constructor()

in src/constructs/iam/roles/github-actions.ts [94:112]

• 17 lines of code
• 1 McCabe index (conditional complexity)

  constructor(scope: GuStack, props: GuGithubActionsRoleProps) {
    super(scope, "GithubActionsRole", {
      assumedBy: new FederatedPrincipal(
        `arn:aws:iam::${scope.account}:oidc-provider/${GITHUB_ACTIONS_ID_TOKEN_REQUEST_DOMAIN}`,
        {
          StringLike: {
            [`${GITHUB_ACTIONS_ID_TOKEN_REQUEST_DOMAIN}:sub`]: GuGithubActionsRepositoryCondition.toString(
              props.condition ?? ALL_GUARDIAN_REPOSITORIES,
            ),
          },
        },
        "sts:AssumeRoleWithWebIdentity",
      ),
    });

    props.policies.forEach((p) => p.attachToRole(this));

    new CfnOutput(this, `${this.node.id}-Arn`, { value: this.roleArn });
  }