@studion/infra-code-blocks 0.8.0-next.2 → 2.0.0-alpha.0

package/dist/components/database.js

@@ -1,118 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Database = void 0;
-const aws = require("@pulumi/aws");
-const pulumi = require("@pulumi/pulumi");
-const password_1 = require("./password");
-const constants_1 = require("../constants");
-const defaults = {
-    multiAz: false,
-    applyImmediately: false,
-    skipFinalSnapshot: false,
-    allocatedStorage: 20,
-    maxAllocatedStorage: 100,
-    instanceClass: 'db.t4g.micro',
-    enableMonitoring: false,
-    allowMajorVersionUpgrade: false,
-    engineVersion: '17.2',
-};
-class Database extends pulumi.ComponentResource {
-    constructor(name, args, opts = {}) {
-        super('studion:Database', name, {}, opts);
-        this.name = name;
-        const argsWithDefaults = Object.assign({}, defaults, args);
-        const { vpcId, isolatedSubnetIds, vpcCidrBlock, enableMonitoring, snapshotIdentifier, } = argsWithDefaults;
-        this.dbSubnetGroup = this.createSubnetGroup({ isolatedSubnetIds });
-        this.dbSecurityGroup = this.createSecurityGroup({ vpcId, vpcCidrBlock });
-        this.kms = this.createEncryptionKey();
-        this.password = new password_1.Password(`${this.name}-database-password`, { value: args.password }, { parent: this });
-        if (enableMonitoring) {
-            this.monitoringRole = this.createMonitoringRole();
-        }
-        if (snapshotIdentifier) {
-            this.encryptedSnapshotCopy =
-                this.createEncryptedSnapshotCopy(snapshotIdentifier);
-        }
-        this.instance = this.createDatabaseInstance(args);
-        this.registerOutputs();
-    }
-    createSubnetGroup({ isolatedSubnetIds, }) {
-        const dbSubnetGroup = new aws.rds.SubnetGroup(`${this.name}-subnet-group`, {
-            subnetIds: isolatedSubnetIds,
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        return dbSubnetGroup;
-    }
-    createSecurityGroup({ vpcId, vpcCidrBlock, }) {
-        const dbSecurityGroup = new aws.ec2.SecurityGroup(`${this.name}-security-group`, {
-            vpcId,
-            ingress: [
-                {
-                    protocol: 'tcp',
-                    fromPort: 5432,
-                    toPort: 5432,
-                    cidrBlocks: [vpcCidrBlock],
-                },
-            ],
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        return dbSecurityGroup;
-    }
-    createEncryptionKey() {
-        const kms = new aws.kms.Key(`${this.name}-rds-key`, {
-            description: `${this.name} RDS encryption key`,
-            customerMasterKeySpec: 'SYMMETRIC_DEFAULT',
-            isEnabled: true,
-            keyUsage: 'ENCRYPT_DECRYPT',
-            multiRegion: false,
-            enableKeyRotation: true,
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        return kms;
-    }
-    createMonitoringRole() {
-        const monitoringRole = new aws.iam.Role(`${this.name}-rds-monitoring`, {
-            assumeRolePolicy: {
-                Version: '2012-10-17',
-                Statement: [
-                    {
-                        Action: 'sts:AssumeRole',
-                        Effect: 'Allow',
