raindancers-cloudfront 0.0.0

package/lib/bicep/resources/graph/federatedIdentityCredential.d.ts

@@ -0,0 +1,29 @@
+import { Application } from './application';
+import { BicepConstruct } from './bicepConstruct';
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Properties for Federated Identity Credential
+ */
+export interface FederatedIdentityCredentialProps {
+    /** Application to add credential to */
+    readonly application: Application;
+    /** Name of the credential */
+    readonly name: string;
+    /** OIDC issuer URL */
+    readonly issuer: string;
+    /** Subject claim value */
+    readonly subject: string;
+    /** Audience values */
+    readonly audiences: string[];
+    /** Description of the credential */
+    readonly description?: string;
+}
+/**
+ * CDK-style construct for Federated Identity Credential
+ */
+export declare class FederatedIdentityCredential extends BicepConstruct {
+    private props;
+    readonly credentialId: string;
+    constructor(template: BicepTemplate, resourceName: string, props: FederatedIdentityCredentialProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/graph/federatedIdentityCredential.js

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FederatedIdentityCredential = void 0;
+const bicepConstruct_1 = require("./bicepConstruct");
+/**
+ * CDK-style construct for Federated Identity Credential
+ */
+class FederatedIdentityCredential extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        this.credentialId = `${this.toPascalCase(resourceName)}.id`;
+    }
+    synthesize() {
+        const appResourceName = this.toPascalCase(this.props.application.getResourceName());
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Graph/applications/federatedIdentityCredentials',
+            apiVersion: 'v1.0',
+            comment: 'Federated credential for external identity provider. Note: BCP018 linter error on subject field is expected due to CDK token syntax.',
+            linterSuppressions: ['BCP018'],
+            name: `${appResourceName}.uniqueName/${this.props.name}`,
+            issuer: this.props.issuer,
+            subject: this.props.subject,
+            description: this.props.description || 'Federated credential for AWS',
+            audiences: this.props.audiences,
+            dependsOn: this.explicitDependencies.length > 0 ? this.explicitDependencies : undefined,
+        });
+    }
+}
+exports.FederatedIdentityCredential = FederatedIdentityCredential;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZmVkZXJhdGVkSWRlbnRpdHlDcmVkZW50aWFsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2JpY2VwL3Jlc291cmNlcy9ncmFwaC9mZWRlcmF0ZWRJZGVudGl0eUNyZWRlbnRpYWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EscURBQWtEO0FBcUJsRDs7R0FFRztBQUNILE1BQWEsMkJBQTRCLFNBQVEsK0JBQWM7SUFHN0QsWUFBWSxRQUF1QixFQUFFLFlBQW9CLEVBQVUsS0FBdUM7UUFDeEcsS0FBSyxDQUFDLFFBQVEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQURtQyxVQUFLLEdBQUwsS0FBSyxDQUFrQztRQUV4RyxJQUFJLENBQUMsWUFBWSxHQUFHLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDO0lBQzlELENBQUM7SUFFRCxVQUFVO1FBQ1IsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxlQUFlLEVBQUUsQ0FBQyxDQUFDO1FBQ3BGLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDM0MsSUFBSSxFQUFFLDJEQUEyRDtZQUNqRSxVQUFVLEVBQUUsTUFBTTtZQUNsQixPQUFPLEVBQUUsc0lBQXNJO1lBQy9JLGtCQUFrQixFQUFFLENBQUMsUUFBUSxDQUFDO1lBQzlCLElBQUksRUFBRSxHQUFHLGVBQWUsZUFBZSxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRTtZQUN4RCxNQUFNLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxNQUFNO1lBQ3pCLE9BQU8sRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU87WUFDM0IsV0FBVyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVyxJQUFJLDhCQUE4QjtZQUNyRSxTQUFTLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTO1lBQy9CLFNBQVMsRUFBRSxJQUFJLENBQUMsb0JBQW9CLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLG9CQUFvQixDQUFDLENBQUMsQ0FBQyxTQUFTO1NBQ3hGLENBQUMsQ0FBQztJQUNMLENBQUM7Q0FDRjtBQXZCRCxrRUF1QkMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBBcHBsaWNhdGlvbiB9IGZyb20gJy4vYXBwbGljYXRpb24nO1xuaW1wb3J0IHsgQmljZXBDb25zdHJ1Y3QgfSBmcm9tICcuL2JpY2VwQ29uc3RydWN0JztcbmltcG9ydCB7IEJpY2VwVGVtcGxhdGUgfSBmcm9tICcuLi8uLi9kZXBsb3kvdGVtcGxhdGUnO1xuXG4vKipcbiAqIFByb3BlcnRpZXMgZm9yIEZlZGVyYXRlZCBJZGVudGl0eSBDcmVkZW50aWFsXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgRmVkZXJhdGVkSWRlbnRpdHlDcmVkZW50aWFsUHJvcHMge1xuICAvKiogQXBwbGljYXRpb24gdG8gYWRkIGNyZWRlbnRpYWwgdG8gKi9cbiAgcmVhZG9ubHkgYXBwbGljYXRpb246IEFwcGxpY2F0aW9uO1xuICAvKiogTmFtZSBvZiB0aGUgY3JlZGVudGlhbCAqL1xuICByZWFkb25seSBuYW1lOiBzdHJpbmc7XG4gIC8qKiBPSURDIGlzc3VlciBVUkwgKi9cbiAgcmVhZG9ubHkgaXNzdWVyOiBzdHJpbmc7XG4gIC8qKiBTdWJqZWN0IGNsYWltIHZhbHVlICovXG4gIHJlYWRvbmx5IHN1YmplY3Q6IHN0cmluZztcbiAgLyoqIEF1ZGllbmNlIHZhbHVlcyAqL1xuICByZWFkb25seSBhdWRpZW5jZXM6IHN0cmluZ1tdO1xuICAvKiogRGVzY3JpcHRpb24gb2YgdGhlIGNyZWRlbnRpYWwgKi9cbiAgcmVhZG9ubHkgZGVzY3JpcHRpb24/OiBzdHJpbmc7XG59XG5cbi8qKlxuICogQ0RLLXN0eWxlIGNvbnN0cnVjdCBmb3IgRmVkZXJhdGVkIElkZW50aXR5IENyZWRlbnRpYWxcbiAqL1xuZXhwb3J0IGNsYXNzIEZlZGVyYXRlZElkZW50aXR5Q3JlZGVudGlhbCBleHRlbmRzIEJpY2VwQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IGNyZWRlbnRpYWxJZDogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKHRlbXBsYXRlOiBCaWNlcFRlbXBsYXRlLCByZXNvdXJjZU5hbWU6IHN0cmluZywgcHJpdmF0ZSBwcm9wczogRmVkZXJhdGVkSWRlbnRpdHlDcmVkZW50aWFsUHJvcHMpIHtcbiAgICBzdXBlcih0ZW1wbGF0ZSwgcmVzb3VyY2VOYW1lKTtcbiAgICB0aGlzLmNyZWRlbnRpYWxJZCA9IGAke3RoaXMudG9QYXNjYWxDYXNlKHJlc291cmNlTmFtZSl9LmlkYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgY29uc3QgYXBwUmVzb3VyY2VOYW1lID0gdGhpcy50b1Bhc2NhbENhc2UodGhpcy5wcm9wcy5hcHBsaWNhdGlvbi5nZXRSZXNvdXJjZU5hbWUoKSk7XG4gICAgdGhpcy50ZW1wbGF0ZS5hZGRSZXNvdXJjZSh0aGlzLnJlc291cmNlTmFtZSwge1xuICAgICAgdHlwZTogJ01pY3Jvc29mdC5HcmFwaC9hcHBsaWNhdGlvbnMvZmVkZXJhdGVkSWRlbnRpdHlDcmVkZW50aWFscycsXG4gICAgICBhcGlWZXJzaW9uOiAndjEuMCcsXG4gICAgICBjb21tZW50OiAnRmVkZXJhdGVkIGNyZWRlbnRpYWwgZm9yIGV4dGVybmFsIGlkZW50aXR5IHByb3ZpZGVyLiBOb3RlOiBCQ1AwMTggbGludGVyIGVycm9yIG9uIHN1YmplY3QgZmllbGQgaXMgZXhwZWN0ZWQgZHVlIHRvIENESyB0b2tlbiBzeW50YXguJyxcbiAgICAgIGxpbnRlclN1cHByZXNzaW9uczogWydCQ1AwMTgnXSxcbiAgICAgIG5hbWU6IGAke2FwcFJlc291cmNlTmFtZX0udW5pcXVlTmFtZS8ke3RoaXMucHJvcHMubmFtZX1gLFxuICAgICAgaXNzdWVyOiB0aGlzLnByb3BzLmlzc3VlcixcbiAgICAgIHN1YmplY3Q6IHRoaXMucHJvcHMuc3ViamVjdCxcbiAgICAgIGRlc2NyaXB0aW9uOiB0aGlzLnByb3BzLmRlc2NyaXB0aW9uIHx8ICdGZWRlcmF0ZWQgY3JlZGVudGlhbCBmb3IgQVdTJyxcbiAgICAgIGF1ZGllbmNlczogdGhpcy5wcm9wcy5hdWRpZW5jZXMsXG4gICAgICBkZXBlbmRzT246IHRoaXMuZXhwbGljaXREZXBlbmRlbmNpZXMubGVuZ3RoID4gMCA/IHRoaXMuZXhwbGljaXREZXBlbmRlbmNpZXMgOiB1bmRlZmluZWQsXG4gICAgfSk7XG4gIH1cbn0iXX0=

