1. Advisor
  2. cloudform-types
  3. functions
  4. cloudform-types.IAM.Role
View all cloudform-types analysis

How to use the cloudform-types.IAM.Role function in cloudform-types

To help you get started, we’ve selected a few cloudform-types examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github aws-amplify / amplify-cli / packages / graphql-transformers-e2e-tests / src / cognitoUtils.ts View on Github external
export function addIAMRolesToCFNStack(out: DeploymentResources, e2eConfig: E2Econfiguration) {
  const { AUTH_ROLE_NAME, UNAUTH_ROLE_NAME, IDENTITY_POOL_NAME, USER_POOL_CLIENTWEB_NAME, USER_POOL_CLIENT_NAME, USER_POOL_ID } = e2eConfig;

  // logic to add IAM roles to cfn
  const authRole = new cfnIAM.Role({
    RoleName: AUTH_ROLE_NAME,
    AssumeRolePolicyDocument: {
      Version: '2012-10-17',
      Statement: [
        {
          Sid: '',
          Effect: 'Allow',
          Principal: {
            Federated: 'cognito-identity.amazonaws.com',
          },
          Action: 'sts:AssumeRoleWithWebIdentity',
          Condition: {
            'ForAnyValue:StringLike': {
              'cognito-identity.amazonaws.com:amr': 'authenticated',
            },
          },
github aws-amplify / amplify-cli / packages / graphql-transformer-core / src / util / syncUtils.ts View on Github external
export function syncLambdaIAMRole({ name, region }: { name: string; region?: string }) {
    return new IAM.Role({
      RoleName: Fn.If(
        ResourceConstants.CONDITIONS.HasEnvironmentParameter,
        Fn.Join('-', [
          name.slice(0, 26), // max of 64. 64-10-26-28 = 0
          Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
          Fn.Ref(ResourceConstants.PARAMETERS.Env), // 10
        ]),
        Fn.Join('-', [
          // tslint:disable-next-line: no-magic-numbers
          name.slice(0, 37), // max of 64. 64-26-38 = 0
          Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
        ])
      ),
      AssumeRolePolicyDocument: {
        Version: '2012-10-17',
        Statement: [
github aws-amplify / amplify-cli / packages / graphql-dynamodb-transformer / src / resources.ts View on Github external
public makeIAMRole(typeName: string, syncConfig?: SyncConfig) {
    return new IAM.Role({
      RoleName: Fn.If(
        ResourceConstants.CONDITIONS.HasEnvironmentParameter,
        Fn.Join('-', [
          typeName.slice(0, 21), // max of 64. 64-10-26-4-3 = 21
          'role', // 4
          Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'), // 26
          Fn.Ref(ResourceConstants.PARAMETERS.Env), // 10
        ]),
        Fn.Join('-', [
          typeName.slice(0, 31), // max of 64. 64-26-4-3 = 31
          'role',
          Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId'),
        ])
      ),
      AssumeRolePolicyDocument: {
        Version: '2012-10-17',
github aws-amplify / amplify-cli / packages / graphql-transformers-e2e-tests / src / cognitoUtils.ts View on Github external
Effect: 'Allow',
          Principal: {
            Federated: 'cognito-identity.amazonaws.com',
          },
          Action: 'sts:AssumeRoleWithWebIdentity',
          Condition: {
            'ForAnyValue:StringLike': {
              'cognito-identity.amazonaws.com:amr': 'authenticated',
            },
          },
        },
      ],
    },
  });

  const unauthRole = new cfnIAM.Role({
    RoleName: UNAUTH_ROLE_NAME,
    AssumeRolePolicyDocument: {
      Version: '2012-10-17',
      Statement: [
        {
          Sid: '',
          Effect: 'Allow',
          Principal: {
            Federated: 'cognito-identity.amazonaws.com',
          },
          Action: 'sts:AssumeRoleWithWebIdentity',
          Condition: {
            'ForAnyValue:StringLike': {
              'cognito-identity.amazonaws.com:amr': 'unauthenticated',
            },
          },
github aws-amplify / amplify-cli / packages / graphql-transformer-core / src / util / syncUtils.ts View on Github external
export function createSyncIAMRole() {
    const roleName = SyncResourceIDs.syncIAMRoleName;
    return new IAM.Role({
      RoleName: joinWithEnv('-', [roleName, Fn.GetAtt(ResourceConstants.RESOURCES.GraphQLAPILogicalID, 'ApiId')]),
      AssumeRolePolicyDocument: {
        Version: '2012-10-17',
        Statement: [
          {
            Effect: 'Allow',
            Principal: {
              Service: 'appsync.amazonaws.com',
            },
            Action: 'sts:AssumeRole',
          },
        ],
      },
      Policies: [
        new IAM.Role.Policy({
          PolicyName: 'DynamoDBAccess',

cloudform-types

TypeScript AWS CloudFormation template types - used by cloudform

GitHub
MIT
Latest version published 12 months ago

Package Health Score

64 / 100
Full package analysis

Popular cloudform-types functions

Similar packages