daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

agent-claw: automated task changes

Browse Source
This commit is contained in:
daniel
2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

377
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener-action.d.ts generated vendored Normal file
View File

@@ -0,0 +1,377 @@
import type { Construct, IConstruct } from 'constructs';
import { type IApplicationListener } from './application-listener';
import type { IApplicationTargetGroup } from './application-target-group';
import type { Duration, SecretValue } from '../../../core';
import type { CfnListener, CfnListenerRule } from '../elasticloadbalancingv2.generated';
import type { IListenerAction } from '../shared/listener-action';
/**
* What to do when a client makes a request to a listener
*
* Some actions can be combined with other ones (specifically,
* you can perform authentication before serving the request).
*
* Multiple actions form a linked chain; the chain must always terminate in a
* *(weighted)forward*, *fixedResponse* or *redirect* action.
*
* If an action supports chaining, the next action can be indicated
* by passing it in the `next` property.
*
* (Called `ListenerAction` instead of the more strictly correct
* `ListenerAction` because this is the class most users interact
* with, and we want to make it not too visually overwhelming).
*/
export declare class ListenerAction implements IListenerAction {
private readonly defaultActionJson;
protected readonly next?: ListenerAction | undefined;
/**
* Authenticate using an identity provider (IdP) that is compliant with OpenID Connect (OIDC)
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#oidc-requirements
*/
static authenticateOidc(options: AuthenticateOidcOptions): ListenerAction;
/**
* Authenticate using JWT validation
*
* You can configure ALB to verify JSON Web Tokens (JWT) provided by clients
* for secure service-to-service (S2S) or machine-to-machine (M2M) communications.
*
* ALB validates the token signature and requires mandatory claims: 'iss' (issuer)
* and 'exp' (expiration). Additionally, if present, ALB validates 'nbf' (not before)
* and 'iat' (issued at time) claims.
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-verify-jwt.html
*/
static authenticateJwt(options: AuthenticateJwtOptions): ListenerAction;
/**
* Forward to one or more Target Groups
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#forward-actions
*/
static forward(targetGroups: IApplicationTargetGroup[], options?: ForwardOptions): ListenerAction;
/**
* Forward to one or more Target Groups which are weighted differently
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#forward-actions
*/
static weightedForward(targetGroups: WeightedTargetGroup[], options?: ForwardOptions): ListenerAction;
/**
* Return a fixed response
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#fixed-response-actions
*/
static fixedResponse(statusCode: number, options?: FixedResponseOptions): ListenerAction;
/**
* Redirect to a different URI
*
* A URI consists of the following components:
* protocol://hostname:port/path?query. You must modify at least one of the
* following components to avoid a redirect loop: protocol, hostname, port, or
* path. Any components that you do not modify retain their original values.
*
* You can reuse URI components using the following reserved keywords:
*
* - `#{protocol}`
* - `#{host}`
* - `#{port}`
* - `#{path}` (the leading "/" is removed)
* - `#{query}`
*
* For example, you can change the path to "/new/#{path}", the hostname to
* "example.#{host}", or the query to "#{query}&value=xyz".
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#redirect-actions
*/
static redirect(options: RedirectOptions): ListenerAction;
/**
* If set, it is preferred as Action for the `ListenerRule`.
* This is necessary if `CfnListener.ActionProperty` and `CfnListenerRule.ActionProperty`
* have different structures.
*/
private _actionJson?;
/**
* Create an instance of ListenerAction
*
* The default class should be good enough for most cases and
* should be created by using one of the static factory functions,
* but allow overriding to make sure we allow flexibility for the future.
*/
protected constructor(defaultActionJson: CfnListener.ActionProperty, next?: ListenerAction | undefined);
/**
* Render the listener rule actions in this chain
*/
renderRuleActions(): CfnListenerRule.ActionProperty[];
/**
* Render the listener default actions in this chain
*/
renderActions(): CfnListener.ActionProperty[];
/**
* Called when the action is being used in a listener
*/
bind(scope: Construct, listener: IApplicationListener, associatingConstruct?: IConstruct): void;
private _renumber;
/**
* Renumber the "order" fields in the actions array.
*
* We don't number for 0 or 1 elements, but otherwise number them 1...#actions
* so ELB knows about the right order.
*
* Do this in `ListenerAction` instead of in `Listener` so that we give
* users the opportunity to override by subclassing and overriding `renderActions`.
*/
protected renumber(actions: CfnListener.ActionProperty[]): CfnListener.ActionProperty[];
/**
* Sets the Action for the `ListenerRule`.
* This method is required to set a dedicated Action to a `ListenerRule`
* when the Action for the `CfnListener` and the Action for the `CfnListenerRule`
* have different structures. (e.g. `AuthenticateOidcConfig`)
* @param actionJson Action for `ListenerRule`
*/
protected addRuleAction(actionJson: CfnListenerRule.ActionProperty): void;
}
/**
* Options for `ListenerAction.forward()`
*/
export interface ForwardOptions {
/**
* For how long clients should be directed to the same target group
*
* Range between 1 second and 7 days.
*
* @default - No stickiness
*/
readonly stickinessDuration?: Duration;
}
/**
* A Target Group and weight combination
*/
export interface WeightedTargetGroup {
/**
* The target group
*/
readonly targetGroup: IApplicationTargetGroup;
/**
* The target group's weight
*
* Range is [0..1000).
*
* @default 1
*/
readonly weight?: number;
}
/**
* Options for `ListenerAction.fixedResponse()`
*/
export interface FixedResponseOptions {
/**
* Content Type of the response
*
* Valid Values: text/plain | text/css | text/html | application/javascript | application/json
*
* @default - Automatically determined
*/
readonly contentType?: string;
/**
* The response body
*
* @default - No body
*/
readonly messageBody?: string;
}
/**
* Options for `ListenerAction.redirect()`
*
* A URI consists of the following components:
* protocol://hostname:port/path?query. You must modify at least one of the
* following components to avoid a redirect loop: protocol, hostname, port, or
* path. Any components that you do not modify retain their original values.
*
* You can reuse URI components using the following reserved keywords:
*
* - `#{protocol}`
* - `#{host}`
* - `#{port}`
* - `#{path}` (the leading "/" is removed)
* - `#{query}`
*
* For example, you can change the path to "/new/#{path}", the hostname to
* "example.#{host}", or the query to "#{query}&value=xyz".
*/
export interface RedirectOptions {
/**
* The hostname.
*
* This component is not percent-encoded. The hostname can contain #{host}.
*
* @default - No change
*/
readonly host?: string;
/**
* The absolute path, starting with the leading "/".
*
* This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.
*
* @default - No change
*/
readonly path?: string;
/**
* The port.
*
* You can specify a value from 1 to 65535 or #{port}.
*
* @default - No change
*/
readonly port?: string;
/**
* The protocol.
*
* You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP.
*
* @default - No change
*/
readonly protocol?: string;
/**
* The query parameters, URL-encoded when necessary, but not percent-encoded.
*
* Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords.
*
* @default - No change
*/
readonly query?: string;
/**
* The HTTP redirect code.
*
* The redirect is either permanent (HTTP 301) or temporary (HTTP 302).
*
* @default false
*/
readonly permanent?: boolean;
}
/**
* Options for `ListenerAction.authenciateOidc()`
*/
export interface AuthenticateOidcOptions {
/**
* What action to execute next
*/
readonly next: ListenerAction;
/**
* The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
*
* @default - No extra parameters
*/
readonly authenticationRequestExtraParams?: Record<string, string>;
/**
* The authorization endpoint of the IdP.
*
* This must be a full URL, including the HTTPS protocol, the domain, and the path.
*/
readonly authorizationEndpoint: string;
/**
* The OAuth 2.0 client identifier.
*/
readonly clientId: string;
/**
* The OAuth 2.0 client secret.
*/
readonly clientSecret: SecretValue;
/**
* The OIDC issuer identifier of the IdP.
*
* This must be a full URL, including the HTTPS protocol, the domain, and the path.
*/
readonly issuer: string;
/**
* The behavior if the user is not authenticated.
*
* @default UnauthenticatedAction.AUTHENTICATE
*/
readonly onUnauthenticatedRequest?: UnauthenticatedAction;
/**
* The set of user claims to be requested from the IdP.
*
* To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
*
* @default "openid"
*/
readonly scope?: string;
/**
* The name of the cookie used to maintain session information.
*
* @default "AWSELBAuthSessionCookie"
*/
readonly sessionCookieName?: string;
/**
* The maximum duration of the authentication session.
*
* @default Duration.days(7)
*/
readonly sessionTimeout?: Duration;
/**
* The token endpoint of the IdP.
*
* This must be a full URL, including the HTTPS protocol, the domain, and the path.
*/
readonly tokenEndpoint: string;
/**
* The user info endpoint of the IdP.
*
* This must be a full URL, including the HTTPS protocol, the domain, and the path.
*/
readonly userInfoEndpoint: string;
/**
* Allow HTTPS outbound traffic to communicate with the IdP.
*
* Set this property to false if the IP address used for the IdP endpoint is identifiable
* and you want to control outbound traffic.
* Then allow HTTPS outbound traffic to the IdP's IP address using the listener's `connections` property.
*
* @default true
* @see https://repost.aws/knowledge-center/elb-configure-authentication-alb
*/
readonly allowHttpsOutbound?: boolean;
}
/**
* Options for `ListenerAction.authenticateJwt()`
*/
export interface AuthenticateJwtOptions {
/**
* What action to execute next
*
* Multiple actions form a linked chain; the chain must always terminate in a
* (weighted)forward, fixedResponse or redirect action.
*/
readonly next: ListenerAction;
/**
* The issuer of the JWT token
*
* This must be a full URL, including the HTTPS protocol, the domain, and the path.
*
* @example 'https://issuer.example.com'
*/
readonly issuer: string;
/**
* The JWKS (JSON Web Key Set) endpoint URL
*
* The endpoint must be publicly accessible and return the public keys used to verify JWT signatures.
*
* @example 'https://issuer.example.com/jwks'
*/
readonly jwksEndpoint: string;
}
/**
* What to do with unauthenticated requests
*/
export declare enum UnauthenticatedAction {
/**
* Return an HTTP 401 Unauthorized error.
*/
DENY = "deny",
/**
* Allow the request to be forwarded to the target.
*/
ALLOW = "allow",
/**
* Redirect the request to the IdP authorization endpoint.
*/
AUTHENTICATE = "authenticate"
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener-action.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