package/lib/bicep/resources/graph/group.d.ts

@@ -0,0 +1,26 @@
+import { BicepConstruct } from './bicepConstruct';
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Properties for Azure AD Group
+ */
+export interface GroupProps {
+    /** Display name of the group */
+    readonly displayName: string;
+    /** Description of the group */
+    readonly description?: string;
+    /** Group types (e.g., ['Unified'] for Microsoft 365 groups) */
+    readonly groupTypes?: string[];
+    /** Whether the group is mail-enabled */
+    readonly mailEnabled?: boolean;
+    /** Whether the group is security-enabled */
+    readonly securityEnabled?: boolean;
+}
+/**
+ * CDK-style construct for Azure AD Group
+ */
+export declare class Group extends BicepConstruct {
+    private props;
+    readonly groupId: string;
+    constructor(template: BicepTemplate, resourceName: string, props: GroupProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/graph/group.js

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Group = void 0;
+const bicepConstruct_1 = require("./bicepConstruct");
+/**
+ * CDK-style construct for Azure AD Group
+ */
+class Group extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        this.groupId = `${this.toPascalCase(resourceName)}.id`;
+    }
+    synthesize() {
+        const mailNickname = this.props.displayName.toLowerCase().replace(/[^a-z0-9]/g, '');
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Graph/groups',
+            apiVersion: 'v1.0',
+            comment: `Security group: ${this.props.displayName}`,
+            uniqueName: this.props.displayName,
+            displayName: this.props.displayName,
+            description: this.props.description,
+            groupTypes: this.props.groupTypes || [],
+            mailEnabled: this.props.mailEnabled || false,
+            securityEnabled: this.props.securityEnabled !== false,
+            mailNickname: mailNickname,
+        });
+    }
+}
+exports.Group = Group;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ3JvdXAuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL2dyb3VwLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLHFEQUFrRDtBQW1CbEQ7O0dBRUc7QUFDSCxNQUFhLEtBQU0sU0FBUSwrQkFBYztJQUd2QyxZQUFZLFFBQXVCLEVBQUUsWUFBb0IsRUFBVSxLQUFpQjtRQUNsRixLQUFLLENBQUMsUUFBUSxFQUFFLFlBQVksQ0FBQyxDQUFDO1FBRG1DLFVBQUssR0FBTCxLQUFLLENBQVk7UUFFbEYsSUFBSSxDQUFDLE9BQU8sR0FBRyxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQztJQUN6RCxDQUFDO0lBRUQsVUFBVTtRQUNSLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVyxDQUFDLFdBQVcsRUFBRSxDQUFDLE9BQU8sQ0FBQyxZQUFZLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFDcEYsSUFBSSxDQUFDLFFBQVEsQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRTtZQUMzQyxJQUFJLEVBQUUsd0JBQXdCO1lBQzlCLFVBQVUsRUFBRSxNQUFNO1lBQ2xCLE9BQU8sRUFBRSxtQkFBbUIsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLEVBQUU7WUFDcEQsVUFBVSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVztZQUNsQyxXQUFXLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXO1lBQ25DLFdBQVcsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFdBQVc7WUFDbkMsVUFBVSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsVUFBVSxJQUFJLEVBQUU7WUFDdkMsV0FBVyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsV0FBVyxJQUFJLEtBQUs7WUFDNUMsZUFBZSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsZUFBZSxLQUFLLEtBQUs7WUFDckQsWUFBWSxFQUFFLFlBQVk7U0FDM0IsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBdkJELHNCQXVCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJpY2VwQ29uc3RydWN0IH0gZnJvbSAnLi9iaWNlcENvbnN0cnVjdCc7XG5pbXBvcnQgeyBCaWNlcFRlbXBsYXRlIH0gZnJvbSAnLi4vLi4vZGVwbG95L3RlbXBsYXRlJztcblxuLyoqXG4gKiBQcm9wZXJ0aWVzIGZvciBBenVyZSBBRCBHcm91cFxuICovXG5leHBvcnQgaW50ZXJmYWNlIEdyb3VwUHJvcHMge1xuICAvKiogRGlzcGxheSBuYW1lIG9mIHRoZSBncm91cCAqL1xuICByZWFkb25seSBkaXNwbGF5TmFtZTogc3RyaW5nO1xuICAvKiogRGVzY3JpcHRpb24gb2YgdGhlIGdyb3VwICovXG4gIHJlYWRvbmx5IGRlc2NyaXB0aW9uPzogc3RyaW5nO1xuICAvKiogR3JvdXAgdHlwZXMgKGUuZy4sIFsnVW5pZmllZCddIGZvciBNaWNyb3NvZnQgMzY1IGdyb3VwcykgKi9cbiAgcmVhZG9ubHkgZ3JvdXBUeXBlcz86IHN0cmluZ1tdO1xuICAvKiogV2hldGhlciB0aGUgZ3JvdXAgaXMgbWFpbC1lbmFibGVkICovXG4gIHJlYWRvbmx5IG1haWxFbmFibGVkPzogYm9vbGVhbjtcbiAgLyoqIFdoZXRoZXIgdGhlIGdyb3VwIGlzIHNlY3VyaXR5LWVuYWJsZWQgKi9cbiAgcmVhZG9ubHkgc2VjdXJpdHlFbmFibGVkPzogYm9vbGVhbjtcbn1cblxuLyoqXG4gKiBDREstc3R5bGUgY29uc3RydWN0IGZvciBBenVyZSBBRCBHcm91cFxuICovXG5leHBvcnQgY2xhc3MgR3JvdXAgZXh0ZW5kcyBCaWNlcENvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBncm91cElkOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3IodGVtcGxhdGU6IEJpY2VwVGVtcGxhdGUsIHJlc291cmNlTmFtZTogc3RyaW5nLCBwcml2YXRlIHByb3BzOiBHcm91cFByb3BzKSB7XG4gICAgc3VwZXIodGVtcGxhdGUsIHJlc291cmNlTmFtZSk7XG4gICAgdGhpcy5ncm91cElkID0gYCR7dGhpcy50b1Bhc2NhbENhc2UocmVzb3VyY2VOYW1lKX0uaWRgO1xuICB9XG5cbiAgc3ludGhlc2l6ZSgpOiB2b2lkIHtcbiAgICBjb25zdCBtYWlsTmlja25hbWUgPSB0aGlzLnByb3BzLmRpc3BsYXlOYW1lLnRvTG93ZXJDYXNlKCkucmVwbGFjZSgvW15hLXowLTldL2csICcnKTtcbiAgICB0aGlzLnRlbXBsYXRlLmFkZFJlc291cmNlKHRoaXMucmVzb3VyY2VOYW1lLCB7XG4gICAgICB0eXBlOiAnTWljcm9zb2Z0LkdyYXBoL2dyb3VwcycsXG4gICAgICBhcGlWZXJzaW9uOiAndjEuMCcsXG4gICAgICBjb21tZW50OiBgU2VjdXJpdHkgZ3JvdXA6ICR7dGhpcy5wcm9wcy5kaXNwbGF5TmFtZX1gLFxuICAgICAgdW5pcXVlTmFtZTogdGhpcy5wcm9wcy5kaXNwbGF5TmFtZSxcbiAgICAgIGRpc3BsYXlOYW1lOiB0aGlzLnByb3BzLmRpc3BsYXlOYW1lLFxuICAgICAgZGVzY3JpcHRpb246IHRoaXMucHJvcHMuZGVzY3JpcHRpb24sXG4gICAgICBncm91cFR5cGVzOiB0aGlzLnByb3BzLmdyb3VwVHlwZXMgfHwgW10sXG4gICAgICBtYWlsRW5hYmxlZDogdGhpcy5wcm9wcy5tYWlsRW5hYmxlZCB8fCBmYWxzZSxcbiAgICAgIHNlY3VyaXR5RW5hYmxlZDogdGhpcy5wcm9wcy5zZWN1cml0eUVuYWJsZWQgIT09IGZhbHNlLFxuICAgICAgbWFpbE5pY2tuYW1lOiBtYWlsTmlja25hbWUsXG4gICAgfSk7XG4gIH1cbn0iXX0=

package/lib/bicep/resources/graph/index.d.ts

@@ -0,0 +1,8 @@
+export * from './appRoleAssignment';
+export * from './application';
+export * from './bicepConstruct';
+export * from './existingServicePrincipal';
+export * from './federatedIdentityCredential';
+export * from './group';
+export * from './servicePrincipal';
+export * from './types';

package/lib/bicep/resources/graph/index.js

@@ -0,0 +1,25 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./appRoleAssignment"), exports);
+__exportStar(require("./application"), exports);
+__exportStar(require("./bicepConstruct"), exports);
+__exportStar(require("./existingServicePrincipal"), exports);
+__exportStar(require("./federatedIdentityCredential"), exports);
+__exportStar(require("./group"), exports);
+__exportStar(require("./servicePrincipal"), exports);
+__exportStar(require("./types"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxzREFBb0M7QUFDcEMsZ0RBQThCO0FBQzlCLG1EQUFpQztBQUNqQyw2REFBMkM7QUFDM0MsZ0VBQThDO0FBQzlDLDBDQUF3QjtBQUN4QixxREFBbUM7QUFDbkMsMENBQXdCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0ICogZnJvbSAnLi9hcHBSb2xlQXNzaWdubWVudCc7XG5leHBvcnQgKiBmcm9tICcuL2FwcGxpY2F0aW9uJztcbmV4cG9ydCAqIGZyb20gJy4vYmljZXBDb25zdHJ1Y3QnO1xuZXhwb3J0ICogZnJvbSAnLi9leGlzdGluZ1NlcnZpY2VQcmluY2lwYWwnO1xuZXhwb3J0ICogZnJvbSAnLi9mZWRlcmF0ZWRJZGVudGl0eUNyZWRlbnRpYWwnO1xuZXhwb3J0ICogZnJvbSAnLi9ncm91cCc7XG5leHBvcnQgKiBmcm9tICcuL3NlcnZpY2VQcmluY2lwYWwnO1xuZXhwb3J0ICogZnJvbSAnLi90eXBlcyc7Il19

package/lib/bicep/resources/graph/servicePrincipal.d.ts

@@ -0,0 +1,22 @@
+import { Application } from './application';
+import { BicepConstruct } from './bicepConstruct';
+import { BicepTemplate } from '../../deploy/template';
+/**
+ * Properties for Graph Service Principal construct
+ */
+export interface ServicePrincipalProps {
+    /** The application to create a service principal for */
+    readonly application: Application;
+    /** Whether user assignment is required for this app */
+    readonly appRoleAssignmentRequired?: boolean;
+}
+/**
+ * CDK-style construct for Microsoft Graph Service Principal (Enterprise Application)
+ * This represents the Enterprise Application instance in your tenant
+ */
+export declare class ServicePrincipal extends BicepConstruct {
+    readonly props: ServicePrincipalProps;
+    readonly servicePrincipalId: string;
+    constructor(template: BicepTemplate, resourceName: string, props: ServicePrincipalProps);
+    synthesize(): void;
+}