-                        Principal: {
-                            Service: 'monitoring.rds.amazonaws.com',
-                        },
-                    },
-                ],
-            },
-        });
-        new aws.iam.RolePolicyAttachment(`${this.name}-rds-monitoring-role-attachment`, {
-            role: monitoringRole.name,
-            policyArn: 'arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole',
-        });
-        return monitoringRole;
-    }
-    createEncryptedSnapshotCopy(snapshotIdentifier) {
-        const encryptedSnapshotCopy = new aws.rds.SnapshotCopy(`${this.name}-encrypted-snapshot-copy`, {
-            sourceDbSnapshotIdentifier: snapshotIdentifier,
-            targetDbSnapshotIdentifier: `${snapshotIdentifier}-encrypted-copy`,
-            kmsKeyId: this.kms.arn,
-        }, { parent: this });
-        return encryptedSnapshotCopy;
-    }
-    createDatabaseInstance(args) {
-        var _a;
-        const argsWithDefaults = Object.assign({}, defaults, args);
-        const stack = pulumi.getStack();
-        const monitoringOptions = argsWithDefaults.enableMonitoring && this.monitoringRole
-            ? {
-                monitoringInterval: 60,
-                monitoringRoleArn: this.monitoringRole.arn,
-                performanceInsightsEnabled: true,
-                performanceInsightsRetentionPeriod: 7,
-            }
-            : {};
-        const instance = new aws.rds.Instance(`${this.name}-rds`, Object.assign(Object.assign({ identifierPrefix: `${this.name}-`, engine: 'postgres', engineVersion: argsWithDefaults.engineVersion, allocatedStorage: argsWithDefaults.allocatedStorage, maxAllocatedStorage: argsWithDefaults.maxAllocatedStorage, instanceClass: argsWithDefaults.instanceClass, dbName: argsWithDefaults.dbName, username: argsWithDefaults.username, password: this.password.value, dbSubnetGroupName: this.dbSubnetGroup.name, vpcSecurityGroupIds: [this.dbSecurityGroup.id], storageEncrypted: true, kmsKeyId: this.kms.arn, multiAz: argsWithDefaults.multiAz, publiclyAccessible: false, skipFinalSnapshot: argsWithDefaults.skipFinalSnapshot, applyImmediately: argsWithDefaults.applyImmediately, autoMinorVersionUpgrade: true, maintenanceWindow: 'Mon:07:00-Mon:07:30', finalSnapshotIdentifier: `${this.name}-final-snapshot-${stack}`, backupWindow: '06:00-06:30', backupRetentionPeriod: 14, caCertIdentifier: 'rds-ca-rsa2048-g1', parameterGroupName: argsWithDefaults.parameterGroupName, allowMajorVersionUpgrade: argsWithDefaults.allowMajorVersionUpgrade, snapshotIdentifier: (_a = this.encryptedSnapshotCopy) === null || _a === void 0 ? void 0 : _a.targetDbSnapshotIdentifier }, monitoringOptions), { tags: Object.assign(Object.assign({}, constants_1.commonTags), argsWithDefaults.tags) }), { parent: this, dependsOn: [this.password] });
-        return instance;
-    }
-}
-exports.Database = Database;

package/dist/components/ec2-ssm-connect.d.ts

@@ -1,22 +0,0 @@
-import * as pulumi from '@pulumi/pulumi';
-import * as aws from '@pulumi/aws';
-export type Ec2SSMConnectArgs = {
-    vpcId: pulumi.Input<string>;
-    privateSubnetId: pulumi.Input<string>;
-    /**
-     * The IPv4 CIDR block for the VPC.
