public createQCBatchJobRole()

in source/src/molecule-unfolding/cdk/utils/utils-role.ts [220:266]

• 40 lines of code
• 1 McCabe index (conditional complexity)

    public createQCBatchJobRole(roleName: string): iam.Role {
        const role = new iam.Role(this.scope, `${roleName}`, {
            assumedBy: new iam.ServicePrincipal('ecs-tasks.amazonaws.com'),
        });
        role.addToPolicy(new iam.PolicyStatement({
            resources: [
                `arn:aws:s3:::${this.props.bucket.bucketName}/*`
            ],
            actions: [
                "s3:PutObject",
                "s3:GetObject"
            ]
        }));

        role.addToPolicy(new iam.PolicyStatement({
            resources: [
                `arn:aws:braket:*:${this.props.account}:quantum-task/*`,
            ],
            actions: [
                "braket:GetQuantumTask"
            ]
        }));

        role.addToPolicy(new iam.PolicyStatement({
            resources: [
                '*'
            ],
            actions: [
                //"braket:CreateJob",
                "braket:GetDevice",
                // "braket:SearchDevices",
                "braket:CreateQuantumTask",
                // "braket:SearchJobs",
                //"braket:SearchQuantumTasks"
            ]
        }));

        role.addToPolicy(new iam.PolicyStatement({
            resources: [
                `arn:aws:s3:::${this.props.bucket.bucketName}`
            ],
            actions: [
                "s3:ListBucket"
            ]
        }));
        return role
    }