in lib/constructs/import-artefacts.ts [38:181]
constructor(scope: Construct, id: string, buildConfig: BuildConfig) {
super(scope, id);
this.nodeJsLayer = lambda.LayerVersion.fromLayerVersionArn(
this,
name(buildConfig, "importedNodeJsLayerVersion"),
StringParameter.valueForStringParameter(
this,
name(buildConfig, "nodeJsLayerVersionArn")
).toString()
);
this.importedddbTablesKey = Key.fromKeyArn(
this,
name(buildConfig, "importedDdbTablesKey"),
StringParameter.valueForStringParameter(
this,
name(buildConfig, "ddbTablesKeyArn")
)
);
this.currentConfigSMInvokeRoleArn = new SSMParamReader(
this,
name(buildConfig, "ssoListRoleArnpr"),
buildConfig,
{
ParamAccountId: buildConfig.PipelineSettings.SSOServiceAccountId,
ParamRegion: buildConfig.PipelineSettings.SSOServiceAccountRegion,
ParamNameKey: "ssoList-ssoapi-roleArn",
LambdaLayers: this.nodeJsLayer,
}
).paramValue;
this.currentConfigSMDescribeRoleArn = new SSMParamReader(
this,
name(buildConfig, "currentConfigSMDescribeRoleArnpr"),
buildConfig,
{
ParamAccountId: buildConfig.PipelineSettings.SSOServiceAccountId,
ParamRegion: buildConfig.PipelineSettings.SSOServiceAccountRegion,
ParamNameKey: "smDescribe-ssoapi-roleArn",
LambdaLayers: this.nodeJsLayer,
}
).paramValue;
this.importedPermissionSetHandlerSSOAPIRoleArn = new SSMParamReader(
this,
name(buildConfig, "importedPermissionSetHandlerSSOAPIRoleArn"),
buildConfig,
{
ParamAccountId: buildConfig.PipelineSettings.SSOServiceAccountId,
ParamRegion: buildConfig.PipelineSettings.SSOServiceAccountRegion,
ParamNameKey: "permissionSetHandler-ssoapi-roleArn",
LambdaLayers: this.nodeJsLayer,
}
).paramValue;
this.accountAssignmentImportTopic = Topic.fromTopicArn(
this,
name(buildConfig, "accountAssignmentImportTopic"),
new SSMParamReader(
this,
name(buildConfig, "accountAssignmentImportTopicArnReader"),
buildConfig,
{
ParamAccountId: buildConfig.PipelineSettings.SSOServiceAccountId,
ParamRegion: buildConfig.PipelineSettings.SSOServiceAccountRegion,
ParamNameKey: "accountAssignmentImportTopicArn",
LambdaLayers: this.nodeJsLayer,
}
).paramValue
);
this.permissionSetImportTopic = Topic.fromTopicArn(
this,
name(buildConfig, "permissionSetImportTopic"),
new SSMParamReader(
this,
name(buildConfig, "permissionSetImportTopicArnReader"),
buildConfig,
{
ParamAccountId: buildConfig.PipelineSettings.SSOServiceAccountId,
ParamRegion: buildConfig.PipelineSettings.SSOServiceAccountRegion,
ParamNameKey: "permissionSetImportTopicArn",
LambdaLayers: this.nodeJsLayer,
}
).paramValue
);
this.importedSsoArtefactsBucket = Bucket.fromBucketName(
this,
name(buildConfig, "importedSsoArtefactsBucket"),
StringParameter.valueForStringParameter(
this,
name(buildConfig, "ssoArtefactsBucketName")
)
);
this.importedPsTable = Table.fromTableAttributes(
this,
name(buildConfig, "importedPsTable"),
{
tableArn: StringParameter.valueForStringParameter(
this,
name(buildConfig, "permissionSetTableArn")
),
}
);
this.importedPsArnTable = Table.fromTableArn(
this,
name(buildConfig, "importedPsArnTable"),
StringParameter.valueForStringParameter(
this,
name(buildConfig, "permissionSetArnTableArn")
)
);
this.importedLinksTable = Table.fromTableAttributes(
this,
name(buildConfig, "importedLinksTable"),
{
tableArn: StringParameter.valueForStringParameter(
this,
name(buildConfig, "linksTableArn")
),
globalIndexes: [
"awsEntityData",
"principalName",
"permissionSetName",
"principalType",
],
}
);
this.importedProvisionedLinksTable = Table.fromTableAttributes(
this,
name(buildConfig, "importedProvisionedLinksTable"),
{
tableArn: StringParameter.valueForStringParameter(
this,
name(buildConfig, "provisionedLinksTableArn")
),
globalIndexes: ["tagKeyLookUp"],
}
);
}