override grantConnect()

in cdk/lib/constructs/database.ts [207:231]

• 23 lines of code
• 3 McCabe index (conditional complexity)

	override grantConnect(grantee: IGrantable): Grant {
		if (this.enableIamAuthentication === false) {
			throw new Error(
				'Cannot grant connect when IAM authentication is disabled',
			);
		}

		const { instanceResourceId } = this;
		const { masterUsername } = this.cfnResource;

		return Grant.addToPrincipal({
			grantee,
			actions: ['rds-db:connect'],
			resourceArns: [
				Stack.of(this).formatArn({
					arnFormat: ArnFormat.COLON_RESOURCE_NAME,
					service: 'rds-db',
					resource: 'dbuser',
					resourceName: masterUsername
						? [instanceResourceId, masterUsername].join('/')
						: instanceResourceId,
				}),
			],
		});
	}