feat: make the iam role (#1)

.npmignore

@@ -11,7 +11,7 @@ dist/
 src/
 test/
 node_modules/
-p6cdkname/
+p6cdkgharole/
 .gitignore
 .mergify.yml
 .node-version

API.md

@@ -2,60 +2,60 @@
 
 ## Constructs <a name="Constructs" id="Constructs"></a>
 
-### P6CDKName <a name="P6CDKName" id="p6-cdk-name.P6CDKName"></a>
+### P6CDKGHARole <a name="P6CDKGHARole" id="p6-cdk-gha-role.P6CDKGHARole"></a>
 
-#### Initializers <a name="Initializers" id="p6-cdk-name.P6CDKName.Initializer"></a>
+#### Initializers <a name="Initializers" id="p6-cdk-gha-role.P6CDKGHARole.Initializer"></a>
 
 ```typescript
-import { P6CDKName } from 'p6-cdk-name'
+import { P6CDKGHARole } from 'p6-cdk-gha-role'
 
-new P6CDKName(scope: Construct, id: string, _props: IP6CDKNameProps)
+new P6CDKGHARole(scope: Construct, id: string, props: IP6CDKGHARoleProps)
 ```
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#p6-cdk-name.P6CDKName.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
-| <code><a href="#p6-cdk-name.P6CDKName.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
-| <code><a href="#p6-cdk-name.P6CDKName.Initializer.parameter._props">_props</a></code> | <code><a href="#p6-cdk-name.IP6CDKNameProps">IP6CDKNameProps</a></code> | *No description.* |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.Initializer.parameter.props">props</a></code> | <code><a href="#p6-cdk-gha-role.IP6CDKGHARoleProps">IP6CDKGHARoleProps</a></code> | *No description.* |
 
 ---
 
-##### `scope`<sup>Required</sup> <a name="scope" id="p6-cdk-name.P6CDKName.Initializer.parameter.scope"></a>
+##### `scope`<sup>Required</sup> <a name="scope" id="p6-cdk-gha-role.P6CDKGHARole.Initializer.parameter.scope"></a>
 
 - *Type:* constructs.Construct
 
 ---
 
-##### `id`<sup>Required</sup> <a name="id" id="p6-cdk-name.P6CDKName.Initializer.parameter.id"></a>
+##### `id`<sup>Required</sup> <a name="id" id="p6-cdk-gha-role.P6CDKGHARole.Initializer.parameter.id"></a>
 
 - *Type:* string
 
 ---
 
-##### `_props`<sup>Required</sup> <a name="_props" id="p6-cdk-name.P6CDKName.Initializer.parameter._props"></a>
+##### `props`<sup>Required</sup> <a name="props" id="p6-cdk-gha-role.P6CDKGHARole.Initializer.parameter.props"></a>
 
-- *Type:* <a href="#p6-cdk-name.IP6CDKNameProps">IP6CDKNameProps</a>
+- *Type:* <a href="#p6-cdk-gha-role.IP6CDKGHARoleProps">IP6CDKGHARoleProps</a>
 
 ---
 
 #### Methods <a name="Methods" id="Methods"></a>
 
 | **Name** | **Description** |
 | --- | --- |
-| <code><a href="#p6-cdk-name.P6CDKName.toString">toString</a></code> | Returns a string representation of this construct. |
-| <code><a href="#p6-cdk-name.P6CDKName.applyRemovalPolicy">applyRemovalPolicy</a></code> | Apply the given removal policy to this resource. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.toString">toString</a></code> | Returns a string representation of this construct. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.applyRemovalPolicy">applyRemovalPolicy</a></code> | Apply the given removal policy to this resource. |
 
 ---
 
-##### `toString` <a name="toString" id="p6-cdk-name.P6CDKName.toString"></a>
+##### `toString` <a name="toString" id="p6-cdk-gha-role.P6CDKGHARole.toString"></a>
 
 ```typescript
 public toString(): string
 ```
 
 Returns a string representation of this construct.
 
-##### `applyRemovalPolicy` <a name="applyRemovalPolicy" id="p6-cdk-name.P6CDKName.applyRemovalPolicy"></a>
+##### `applyRemovalPolicy` <a name="applyRemovalPolicy" id="p6-cdk-gha-role.P6CDKGHARole.applyRemovalPolicy"></a>
 
 ```typescript
 public applyRemovalPolicy(policy: RemovalPolicy): void
@@ -71,7 +71,7 @@ to be replaced.
 The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
 account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
 
-###### `policy`<sup>Required</sup> <a name="policy" id="p6-cdk-name.P6CDKName.applyRemovalPolicy.parameter.policy"></a>
+###### `policy`<sup>Required</sup> <a name="policy" id="p6-cdk-gha-role.P6CDKGHARole.applyRemovalPolicy.parameter.policy"></a>
 
 - *Type:* aws-cdk-lib.RemovalPolicy
 
@@ -81,18 +81,18 @@ account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
 
 | **Name** | **Description** |
 | --- | --- |
-| <code><a href="#p6-cdk-name.P6CDKName.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
-| <code><a href="#p6-cdk-name.P6CDKName.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
-| <code><a href="#p6-cdk-name.P6CDKName.isResource">isResource</a></code> | Check whether the given construct is a Resource. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.isResource">isResource</a></code> | Check whether the given construct is a Resource. |
 
 ---
 
-##### `isConstruct` <a name="isConstruct" id="p6-cdk-name.P6CDKName.isConstruct"></a>
+##### `isConstruct` <a name="isConstruct" id="p6-cdk-gha-role.P6CDKGHARole.isConstruct"></a>
 