package/lib/bicep/resources/graph/servicePrincipal.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ServicePrincipal = void 0;
+const bicepConstruct_1 = require("./bicepConstruct");
+/**
+ * CDK-style construct for Microsoft Graph Service Principal (Enterprise Application)
+ * This represents the Enterprise Application instance in your tenant
+ */
+class ServicePrincipal extends bicepConstruct_1.BicepConstruct {
+    constructor(template, resourceName, props) {
+        super(template, resourceName);
+        this.props = props;
+        this.servicePrincipalId = `${this.toPascalCase(resourceName)}.id`;
+    }
+    synthesize() {
+        this.template.addResource(this.resourceName, {
+            type: 'Microsoft.Graph/servicePrincipals',
+            apiVersion: 'v1.0',
+            comment: 'Enterprise application instance',
+            appId: this.props.application.appId,
+            appRoleAssignmentRequired: this.props.appRoleAssignmentRequired ?? true,
+            dependsOn: this.explicitDependencies.length > 0 ? this.explicitDependencies : undefined,
+        });
+    }
+}
+exports.ServicePrincipal = ServicePrincipal;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VydmljZVByaW5jaXBhbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9iaWNlcC9yZXNvdXJjZXMvZ3JhcGgvc2VydmljZVByaW5jaXBhbC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSxxREFBa0Q7QUFhbEQ7OztHQUdHO0FBQ0gsTUFBYSxnQkFBaUIsU0FBUSwrQkFBYztJQUdsRCxZQUFZLFFBQXVCLEVBQUUsWUFBb0IsRUFBa0IsS0FBNEI7UUFDckcsS0FBSyxDQUFDLFFBQVEsRUFBRSxZQUFZLENBQUMsQ0FBQztRQUQyQyxVQUFLLEdBQUwsS0FBSyxDQUF1QjtRQUVyRyxJQUFJLENBQUMsa0JBQWtCLEdBQUcsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FBQyxLQUFLLENBQUM7SUFDcEUsQ0FBQztJQUVELFVBQVU7UUFDUixJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsWUFBWSxFQUFFO1lBQzNDLElBQUksRUFBRSxtQ0FBbUM7WUFDekMsVUFBVSxFQUFFLE1BQU07WUFDbEIsT0FBTyxFQUFFLGlDQUFpQztZQUMxQyxLQUFLLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxXQUFXLENBQUMsS0FBSztZQUNuQyx5QkFBeUIsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLHlCQUF5QixJQUFJLElBQUk7WUFDdkUsU0FBUyxFQUFFLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsb0JBQW9CLENBQUMsQ0FBQyxDQUFDLFNBQVM7U0FDeEYsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztDQUNGO0FBbEJELDRDQWtCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEFwcGxpY2F0aW9uIH0gZnJvbSAnLi9hcHBsaWNhdGlvbic7XG5pbXBvcnQgeyBCaWNlcENvbnN0cnVjdCB9IGZyb20gJy4vYmljZXBDb25zdHJ1Y3QnO1xuaW1wb3J0IHsgQmljZXBUZW1wbGF0ZSB9IGZyb20gJy4uLy4uL2RlcGxveS90ZW1wbGF0ZSc7XG5cbi8qKlxuICogUHJvcGVydGllcyBmb3IgR3JhcGggU2VydmljZSBQcmluY2lwYWwgY29uc3RydWN0XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgU2VydmljZVByaW5jaXBhbFByb3BzIHtcbiAgLyoqIFRoZSBhcHBsaWNhdGlvbiB0byBjcmVhdGUgYSBzZXJ2aWNlIHByaW5jaXBhbCBmb3IgKi9cbiAgcmVhZG9ubHkgYXBwbGljYXRpb246IEFwcGxpY2F0aW9uO1xuICAvKiogV2hldGhlciB1c2VyIGFzc2lnbm1lbnQgaXMgcmVxdWlyZWQgZm9yIHRoaXMgYXBwICovXG4gIHJlYWRvbmx5IGFwcFJvbGVBc3NpZ25tZW50UmVxdWlyZWQ/OiBib29sZWFuO1xufVxuXG4vKipcbiAqIENESy1zdHlsZSBjb25zdHJ1Y3QgZm9yIE1pY3Jvc29mdCBHcmFwaCBTZXJ2aWNlIFByaW5jaXBhbCAoRW50ZXJwcmlzZSBBcHBsaWNhdGlvbilcbiAqIFRoaXMgcmVwcmVzZW50cyB0aGUgRW50ZXJwcmlzZSBBcHBsaWNhdGlvbiBpbnN0YW5jZSBpbiB5b3VyIHRlbmFudFxuICovXG5leHBvcnQgY2xhc3MgU2VydmljZVByaW5jaXBhbCBleHRlbmRzIEJpY2VwQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHNlcnZpY2VQcmluY2lwYWxJZDogc3RyaW5nO1xuXG4gIGNvbnN0cnVjdG9yKHRlbXBsYXRlOiBCaWNlcFRlbXBsYXRlLCByZXNvdXJjZU5hbWU6IHN0cmluZywgcHVibGljIHJlYWRvbmx5IHByb3BzOiBTZXJ2aWNlUHJpbmNpcGFsUHJvcHMpIHtcbiAgICBzdXBlcih0ZW1wbGF0ZSwgcmVzb3VyY2VOYW1lKTtcbiAgICB0aGlzLnNlcnZpY2VQcmluY2lwYWxJZCA9IGAke3RoaXMudG9QYXNjYWxDYXNlKHJlc291cmNlTmFtZSl9LmlkYDtcbiAgfVxuXG4gIHN5bnRoZXNpemUoKTogdm9pZCB7XG4gICAgdGhpcy50ZW1wbGF0ZS5hZGRSZXNvdXJjZSh0aGlzLnJlc291cmNlTmFtZSwge1xuICAgICAgdHlwZTogJ01pY3Jvc29mdC5HcmFwaC9zZXJ2aWNlUHJpbmNpcGFscycsXG4gICAgICBhcGlWZXJzaW9uOiAndjEuMCcsXG4gICAgICBjb21tZW50OiAnRW50ZXJwcmlzZSBhcHBsaWNhdGlvbiBpbnN0YW5jZScsXG4gICAgICBhcHBJZDogdGhpcy5wcm9wcy5hcHBsaWNhdGlvbi5hcHBJZCxcbiAgICAgIGFwcFJvbGVBc3NpZ25tZW50UmVxdWlyZWQ6IHRoaXMucHJvcHMuYXBwUm9sZUFzc2lnbm1lbnRSZXF1aXJlZCA/PyB0cnVlLFxuICAgICAgZGVwZW5kc09uOiB0aGlzLmV4cGxpY2l0RGVwZW5kZW5jaWVzLmxlbmd0aCA+IDAgPyB0aGlzLmV4cGxpY2l0RGVwZW5kZW5jaWVzIDogdW5kZWZpbmVkLFxuICAgIH0pO1xuICB9XG59Il19

