public createRoleForSecretsManager()

in lib/dms-replication.ts [61:79]

• 17 lines of code
• 1 McCabe index (conditional complexity)

  public createRoleForSecretsManager(): Role {
    const role = new Role(this, 'dms-secretsmgr-access-role', {
      assumedBy: new ServicePrincipal('dms.' + this.region + '.amazonaws.com'),
    });

    role.addToPolicy(
      new PolicyStatement({
        resources: ['*'],
        actions: [
          'secretsmanager:GetSecretValue',
          'secretsmanager:DescribeSecret',
          'secretsmanager:ListSecretVersionIds',
          'secretsmanager:ListSecrets',
        ],
      })
    );

    return role;
  }