-     */
-    vpcCidrBlock: pulumi.Input<string>;
-    tags?: pulumi.Input<{
-        [key: string]: pulumi.Input<string>;
-    }>;
-};
-export declare class Ec2SSMConnect extends pulumi.ComponentResource {
-    ec2SecurityGroup: aws.ec2.SecurityGroup;
-    ssmVpcEndpoint: aws.ec2.VpcEndpoint;
-    ec2MessagesVpcEndpoint: aws.ec2.VpcEndpoint;
-    ssmMessagesVpcEndpoint: aws.ec2.VpcEndpoint;
-    ec2: aws.ec2.Instance;
-    constructor(name: string, args: Ec2SSMConnectArgs, opts?: pulumi.ComponentResourceOptions);
-}
-//# sourceMappingURL=ec2-ssm-connect.d.ts.map

package/dist/components/ec2-ssm-connect.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ec2-ssm-connect.d.ts","sourceRoot":"","sources":["../../src/components/ec2-ssm-connect.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AAMnC,MAAM,MAAM,iBAAiB,GAAG;IAC9B,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B,eAAe,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtC;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC;QAClB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;KACrC,CAAC,CAAC;CACJ,CAAC;AAEF,qBAAa,aAAc,SAAQ,MAAM,CAAC,iBAAiB;IACzD,gBAAgB,EAAE,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;IACxC,cAAc,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC;IACpC,sBAAsB,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC;IAC5C,sBAAsB,EAAE,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC;IAC5C,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC;gBAGpB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,iBAAiB,EACvB,IAAI,GAAE,MAAM,CAAC,wBAA6B;CAqJ7C"}

package/dist/components/ecs-service.d.ts

@@ -1,143 +0,0 @@
-import * as pulumi from '@pulumi/pulumi';
-import * as aws from '@pulumi/aws';
-import { Size } from '../types/size';
-export declare const awsRegion: string;
-export declare const assumeRolePolicy: aws.iam.PolicyDocument;
-export type RoleInlinePolicy = {
-    /**
-     * Name of the role policy.
-     */
-    name?: pulumi.Input<string>;
-    /**
-     * Policy document as a JSON formatted string.
-     */
-    policy?: pulumi.Input<string>;
-};
-export type PersistentStorageMountPoint = {
-    sourceVolume: string;
-    containerPath: string;
-    readOnly?: boolean;
-};
-export type PersistentStorageVolume = {
-    name: string;
-};
-export type PersistentStorageConfig = {
-    volumes: PersistentStorageVolume[];
-    mountPoints: PersistentStorageMountPoint[];
-};
-export type EcsServiceArgs = {
-    /**
-     * The ECR image used to start a container.
-     */
-    image: pulumi.Input<string>;
-    /**
-     * Exposed service port.
-     */
-    port: pulumi.Input<number>;
-    /**
-     * The aws.ecs.Cluster id.
-     */
-    clusterId: pulumi.Input<string>;
-    /**
-     * The aws.ecs.Cluster name.
-     */
-    clusterName: pulumi.Input<string>;
-    vpcId: pulumi.Input<string>;
-    /**
-     * The IPv4 CIDR block for the VPC.
-     */
-    vpcCidrBlock: pulumi.Input<string>;
-    /**
-     * If the `assignPublicIp` parameter is set to `true`, the publicSubnetIds
-     * must be provided; otherwise, provide the privateSubnetIds.
-     */
-    subnetIds: pulumi.Input<pulumi.Input<string>[]>;
-    /**
-     * Number of instances of the task definition to place and keep running. Defaults to 1.
-     */
-    desiredCount?: pulumi.Input<number>;
-    /**
-     * CPU and memory size used for running the container. Defaults to "small".
-     * Available predefined options are:
-     * - small (0.25 vCPU, 0.5 GB memory)
-     * - medium (0.5 vCPU, 1 GB memory)
-     * - large (1 vCPU memory, 2 GB memory)
-     * - xlarge (2 vCPU, 4 GB memory)
-     */
-    size?: pulumi.Input<Size>;
-    /**
-     * The environment variables to pass to a container. Don't use this field for
-     * sensitive information such as passwords, API keys, etc. For that purpose,
-     * please use the `secrets` property.
-     * Defaults to [].
-     */
-    environment?: pulumi.Input<aws.ecs.KeyValuePair[]>;
-    /**
-     * The secrets to pass to the container. Defaults to [].
-     */
-    secrets?: pulumi.Input<aws.ecs.Secret[]>;
-    /**
-     * Enable service auto discovery and assign DNS record to service.
-     * Defaults to false.
-     */
-    enableServiceAutoDiscovery: pulumi.Input<boolean>;
-    /**
-     * Configuration for multiple EFS volumes and their mount points.
-     * Each mount point specifies a container path where the EFS volume will be mounted.