26
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener-certificate.d.ts generated vendored Normal file
View File

@@ -0,0 +1,26 @@
import { Construct } from 'constructs';
import type { aws_elasticloadbalancingv2 as elbv2 } from '../../../interfaces';
import type { IListenerCertificate } from '../shared/listener-certificate';
/**
* Properties for adding a set of certificates to a listener
*/
export interface ApplicationListenerCertificateProps {
/**
* The listener to attach the rule to
*/
readonly listener: elbv2.IListenerRef;
/**
* Certificates to attach
*
* Duplicates are not allowed.
*
* @default - One of 'certificates' and 'certificateArns' is required.
*/
readonly certificates?: IListenerCertificate[];
}
/**
* Add certificates to a listener
*/
export declare class ApplicationListenerCertificate extends Construct {
constructor(scope: Construct, id: string, props: ApplicationListenerCertificateProps);
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener-certificate.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.ApplicationListenerCertificate=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var constructs_1=()=>{var tmp=require("constructs");return constructs_1=()=>tmp,tmp},errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},elasticloadbalancingv2_generated_1=()=>{var tmp=require("../elasticloadbalancingv2.generated");return elasticloadbalancingv2_generated_1=()=>tmp,tmp};class ApplicationListenerCertificate extends constructs_1().Construct{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListenerCertificate",version:"2.252.0"};constructor(scope,id,props){super(scope,id);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_elasticloadbalancingv2_ApplicationListenerCertificateProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,ApplicationListenerCertificate),error}if(!props.certificateArns&&!props.certificates)throw new(errors_1()).ValidationError((0,literal_string_1().lit)`IsRequiredLeastCertificatearnsCertificates`,"At least one of 'certificateArns' or 'certificates' is required",this);const certificates=[...(props.certificates||[]).map(c=>({certificateArn:c.certificateArn})),...(props.certificateArns||[]).map(certificateArn=>({certificateArn}))];new(elasticloadbalancingv2_generated_1()).CfnListenerCertificate(this,"Resource",{listenerArn:props.listener.listenerRef.listenerArn,certificates})}}exports.ApplicationListenerCertificate=ApplicationListenerCertificate;

83
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener-rule.d.ts generated vendored Normal file
View File

@@ -0,0 +1,83 @@
import { Construct } from 'constructs';
import type { IApplicationListener } from './application-listener';
import { ListenerAction } from './application-listener-action';
import type { IApplicationTargetGroup } from './application-target-group';
import type { ListenerCondition } from './conditions';
/**
* Basic properties for defining a rule on a listener
*/
export interface BaseApplicationListenerRuleProps {
/**
* Priority of the rule
*
* The rule with the lowest priority will be used for every request.
*
* Priorities must be unique.
*/
readonly priority: number;
/**
* Target groups to forward requests to.
*
* Only one of `action`, `fixedResponse`, `redirectResponse` or `targetGroups` can be specified.
*
* Implies a `forward` action.
*
* @default - No target groups.
*/
readonly targetGroups?: IApplicationTargetGroup[];
/**
* Action to perform when requests are received
*
* Only one of `action`, `fixedResponse`, `redirectResponse` or `targetGroups` can be specified.
*
* @default - No action
*/
readonly action?: ListenerAction;
/**
* Rule applies if matches the conditions.
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html
*
* @default - No conditions.
*/
readonly conditions?: ListenerCondition[];
}
/**
* Properties for defining a listener rule
*/
export interface ApplicationListenerRuleProps extends BaseApplicationListenerRuleProps {
/**
* The listener to attach the rule to
*/
readonly listener: IApplicationListener;
}
/**
* Define a new listener rule
*/
export declare class ApplicationListenerRule extends Construct {
/**
* The ARN of this rule
*/
readonly listenerRuleArn: string;
private readonly conditions;
private readonly legacyConditions;
private readonly listener;
private action?;
constructor(scope: Construct, id: string, props: ApplicationListenerRuleProps);
/**
* Add a non-standard condition to this rule
*/
addCondition(condition: ListenerCondition): void;
/**
* Configure the action to perform for this rule
*/
configureAction(action: ListenerAction): void;
/**
* Validate the rule
*/
private validateListenerRule;
/**
* Render the conditions for this rule
*/
private renderConditions;
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener-rule.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

505
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener.d.ts generated vendored Normal file
View File