package/lib/bicep/resources/graph/types/index.d.ts

@@ -0,0 +1 @@
+export * from './permissions';

package/lib/bicep/resources/graph/types/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./permissions"), exports);
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL3R5cGVzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSxnREFBOEIiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgKiBmcm9tICcuL3Blcm1pc3Npb25zJztcbiJdfQ==

package/lib/bicep/resources/graph/types/permissions.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Microsoft Graph resource app IDs and permission constants
+ */
+export declare enum ResourceAppId {
+    MICROSOFT_GRAPH = "00000003-0000-0000-c000-000000000000"
+}
+export declare enum MicrosoftGraphPermission {
+    USER_READ = "e1fe6dd8-ba31-4d61-89e7-88639da4683d",
+    USER_READ_WRITE = "b4e74841-8e56-480b-be8b-910348b18b4c",
+    USER_READ_ALL = "a154be20-db9c-4678-8ab7-66f6cc099a59",
+    USER_READ_WRITE_ALL = "204e0828-b5ca-4ad8-b9f3-f32a958e7cc4",
+    DIRECTORY_READ_ALL = "06da0dbc-49e2-44d2-8312-53f166ab848a",
+    DIRECTORY_READ_WRITE_ALL = "c5366453-9fb0-48a5-a156-24f0c49a4b84",
+    GROUP_READ_ALL = "5f8c59db-677d-491f-a6b8-5f174b11ec1d",
+    GROUP_READ_WRITE_ALL = "4e46008b-f24c-477d-8fff-7bb4ec7aafe0",
+    USER_READ_ALL_APP = "df021288-bdef-4463-88db-98f22de89214",
+    USER_READ_WRITE_ALL_APP = "741f803b-c850-494e-b5df-cde7c675a1ca",
+    DIRECTORY_READ_ALL_APP = "7ab1d382-f21e-4acd-a863-ba3e13f7da61",
+    DIRECTORY_READ_WRITE_ALL_APP = "19dbc75e-c2e2-444c-a770-ec69d8559fc7",
+    GROUP_READ_ALL_APP = "5b567255-7703-4780-807c-7be8301ae99b",
+    GROUP_READ_WRITE_ALL_APP = "62a82d76-70ea-41e2-9197-370581804d09",
+    CUSTOM_AUTH_EXT_RECEIVE_PAYLOAD = "214e810f-fda8-4fd7-a475-29461495eb00",
+    APPLICATION_READ_WRITE_ALL = "1bfefb4e-e0b5-418b-a88f-73c46d2cc8e9",
+    POLICY_READ_ALL = "246dd0d5-5bd0-4def-940b-0421030a5b68",
+    POLICY_READ_WRITE_APPLICATION_CONFIGURATION = "be74164b-cff1-491c-8741-e671cb536e13",
+    MAIL_READ = "570282fd-fa5c-430d-a7fd-fc8dc98a9dca",
+    MAIL_READ_WRITE = "024d486e-b451-40bb-833d-3e66d98c5c73",
+    MAIL_SEND = "e383f46e-2787-4529-855e-0e479a3ffac0",
+    CALENDARS_READ = "465a38f9-76ea-45b9-9f34-9e8b0d4b0b42",
+    CALENDARS_READ_WRITE = "1ec239c2-d7c9-4623-a91a-a9775856bb36",
+    FILES_READ = "10465720-29dd-4523-a11a-6a75c743c9d9",
+    FILES_READ_WRITE = "5c28f0bf-8a70-41f1-8ab2-9032436ddb65",
+    FILES_READ_ALL = "df85f4d6-205c-4ac5-a5ea-6bf408dba283",
+    FILES_READ_WRITE_ALL = "863451e7-0667-486c-a5d6-d135439485f0"
+}
+export declare enum PermissionType {
+    SCOPE = "Scope",
+    ROLE = "Role"
+}
+export declare enum SignInAudience {
+    AZURE_AD_MY_ORG = "AzureADMyOrg",
+    AZURE_AD_MULTIPLE_ORGS = "AzureADMultipleOrgs",
+    AZURE_AD_AND_PERSONAL_MICROSOFT_ACCOUNT = "AzureADandPersonalMicrosoftAccount",
+    PERSONAL_MICROSOFT_ACCOUNT = "PersonalMicrosoftAccount"
+}
+/**
+ * Azure AD App Role allowed member types
+ */
+export declare enum AllowedMemberType {
+    /** Individual users can be assigned this role */
+    USER = "User",
+    /** Service principals/applications can be assigned this role */
+    APPLICATION = "Application"
+}