-     */
-    persistentStorageConfig?: pulumi.Input<PersistentStorageConfig>;
-    /**
-     * Alternate docker CMD instruction.
-     */
-    dockerCommand?: pulumi.Input<string[]>;
-    /**
-     * Autoscaling options for ecs service.
-     */
-    autoscaling?: pulumi.Input<{
-        /**
-         * Is autoscaling enabled or disabled. Defaults to false.
-         */
-        enabled: pulumi.Input<boolean>;
-        /**
-         * Min capacity of the scalable target. Defaults to 1.
-         */
-        minCount?: pulumi.Input<number>;
-        /**
-         * Max capacity of the scalable target. Defaults to 1.
-         */
-        maxCount?: pulumi.Input<number>;
-    }>;
-    lbTargetGroupArn?: aws.lb.TargetGroup['arn'];
-    /**
-     * Custom service security group
-     * In case no security group is provided, default security group will be used.
-     */
-    securityGroup?: aws.ec2.SecurityGroup;
-    /**
-     * Assign public IP address to service.
-     */
-    assignPublicIp?: pulumi.Input<boolean>;
-    taskExecutionRoleInlinePolicies?: pulumi.Input<pulumi.Input<RoleInlinePolicy>[]>;
-    taskRoleInlinePolicies?: pulumi.Input<pulumi.Input<RoleInlinePolicy>[]>;
-    /**
-     * A map of tags to assign to the resource.
-     */
-    tags?: pulumi.Input<{
-        [key: string]: pulumi.Input<string>;
-    }>;
-};
-export declare class EcsService extends pulumi.ComponentResource {
-    name: string;
-    logGroup: aws.cloudwatch.LogGroup;
-    taskDefinition: aws.ecs.TaskDefinition;
-    serviceDiscoveryService?: aws.servicediscovery.Service;
-    service: aws.ecs.Service;
-    constructor(name: string, args: EcsServiceArgs, opts?: pulumi.ComponentResourceOptions);
-    private createLogGroup;
-    private createPersistentStorage;
-    private createTaskDefinition;
-    private createServiceDiscovery;
-    private createEcsService;
-    private enableAutoscaling;
-}
-//# sourceMappingURL=ecs-service.d.ts.map

package/dist/components/ecs-service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ecs-service.d.ts","sourceRoot":"","sources":["../../src/components/ecs-service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AACzC,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,EAAc,IAAI,EAAE,MAAM,eAAe,CAAC;AAKjD,eAAO,MAAM,SAAS,QAA2B,CAAC;AAElD,eAAO,MAAM,gBAAgB,EAAE,GAAG,CAAC,GAAG,CAAC,cAYtC,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;CAC/B,CAAC;AAEF,MAAM,MAAM,2BAA2B,GAAG;IACxC,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC;AAEvD,MAAM,MAAM,uBAAuB,GAAG;IACpC,OAAO,EAAE,uBAAuB,EAAE,CAAC;IACnC,WAAW,EAAE,2BAA2B,EAAE,CAAC;CAC5C,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;OAEG;IACH,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3B;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAChC;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAClC,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC;;;OAGG;IACH,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAChD;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACpC;;;;;;;OAOG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE1B;;;;;OAKG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC;IACnD;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC;;;OAGG;IACH,0BAA0B,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAClD;;;OAGG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAChE;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACvC;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC;QACzB;;WAEG;QACH,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC/B;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAChC;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;KACjC,CAAC,CAAC;IACH,gBAAgB,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAC7C;;;OAGG;IACH,aAAa,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;IACtC;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACvC,+BAA+B,CAAC,EAAE,MAAM,CAAC,KAAK,CAC5C,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CACjC,CAAC;IACF,sBAAsB,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACxE;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC;QAClB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;KACrC,CAAC,CAAC;CACJ,CAAC;AAgCF,qBAAa,UAAW,SAAQ,MAAM,CAAC,iBAAiB;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC;IAClC,cAAc,EAAE,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC;IACvC,uBAAuB,CAAC,EAAE,GAAG,CAAC,gBAAgB,CAAC,OAAO,CAAC;IACvD,OAAO,EAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC;gBAGvB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,cAAc,EACpB,IAAI,GAAE,MAAM,CAAC,wBAA6B;IA8B5C,OAAO,CAAC,cAAc;IAatB,OAAO,CAAC,uBAAuB;IA6D/B,OAAO,CAAC,oBAAoB;IAqM5B,OAAO,CAAC,sBAAsB;IA+B9B,OAAO,CAAC,gBAAgB;IAwExB,OAAO,CAAC,iBAAiB;CAkD1B"}

package/dist/components/ecs-service.js

@@ -1,357 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.EcsService = exports.assumeRolePolicy = exports.awsRegion = void 0;
-const pulumi = require("@pulumi/pulumi");
-const aws = require("@pulumi/aws");
-const constants_1 = require("../constants");
-const config = new pulumi.Config('aws');
-exports.awsRegion = config.require('region');
-exports.assumeRolePolicy = {
-    Version: '2012-10-17',
-    Statement: [
-        {
-            Action: 'sts:AssumeRole',
-            Principal: {
-                Service: 'ecs-tasks.amazonaws.com',
-            },
-            Effect: 'Allow',
-            Sid: '',
-        },
-    ],
-};
-/**
- * Standard directory permissions:
- * - Owner: read, write, execute (7)
- * - Group: read, execute (5)
- * - Others: read, execute (5)
- */
-const STANDARD_DIRECTORY_PERMISSIONS = '0755';
-const FIRST_POSIX_NON_ROOT_USER = {
-    userId: 1000,
-    groupId: 1000,
-    permissions: STANDARD_DIRECTORY_PERMISSIONS,
-};
-const defaults = {
-    desiredCount: 1,
-    size: 'small',
-    environment: [],
-    secrets: [],
-    enableServiceAutoDiscovery: false,
-    assignPublicIp: false,
-    taskExecutionRoleInlinePolicies: [],
-    taskRoleInlinePolicies: [],
-    autoscaling: {
-        enabled: false,
-        minCount: 1,
-        maxCount: 1,
-    },
-};
-class EcsService extends pulumi.ComponentResource {
-    constructor(name, args, opts = {}) {
-        const aliases = opts.aliases || [];
-        super('studion:ecs:LegacyService', name, {}, Object.assign(Object.assign({}, opts), { aliases: [...aliases, { type: 'studion:ecs:Service' }] }));
-        const argsWithDefaults = Object.assign({}, defaults, args);
-        this.name = name;
-        this.logGroup = this.createLogGroup();
-        this.taskDefinition = this.createTaskDefinition(args);
-        if (argsWithDefaults.enableServiceAutoDiscovery) {
-            this.serviceDiscoveryService = this.createServiceDiscovery(argsWithDefaults.vpcId);
-        }
-        this.service = this.createEcsService(args, opts);
-        if (argsWithDefaults.autoscaling.enabled) {
-            this.enableAutoscaling(args);
-        }
-        this.registerOutputs();
-    }
-    createLogGroup() {
-        const logGroup = new aws.cloudwatch.LogGroup(`${this.name}-log-group`, {
-            retentionInDays: 14,
-            namePrefix: `/ecs/${this.name}-`,
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        return logGroup;
-    }
-    createPersistentStorage({ vpcId, vpcCidrBlock, subnetIds, }) {
-        const efs = new aws.efs.FileSystem(`${this.name}-efs`, {
-            encrypted: true,
-            lifecyclePolicies: [
-                {
-                    transitionToPrimaryStorageClass: 'AFTER_1_ACCESS',
-                },
-                {
-                    transitionToIa: 'AFTER_7_DAYS',
-                },
-            ],
-            performanceMode: 'generalPurpose',
-            throughputMode: 'bursting',
-            tags: Object.assign(Object.assign({}, constants_1.commonTags), { Name: `${this.name}-data` }),
-        }, { parent: this });
-        const securityGroup = new aws.ec2.SecurityGroup(`${this.name}-persistent-storage-security-group`, {
-            vpcId: vpcId,
-            ingress: [
-                {
-                    fromPort: 2049,
-                    toPort: 2049,
-                    protocol: 'tcp',
