function getSystemAdminPolicy()

in source/user-manager/cognito-user.js [640:686]

• 47 lines of code
• 1 McCabe index (conditional complexity)

function getSystemAdminPolicy(policyParams) {
    var systemAdminPolicyTemplate = {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "TenantSystemAdminTenantTable",
                "Effect": "Allow",
                "Action": ["dynamodb:*"],
                "Resource": [policyParams.tenantTableArn]
            },
            {
                "Sid": "TenantSystemAdminUserTable",
                "Effect": "Allow",
                "Action": ["dynamodb:*"],
                "Resource": [policyParams.userTableArn, policyParams.userTableArn + '/*']
            },
            {
                "Sid": "TenantSystemAdminOrderTable",
                "Effect": "Allow",
                "Action": ["dynamodb:*"],
                "Resource": [policyParams.orderTableArn]
            },
            {
                "Sid": "TenantSystemAdminProductTable",
                "Effect": "Allow",
                "Action": [
                    "dynamodb:*",
                    "dynamodb:DescribeTable"
                ],
                "Resource": [policyParams.productTableArn]
            },
            {
                "Sid": "FullCognitoFederatedIdentityAccess",
                "Effect": "Allow",
                "Action": ["cognito-identity:*"],
                "Resource": ["*"]
            },
            {
                "Sid": "FullCognitoUserPoolAccess",
                "Effect": "Allow",
                "Action": ["cognito-idp:*"],
                "Resource": ["*"]
            }
        ]
    };
    return systemAdminPolicyTemplate;
}