constructor()

in infrastructure/lib/constructs/identity-pool.ts [19:50]

• 28 lines of code
• 1 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props: IdentityPoolProps) {
    super(scope, id);

    this._identityPool = new cognito.CfnIdentityPool(this, 'identity-pool', {
      allowUnauthenticatedIdentities: false,
      cognitoIdentityProviders: [ {
        clientId: props.userPoolClientId, providerName: props.userPoolProviderName
      } ],
      identityPoolName: props.identityPoolName,
    });

    const authenticatedRole = new IdentityPoolRole(this, 'idp-auth-role', {
      roleType: IdentityPoolRoleTypeEnum.Authenticated,
      identityPoolId: this._identityPool.ref
    });

    props.authenticatedRolePolicies.forEach(p => authenticatedRole.getUnderlyingRole().addToPolicy(p));

    new cognito.CfnIdentityPoolRoleAttachment(this, 'identity-pool-roles', {
      identityPoolId: this._identityPool.ref,
      roles: {
        authenticated: authenticatedRole.getUnderlyingRole().roleArn,
      },
      roleMappings: {
        userPool: {
          identityProvider: `${props.userPoolProviderName}:${props.userPoolClientId}`,
          ambiguousRoleResolution: 'AuthenticatedRole',
          type: 'Token'
        }
      }
    });
  }