@@ -0,0 +1,505 @@
import type { Construct } from 'constructs';
import { ListenerAction } from './application-listener-action';
import './application-listener-rule';
import type { IApplicationLoadBalancer } from './application-load-balancer';
import type { IApplicationLoadBalancerTarget, IApplicationTargetGroup } from './application-target-group';
import { ApplicationTargetGroup } from './application-target-group';
import type { ListenerCondition } from './conditions';
import * as ec2 from '../../../aws-ec2';
import type { Duration } from '../../../core';
import type { aws_elasticloadbalancingv2 } from '../../../interfaces';
import type { BaseListenerLookupOptions, IListener } from '../shared/base-listener';
import { BaseListener } from '../shared/base-listener';
import type { HealthCheck } from '../shared/base-target-group';
import type { ApplicationProtocolVersion, TargetGroupLoadBalancingAlgorithmType } from '../shared/enums';
import { ApplicationProtocol, SslPolicy } from '../shared/enums';
import type { IListenerCertificate } from '../shared/listener-certificate';
/**
* Basic properties for an ApplicationListener
*/
export interface BaseApplicationListenerProps {
/**
* The protocol to use
*
* @default - Determined from port if known.
*/
readonly protocol?: ApplicationProtocol;
/**
* The port on which the listener listens for requests.
*
* @default - Determined from protocol if known.
*/
readonly port?: number;
/**
* Certificate list of ACM cert ARNs. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.
*
* @default - No certificates.
*/
readonly certificates?: IListenerCertificate[];
/**
* The security policy that defines which ciphers and protocols are supported.
*
* @default - The current predefined security policy.
*/
readonly sslPolicy?: SslPolicy;
/**
* Default target groups to load balance to
*
* All target groups will be load balanced to with equal weight and without
* stickiness. For a more complex configuration than that, use
* either `defaultAction` or `addAction()`.
*
* Cannot be specified together with `defaultAction`.
*
* @default - None.
*/
readonly defaultTargetGroups?: IApplicationTargetGroup[];
/**
* Default action to take for requests to this listener
*
* This allows full control of the default action of the load balancer,
* including Action chaining, fixed responses and redirect responses.
*
* See the `ListenerAction` class for all options.
*
* Cannot be specified together with `defaultTargetGroups`.
*
* @default - None.
*/
readonly defaultAction?: ListenerAction;
/**
* Allow anyone to connect to the load balancer on the listener port
*
* If this is specified, the load balancer will be opened up to anyone who can reach it.
* For internal load balancers this is anyone in the same VPC. For public load
* balancers, this is anyone on the internet.
*
* If you want to be more selective about who can access this load
* balancer, set this to `false` and use the listener's `connections`
* object to selectively grant access to the load balancer on the listener port.
*
* @default true
*/
readonly open?: boolean;
/**
* The mutual authentication configuration information
*
* @default - No mutual authentication configuration
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/mutual-authentication.html
*/
readonly mutualAuthentication?: MutualAuthentication;
}
/**
* The mutual authentication configuration information
*
*/
export interface MutualAuthentication {
/**
* The client certificate handling method
*
* @default MutualAuthenticationMode.OFF
*/
readonly mutualAuthenticationMode?: MutualAuthenticationMode;
/**
* The trust store
*
* Cannot be used with MutualAuthenticationMode.OFF or MutualAuthenticationMode.PASS_THROUGH
*
* @default - no trust store
*/
readonly trustStore?: aws_elasticloadbalancingv2.ITrustStoreRef;
/**
* Indicates whether expired client certificates are ignored
*
* Cannot be used with MutualAuthenticationMode.OFF or MutualAuthenticationMode.PASS_THROUGH
*
* @default false
*/
readonly ignoreClientCertificateExpiry?: boolean;
/**
* Indicates whether trust store CA names are advertised
*
* @default false
*/
readonly advertiseTrustStoreCaNames?: boolean;
}
/**
* The client certificate handling method
*/
export declare enum MutualAuthenticationMode {
/**
* Off
*/
OFF = "off",
/**
* Application Load Balancer sends the whole client certificate chain to the target using HTTP headers
*/
PASS_THROUGH = "passthrough",
/**
* Application Load Balancer performs X.509 client certificate authentication for clients when a load balancer negotiates TLS connections
*/
VERIFY = "verify"
}
/**
* Properties for defining a standalone ApplicationListener
*/
export interface ApplicationListenerProps extends BaseApplicationListenerProps {
/**
* The load balancer to attach this listener to
*/
readonly loadBalancer: IApplicationLoadBalancer;
}
/**
* Options for ApplicationListener lookup
*/
export interface ApplicationListenerLookupOptions extends BaseListenerLookupOptions {
/**
* ARN of the listener to look up
* @default - does not filter by listener arn
*/
readonly listenerArn?: string;
/**
* Filter listeners by listener protocol
* @default - does not filter by listener protocol
*/
readonly listenerProtocol?: ApplicationProtocol;
}
/**
* Define an ApplicationListener
*
* @resource AWS::ElasticLoadBalancingV2::Listener
*/
export declare class ApplicationListener extends BaseListener implements IApplicationListener {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Look up an ApplicationListener.
*/
static fromLookup(scope: Construct, id: string, options: ApplicationListenerLookupOptions): IApplicationListener;
/**
* Import an existing listener
*/
static fromApplicationListenerAttributes(scope: Construct, id: string, attrs: ApplicationListenerAttributes): IApplicationListener;
readonly isApplicationListener = true;
/**
* Manage connections to this ApplicationListener
*/
readonly connections: ec2.Connections;
/**
* Load balancer this listener is associated with
*/
readonly loadBalancer: IApplicationLoadBalancer;
/**
* The port of the listener.
*/
readonly port: number;
/**
* ARNs of certificates added to this listener
*/
private readonly _certificateArns;
/**
* Listener protocol for this listener.
*/
readonly protocol: ApplicationProtocol;
constructor(scope: Construct, id: string, props: ApplicationListenerProps);
/**
* Add one or more certificates to this listener.
*
* After the first certificate, this creates ApplicationListenerCertificates
* resources since cloudformation requires the certificates array on the
* listener resource to have a length of 1.
*/
addCertificates(id: string, certificates: IListenerCertificate[]): void;
/**
* Perform the given default action on incoming requests
*
* This allows full control of the default action of the load balancer,
* including Action chaining, fixed responses and redirect responses. See
* the `ListenerAction` class for all options.
*
* It's possible to add routing conditions to the Action added in this way.
* At least one Action must be added without conditions (which becomes the
* default Action).
*/
addAction(id: string, props: AddApplicationActionProps): void;
/**
* Load balance incoming requests to the given target groups.
*
* All target groups will be load balanced to with equal weight and without
* stickiness. For a more complex configuration than that, use `addAction()`.
*
* It's possible to add routing conditions to the TargetGroups added in this
* way. At least one TargetGroup must be added without conditions (which will
* become the default Action for this listener).
*/
addTargetGroups(id: string, props: AddApplicationTargetGroupsProps): void;
/**
* Load balance incoming requests to the given load balancing targets.
*
* This method implicitly creates an ApplicationTargetGroup for the targets
* involved, and a 'forward' action to route traffic to the given TargetGroup.
*
* If you want more control over the precise setup, create the TargetGroup
* and use `addAction` yourself.
*
* It's possible to add conditions to the targets added in this way. At least
* one set of targets must be added without conditions.
*
