async getCredentials()

in services/application/libs/auth/src/credential-vendor.ts [27:51]

• 25 lines of code
• 4 McCabe index (conditional complexity)

  async getCredentials(config: CredentialConfig): Promise<any> {
    let policy: string;
    switch (config.policyType) {
      case PolicyType.DynamoDBLeadingKey:
        const template = JSON.stringify(policies.dynamodbLeadingKey);
        const vals = {
          ...config.attributes,
          tenant: this.tenantId,
        };
        policy = Mustache.render(template, vals);
        console.log('POLICY:', policy);
      default:
        break;
    }
    const sts = new STSClient({ region: process.env.AWS_REGION });
    const cmd = new AssumeRoleCommand({
      DurationSeconds: config.duration || 900,
      Policy: policy,
      RoleArn: process.env.IAM_ROLE_ARN,
      RoleSessionName: config.roleSessionName || this.tenantId,
    });
    const response = await sts.send(cmd);
    console.log('Successfully assumed role: ', process.env.IAM_ROLE_ARN);
    return response.Credentials;
  }