private Role buildMoveFromSqsToDynamoDbRole()

in dynamodb-api/src/main/java/com/awssamples/dynamodbapi/SqsToIotCoreStack.java [393:422]

• 24 lines of code
• 1 McCabe index (conditional complexity)

    private Role buildMoveFromSqsToDynamoDbRole(String queueArn, Table table) {
        PolicyStatement sqsPolicyStatement = LambdaPolicies.getMinimalLambdaSqsQueueEventSourceMappingTargetPolicy(queueArn);

        PolicyStatementProps dynamoDbPolicyStatementProps = PolicyStatementProps.builder()
                .effect(Effect.ALLOW)
                .resources(List.of(table.getTableArn()).asJava())
                .actions(List.of(SharedPermissions.DYNAMODB_PUT_ITEM_PERMISSION).asJava())
                .build();
        PolicyStatement dynamoDbPolicyStatement = new PolicyStatement(dynamoDbPolicyStatementProps);

        PolicyStatement iotPolicyStatement = getPublishToTopicPrefixPolicyStatement(this, "notification");

        PolicyDocumentProps policyDocumentProps = PolicyDocumentProps.builder()
                .statements(
                        List.of(sqsPolicyStatement,
                                minimalCloudWatchEventsLoggingPolicy,
                                dynamoDbPolicyStatement,
                                iotPolicyStatement).asJava())
                .build();
        PolicyDocument policyDocument = new PolicyDocument(policyDocumentProps);

        Map<String, PolicyDocument> policyDocuments = HashMap.of("root", policyDocument);

        RoleProps moveFromSqsToDynamoDbRoleProps = RoleProps.builder()
                .assumedBy(LambdaPolicies.LAMBDA_SERVICE_PRINCIPAL)
                .inlinePolicies(policyDocuments.toJavaMap())
                .build();

        return new Role(this, "MoveFromSqsToDynamoDbRole", moveFromSqsToDynamoDbRoleProps);
    }