-                    cidrBlocks: [vpcCidrBlock],
-                },
-            ],
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        pulumi.all([subnetIds]).apply(([ids]) => {
-            ids.forEach(it => {
-                const mountTarget = new aws.efs.MountTarget(`${this.name}-mount-target-${it}`, {
-                    fileSystemId: efs.id,
-                    subnetId: it,
-                    securityGroups: [securityGroup.id],
-                }, { parent: this });
-            });
-        });
-        return efs;
-    }
-    createTaskDefinition(args) {
-        const argsWithDefaults = Object.assign({}, defaults, args);
-        const stack = pulumi.getStack();
-        const secretManagerSecretsInlinePolicy = {
-            name: `${this.name}-secret-manager-access`,
-            policy: JSON.stringify({
-                Version: '2012-10-17',
-                Statement: [
-                    {
-                        Sid: 'AllowContainerToGetSecretManagerSecrets',
-                        Effect: 'Allow',
-                        Action: ['ssm:GetParameters', 'secretsmanager:GetSecretValue'],
-                        Resource: '*',
-                    },
-                ],
-            }),
-        };
-        const taskExecutionRole = new aws.iam.Role(`${this.name}-ecs-task-exec-role`, {
-            namePrefix: `${this.name}-ecs-task-exec-role-`,
-            assumeRolePolicy: exports.assumeRolePolicy,
-            managedPolicyArns: [
-                'arn:aws:iam::aws:policy/CloudWatchFullAccess',
-                'arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess',
-            ],
-            inlinePolicies: [
-                secretManagerSecretsInlinePolicy,
-                ...argsWithDefaults.taskExecutionRoleInlinePolicies,
-            ],
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        const execCmdInlinePolicy = {
-            name: `${this.name}-ecs-exec`,
-            policy: JSON.stringify({
-                Version: '2012-10-17',
-                Statement: [
-                    {
-                        Sid: 'AllowContainerToCreateECSExecSSMChannel',
-                        Effect: 'Allow',
-                        Action: [
-                            'ssmmessages:CreateControlChannel',
-                            'ssmmessages:CreateDataChannel',
-                            'ssmmessages:OpenControlChannel',
-                            'ssmmessages:OpenDataChannel',
-                        ],
-                        Resource: '*',
-                    },
-                ],
-            }),
-        };
-        const taskRole = new aws.iam.Role(`${this.name}-ecs-task-role`, {
-            namePrefix: `${this.name}-ecs-task-role-`,
-            assumeRolePolicy: exports.assumeRolePolicy,
-            inlinePolicies: [
-                execCmdInlinePolicy,
-                ...argsWithDefaults.taskRoleInlinePolicies,
-            ],
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        const parsedSize = pulumi.all([argsWithDefaults.size]).apply(([size]) => {
-            const mapCapabilities = ({ cpu, memory }) => ({
-                cpu: String(cpu),
-                memory: String(memory),
-            });
-            if (typeof size === 'string') {
-                return mapCapabilities(constants_1.PredefinedSize[size]);
-            }
-            if (typeof size === 'object') {
-                return mapCapabilities(size);
-            }
-            throw Error('Incorrect EcsService size argument');
-        });
-        const fileSystemId = this.createPersistentStorage(argsWithDefaults).id;
-        const accessPoint = new aws.efs.AccessPoint(`${this.name}-efs-ap`, {
-            fileSystemId,
-            posixUser: {
-                uid: FIRST_POSIX_NON_ROOT_USER.userId,
-                gid: FIRST_POSIX_NON_ROOT_USER.groupId,
-            },
-            rootDirectory: {
-                path: '/data',
-                creationInfo: {
-                    ownerUid: FIRST_POSIX_NON_ROOT_USER.userId,
