UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

2 lines (1 loc) 4.76 kB
1
2
"use strict";var __decorate=exports&&exports.__decorate||function(decorators,target,key,desc){var c=arguments.length,r=c<3?target:desc===null?desc=Object.getOwnPropertyDescriptor(target,key):desc,d;if(typeof Reflect=="object"&&typeof Reflect.decorate=="function")r=Reflect.decorate(decorators,target,key,desc);else for(var i=decorators.length-1;i>=0;i--)(d=decorators[i])&&(r=(c<3?d(r):c>3?d(target,key,r):d(target,key))||r);return c>3&&r&&Object.defineProperty(target,key,r),r};Object.defineProperty(exports,"__esModule",{value:!0}),exports.ImportedRole=void 0;var util_1=()=>{var tmp=require("./util");return util_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cx_api_1=()=>{var tmp=require("../../../cx-api");return cx_api_1=()=>tmp,tmp},grant_1=()=>{var tmp=require("../grant");return grant_1=()=>tmp,tmp},policy_1=()=>{var tmp=require("../policy");return policy_1=()=>tmp,tmp},principals_1=()=>{var tmp=require("../principals");return principals_1=()=>tmp,tmp},util_2=()=>{var tmp=require("../util");return util_2=()=>tmp,tmp};let ImportedRole=class extends core_1().Resource{constructor(scope,id,props){super(scope,id,{account:props.account}),this.grantPrincipal=this,this.assumeRoleAction="sts:AssumeRole",this.attachedPolicies=new(util_2()).AttachedPolicies,(0,metadata_resource_1().addConstructMetadata)(this,props),this.roleArn=props.roleArn,this.roleName=props.roleName,this.policyFragment=new(principals_1()).ArnPrincipal(this.roleArn).policyFragment,this.defaultPolicyName=props.defaultPolicyName,this.principalAccount=props.account}addToPolicy(statement){return this.addToPrincipalPolicy(statement).statementAdded}addToPrincipalPolicy(statement){if(!this.defaultPolicy){const useUniqueName=core_1().FeatureFlags.of(this).isEnabled(cx_api_1().IAM_IMPORTED_ROLE_STACK_SAFE_DEFAULT_POLICY_NAME),prefix="Policy";let defaultDefaultPolicyName=useUniqueName?`${prefix}${core_1().Names.uniqueId(this)}`:prefix;defaultDefaultPolicyName.length>util_1().MAX_POLICY_NAME_LEN&&(defaultDefaultPolicyName=`${prefix}${core_1().Names.uniqueResourceName(this,{maxLength:util_1().MAX_POLICY_NAME_LEN-prefix.length})}`);const policyName=this.defaultPolicyName??defaultDefaultPolicyName;this.defaultPolicy=new(policy_1()).Policy(this,policyName,useUniqueName?{policyName}:void 0),this.attachInlinePolicy(this.defaultPolicy)}return this.defaultPolicy.addStatements(statement),{statementAdded:!0,policyDependable:this.defaultPolicy}}attachInlinePolicy(policy){const thisAndPolicyAccountComparison=core_1().Token.compareStrings(this.env.account,policy.env.account);(thisAndPolicyAccountComparison===core_1().TokenComparison.SAME||thisAndPolicyAccountComparison===core_1().TokenComparison.BOTH_UNRESOLVED||thisAndPolicyAccountComparison===core_1().TokenComparison.ONE_UNRESOLVED)&&(this.attachedPolicies.attach(policy),policy.attachToRole(this))}addManagedPolicy(policy){(x=>x.attachToRole!==void 0)(policy)?policy.attachToRole(this):core_1().Annotations.of(this).addWarningV2("@aws-cdk/aws-iam:IRoleCantBeUsedWithIManagedPolicy",`Can't combine imported IManagedPolicy: ${policy.managedPolicyArn} to imported role IRole: ${this.roleName}. Use ManagedPolicy directly.`)}grantPassRole(identity){return this.grant(identity,"iam:PassRole")}grantAssumeRole(identity){return this.grant(identity,"sts:AssumeRole")}grant(grantee,...actions){return grant_1().Grant.addToPrincipal({grantee,actions,resourceArns:[this.roleArn],scope:this})}dedupeString(){return`ImportedRole:${this.roleArn}`}};exports.ImportedRole=ImportedRole,ImportedRole.PROPERTY_INJECTION_ID="aws-cdk-lib.aws-iam.ImportedRole",__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"addToPolicy",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"addToPrincipalPolicy",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"attachInlinePolicy",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"addManagedPolicy",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"grantPassRole",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"grantAssumeRole",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"grant",null),__decorate([(0,metadata_resource_1().MethodMetadata)()],ImportedRole.prototype,"dedupeString",null),exports.ImportedRole=ImportedRole=__decorate([prop_injectable_1().propertyInjectable],ImportedRole);