package/lib/bicep/resources/graph/types/permissions.js

@@ -0,0 +1,73 @@
+"use strict";
+/**
+ * Microsoft Graph resource app IDs and permission constants
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AllowedMemberType = exports.SignInAudience = exports.PermissionType = exports.MicrosoftGraphPermission = exports.ResourceAppId = void 0;
+var ResourceAppId;
+(function (ResourceAppId) {
+    ResourceAppId["MICROSOFT_GRAPH"] = "00000003-0000-0000-c000-000000000000";
+})(ResourceAppId || (exports.ResourceAppId = ResourceAppId = {}));
+var MicrosoftGraphPermission;
+(function (MicrosoftGraphPermission) {
+    // User permissions (Delegated)
+    MicrosoftGraphPermission["USER_READ"] = "e1fe6dd8-ba31-4d61-89e7-88639da4683d";
+    MicrosoftGraphPermission["USER_READ_WRITE"] = "b4e74841-8e56-480b-be8b-910348b18b4c";
+    MicrosoftGraphPermission["USER_READ_ALL"] = "a154be20-db9c-4678-8ab7-66f6cc099a59";
+    MicrosoftGraphPermission["USER_READ_WRITE_ALL"] = "204e0828-b5ca-4ad8-b9f3-f32a958e7cc4";
+    // Directory permissions (Delegated)
+    MicrosoftGraphPermission["DIRECTORY_READ_ALL"] = "06da0dbc-49e2-44d2-8312-53f166ab848a";
+    MicrosoftGraphPermission["DIRECTORY_READ_WRITE_ALL"] = "c5366453-9fb0-48a5-a156-24f0c49a4b84";
+    // Group permissions (Delegated)
+    MicrosoftGraphPermission["GROUP_READ_ALL"] = "5f8c59db-677d-491f-a6b8-5f174b11ec1d";
+    MicrosoftGraphPermission["GROUP_READ_WRITE_ALL"] = "4e46008b-f24c-477d-8fff-7bb4ec7aafe0";
+    // Application permissions (Application)
+    MicrosoftGraphPermission["USER_READ_ALL_APP"] = "df021288-bdef-4463-88db-98f22de89214";
+    MicrosoftGraphPermission["USER_READ_WRITE_ALL_APP"] = "741f803b-c850-494e-b5df-cde7c675a1ca";
+    MicrosoftGraphPermission["DIRECTORY_READ_ALL_APP"] = "7ab1d382-f21e-4acd-a863-ba3e13f7da61";
+    MicrosoftGraphPermission["DIRECTORY_READ_WRITE_ALL_APP"] = "19dbc75e-c2e2-444c-a770-ec69d8559fc7";
+    MicrosoftGraphPermission["GROUP_READ_ALL_APP"] = "5b567255-7703-4780-807c-7be8301ae99b";
+    MicrosoftGraphPermission["GROUP_READ_WRITE_ALL_APP"] = "62a82d76-70ea-41e2-9197-370581804d09";
+    // Custom Authentication Extension permissions (Application)
+    MicrosoftGraphPermission["CUSTOM_AUTH_EXT_RECEIVE_PAYLOAD"] = "214e810f-fda8-4fd7-a475-29461495eb00";
+    // Application permissions (Application)
+    MicrosoftGraphPermission["APPLICATION_READ_WRITE_ALL"] = "1bfefb4e-e0b5-418b-a88f-73c46d2cc8e9";
+    // Policy permissions (Application)
+    MicrosoftGraphPermission["POLICY_READ_ALL"] = "246dd0d5-5bd0-4def-940b-0421030a5b68";
+    MicrosoftGraphPermission["POLICY_READ_WRITE_APPLICATION_CONFIGURATION"] = "be74164b-cff1-491c-8741-e671cb536e13";
+    // Mail permissions (Delegated)
+    MicrosoftGraphPermission["MAIL_READ"] = "570282fd-fa5c-430d-a7fd-fc8dc98a9dca";
+    MicrosoftGraphPermission["MAIL_READ_WRITE"] = "024d486e-b451-40bb-833d-3e66d98c5c73";
+    MicrosoftGraphPermission["MAIL_SEND"] = "e383f46e-2787-4529-855e-0e479a3ffac0";
+    // Calendar permissions (Delegated)
+    MicrosoftGraphPermission["CALENDARS_READ"] = "465a38f9-76ea-45b9-9f34-9e8b0d4b0b42";
+    MicrosoftGraphPermission["CALENDARS_READ_WRITE"] = "1ec239c2-d7c9-4623-a91a-a9775856bb36";
+    // Files permissions (Delegated)
+    MicrosoftGraphPermission["FILES_READ"] = "10465720-29dd-4523-a11a-6a75c743c9d9";
+    MicrosoftGraphPermission["FILES_READ_WRITE"] = "5c28f0bf-8a70-41f1-8ab2-9032436ddb65";
+    MicrosoftGraphPermission["FILES_READ_ALL"] = "df85f4d6-205c-4ac5-a5ea-6bf408dba283";
