def _attach_chalice_permissions()

in api/infrastructure/stacks/chaliceapp.py [0:0]

• 9 lines of code
• 3 McCabe index (conditional complexity)

    def _attach_chalice_permissions(self):
        """
        Attach permissions to role created by Chalice.
        Chalice uses the logical name of 'Default Role' for its default role

        :return:
        """
        self.dynamodb_table.grant_read_write_data(
            self.chalice.get_role('DefaultRole')
        )
        self.s3_upload_bucket.grant_read_write(
            self.chalice.get_role('DefaultRole')
        )

        # Managed policy for API to register things, request certificates from AWS IoT, and attach policies
        # Chalice tries to create some of these policies but those aren't sufficient
        chalice_role = self.chalice.get_resource('DefaultRole')
        chalice_role.managed_policy_arns = ['arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration']