private IRole CreateNewRole(RoleOptions roleOption)
{
IRole role;
if (roleOption.AwsPolicies?.Any() == true || roleOption.CustomPolicies?.Any() == true || roleOption.InlinePolicies?.Any() == true)
{
var awsPolicies = roleOption.AwsPolicies?.Select(x => AwsCdkHandler.LocateAwsManagedPolicyByName(x)).ToList();
var customPolicies = roleOption.CustomPolicies?.Select(x => AwsCdkHandler.LocateManagedPolicyByName(x)).ToList();
var inlinePolicies = roleOption.InlinePolicies?.ToDictionary(policyId => policyId, policyId => LocatePolicyDocument(policyId, $"The PolicyDocument {policyId} of the role {roleOption.Name} was not found"));
var policies = new List <IManagedPolicy>();
if (awsPolicies?.Any() == true)
{
policies.AddRange(awsPolicies);
}
if (customPolicies?.Any() == true)
{
policies.AddRange(customPolicies);
}
role = AwsCdkHandler.AddRole(roleOption.Name, AwsCdkHandler.CreateRoleProperties(roleOption.Name, roleOption.AssumedBy.ToArray(), policies.ToArray(), inlinePolicies));
}
else if (roleOption.AwsActions?.Any() == true)
{
role = AwsCdkHandler.AddRole(roleOption.Name, AwsCdkHandler.CreateRoleProperties(roleOption.Name, roleOption.AssumedBy.ToArray(), roleOption.Name, roleOption.AwsActions.ToArray(), new string[] { "*" }));
}
else
{
throw new ArgumentException($"The role {roleOption.Id} must have either a list of AwsPolicies, a list of CustomPolicies or a list of AwsActions");
}
return(role);
}