+    MicrosoftGraphPermission["FILES_READ_WRITE_ALL"] = "863451e7-0667-486c-a5d6-d135439485f0";
+})(MicrosoftGraphPermission || (exports.MicrosoftGraphPermission = MicrosoftGraphPermission = {}));
+var PermissionType;
+(function (PermissionType) {
+    PermissionType["SCOPE"] = "Scope";
+    PermissionType["ROLE"] = "Role";
+})(PermissionType || (exports.PermissionType = PermissionType = {}));
+var SignInAudience;
+(function (SignInAudience) {
+    SignInAudience["AZURE_AD_MY_ORG"] = "AzureADMyOrg";
+    SignInAudience["AZURE_AD_MULTIPLE_ORGS"] = "AzureADMultipleOrgs";
+    SignInAudience["AZURE_AD_AND_PERSONAL_MICROSOFT_ACCOUNT"] = "AzureADandPersonalMicrosoftAccount";
+    SignInAudience["PERSONAL_MICROSOFT_ACCOUNT"] = "PersonalMicrosoftAccount";
+})(SignInAudience || (exports.SignInAudience = SignInAudience = {}));
+/**
+ * Azure AD App Role allowed member types
+ */
+var AllowedMemberType;
+(function (AllowedMemberType) {
+    /** Individual users can be assigned this role */
+    AllowedMemberType["USER"] = "User";
+    /** Service principals/applications can be assigned this role */
+    AllowedMemberType["APPLICATION"] = "Application";
+})(AllowedMemberType || (exports.AllowedMemberType = AllowedMemberType = {}));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVybWlzc2lvbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2dyYXBoL3R5cGVzL3Blcm1pc3Npb25zLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7R0FFRzs7O0FBRUgsSUFBWSxhQUVYO0FBRkQsV0FBWSxhQUFhO0lBQ3ZCLHlFQUF3RCxDQUFBO0FBQzFELENBQUMsRUFGVyxhQUFhLDZCQUFiLGFBQWEsUUFFeEI7QUFFRCxJQUFZLHdCQStDWDtBQS9DRCxXQUFZLHdCQUF3QjtJQUNsQywrQkFBK0I7SUFDL0IsOEVBQWtELENBQUE7SUFDbEQsb0ZBQXdELENBQUE7SUFDeEQsa0ZBQXNELENBQUE7SUFDdEQsd0ZBQTRELENBQUE7SUFFNUQsb0NBQW9DO0lBQ3BDLHVGQUEyRCxDQUFBO0lBQzNELDZGQUFpRSxDQUFBO0lBRWpFLGdDQUFnQztJQUNoQyxtRkFBdUQsQ0FBQTtJQUN2RCx5RkFBNkQsQ0FBQTtJQUU3RCx3Q0FBd0M7SUFDeEMsc0ZBQTBELENBQUE7SUFDMUQsNEZBQWdFLENBQUE7SUFDaEUsMkZBQStELENBQUE7SUFDL0QsaUdBQXFFLENBQUE7SUFDckUsdUZBQTJELENBQUE7SUFDM0QsNkZBQWlFLENBQUE7SUFFakUsNERBQTREO0lBQzVELG9HQUF3RSxDQUFBO0lBRXhFLHdDQUF3QztJQUN4QywrRkFBbUUsQ0FBQTtJQUVuRSxtQ0FBbUM7SUFDbkMsb0ZBQXdELENBQUE7SUFDeEQsZ0hBQW9GLENBQUE7SUFFcEYsK0JBQStCO0lBQy9CLDhFQUFrRCxDQUFBO0lBQ2xELG9GQUF3RCxDQUFBO0lBQ3hELDhFQUFrRCxDQUFBO0lBRWxELG1DQUFtQztJQUNuQyxtRkFBdUQsQ0FBQTtJQUN2RCx5RkFBNkQsQ0FBQTtJQUU3RCxnQ0FBZ0M7SUFDaEMsK0VBQW1ELENBQUE7SUFDbkQscUZBQXlELENBQUE7SUFDekQsbUZBQXVELENBQUE7SUFDdkQseUZBQTZELENBQUE7QUFDL0QsQ0FBQyxFQS9DVyx3QkFBd0Isd0NBQXhCLHdCQUF3QixRQStDbkM7QUFFRCxJQUFZLGNBR1g7QUFIRCxXQUFZLGNBQWM7SUFDeEIsaUNBQWUsQ0FBQTtJQUNmLCtCQUFhLENBQUE7QUFDZixDQUFDLEVBSFcsY0FBYyw4QkFBZCxjQUFjLFFBR3pCO0FBRUQsSUFBWSxjQUtYO0FBTEQsV0FBWSxjQUFjO0lBQ3hCLGtEQUFnQyxDQUFBO0lBQ2hDLGdFQUE4QyxDQUFBO0lBQzlDLGdHQUE4RSxDQUFBO0lBQzlFLHlFQUF1RCxDQUFBO0FBQ3pELENBQUMsRUFMVyxjQUFjLDhCQUFkLGNBQWMsUUFLekI7QUFFRDs7R0FFRztBQUNILElBQVksaUJBS1g7QUFMRCxXQUFZLGlCQUFpQjtJQUMzQixpREFBaUQ7SUFDakQsa0NBQWEsQ0FBQTtJQUNiLGdFQUFnRTtJQUNoRSxnREFBMkIsQ0FBQTtBQUM3QixDQUFDLEVBTFcsaUJBQWlCLGlDQUFqQixpQkFBaUIsUUFLNUIiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIE1pY3Jvc29mdCBHcmFwaCByZXNvdXJjZSBhcHAgSURzIGFuZCBwZXJtaXNzaW9uIGNvbnN0YW50c1xuICovXG5cbmV4cG9ydCBlbnVtIFJlc291cmNlQXBwSWQge1xuICBNSUNST1NPRlRfR1JBUEggPSAnMDAwMDAwMDMtMDAwMC0wMDAwLWMwMDAtMDAwMDAwMDAwMDAwJyxcbn1cblxuZXhwb3J0IGVudW0gTWljcm9zb2Z0R3JhcGhQZXJtaXNzaW9uIHtcbiAgLy8gVXNlciBwZXJtaXNzaW9ucyAoRGVsZWdhdGVkKVxuICBVU0VSX1JFQUQgPSAnZTFmZTZkZDgtYmEzMS00ZDYxLTg5ZTctODg2MzlkYTQ2ODNkJyxcbiAgVVNFUl9SRUFEX1dSSVRFID0gJ2I0ZTc0ODQxLThlNTYtNDgwYi1iZThiLTkxMDM0OGIxOGI0YycsXG4gIFVTRVJfUkVBRF9BTEwgPSAnYTE1NGJlMjAtZGI5Yy00Njc4LThhYjctNjZmNmNjMDk5YTU5JyxcbiAgVVNFUl9SRUFEX1dSSVRFX0FMTCA9ICcyMDRlMDgyOC1iNWNhLTRhZDgtYjlmMy1mMzJhOTU4ZTdjYzQnLFxuXG4gIC8vIERpcmVjdG9yeSBwZXJtaXNzaW9ucyAoRGVsZWdhdGVkKVxuICBESVJFQ1RPUllfUkVBRF9BTEwgPSAnMDZkYTBkYmMtNDllMi00NGQyLTgzMTItNTNmMTY2YWI4NDhhJyxcbiAgRElSRUNUT1JZX1JFQURfV1JJVEVfQUxMID0gJ2M1MzY2NDUzLTlmYjAtNDhhNS1hMTU2LTI0ZjBjNDlhNGI4NCcsXG5cbiAgLy8gR3JvdXAgcGVybWlzc2lvbnMgKERlbGVnYXRlZClcbiAgR1JPVVBfUkVBRF9BTEwgPSAnNWY4YzU5ZGItNjc3ZC00OTFmLWE2YjgtNWYxNzRiMTFlYzFkJyxcbiAgR1JPVVBfUkVBRF9XUklURV9BTEwgPSAnNGU0NjAwOGItZjI0Yy00NzdkLThmZmYtN2JiNGVjN2FhZmUwJyxcblxuICAvLyBBcHBsaWNhdGlvbiBwZXJtaXNzaW9ucyAoQXBwbGljYXRpb24pXG4gIFVTRVJfUkVBRF9BTExfQVBQID0gJ2RmMDIxMjg4LWJkZWYtNDQ2My04OGRiLTk4ZjIyZGU4OTIxNCcsXG4gIFVTRVJfUkVBRF9XUklURV9BTExfQVBQID0gJzc0MWY4MDNiLWM4NTAtNDk0ZS1iNWRmLWNkZTdjNjc1YTFjYScsXG4gIERJUkVDVE9SWV9SRUFEX0FMTF9BUFAgPSAnN2FiMWQzODItZjIxZS00YWNkLWE4NjMtYmEzZTEzZjdkYTYxJyxcbiAgRElSRUNUT1JZX1JFQURfV1JJVEVfQUxMX0FQUCA9ICcxOWRiYzc1ZS1jMmUyLTQ0NGMtYTc3MC1lYzY5ZDg1NTlmYzcnLFxuICBHUk9VUF9SRUFEX0FMTF9BUFAgPSAnNWI1NjcyNTUtNzcwMy00NzgwLTgwN2MtN2JlODMwMWFlOTliJyxcbiAgR1JPVVBfUkVBRF9XUklURV9BTExfQVBQID0gJzYyYTgyZDc2LTcwZWEtNDFlMi05MTk3LTM3MDU4MTgwNGQwOScsXG5cbiAgLy8gQ3VzdG9tIEF1dGhlbnRpY2F0aW9uIEV4dGVuc2lvbiBwZXJtaXNzaW9ucyAoQXBwbGljYXRpb24pXG4gIENVU1RPTV9BVVRIX0VYVF9SRUNFSVZFX1BBWUxPQUQgPSAnMjE0ZTgxMGYtZmRhOC00ZmQ3LWE0NzUtMjk0NjE0OTVlYjAwJyxcblxuICAvLyBBcHBsaWNhdGlvbiBwZXJtaXNzaW9ucyAoQXBwbGljYXRpb24pXG4gIEFQUExJQ0FUSU9OX1JFQURfV1JJVEVfQUxMID0gJzFiZmVmYjRlLWUwYjUtNDE4Yi1hODhmLTczYzQ2ZDJjYzhlOScsXG5cbiAgLy8gUG9saWN5IHBlcm1pc3Npb25zIChBcHBsaWNhdGlvbilcbiAgUE9MSUNZX1JFQURfQUxMID0gJzI0NmRkMGQ1LTViZDAtNGRlZi05NDBiLTA0MjEwMzBhNWI2OCcsXG4gIFBPTElDWV9SRUFEX1dSSVRFX0FQUExJQ0FUSU9OX0NPTkZJR1VSQVRJT04gPSAnYmU3NDE2NGItY2ZmMS00OTFjLTg3NDEtZTY3MWNiNTM2ZTEzJyxcblxuICAvLyBNYWlsIHBlcm1pc3Npb25zIChEZWxlZ2F0ZWQpXG4gIE1BSUxfUkVBRCA9ICc1NzAyODJmZC1mYTVjLTQzMGQtYTdmZC1mYzhkYzk4YTlkY2EnLFxuICBNQUlMX1JFQURfV1JJVEUgPSAnMDI0ZDQ4NmUtYjQ1MS00MGJiLTgzM2QtM2U2NmQ5OGM1YzczJyxcbiAgTUFJTF9TRU5EID0gJ2UzODNmNDZlLTI3ODctNDUyOS04NTVlLTBlNDc5YTNmZmFjMCcsXG5cbiAgLy8gQ2FsZW5kYXIgcGVybWlzc2lvbnMgKERlbGVnYXRlZClcbiAgQ0FMRU5EQVJTX1JFQUQgPSAnNDY1YTM4ZjktNzZlYS00NWI5LTlmMzQtOWU4YjBkNGIwYjQyJyxcbiAgQ0FMRU5EQVJTX1JFQURfV1JJVEUgPSAnMWVjMjM5YzItZDdjOS00NjIzLWE5MWEtYTk3NzU4NTZiYjM2JyxcblxuICAvLyBGaWxlcyBwZXJtaXNzaW9ucyAoRGVsZWdhdGVkKVxuICBGSUxFU19SRUFEID0gJzEwNDY1NzIwLTI5ZGQtNDUyMy1hMTFhLTZhNzVjNzQzYzlkOScsXG4gIEZJTEVTX1JFQURfV1JJVEUgPSAnNWMyOGYwYmYtOGE3MC00MWYxLThhYjItOTAzMjQzNmRkYjY1JyxcbiAgRklMRVNfUkVBRF9BTEwgPSAnZGY4NWY0ZDYtMjA1Yy00YWM1LWE1ZWEtNmJmNDA4ZGJhMjgzJyxcbiAgRklMRVNfUkVBRF9XUklURV9BTEwgPSAnODYzNDUxZTctMDY2Ny00ODZjLWE1ZDYtZDEzNTQzOTQ4NWYwJyxcbn1cblxuZXhwb3J0IGVudW0gUGVybWlzc2lvblR5cGUge1xuICBTQ09QRSA9ICdTY29wZScsXG4gIFJPTEUgPSAnUm9sZScsXG59XG5cbmV4cG9ydCBlbnVtIFNpZ25JbkF1ZGllbmNlIHtcbiAgQVpVUkVfQURfTVlfT1JHID0gJ0F6dXJlQURNeU9yZycsXG4gIEFaVVJFX0FEX01VTFRJUExFX09SR1MgPSAnQXp1cmVBRE11bHRpcGxlT3JncycsXG4gIEFaVVJFX0FEX0FORF9QRVJTT05BTF9NSUNST1NPRlRfQUNDT1VOVCA9ICdBenVyZUFEYW5kUGVyc29uYWxNaWNyb3NvZnRBY2NvdW50JyxcbiAgUEVSU09OQUxfTUlDUk9TT0ZUX0FDQ09VTlQgPSAnUGVyc29uYWxNaWNyb3NvZnRBY2NvdW50Jyxcbn1cblxuLyoqXG4gKiBBenVyZSBBRCBBcHAgUm9sZSBhbGxvd2VkIG1lbWJlciB0eXBlc1xuICovXG5leHBvcnQgZW51bSBBbGxvd2VkTWVtYmVyVHlwZSB7XG4gIC8qKiBJbmRpdmlkdWFsIHVzZXJzIGNhbiBiZSBhc3NpZ25lZCB0aGlzIHJvbGUgKi9cbiAgVVNFUiA9ICdVc2VyJyxcbiAgLyoqIFNlcnZpY2UgcHJpbmNpcGFscy9hcHBsaWNhdGlvbnMgY2FuIGJlIGFzc2lnbmVkIHRoaXMgcm9sZSAqL1xuICBBUFBMSUNBVElPTiA9ICdBcHBsaWNhdGlvbicsXG59XG4iXX0=