-                    ownerGid: FIRST_POSIX_NON_ROOT_USER.groupId,
-                    permissions: FIRST_POSIX_NON_ROOT_USER.permissions,
-                },
-            },
-        });
-        const taskDefinition = new aws.ecs.TaskDefinition(`${this.name}-task-definition`, Object.assign(Object.assign({ family: `${this.name}-task-definition-${stack}`, networkMode: 'awsvpc', executionRoleArn: taskExecutionRole.arn, taskRoleArn: taskRole.arn, cpu: parsedSize.cpu, memory: parsedSize.memory, requiresCompatibilities: ['FARGATE'], containerDefinitions: pulumi
-                .all([
-                this.name,
-                argsWithDefaults.image,
-                argsWithDefaults.port,
-                argsWithDefaults.environment,
-                argsWithDefaults.secrets,
-                argsWithDefaults.persistentStorageConfig,
-                argsWithDefaults.dockerCommand,
-                this.logGroup.name,
-                exports.awsRegion,
-            ])
-                .apply(([containerName, image, port, environment, secrets, persistentStorageConfig, command, logGroup, region,]) => {
-                return JSON.stringify([
-                    Object.assign(Object.assign({ readonlyRootFilesystem: false, name: containerName, image, essential: true, portMappings: [
-                            {
-                                containerPort: port,
-                                protocol: 'tcp',
-                            },
-                        ] }, (persistentStorageConfig && {
-                        mountPoints: persistentStorageConfig.mountPoints.map(mountPoint => {
-                            var _a;
-                            return ({
-                                containerPath: mountPoint.containerPath,
-                                sourceVolume: mountPoint.sourceVolume,
-                                readOnly: (_a = mountPoint.readOnly) !== null && _a !== void 0 ? _a : false,
-                            });
-                        }),
-                        user: `${FIRST_POSIX_NON_ROOT_USER.userId}:${FIRST_POSIX_NON_ROOT_USER.groupId}`,
-                    })), { logConfiguration: {
-                            logDriver: 'awslogs',
-                            options: {
-                                'awslogs-group': logGroup,
-                                'awslogs-region': region,
-                                'awslogs-stream-prefix': 'ecs',
-                            },
-                        }, command,
-                        environment,
-                        secrets }),
-                ]);
-            }) }, (argsWithDefaults.persistentStorageConfig && {
-            volumes: argsWithDefaults.persistentStorageConfig.volumes.map(volume => ({
-                name: volume.name,
-                efsVolumeConfiguration: {
-                    fileSystemId,
-                    transitEncryption: 'ENABLED',
-                    authorizationConfig: {
-                        accessPointId: accessPoint.id,
-                        iam: 'ENABLED',
-                    },
-                },
-            })),
-        })), { tags: Object.assign(Object.assign({}, constants_1.commonTags), argsWithDefaults.tags) }), { parent: this });
-        return taskDefinition;
-    }
-    createServiceDiscovery(vpcId) {
-        const privateDnsNamespace = new aws.servicediscovery.PrivateDnsNamespace(`${this.name}-private-dns-namespace`, {
-            vpc: vpcId,
-            name: this.name,
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        return new aws.servicediscovery.Service(`${this.name}-service-discovery`, {
-            name: this.name,
-            dnsConfig: {
-                namespaceId: privateDnsNamespace.id,
-                dnsRecords: [
-                    {
-                        ttl: 10,
-                        type: 'A',
-                    },
-                ],
-                routingPolicy: 'MULTIVALUE',
-            },
-            tags: constants_1.commonTags,
-        }, { parent: this });
-    }
-    createEcsService(args, opts) {
