Health check configuration from container.
+     */
+    readonly healthCheck?: ecs.HealthCheck;
+}
+export interface FargateTaskDefinitionProps {
+    /**
+     * The number of cpu units used by the task. For tasks using the Fargate launch type,
+     * this field is required and you must use one of the following values,
+     * which determines your range of valid values for the memory parameter:
+     *
+     * 256 (.25 vCPU) - Available memory values: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB)
+     *
+     * 512 (.5 vCPU) - Available memory values: 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB)
+     *
+     * 1024 (1 vCPU) - Available memory values: 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB)
+     *
+     * 2048 (2 vCPU) - Available memory values: Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB)
+     *
+     * 4096 (4 vCPU) - Available memory values: Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB)
+     *
+     * @default 512
+     */
+    readonly cpu: number;
+    /**
+     * The amount (in MiB) of memory used by the task. For tasks using the Fargate launch type,
+     * this field is required and you must use one of the following values, which determines your range of valid values for the cpu parameter:
+     *
+     * 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available cpu values: 256 (.25 vCPU)
+     *
+     * 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available cpu values: 512 (.5 vCPU)
+     *
+     * 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available cpu values: 1024 (1 vCPU)
+     *
+     * Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available cpu values: 2048 (2 vCPU)
+     *
+     * Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available cpu values: 4096 (4 vCPU)
+     *
+     * @default 1024
+     */
+    readonly memoryLimitMiB: number;
+    /**
+     * Desired count of running tasks
+     *
+     * @default - When creating the service, default is 1; when updating the service, default uses
+     * the current task number.
+     */
+    readonly desiredCount?: number;
+}
+export interface ListenerRule {
+    readonly priority: number;
+    readonly conditions: elbv2.ListenerCondition[];
+}
+export interface LoadBalancerOptions {
+    /**
+     * Listener for an Application Load Balancer
+     */
+    readonly listener: elbv2.IApplicationListener;
+    /**
+     * One or more path patterns to compare against the request URL.
+     * The maximum size of each string is 128 characters.
+     * The comparison is case sensitive.
+     * The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).
+     *
+     * Update requires: No interruption
+     */
+    readonly listenerRules: ListenerRule[];
+    /**
+     *  Health check options.
+     */
+    readonly healthCheck: elbv2.HealthCheck;
+    /**
+     *  Health check grace period.
+     */
+    readonly healthCheckGracePeriod: Duration;
+    /**
+     * The time period during which the load balancer sends a newly registered target a linearly increasing share of the traffic to the target group.
+  
+     *The range is 30-900 seconds (15 minutes).
+  
+     * @default undefined
+    */
+    readonly slowStart?: Duration;
+    /**
+     * The amount of time for Elastic Load Balancing to wait before deregistering a target.
+  
+     * The range is 0-3600 seconds.
+  
+     * @default 5
+    */
+    readonly deregistrationDelay?: Duration;
+}
+export interface DatadogIntegrationProps {
+    /**
+     * The minimum number of CPU units to reserve for the container.
+     *
+     * @default - 64
+     */
+    readonly cpu?: number;
+    /**
+     * The amount (in MiB) of memory to present to the container.
+     *
+     * If your container attempts to exceed the allocated memory, the container
+     * is terminated.
+     *
+     * At least one of memoryLimitMiB and memoryReservationMiB is required for non-Fargate services.
+     *
+     * @default - 128
+     */
+    readonly memoryLimitMiB?: number;
+    /**
+     * The logging mode for the service.
+     *
+     * @default - Using the Datadog log forwarder lambda provided by the datadog-integration.
+     */
+    readonly loggingModeForService?: DataDogLoggingMode;
+    /**
+     * The logging mode for the Datadog agent sidecar.
+     *
+     * @default - No logs in Datadog, Cloudwatch only.
+     */
+    readonly loggingModeForDatadogAgent?: DataDogLoggingMode;
+    /**
+     * GET endpoints to ignore in Datadog's APM overview. This is useful to filter out all health check calls.
+  
+      * @default - No endpoints are ignored.
+      */
+    readonly apmGetEndpointsToIgnore?: string[];
+    /**
+     * Configure if the Datadog agent sidecar is marked as essential.
+     *
+     * @default - true.
+     */
+    readonly datadogSidecarEssential?: boolean;
+    /**
+     * Configures the docker image tag for datadog sidecar
+     * @default - 'latest'
+     */
+    readonly datadogSidecarTag?: string;
+}
+export declare enum DataDogLoggingMode {
+    /**
+     * Forward logs directly to Datadog using AWS FireLens as log router,
+     * see https://docs.datadoghq.com/integrations/ecs_fargate/?tab=fluentbitandfirelens#log-collection.
+     */
+    AWS_FIRE_LENS = 0,
+    /**
+     * Store logs in AWS Cloudwatch and use the Datadog log forwarder lambda to forward the logs to Datadog,
+     * see https://docs.datadoghq.com/integrations/ecs_fargate/?tab=logdriver#log-collection.
+     */
+    FORWARDER_LAMBDA = 1,
+    /**
+     * Only log to AWS Cloudwatch without forwarding the logs to Datadog.
+     */
+    NONE = 2
+}
+export declare class RioFargateService extends Construct implements ec2.IConnectable {
+    private readonly DEFAULT_APM_GET_ENDPOINTS_TO_IGNORE;
+    private readonly DEFAULT_DATADOG_SIDECAR_CPU;
+    private readonly DEFAULT_DATADOG_SIDECAR_MEMORY_LIMIT_MIB;
+    private readonly DEFAULT_DATADOG_SIDECAR_ESSENTIAL;
+    private readonly DEFAULT_LOGGING_MODE_FOR_SERVICE;
+    private readonly DEFAULT_LOGGING_MODE_FOR_DATADOG_SIDECAR;
+    private readonly DEFAULT_DEREGISTRATION_DELAY;
+    private readonly DEFAULT_SLOW_START;
+    private readonly DEFAULT_DATADOG_SIDECAR_TAG;
+    private readonly LOG_ROUTER_CPU;
+    private readonly LOG_ROUTER_MEMORY_LIMIT_MIB;
+    readonly serviceContainerDefinition: ecs.ContainerDefinition;
+    readonly datadogSideCarContainerDefinition: ecs.ContainerDefinition;
+    readonly logRouterContainerDefinition?: ecs.ContainerDefinition;
+    readonly taskDefinition: ecs.FargateTaskDefinition;
+    readonly connections: ec2.Connections;
+    readonly service: ecs.FargateService;
+    readonly targetGroup: elbv2.ApplicationTargetGroup | undefined;
+    constructor(scope: Construct, id: string, props: RioFargateServiceProps);
+}