banner

KuchBhiLearning - A free website to learn and code

This is a good learning site. This contains details of cloud computing, AWS, AWS-CDK, AWS-SDK codes and examples including S3, Redis, lambda, api-gateway, cloudfront, cloudformation.

AWS CDK- Get Role By Name

Importing Existing IAM Roles in AWS CDK

Full details regarding how to create role can be found here.

In order to import an existing IAM Role in CDK, we have to use the fromRoleArn method in the Role construct.

There are chances where we do not want to create Role in CDK but rather we want to use the existing role in our application.
import * as iam from 'aws-cdk-lib/aws-iam';
import * as cdk from 'aws-cdk-lib';

export class CdkExampleStack extends cdk.Stack {
  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // import existing IAM Role
    // account here refers to AWS account
    const exampleRole = iam.Role.fromRoleArn(
      this,
      'example-role',
      `arn:aws:iam::${account}:role/Example-Role-Name`,
      {mutable: false},
    );
  }
}

The static fromRoleArn takes 4 properties.
  • scope Construct — construct scope.
  • id string — construct id.
  • roleArn string — the ARN of the role to import.
  • options FromRoleArnOptions — allow customizing the behavior of the returned role.
The third parameter we passed to the method is the ARN of the IAM role we want to import. If we navigate to AWS and search for our role, we should be able to find the ARN of that role.

The mutable prop specifies whether the imported role can be modified by attaching policies to it. By default the mutable prop is set to true.



Tags: , , , , ,

No comments:

Post a Comment

If you have any doubts, Please let me know

Subscribe to: Post Comments (Atom)
Copyright 2022, KuchBhiLearning - A free website to learn and code. All rights Reserved.
| Designed by Yaseen Shariff