-        const argsWithDefaults = Object.assign({}, defaults, args);
-        const securityGroup = argsWithDefaults.securityGroup ||
-            new aws.ec2.SecurityGroup(`${this.name}-service-security-group`, {
-                vpcId: argsWithDefaults.vpcId,
-                ingress: [
-                    {
-                        fromPort: 0,
-                        toPort: 0,
-                        protocol: '-1',
-                        cidrBlocks: [argsWithDefaults.vpcCidrBlock],
-                    },
-                ],
-                egress: [
-                    {
-                        fromPort: 0,
-                        toPort: 0,
-                        protocol: '-1',
-                        cidrBlocks: ['0.0.0.0/0'],
-                    },
-                ],
-                tags: constants_1.commonTags,
-            }, { parent: this });
-        const service = new aws.ecs.Service(`${this.name}-service`, Object.assign(Object.assign(Object.assign(Object.assign({ name: this.name, cluster: argsWithDefaults.clusterId, launchType: 'FARGATE', desiredCount: argsWithDefaults.desiredCount, taskDefinition: this.taskDefinition.arn, enableExecuteCommand: true }, (argsWithDefaults.lbTargetGroupArn && {
-            loadBalancers: [
-                {
-                    containerName: this.name,
-                    containerPort: argsWithDefaults.port,
-                    targetGroupArn: argsWithDefaults.lbTargetGroupArn,
-                },
-            ],
-        })), { networkConfiguration: {
-                assignPublicIp: argsWithDefaults.assignPublicIp,
-                subnets: argsWithDefaults.subnetIds,
-                securityGroups: [securityGroup.id],
-            } }), (argsWithDefaults.enableServiceAutoDiscovery &&
-            this.serviceDiscoveryService && {
-            serviceRegistries: {
-                registryArn: this.serviceDiscoveryService.arn,
-            },
-        })), { tags: Object.assign(Object.assign({}, constants_1.commonTags), argsWithDefaults.tags) }), {
-            parent: this,
-            dependsOn: opts.dependsOn,
-        });
-        return service;
-    }
-    enableAutoscaling(args) {
-        const argsWithDefaults = Object.assign({}, defaults, args);
-        const autoscalingTarget = new aws.appautoscaling.Target(`${this.name}-autoscale-target`, {
-            minCapacity: argsWithDefaults.autoscaling.minCount,
-            maxCapacity: argsWithDefaults.autoscaling.maxCount,
-            resourceId: pulumi.interpolate `service/${argsWithDefaults.clusterName}/${this.service.name}`,
-            serviceNamespace: 'ecs',
-            scalableDimension: 'ecs:service:DesiredCount',
-            tags: constants_1.commonTags,
-        }, { parent: this });
-        const memoryAutoscalingPolicy = new aws.appautoscaling.Policy(`${this.name}-memory-autoscale-policy`, {
-            policyType: 'TargetTrackingScaling',
-            resourceId: autoscalingTarget.resourceId,
-            scalableDimension: autoscalingTarget.scalableDimension,
-            serviceNamespace: autoscalingTarget.serviceNamespace,
-            targetTrackingScalingPolicyConfiguration: {
-                predefinedMetricSpecification: {
-                    predefinedMetricType: 'ECSServiceAverageMemoryUtilization',
-                },
-                targetValue: 70,
-            },
-        }, { parent: this });
-        const cpuAutoscalingPolicy = new aws.appautoscaling.Policy(`${this.name}-cpu-autoscale-policy`, {
-            policyType: 'TargetTrackingScaling',
-            resourceId: autoscalingTarget.resourceId,
-            scalableDimension: autoscalingTarget.scalableDimension,
-            serviceNamespace: autoscalingTarget.serviceNamespace,
-            targetTrackingScalingPolicyConfiguration: {
-                predefinedMetricSpecification: {
-                    predefinedMetricType: 'ECSServiceAverageCPUUtilization',
-                },
-                targetValue: 70,
-            },
-        }, { parent: this });
-    }
-}
-exports.EcsService = EcsService;