* @returns The newly created target group
*/
addTargets(id: string, props: AddApplicationTargetsProps): ApplicationTargetGroup;
/**
* Register that a connectable that has been added to this load balancer.
*
* Don't call this directly. It is called by ApplicationTargetGroup.
*/
registerConnectable(connectable: ec2.IConnectable, portRange: ec2.Port): void;
/**
* Validate this listener.
*/
protected validateListener(): string[];
/**
* Wrapper for _setDefaultAction which does a type-safe bind
*/
private setDefaultAction;
}
/**
* Indicates that this resource can be referenced as an ALB Listener
*/
export interface IApplicationListenerRef extends IListener {
/**
* Indicates that this is an ALB listener
*
* Will always return true, but is necessary to prevent accidental structural
* equality in TypeScript.
*/
readonly isApplicationListener: boolean;
}
/**
* Properties to reference an existing listener
*/
export interface IApplicationListener extends IListener, ec2.IConnectable, IApplicationListenerRef {
/**
* Add one or more certificates to this listener.
*/
addCertificates(id: string, certificates: IListenerCertificate[]): void;
/**
* Load balance incoming requests to the given target groups.
*
* It's possible to add conditions to the TargetGroups added in this way.
* At least one TargetGroup must be added without conditions.
*/
addTargetGroups(id: string, props: AddApplicationTargetGroupsProps): void;
/**
* Load balance incoming requests to the given load balancing targets.
*
* This method implicitly creates an ApplicationTargetGroup for the targets
* involved.
*
* It's possible to add conditions to the targets added in this way. At least
* one set of targets must be added without conditions.
*
* @returns The newly created target group
*/
addTargets(id: string, props: AddApplicationTargetsProps): ApplicationTargetGroup;
/**
* Register that a connectable that has been added to this load balancer.
*
* Don't call this directly. It is called by ApplicationTargetGroup.
*/
registerConnectable(connectable: ec2.IConnectable, portRange: ec2.Port): void;
/**
* Perform the given action on incoming requests
*
* This allows full control of the default action of the load balancer,
* including Action chaining, fixed responses and redirect responses. See
* the `ListenerAction` class for all options.
*
* It's possible to add routing conditions to the Action added in this way.
*
* It is not possible to add a default action to an imported IApplicationListener.
* In order to add actions to an imported IApplicationListener a `priority`
* must be provided.
*/
addAction(id: string, props: AddApplicationActionProps): void;
}
/**
* Properties to reference an existing listener
*/
export interface ApplicationListenerAttributes {
/**
* ARN of the listener
*/
readonly listenerArn: string;
/**
* Security group of the load balancer this listener is associated with
*/
readonly securityGroup: ec2.ISecurityGroup;
/**
* The default port on which this listener is listening
*/
readonly defaultPort?: number;
}
/**
* Properties for adding a conditional load balancing rule
*/
export interface AddRuleProps {
/**
* Priority of this target group
*
* The rule with the lowest priority will be used for every request.
* If priority is not given, these target groups will be added as
* defaults, and must not have conditions.
*
* Priorities must be unique.
*
* @default Target groups are used as defaults
*/
readonly priority?: number;
/**
* Rule applies if matches the conditions.
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html
*
* @default - No conditions.
*/
readonly conditions?: ListenerCondition[];
}
/**
* Properties for adding a new target group to a listener
*/
export interface AddApplicationTargetGroupsProps extends AddRuleProps {
/**
* Target groups to forward requests to
*/
readonly targetGroups: IApplicationTargetGroup[];
}
/**
* Properties for adding a new action to a listener
*/
export interface AddApplicationActionProps extends AddRuleProps {
/**
* Action to perform
*/
readonly action: ListenerAction;
/**
* `ListenerRule`s have a `Rule` suffix on their logicalId by default. This allows you to remove that suffix.
*
* Legacy behavior of the `addTargetGroups()` convenience method did not include the `Rule` suffix on the logicalId of the generated `ListenerRule`.
* At some point, increasing complexity of requirements can require users to switch from the `addTargetGroups()` method
* to the `addAction()` method.
* When migrating `ListenerRule`s deployed by a legacy version of `addTargetGroups()`,
* you will need to enable this flag to avoid changing the logicalId of your resource.
* Otherwise Cfn will attempt to replace the `ListenerRule` and fail.
*
* @default - use standard logicalId with the `Rule` suffix
*/
readonly removeSuffix?: boolean;
}
/**
* Properties for adding new targets to a listener
*/
export interface AddApplicationTargetsProps extends AddRuleProps {
/**
* The protocol to use
*
* @default Determined from port if known
*/
readonly protocol?: ApplicationProtocol;
/**
* The protocol version to use
*
* @default ApplicationProtocolVersion.HTTP1
*/
readonly protocolVersion?: ApplicationProtocolVersion;
/**
* The port on which the listener listens for requests.
*
* @default Determined from protocol if known
*/
readonly port?: number;
/**
* The time period during which the load balancer sends a newly registered
* target a linearly increasing share of the traffic to the target group.
*
* The range is 30-900 seconds (15 minutes).
*
* @default 0
*/
readonly slowStart?: Duration;
/**
* The stickiness cookie expiration period.
*
* Setting this value enables load balancer stickiness.
*
* After this period, the cookie is considered stale. The minimum value is
* 1 second and the maximum value is 7 days (604800 seconds).
*
* @default Stickiness disabled
*/
readonly stickinessCookieDuration?: Duration;
/**
* The name of an application-based stickiness cookie.
*
* Names that start with the following prefixes are not allowed: AWSALB, AWSALBAPP,
* and AWSALBTG; they're reserved for use by the load balancer.
*
* Note: `stickinessCookieName` parameter depends on the presence of `stickinessCookieDuration` parameter.
* If `stickinessCookieDuration` is not set, `stickinessCookieName` will be omitted.
*
* @default - If `stickinessCookieDuration` is set, a load-balancer generated cookie is used. Otherwise, no stickiness is defined.
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html
*/
readonly stickinessCookieName?: string;
/**
* The targets to add to this target group.
*
* Can be `Instance`, `IPAddress`, or any self-registering load balancing
* target. All target must be of the same type.
*/
readonly targets?: IApplicationLoadBalancerTarget[];
/**
* The name of the target group.
*
* This name must be unique per region per account, can have a maximum of
* 32 characters, must contain only alphanumeric characters or hyphens, and
* must not begin or end with a hyphen.
*
* @default Automatically generated
*/
readonly targetGroupName?: string;
/**
* The amount of time for Elastic Load Balancing to wait before deregistering a target.
*
* The range is 0-3600 seconds.
*
* @default Duration.minutes(5)
*/
readonly deregistrationDelay?: Duration;
/**
* Health check configuration
*
* @default - The default value for each property in this configuration varies depending on the target.
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-targetgroup.html#aws-resource-elasticloadbalancingv2-targetgroup-properties
*/
readonly healthCheck?: HealthCheck;
/**
* The load balancing algorithm to select targets for routing requests.
*
* @default round_robin.
*/
readonly loadBalancingAlgorithmType?: TargetGroupLoadBalancingAlgorithmType;
/**
* Indicates whether anomaly mitigation is enabled.
*
* Only available when `loadBalancingAlgorithmType` is `TargetGroupLoadBalancingAlgorithmType.WEIGHTED_RANDOM`
*
* @default false
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights
*/
readonly enableAnomalyMitigation?: boolean;
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-listener.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

