public void iamPolicyNoncompliant()

in src/java/detectors/aws_iam_error_prone_policy/AwsIamErrorPronePolicy.java [18:37]

• 18 lines of code
• 1 McCabe index (conditional complexity)

    public void iamPolicyNoncompliant(final String roleName, String userArn) {
        final AmazonIdentityManagement iamClient = AmazonIdentityManagementClientBuilder.standard().withRegion(Regions.US_EAST_1).build();
        String policyDocument = "{\n" +
                " \"Version\": \"2012-10-17\",\n" +
                "  \"Statement\": [\n" +
                "   {\n" +
                "      \"Effect\": \"Allow\",\n" +
                "      \"Principal\": {\n" +
                "        \"AWS\": \"" + userArn + "\"\n" +
                "      },\n" +
                "      \"Action\": \"sts:AssumeRole\"\n" +
                "    }\n" +
                "  ]\n" +
                "}";

        final CreateRoleRequest createRoleRequest = new CreateRoleRequest();
        // Noncompliant: creates an IAM role/policy manually.
        createRoleRequest.withPath("path").withRoleName(roleName).withAssumeRolePolicyDocument(policyDocument);
        iamClient.createRole(createRoleRequest);
    }