in chalice/pipeline.py [0:0]
def _add_codepipeline_role(self, resources, outputs):
# type: (Dict[str, Any], Dict[str, Any]) -> None
outputs['CodePipelineRoleArn'] = {
'Value': {'Fn::GetAtt': 'CodePipelineRole.Arn'}
}
resources['CodePipelineRole'] = {
"Type": "AWS::IAM::Role",
"Properties": {
"Policies": [
{
"PolicyName": "DefaultPolicy",
"PolicyDocument": constants.CODEPIPELINE_POLICY,
}
],
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"sts:AssumeRole"
],
"Effect": "Allow",
"Principal": {
"Service": [
{'Fn::Sub': 'codepipeline'
'.${AWS::URLSuffix}'}
]
}
}
]
}
}
}