738
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.d.ts generated vendored Normal file
View File

@@ -0,0 +1,738 @@
import type { Construct } from 'constructs';
import type { BaseApplicationListenerProps } from './application-listener';
import { ApplicationListener } from './application-listener';
import * as cloudwatch from '../../../aws-cloudwatch';
import * as ec2 from '../../../aws-ec2';
import type * as s3 from '../../../aws-s3';
import type { Duration } from '../../../core';
import type { ILoadBalancerRef } from '../elasticloadbalancingv2.generated';
import type { BaseLoadBalancerLookupOptions, BaseLoadBalancerProps, ILoadBalancerV2 } from '../shared/base-load-balancer';
import { BaseLoadBalancer } from '../shared/base-load-balancer';
import type { DesyncMitigationMode } from '../shared/enums';
import { IpAddressType, ApplicationProtocol } from '../shared/enums';
/**
* Properties for defining an Application Load Balancer
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes
*/
export interface ApplicationLoadBalancerProps extends BaseLoadBalancerProps {
/**
* Security group to associate with this load balancer
*
* @default A security group is created
*/
readonly securityGroup?: ec2.ISecurityGroup;
/**
* The type of IP addresses to use
*
* @default IpAddressType.IPV4
*/
readonly ipAddressType?: IpAddressType;
/**
* Indicates whether HTTP/2 is enabled.
*
* @default true
*/
readonly http2Enabled?: boolean;
/**
* The load balancer idle timeout, in seconds
*
* @default 60
*/
readonly idleTimeout?: Duration;
/**
* Indicates whether HTTP headers with invalid header fields are removed
* by the load balancer (true) or routed to targets (false)
*
* @default false
*/
readonly dropInvalidHeaderFields?: boolean;
/**
* Determines how the load balancer handles requests that
* might pose a security risk to your application
*
* @default DesyncMitigationMode.DEFENSIVE
*/
readonly desyncMitigationMode?: DesyncMitigationMode;
/**
* The client keep alive duration. The valid range is 60 to 604800 seconds (1 minute to 7 days).
*
* @default - Duration.seconds(3600)
*/
readonly clientKeepAlive?: Duration;
/**
* Indicates whether the Application Load Balancer should preserve the host header in the HTTP request
* and send it to the target without any change.
*
* @default false
*/
readonly preserveHostHeader?: boolean;
/**
* Indicates whether the two headers (x-amzn-tls-version and x-amzn-tls-cipher-suite),
* which contain information about the negotiated TLS version and cipher suite,
* are added to the client request before sending it to the target.
*
* The x-amzn-tls-version header has information about the TLS protocol version negotiated with the client,
* and the x-amzn-tls-cipher-suite header has information about the cipher suite negotiated with the client.
*
* Both headers are in OpenSSL format.
*
* @default false
*/
readonly xAmznTlsVersionAndCipherSuiteHeaders?: boolean;
/**
* Indicates whether the X-Forwarded-For header should preserve the source port
* that the client used to connect to the load balancer.
*
* @default false
*/
readonly preserveXffClientPort?: boolean;
/**
* Enables you to modify, preserve, or remove the X-Forwarded-For header in the HTTP request
* before the Application Load Balancer sends the request to the target.
*
* @default XffHeaderProcessingMode.APPEND
*/
readonly xffHeaderProcessingMode?: XffHeaderProcessingMode;
/**
* Indicates whether to allow a WAF-enabled load balancer to route requests to targets
* if it is unable to forward the request to AWS WAF.
*
* @default false
*/
readonly wafFailOpen?: boolean;
}
/**
* Processing mode of the X-Forwarded-For header in the HTTP request
* before the Application Load Balancer sends the request to the target.
*/
export declare enum XffHeaderProcessingMode {
/**
* Application Load Balancer adds the client IP address (of the last hop) to the X-Forwarded-For header
* in the HTTP request before it sends it to targets.
*/
APPEND = "append",
/**
* Application Load Balancer preserves the X-Forwarded-For header in the HTTP request,
* and sends it to targets without any change.
*/
PRESERVE = "preserve",
/**
* Application Load Balancer removes the X-Forwarded-For header
* in the HTTP request before it sends it to targets.
*/
REMOVE = "remove"
}
/**
* Options for looking up an ApplicationLoadBalancer
*/
export interface ApplicationLoadBalancerLookupOptions extends BaseLoadBalancerLookupOptions {
}
/**
* Define an Application Load Balancer
*
* @resource AWS::ElasticLoadBalancingV2::LoadBalancer
*/
export declare class ApplicationLoadBalancer extends BaseLoadBalancer implements IApplicationLoadBalancer {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Look up an application load balancer.
*/
static fromLookup(scope: Construct, id: string, options: ApplicationLoadBalancerLookupOptions): IApplicationLoadBalancer;
/**
* Import an existing Application Load Balancer
*/
static fromApplicationLoadBalancerAttributes(scope: Construct, id: string, attrs: ApplicationLoadBalancerAttributes): IApplicationLoadBalancer;
readonly isApplicationLoadBalancer = true;
readonly connections: ec2.Connections;
readonly ipAddressType?: IpAddressType;
readonly listeners: ApplicationListener[];
readonly metrics: IApplicationLoadBalancerMetrics;
constructor(scope: Construct, id: string, props: ApplicationLoadBalancerProps);
/**
* Add a new listener to this load balancer
*/
addListener(id: string, props: BaseApplicationListenerProps): ApplicationListener;
/**
* Add a redirection listener to this load balancer
*/
addRedirect(props?: ApplicationLoadBalancerRedirectConfig): ApplicationListener;
/**
* Enable access logging for this load balancer.
*
* A region must be specified on the stack containing the load balancer; you cannot enable logging on
* environment-agnostic stacks. See https://docs.aws.amazon.com/cdk/latest/guide/environments.html
*/
logAccessLogs(bucket: s3.IBucket, prefix?: string): void;
/**
* Enable connection logging for this load balancer.
*
* A region must be specified on the stack containing the load balancer; you cannot enable logging on
* environment-agnostic stacks.
*
* @see https://docs.aws.amazon.com/cdk/latest/guide/environments.html
*/
logConnectionLogs(bucket: s3.IBucket, prefix?: string): void;
/**
* Add a security group to this load balancer
*/
addSecurityGroup(securityGroup: ec2.ISecurityGroup): void;
/**
* Return the given named metric for this Application Load Balancer
*
* @default Average over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.custom`` instead
*/
metric(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of concurrent TCP connections active from clients to the
* load balancer and from the load balancer to targets.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.activeConnectionCount`` instead
*/
metricActiveConnectionCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of TLS connections initiated by the client that did not
* establish a session with the load balancer. Possible causes include a
* mismatch of ciphers or protocols.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.clientTlsNegotiationErrorCount`` instead
*/
metricClientTlsNegotiationErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of load balancer capacity units (LCU) used by your load balancer.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.consumedLCUs`` instead
*/
metricConsumedLCUs(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of fixed-response actions that were successful.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.httpFixedResponseCount`` instead
*/
metricHttpFixedResponseCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of redirect actions that were successful.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.httpRedirectCount`` instead
*/
metricHttpRedirectCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of redirect actions that couldn't be completed because the URL
* in the response location header is larger than 8K.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.httpRedirectUrlLimitExceededCount`` instead
*/
metricHttpRedirectUrlLimitExceededCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of HTTP 3xx/4xx/5xx codes that originate from the load balancer.
*
* This does not include any response codes generated by the targets.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.httpCodeElb`` instead
*/
metricHttpCodeElb(code: HttpCodeElb, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets
* in the load balancer.
*
* This does not include any response codes generated by the load balancer.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.httpCodeTarget`` instead
*/
metricHttpCodeTarget(code: HttpCodeTarget, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of bytes processed by the load balancer over IPv6.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.ipv6ProcessedBytes`` instead
*/
metricIpv6ProcessedBytes(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of IPv6 requests received by the load balancer.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.ipv6RequestCount`` instead
*/
metricIpv6RequestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of new TCP connections established from clients to the
* load balancer and from the load balancer to targets.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.newConnectionCount`` instead
*/
metricNewConnectionCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of bytes processed by the load balancer over IPv4 and IPv6.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.processedBytes`` instead
*/
metricProcessedBytes(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of connections that were rejected because the load balancer had
* reached its maximum number of connections.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.rejectedConnectionCount`` instead
*/
metricRejectedConnectionCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of requests processed over IPv4 and IPv6.
*
* This count includes only the requests with a response generated by a target of the load balancer.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.requestCount`` instead
*/
metricRequestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of rules processed by the load balancer given a request rate averaged over an hour.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.ruleEvaluations`` instead
*/
metricRuleEvaluations(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of connections that were not successfully established between the load balancer and target.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.targetConnectionErrorCount`` instead
*/
metricTargetConnectionErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received.
*
* @default Average over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.targetResponseTime`` instead
*/
metricTargetResponseTime(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of TLS connections initiated by the load balancer that did not establish a session with the target.
*
* Possible causes include a mismatch of ciphers or protocols.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.targetTLSNegotiationErrorCount`` instead
*/
metricTargetTLSNegotiationErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of user authentications that could not be completed
*
* Because an authenticate action was misconfigured, the load balancer
* couldn't establish a connection with the IdP, or the load balancer
* couldn't complete the authentication flow due to an internal error.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.elbAuthError`` instead
*/
metricElbAuthError(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of user authentications that could not be completed because the
* IdP denied access to the user or an authorization code was used more than
