UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

2 lines (1 loc) 8.57 kB
1
2
"use strict";var __runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0},__esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.ImportedRole=void 0;var util_1=()=>{var tmp=require("./util");return util_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cx_api_1=()=>{var tmp=require("../../../cx-api");return cx_api_1=()=>tmp,tmp},grant_1=()=>{var tmp=require("../grant");return grant_1=()=>tmp,tmp},policy_1=()=>{var tmp=require("../policy");return policy_1=()=>tmp,tmp},principals_1=()=>{var tmp=require("../principals");return principals_1=()=>tmp,tmp},util_2=()=>{var tmp=require("../util");return util_2=()=>tmp,tmp};let ImportedRole=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=core_1().Resource,_instanceExtraInitializers=[],_addToPolicy_decorators,_addToPrincipalPolicy_decorators,_attachInlinePolicy_decorators,_addManagedPolicy_decorators,_grantPassRole_decorators,_grantAssumeRole_decorators,_grant_decorators,_dedupeString_decorators;var ImportedRole2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;_addToPolicy_decorators=[(0,metadata_resource_1().MethodMetadata)()],_addToPrincipalPolicy_decorators=[(0,metadata_resource_1().MethodMetadata)()],_attachInlinePolicy_decorators=[(0,metadata_resource_1().MethodMetadata)()],_addManagedPolicy_decorators=[(0,metadata_resource_1().MethodMetadata)()],_grantPassRole_decorators=[(0,metadata_resource_1().MethodMetadata)()],_grantAssumeRole_decorators=[(0,metadata_resource_1().MethodMetadata)()],_grant_decorators=[(0,metadata_resource_1().MethodMetadata)()],_dedupeString_decorators=[(0,metadata_resource_1().MethodMetadata)()],__esDecorate(this,null,_addToPolicy_decorators,{kind:"method",name:"addToPolicy",static:!1,private:!1,access:{has:obj=>"addToPolicy"in obj,get:obj=>obj.addToPolicy},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_addToPrincipalPolicy_decorators,{kind:"method",name:"addToPrincipalPolicy",static:!1,private:!1,access:{has:obj=>"addToPrincipalPolicy"in obj,get:obj=>obj.addToPrincipalPolicy},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_attachInlinePolicy_decorators,{kind:"method",name:"attachInlinePolicy",static:!1,private:!1,access:{has:obj=>"attachInlinePolicy"in obj,get:obj=>obj.attachInlinePolicy},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_addManagedPolicy_decorators,{kind:"method",name:"addManagedPolicy",static:!1,private:!1,access:{has:obj=>"addManagedPolicy"in obj,get:obj=>obj.addManagedPolicy},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_grantPassRole_decorators,{kind:"method",name:"grantPassRole",static:!1,private:!1,access:{has:obj=>"grantPassRole"in obj,get:obj=>obj.grantPassRole},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_grantAssumeRole_decorators,{kind:"method",name:"grantAssumeRole",static:!1,private:!1,access:{has:obj=>"grantAssumeRole"in obj,get:obj=>obj.grantAssumeRole},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_grant_decorators,{kind:"method",name:"grant",static:!1,private:!1,access:{has:obj=>"grant"in obj,get:obj=>obj.grant},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(this,null,_dedupeString_decorators,{kind:"method",name:"dedupeString",static:!1,private:!1,access:{has:obj=>"dedupeString"in obj,get:obj=>obj.dedupeString},metadata:_metadata},null,_instanceExtraInitializers),__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),ImportedRole2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-iam.ImportedRole";grantPrincipal=(__runInitializers(this,_instanceExtraInitializers),this);principalAccount;assumeRoleAction="sts:AssumeRole";policyFragment;roleArn;roleName;attachedPolicies=new(util_2()).AttachedPolicies;defaultPolicyName;defaultPolicy;constructor(scope,id,props){super(scope,id,{account:props.account}),(0,metadata_resource_1().addConstructMetadata)(this,props),this.roleArn=props.roleArn,this.roleName=props.roleName,this.policyFragment=new(principals_1()).ArnPrincipal(this.roleArn).policyFragment,this.defaultPolicyName=props.defaultPolicyName,this.principalAccount=props.account}get roleRef(){return{roleName:this.roleName,roleArn:this.roleArn}}addToPolicy(statement){return this.addToPrincipalPolicy(statement).statementAdded}addToPrincipalPolicy(statement){if(!this.defaultPolicy){const useUniqueName=core_1().FeatureFlags.of(this).isEnabled(cx_api_1().IAM_IMPORTED_ROLE_STACK_SAFE_DEFAULT_POLICY_NAME),prefix="Policy";let defaultDefaultPolicyName=useUniqueName?`${prefix}${core_1().Names.uniqueId(this)}`:prefix;defaultDefaultPolicyName.length>util_1().MAX_POLICY_NAME_LEN&&(defaultDefaultPolicyName=`${prefix}${core_1().Names.uniqueResourceName(this,{maxLength:util_1().MAX_POLICY_NAME_LEN-prefix.length})}`);const policyName=this.defaultPolicyName??defaultDefaultPolicyName;this.defaultPolicy=new(policy_1()).Policy(this,policyName,useUniqueName?{policyName}:void 0),this.attachInlinePolicy(this.defaultPolicy)}return this.defaultPolicy.addStatements(statement),{statementAdded:!0,policyDependable:this.defaultPolicy}}attachInlinePolicy(policy){const thisAndPolicyAccountComparison=core_1().Token.compareStrings(this.env.account,policy.env.account);(thisAndPolicyAccountComparison===core_1().TokenComparison.SAME||thisAndPolicyAccountComparison===core_1().TokenComparison.BOTH_UNRESOLVED||thisAndPolicyAccountComparison===core_1().TokenComparison.ONE_UNRESOLVED)&&(this.attachedPolicies.attach(policy),policy.attachToRole(this))}addManagedPolicy(policy){(x=>x.attachToRole!==void 0)(policy)?policy.attachToRole(this):core_1().Annotations.of(this).addWarningV2("@aws-cdk/aws-iam:IRoleCantBeUsedWithIManagedPolicy",`Can't combine imported IManagedPolicy: ${policy.managedPolicyArn} to imported role IRole: ${this.roleName}. Use ManagedPolicy directly.`)}grantPassRole(identity){return this.grant(identity,"iam:PassRole")}grantAssumeRole(identity){return this.grant(identity,"sts:AssumeRole")}grant(grantee,...actions){return grant_1().Grant.addToPrincipal({grantee,actions,resourceArns:[this.roleArn]})}dedupeString(){return`ImportedRole:${this.roleArn}`}static{__runInitializers(_classThis,_classExtraInitializers)}};return ImportedRole2=_classThis})();exports.ImportedRole=ImportedRole;