package/lib/bicep/resources/index.d.ts

@@ -0,0 +1,2 @@
+export * as graph from './graph';
+export * as azure from './azure';

package/lib/bicep/resources/index.js

@@ -0,0 +1,39 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.azure = exports.graph = void 0;
+exports.graph = __importStar(require("./graph"));
+exports.azure = __importStar(require("./azure"));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYmljZXAvcmVzb3VyY2VzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLGlEQUFpQztBQUNqQyxpREFBaUMiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgKiBhcyBncmFwaCBmcm9tICcuL2dyYXBoJztcbmV4cG9ydCAqIGFzIGF6dXJlIGZyb20gJy4vYXp1cmUnO1xuIl19

package/lib/cloudfront/auth/authLambdaFunctions.d.ts

@@ -0,0 +1,20 @@
+import * as core from 'aws-cdk-lib';
+import { aws_cloudfront as cloudfront, aws_lambda as lambda, aws_secretsmanager as secretsmanager, aws_kms as kms, aws_logs as logs, aws_dynamodb as dynamodb } from 'aws-cdk-lib';
+import * as constructs from 'constructs';
+export interface AuthLambdaFunctionsProps {
+    readonly configSecret: secretsmanager.Secret;
+    readonly kmsKey: kms.Key;
+    readonly kvs: cloudfront.KeyValueStore;
+    readonly authTable: dynamodb.ITable;
+    readonly rotationSchedule?: core.Duration;
+    readonly sessionRevocationTopicArn?: string;
+    readonly logRetentionDays: number;
+}
+export declare class AuthLambdaFunctions extends constructs.Construct {
+    readonly copySecretLambda: lambda.Function;
+    readonly rotateSecretLambda: lambda.Function;
+    readonly streamProcessorLambda: lambda.Function;
+    readonly sessionRevocationLambda?: lambda.Function;
+    readonly logGroups: logs.LogGroup[];
+    constructor(scope: constructs.Construct, id: string, props: AuthLambdaFunctionsProps);
+}