* once.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.elbAuthFailure`` instead
*/
metricElbAuthFailure(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The time elapsed, in milliseconds, to query the IdP for the ID token and user info.
*
* If one or more of these operations fail, this is the time to failure.
*
* @default Average over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.elbAuthLatency`` instead
*/
metricElbAuthLatency(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of authenticate actions that were successful.
*
* This metric is incremented at the end of the authentication workflow,
* after the load balancer has retrieved the user claims from the IdP.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationLoadBalancer.metrics.elbAuthSuccess`` instead
*
*/
metricElbAuthSuccess(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
}
/**
* Count of HTTP status originating from the load balancer
*
* This count does not include any response codes generated by the targets.
*/
export declare enum HttpCodeElb {
/**
* The number of HTTP 3XX redirection codes that originate from the load balancer.
*/
ELB_3XX_COUNT = "HTTPCode_ELB_3XX_Count",
/**
* The number of HTTP 4XX client error codes that originate from the load balancer.
*
* Client errors are generated when requests are malformed or incomplete.
* These requests have not been received by the target. This count does not
* include any response codes generated by the targets.
*/
ELB_4XX_COUNT = "HTTPCode_ELB_4XX_Count",
/**
* The number of HTTP 5XX server error codes that originate from the load balancer.
*/
ELB_5XX_COUNT = "HTTPCode_ELB_5XX_Count",
/**
* The number of HTTP 500 server error codes that originate from the load balancer.
*/
ELB_500_COUNT = "HTTPCode_ELB_500_Count",
/**
* The number of HTTP 502 server error codes that originate from the load balancer.
*/
ELB_502_COUNT = "HTTPCode_ELB_502_Count",
/**
* The number of HTTP 503 server error codes that originate from the load balancer.
*/
ELB_503_COUNT = "HTTPCode_ELB_503_Count",
/**
* The number of HTTP 504 server error codes that originate from the load balancer.
*/
ELB_504_COUNT = "HTTPCode_ELB_504_Count"
}
/**
* Count of HTTP status originating from the targets
*/
export declare enum HttpCodeTarget {
/**
* The number of 2xx response codes from targets
*/
TARGET_2XX_COUNT = "HTTPCode_Target_2XX_Count",
/**
* The number of 3xx response codes from targets
*/
TARGET_3XX_COUNT = "HTTPCode_Target_3XX_Count",
/**
* The number of 4xx response codes from targets
*/
TARGET_4XX_COUNT = "HTTPCode_Target_4XX_Count",
/**
* The number of 5xx response codes from targets
*/
TARGET_5XX_COUNT = "HTTPCode_Target_5XX_Count"
}
/**
* Contains all metrics for an Application Load Balancer.
*/
export interface IApplicationLoadBalancerMetrics {
/**
* Return the given named metric for this Application Load Balancer
*
* @default Average over 5 minutes
*/
custom(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of concurrent TCP connections active from clients to the
* load balancer and from the load balancer to targets.
*
* @default Sum over 5 minutes
*/
activeConnectionCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of TLS connections initiated by the client that did not
* establish a session with the load balancer. Possible causes include a
* mismatch of ciphers or protocols.
*
* @default Sum over 5 minutes
*/
clientTlsNegotiationErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of load balancer capacity units (LCU) used by your load balancer.
*
* @default Sum over 5 minutes
*/
consumedLCUs(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of fixed-response actions that were successful.
*
* @default Sum over 5 minutes
*/
httpFixedResponseCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of redirect actions that were successful.
*
* @default Sum over 5 minutes
*/
httpRedirectCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of redirect actions that couldn't be completed because the URL
* in the response location header is larger than 8K.
*
* @default Sum over 5 minutes
*/
httpRedirectUrlLimitExceededCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of HTTP 3xx/4xx/5xx codes that originate from the load balancer.
*
* This does not include any response codes generated by the targets.
*
* @default Sum over 5 minutes
*/
httpCodeElb(code: HttpCodeElb, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets
* in the load balancer.
*
* This does not include any response codes generated by the load balancer.
*
* @default Sum over 5 minutes
*/
httpCodeTarget(code: HttpCodeTarget, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of bytes processed by the load balancer over IPv6.
*
* @default Sum over 5 minutes
*/
ipv6ProcessedBytes(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of IPv6 requests received by the load balancer.
*
* @default Sum over 5 minutes
*/
ipv6RequestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of new TCP connections established from clients to the
* load balancer and from the load balancer to targets.
*
* @default Sum over 5 minutes
*/
newConnectionCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The total number of bytes processed by the load balancer over IPv4 and IPv6.
*
* @default Sum over 5 minutes
*/
processedBytes(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of connections that were rejected because the load balancer had
* reached its maximum number of connections.
*
* @default Sum over 5 minutes
*/
rejectedConnectionCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of requests processed over IPv4 and IPv6.
*
* This count includes only the requests with a response generated by a target of the load balancer.
*
* @default Sum over 5 minutes
*/
requestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of rules processed by the load balancer given a request rate averaged over an hour.
*
* @default Sum over 5 minutes
*/
ruleEvaluations(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of connections that were not successfully established between the load balancer and target.
*
* @default Sum over 5 minutes
*/
targetConnectionErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received.
*
* @default Average over 5 minutes
*/
targetResponseTime(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of TLS connections initiated by the load balancer that did not establish a session with the target.
*
* Possible causes include a mismatch of ciphers or protocols.
*
* @default Sum over 5 minutes
*/
targetTLSNegotiationErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of user authentications that could not be completed
*
* Because an authenticate action was misconfigured, the load balancer
* couldn't establish a connection with the IdP, or the load balancer
* couldn't complete the authentication flow due to an internal error.
*
* @default Sum over 5 minutes
*/
elbAuthError(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of user authentications that could not be completed because the
* IdP denied access to the user or an authorization code was used more than
* once.
*
* @default Sum over 5 minutes
*/
elbAuthFailure(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The time elapsed, in milliseconds, to query the IdP for the ID token and user info.
*
* If one or more of these operations fail, this is the time to failure.
*
* @default Average over 5 minutes
*/
elbAuthLatency(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of authenticate actions that were successful.
*
* This metric is incremented at the end of the authentication workflow,
* after the load balancer has retrieved the user claims from the IdP.
*
* @default Sum over 5 minutes
*/
elbAuthSuccess(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
}
/**
* Indicates that this resource can be referenced as an Application LoadBalancer.
*/
export interface IApplicationLoadBalancerRef extends ILoadBalancerRef {
/**
* Indicates that this is an Application Load Balancer
*
* Will always return true, but is necessary to prevent accidental structural
* equality in TypeScript.
*/
readonly isApplicationLoadBalancer: boolean;
}
/**
* An application load balancer
*/
export interface IApplicationLoadBalancer extends ILoadBalancerV2, ec2.IConnectable, IApplicationLoadBalancerRef {
/**
* The ARN of this load balancer
*/
readonly loadBalancerArn: string;
/**
* The VPC this load balancer has been created in (if available).
* If this interface is the result of an import call to fromApplicationLoadBalancerAttributes,
* the vpc attribute will be undefined unless specified in the optional properties of that method.
*/
readonly vpc?: ec2.IVpc;
/**
* The IP Address Type for this load balancer
*
* If the `@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault`
* feature flag is set (the default for new projects), and `addListener()` is called with `open: true`,
* the load balancer's security group will automatically include both IPv4 and IPv6 ingress rules
* when using `IpAddressType.DUAL_STACK_WITHOUT_PUBLIC_IPV4`.
*
* For existing projects that only have IPv4 rules, you can opt-in to IPv6 ingress rules
* by enabling the feature flag in your cdk.json file. Note that enabling this feature flag
* will modify existing security group rules.
*
* @default IpAddressType.IPV4
*/
readonly ipAddressType?: IpAddressType;
/**
* A list of listeners that have been added to the load balancer.
* This list is only valid for owned constructs.
*/
readonly listeners: ApplicationListener[];
/**
* All metrics available for this load balancer
*/
readonly metrics: IApplicationLoadBalancerMetrics;
/**
* Add a new listener to this load balancer
*/
addListener(id: string, props: BaseApplicationListenerProps): ApplicationListener;
}
/**
* Properties to reference an existing load balancer
*/
export interface ApplicationLoadBalancerAttributes {
/**
* ARN of the load balancer
*/
readonly loadBalancerArn: string;
/**
* ID of the load balancer's security group
*/
readonly securityGroupId: string;
/**
* The canonical hosted zone ID of this load balancer
*
* @default - When not provided, LB cannot be used as Route53 Alias target.
*/
readonly loadBalancerCanonicalHostedZoneId?: string;
/**
* The DNS name of this load balancer
*
* @default - When not provided, LB cannot be used as Route53 Alias target.
*/
readonly loadBalancerDnsName?: string;
/**
* Whether the security group allows all outbound traffic or not
*
* Unless set to `false`, no egress rules will be added to the security group.
*
* @default true
*/
readonly securityGroupAllowsAllOutbound?: boolean;
/**
* The VPC this load balancer has been created in, if available
*
* @default - If the Load Balancer was imported and a VPC was not specified,
* the VPC is not available.
*/
readonly vpc?: ec2.IVpc;
}
/**
* Properties for a redirection config
*/
export interface ApplicationLoadBalancerRedirectConfig {
/**
* The protocol of the listener being created
*
* @default HTTP
*/
readonly sourceProtocol?: ApplicationProtocol;
/**
* The port number to listen to
*
* @default 80
*/
readonly sourcePort?: number;
/**
* The protocol of the redirection target
*
* @default HTTPS
*/
readonly targetProtocol?: ApplicationProtocol;
/**
* The port number to redirect to
*
* @default 443
*/
readonly targetPort?: number;
/**
* Allow anyone to connect to this listener
*
* If this is specified, the listener will be opened up to anyone who can reach it.
* For internal load balancers this is anyone in the same VPC. For public load
* balancers, this is anyone on the internet.
*
* If you want to be more selective about who can access this load
* balancer, set this to `false` and use the listener's `connections`
* object to selectively grant access to the listener.
*
* @default true
*/
readonly open?: boolean;
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

