setupGlueRoleLakeFormationPermissions()

in lib/constructs/s3-data-set-enrollment.ts [28:55]

• 22 lines of code
• 2 McCabe index (conditional complexity)

    setupGlueRoleLakeFormationPermissions(DataSetGlueRole: iam.Role, DataSetName: string, sourceDataBucket: s3.IBucket, locationDescription: string, ExistingLakeFormationResource?: lakeformation.CfnResource) {

        if(ExistingLakeFormationResource == null) {
            this.LakeFormationResource = new lakeformation.CfnResource(
              this,
              "sourceLakeFormationLocation",
              {
                resourceArn: sourceDataBucket.bucketArn,
                roleArn: this.DataEnrollment.DataSetGlueRole.roleArn,
                useServiceLinkedRole: true,
              }
            );
            
        } else {
            this.LakeFormationResource = ExistingLakeFormationResource;
        }
        

        super.grantGlueRoleLakeFormationPermissions(DataSetGlueRole, DataSetName, `${DataSetName}glueRolePermissions`, this.LakeFormationResource );

        this.grantDataLocationPermissions(this.DataEnrollment.DataSetGlueRole, {
            Grantable: true,
            GrantResourcePrefix: `${DataSetName}SourcelocationGrant`,
            Location: sourceDataBucket.bucketName,
            LocationPrefix: "/"
        }, this.LakeFormationResource);

    }