def create_policy_string()

in customer-stack/create-resources.py [0:0]

• 24 lines of code
• 1 McCabe index (conditional complexity)

def create_policy_string(integration_info):
    policy_json = {
      "Version": "2012-10-17",
      "Statement":[
        {
          "Effect": "Allow",
          "Principal": {"Service":[integration_info[SERVICE]]},
          "Action": "sts:AssumeRole"
        },
        {
          "Effect": "Allow",
          "Principal": {
            "AWS":[integration_info[USER_ARN]]
          },
          "Action": "sts:AssumeRole",
          "Condition": {
            "StringEquals": {
              "sts:ExternalId": integration_info[EXTERNAL_ID]
            }
          }
        }
      ]
    }
    return json.dumps(policy_json)