351
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-target-group.d.ts generated vendored Normal file
View File

@@ -0,0 +1,351 @@
import type { IConstruct, Construct } from 'constructs';
import type { IApplicationListener } from './application-listener';
import type { HttpCodeTarget } from './application-load-balancer';
import * as cloudwatch from '../../../aws-cloudwatch';
import * as ec2 from '../../../aws-ec2';
import type { Duration } from '../../../core';
import type { BaseTargetGroupProps, ITargetGroup, LoadBalancerTargetProps, TargetGroupAttributes } from '../shared/base-target-group';
import { TargetGroupBase } from '../shared/base-target-group';
import type { ApplicationProtocol, ApplicationProtocolVersion } from '../shared/enums';
import { TargetGroupLoadBalancingAlgorithmType } from '../shared/enums';
/**
* Properties for defining an Application Target Group
*/
export interface ApplicationTargetGroupProps extends BaseTargetGroupProps {
/**
* The protocol used for communication with the target.
*
* This is not applicable for Lambda targets.
*
* @default - Determined from port if known
*/
readonly protocol?: ApplicationProtocol;
/**
* The protocol version to use
*
* @default ApplicationProtocolVersion.HTTP1
*/
readonly protocolVersion?: ApplicationProtocolVersion;
/**
* The port on which the target receives traffic.
*
* This is not applicable for Lambda targets.
*
* @default - Determined from protocol if known
*/
readonly port?: number;
/**
* The time period during which the load balancer sends a newly registered
* target a linearly increasing share of the traffic to the target group.
*
* The range is 30-900 seconds (15 minutes).
*
* @default 0
*/
readonly slowStart?: Duration;
/**
* The stickiness cookie expiration period.
*
* Setting this value enables load balancer stickiness.
*
* After this period, the cookie is considered stale. The minimum value is
* 1 second and the maximum value is 7 days (604800 seconds).
*
* @default - Stickiness is disabled
*/
readonly stickinessCookieDuration?: Duration;
/**
* The name of an application-based stickiness cookie.
*
* Names that start with the following prefixes are not allowed: AWSALB, AWSALBAPP,
* and AWSALBTG; they're reserved for use by the load balancer.
*
* Note: `stickinessCookieName` parameter depends on the presence of `stickinessCookieDuration` parameter.
* If `stickinessCookieDuration` is not set, `stickinessCookieName` will be omitted.
*
* @default - If `stickinessCookieDuration` is set, a load-balancer generated cookie is used. Otherwise, no stickiness is defined.
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html
*/
readonly stickinessCookieName?: string;
/**
* The load balancing algorithm to select targets for routing requests.
*
* @default TargetGroupLoadBalancingAlgorithmType.ROUND_ROBIN
*/
readonly loadBalancingAlgorithmType?: TargetGroupLoadBalancingAlgorithmType;
/**
* The targets to add to this target group.
*
* Can be `Instance`, `IPAddress`, or any self-registering load balancing
* target. If you use either `Instance` or `IPAddress` as targets, all
* target must be of the same type.
*
* @default - No targets.
*/
readonly targets?: IApplicationLoadBalancerTarget[];
/**
* Indicates whether anomaly mitigation is enabled.
*
* Only available when `loadBalancingAlgorithmType` is `TargetGroupLoadBalancingAlgorithmType.WEIGHTED_RANDOM`
*
* @default false
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#automatic-target-weights
*/
readonly enableAnomalyMitigation?: boolean;
/**
* Indicates whether the target group supports multi-value headers.
*
* If the value is true, the request and response headers exchanged between
* the load balancer and the Lambda function include arrays of values or strings.
*
* Only applicable for Lambda targets.
*
* @default false
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes
*/
readonly multiValueHeadersEnabled?: boolean;
}
/**
* Contains all metrics for a Target Group of a Application Load Balancer.
*/
export interface IApplicationTargetGroupMetrics {
/**
* Return the given named metric for this Network Target Group
*
* @default Average over 5 minutes
*/
custom(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of IPv6 requests received by the target group
*
* @default Sum over 5 minutes
*/
ipv6RequestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of requests processed over IPv4 and IPv6.
*
* This count includes only the requests with a response generated by a target of the load balancer.
*
* @default Sum over 5 minutes
*/
requestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of healthy hosts in the target group
*
* @default Average over 5 minutes
*/
healthyHostCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of unhealthy hosts in the target group
*
* @default Average over 5 minutes
*/
unhealthyHostCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in this target group.
*
* This does not include any response codes generated by the load balancer.
*
* @default Sum over 5 minutes
*/
httpCodeTarget(code: HttpCodeTarget, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The average number of requests received by each target in a target group.
*
* The only valid statistic is Sum. Note that this represents the average not the sum.
*
* @default Sum over 5 minutes
*/
requestCountPerTarget(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of connections that were not successfully established between the load balancer and target.
*
* @default Sum over 5 minutes
*/
targetConnectionErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received.
*
* @default Average over 5 minutes
*/
targetResponseTime(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of TLS connections initiated by the load balancer that did not establish a session with the target.
*
* Possible causes include a mismatch of ciphers or protocols.
*
* @default Sum over 5 minutes
*/
targetTLSNegotiationErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
}
/**
* Define an Application Target Group
*/
export declare class ApplicationTargetGroup extends TargetGroupBase implements IApplicationTargetGroup {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import an existing target group
*/
static fromTargetGroupAttributes(scope: Construct, id: string, attrs: TargetGroupAttributes): IApplicationTargetGroup;
private readonly connectableMembers;
private readonly listeners;
private readonly protocol?;
private readonly port?;
private _metrics?;
constructor(scope: Construct, id: string, props?: ApplicationTargetGroupProps);
get metrics(): IApplicationTargetGroupMetrics;
/**
* Add a load balancing target to this target group
*/
addTarget(...targets: IApplicationLoadBalancerTarget[]): void;
/**
* Enable sticky routing via a cookie to members of this target group.
*
* Note: If the `cookieName` parameter is set, application-based stickiness will be applied,
* otherwise it defaults to duration-based stickiness attributes (`lb_cookie`).
*
* @see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html
*/
enableCookieStickiness(duration: Duration, cookieName?: string): void;
/**
* Register a connectable as a member of this target group.
*
* Don't call this directly. It will be called by load balancing targets.
*/
registerConnectable(connectable: ec2.IConnectable, portRange?: ec2.Port): void;
/**
* Register a listener that is load balancing to this target group.
*
* Don't call this directly. It will be called by listeners.
*/
registerListener(listener: IApplicationListener, associatingConstruct?: IConstruct): void;
/**
* Full name of first load balancer
*/
get firstLoadBalancerFullName(): string;
/**
* Return the given named metric for this Application Load Balancer Target Group
*
* Returns the metric for this target group from the point of view of the first
* load balancer load balancing to it. If you have multiple load balancers load
* sending traffic to the same target group, you will have to override the dimensions
* on this metric.
*
* @default Average over 5 minutes
*/
metric(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of IPv6 requests received by the target group
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.ipv6RequestCount`` instead
*/
metricIpv6RequestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of requests processed over IPv4 and IPv6.
*
* This count includes only the requests with a response generated by a target of the load balancer.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.requestCount`` instead
*/
metricRequestCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of healthy hosts in the target group
*
* @default Average over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.healthyHostCount`` instead
*/
metricHealthyHostCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of unhealthy hosts in the target group
*
* @default Average over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.unhealthyHostCount`` instead
*/
metricUnhealthyHostCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of HTTP 2xx/3xx/4xx/5xx response codes generated by all targets in this target group.
*
* This does not include any response codes generated by the load balancer.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.httpCodeTarget`` instead
*/
metricHttpCodeTarget(code: HttpCodeTarget, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The average number of requests received by each target in a target group.
*
* The only valid statistic is Sum. Note that this represents the average not the sum.
*
* @default Sum over 5 minutes
* @deprecated Use `ApplicationTargetGroup.metrics.requestCountPerTarget` instead
*/
metricRequestCountPerTarget(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of connections that were not successfully established between the load balancer and target.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.targetConnectionErrorCount`` instead
*/
metricTargetConnectionErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received.
*
* @default Average over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.targetResponseTime`` instead
*/
metricTargetResponseTime(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
/**
* The number of TLS connections initiated by the load balancer that did not establish a session with the target.
*
* Possible causes include a mismatch of ciphers or protocols.
*
* @default Sum over 5 minutes
* @deprecated Use ``ApplicationTargetGroup.metrics.tlsNegotiationErrorCount`` instead
*/
metricTargetTLSNegotiationErrorCount(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
protected validateTargetGroup(): string[];
}
/**
* A Target Group for Application Load Balancers
*/
export interface IApplicationTargetGroup extends ITargetGroup {
/**
* All metrics available for this target group.
*/
readonly metrics: IApplicationTargetGroupMetrics;
/**
* Register a listener that is load balancing to this target group.
*
* Don't call this directly. It will be called by listeners.
*/
registerListener(listener: IApplicationListener, associatingConstruct?: IConstruct): void;
/**
* Register a connectable as a member of this target group.
*
* Don't call this directly. It will be called by load balancing targets.
*/
registerConnectable(connectable: ec2.IConnectable, portRange?: ec2.Port): void;
/**
* Add a load balancing target to this target group
*/
addTarget(...targets: IApplicationLoadBalancerTarget[]): void;
}
/**
* Interface for constructs that can be targets of an application load balancer
*/
export interface IApplicationLoadBalancerTarget {
/**
* Attach load-balanced target to a TargetGroup
*
* May return JSON to directly add to the [Targets] list, or return undefined
* if the target will register itself with the load balancer.
*/
attachToApplicationTargetGroup(targetGroup: IApplicationTargetGroup): LoadBalancerTargetProps;
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/application-target-group.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

61
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/conditions.d.ts generated vendored Normal file
View File

@@ -0,0 +1,61 @@
/**
* ListenerCondition providers definition.
*/
export declare abstract class ListenerCondition {
/**
* Create a host-header listener rule condition
*
* @param values Hosts for host headers
*/
static hostHeaders(values: string[]): ListenerCondition;
/**
* Create a http-header listener rule condition
*
* @param name HTTP header name
* @param values HTTP header values
*/
static httpHeader(name: string, values: string[]): ListenerCondition;
/**
* Create a http-request-method listener rule condition
*
* @param values HTTP request methods
*/
static httpRequestMethods(values: string[]): ListenerCondition;
/**
* Create a path-pattern listener rule condition
*
* @param values Path patterns
*/
static pathPatterns(values: string[]): ListenerCondition;
/**
* Create a query-string listener rule condition
*
* @param values Query string key/value pairs
*/
static queryStrings(values: QueryStringCondition[]): ListenerCondition;
/**
* Create a source-ip listener rule condition
*
* @param values Source ips
*/
static sourceIps(values: string[]): ListenerCondition;
/**
* Render the raw Cfn listener rule condition object.
*/
abstract renderRawCondition(): any;
}
/**
* Properties for the key/value pair of the query string
*/
export interface QueryStringCondition {
/**
* The query string key for the condition
*
* @default - Any key can be matched.
*/
readonly key?: string;
/**
* The query string value for the condition
*/
readonly value: string;
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/conditions.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.ListenerCondition=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var errors_1=()=>{var tmp=require("../../../core/lib/errors");return errors_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp};class ListenerCondition{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_elasticloadbalancingv2.ListenerCondition",version:"2.252.0"};static hostHeaders(values){return new HostHeaderListenerCondition(values)}static httpHeader(name,values){return new HttpHeaderListenerCondition(name,values)}static httpRequestMethods(values){return new HttpRequestMethodListenerCondition(values)}static pathPatterns(values){return new PathPatternListenerCondition(values)}static queryStrings(values){return new QueryStringListenerCondition(values)}static sourceIps(values){return new SourceIpListenerCondition(values)}}exports.ListenerCondition=ListenerCondition;class HostHeaderListenerCondition extends ListenerCondition{values;constructor(values){super(),this.values=values}renderRawCondition(){return{field:"host-header",hostHeaderConfig:{values:this.values}}}}class HttpHeaderListenerCondition extends ListenerCondition{name;values;constructor(name,values){super(),this.name=name,this.values=values}renderRawCondition(){return{field:"http-header",httpHeaderConfig:{httpHeaderName:this.name,values:this.values}}}}class HttpRequestMethodListenerCondition extends ListenerCondition{values;constructor(values){super(),this.values=values}renderRawCondition(){return{field:"http-request-method",httpRequestMethodConfig:{values:this.values}}}}class PathPatternListenerCondition extends ListenerCondition{values;constructor(values){if(super(),this.values=values,values&&values.length>5)throw new(errors_1()).UnscopedValidationError((0,literal_string_1().lit)`RuleOnlyConditionValues`,"A rule can only have '5' condition values")}renderRawCondition(){return{field:"path-pattern",pathPatternConfig:{values:this.values}}}}class QueryStringListenerCondition extends ListenerCondition{values;constructor(values){super(),this.values=values}renderRawCondition(){return{field:"query-string",queryStringConfig:{values:this.values}}}}class SourceIpListenerCondition extends ListenerCondition{values;constructor(values){super(),this.values=values}renderRawCondition(){return{field:"source-ip",sourceIpConfig:{values:this.values}}}}

59
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/trust-store-revocation.d.ts generated vendored Normal file
View File

@@ -0,0 +1,59 @@
import type { Construct } from 'constructs';
import type { IBucketRef } from '../../../aws-s3';
import { Resource } from '../../../core';
import type { aws_elasticloadbalancingv2 } from '../../../interfaces';
/**
* Properties for the trust store revocation
*/
export interface TrustStoreRevocationProps {
/**
* The trust store
*/
readonly trustStore: aws_elasticloadbalancingv2.ITrustStoreRef;
/**
* The revocation file to add
*/
readonly revocationContents: RevocationContent[];
}
/**
* Information about a revocation file
*/
export interface RevocationContent {
/**
* The type of revocation file
*
* @default RevocationType.CRL
*/
readonly revocationType?: RevocationType;
/**
* The Amazon S3 bucket for the revocation file
*/
readonly bucket: IBucketRef;
/**
* The Amazon S3 path for the revocation file
*/
readonly key: string;
/**
* The Amazon S3 object version of the revocation file
*
* @default - latest version
*/
readonly version?: string;
}
/**
* The type of revocation file
*/
export declare enum RevocationType {
/**
* A signed list of revoked certificates
*/
CRL = "CRL"
}
/**
* A new Trust Store Revocation
*/
export declare class TrustStoreRevocation extends Resource {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
constructor(scope: Construct, id: string, props: TrustStoreRevocationProps);
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/trust-store-revocation.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.TrustStoreRevocation=exports.RevocationType=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},elasticloadbalancingv2_generated_1=()=>{var tmp=require("../elasticloadbalancingv2.generated");return elasticloadbalancingv2_generated_1=()=>tmp,tmp},RevocationType;(function(RevocationType2){RevocationType2.CRL="CRL"})(RevocationType||(exports.RevocationType=RevocationType={}));let TrustStoreRevocation=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=core_1().Resource;var TrustStoreRevocation2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),TrustStoreRevocation2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_elasticloadbalancingv2.TrustStoreRevocation",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-elasticloadbalancingv2.TrustStoreRevocation";constructor(scope,id,props){super(scope,id);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_elasticloadbalancingv2_TrustStoreRevocationProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,TrustStoreRevocation2),error}(0,metadata_resource_1().addConstructMetadata)(this,props),new(elasticloadbalancingv2_generated_1()).CfnTrustStoreRevocation(this,"Resource",{trustStoreArn:props.trustStore.trustStoreRef.trustStoreArn,revocationContents:props.revocationContents?.map(content=>({revocationType:content.revocationType,s3Bucket:content.bucket.bucketRef.bucketName,s3Key:content.key,s3ObjectVersion:content.version}))})}static{__runInitializers(_classThis,_classExtraInitializers)}};return TrustStoreRevocation2=_classThis})();exports.TrustStoreRevocation=TrustStoreRevocation;

86
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/trust-store.d.ts generated vendored Normal file
View File

@@ -0,0 +1,86 @@
import type { Construct } from 'constructs';
import type { IBucketRef } from '../../../aws-s3';
import type { IResource } from '../../../core';
import { Resource } from '../../../core';
import type { aws_elasticloadbalancingv2 } from '../../../interfaces';
/**
* Represents a Trust Store
*/
export interface ITrustStore extends IResource, aws_elasticloadbalancingv2.ITrustStoreRef {
/**
* The name of the trust store
* @attribute
*/
readonly trustStoreName: string;
/**
* The ARN of the trust store
* @attribute
*/
readonly trustStoreArn: string;
}
/**
* Properties used for the Trust Store
*/
export interface TrustStoreProps {
/**
* The name of the trust store
*
* @default - Auto generated
*/
readonly trustStoreName?: string;
/**
* The bucket that the trust store is hosted in
*/
readonly bucket: IBucketRef;
/**
* The key in S3 to look at for the trust store
*/
readonly key: string;
/**
* The version of the S3 object that contains your truststore.
* To specify a version, you must have versioning enabled for the S3 bucket.
*
* @default - latest version
*/
readonly version?: string;
}
/**
* A new Trust Store
*/
export declare class TrustStore extends Resource implements ITrustStore {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import from ARN
*/
static fromTrustStoreArn(scope: Construct, id: string, trustStoreArn: string): ITrustStore;
/**
* The name of the trust store
*
* @attribute
*/
readonly trustStoreName: string;
/**
* The number of CA certificates in the trust store
*
* @attribute
*/
readonly numberOfCaCertificates: number;
/**
* The status of the trust store
*
* @attribute
*/
readonly status: string;
/**
* The ARN of the trust store
*
* @attribute
*/
readonly trustStoreArn: string;
/**
* A reference to this trust store
*/
get trustStoreRef(): aws_elasticloadbalancingv2.TrustStoreReference;
constructor(scope: Construct, id: string, props: TrustStoreProps);
}

1
cdk/node_modules/aws-cdk-lib/aws-elasticloadbalancingv2/lib/alb/trust-store.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long