 ```typescript
-import { P6CDKName } from 'p6-cdk-name'
+import { P6CDKGHARole } from 'p6-cdk-gha-role'
 
-P6CDKName.isConstruct(x: any)
+P6CDKGHARole.isConstruct(x: any)
 ```
 
 Checks if `x` is a construct.
@@ -111,41 +111,41 @@ library can be accidentally installed, and `instanceof` will behave
 unpredictably. It is safest to avoid using `instanceof`, and using
 this type-testing method instead.
 
-###### `x`<sup>Required</sup> <a name="x" id="p6-cdk-name.P6CDKName.isConstruct.parameter.x"></a>
+###### `x`<sup>Required</sup> <a name="x" id="p6-cdk-gha-role.P6CDKGHARole.isConstruct.parameter.x"></a>
 
 - *Type:* any
 
 Any object.
 
 ---
 
-##### `isOwnedResource` <a name="isOwnedResource" id="p6-cdk-name.P6CDKName.isOwnedResource"></a>
+##### `isOwnedResource` <a name="isOwnedResource" id="p6-cdk-gha-role.P6CDKGHARole.isOwnedResource"></a>
 
 ```typescript
-import { P6CDKName } from 'p6-cdk-name'
+import { P6CDKGHARole } from 'p6-cdk-gha-role'
 
-P6CDKName.isOwnedResource(construct: IConstruct)
+P6CDKGHARole.isOwnedResource(construct: IConstruct)
 ```
 
 Returns true if the construct was created by CDK, and false otherwise.
 
-###### `construct`<sup>Required</sup> <a name="construct" id="p6-cdk-name.P6CDKName.isOwnedResource.parameter.construct"></a>
+###### `construct`<sup>Required</sup> <a name="construct" id="p6-cdk-gha-role.P6CDKGHARole.isOwnedResource.parameter.construct"></a>
 
 - *Type:* constructs.IConstruct
 
 ---
 
-##### `isResource` <a name="isResource" id="p6-cdk-name.P6CDKName.isResource"></a>
+##### `isResource` <a name="isResource" id="p6-cdk-gha-role.P6CDKGHARole.isResource"></a>
 
 ```typescript
-import { P6CDKName } from 'p6-cdk-name'
+import { P6CDKGHARole } from 'p6-cdk-gha-role'
 
-P6CDKName.isResource(construct: IConstruct)
+P6CDKGHARole.isResource(construct: IConstruct)
 ```
 
 Check whether the given construct is a Resource.
 
-###### `construct`<sup>Required</sup> <a name="construct" id="p6-cdk-name.P6CDKName.isResource.parameter.construct"></a>
+###### `construct`<sup>Required</sup> <a name="construct" id="p6-cdk-gha-role.P6CDKGHARole.isResource.parameter.construct"></a>
 
 - *Type:* constructs.IConstruct
 
@@ -155,13 +155,13 @@ Check whether the given construct is a Resource.
 
 | **Name** | **Type** | **Description** |
 | --- | --- | --- |
-| <code><a href="#p6-cdk-name.P6CDKName.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
-| <code><a href="#p6-cdk-name.P6CDKName.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
-| <code><a href="#p6-cdk-name.P6CDKName.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
+| <code><a href="#p6-cdk-gha-role.P6CDKGHARole.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
 
 ---
 
-##### `node`<sup>Required</sup> <a name="node" id="p6-cdk-name.P6CDKName.property.node"></a>
+##### `node`<sup>Required</sup> <a name="node" id="p6-cdk-gha-role.P6CDKGHARole.property.node"></a>
 
 ```typescript
 public readonly node: Node;
@@ -173,7 +173,7 @@ The tree node.
 
 ---
 
-##### `env`<sup>Required</sup> <a name="env" id="p6-cdk-name.P6CDKName.property.env"></a>
+##### `env`<sup>Required</sup> <a name="env" id="p6-cdk-gha-role.P6CDKGHARole.property.env"></a>
 
 ```typescript
 public readonly env: ResourceEnvironment;
@@ -192,7 +192,7 @@ that might be different than the stack they were imported into.
 
 ---
 
-##### `stack`<sup>Required</sup> <a name="stack" id="p6-cdk-name.P6CDKName.property.stack"></a>
+##### `stack`<sup>Required</sup> <a name="stack" id="p6-cdk-gha-role.P6CDKGHARole.property.stack"></a>
 
 ```typescript
 public readonly stack: Stack;
@@ -209,9 +209,48 @@ The stack in which this resource is defined.
 
 ## Protocols <a name="Protocols" id="Protocols"></a>
 
-### IP6CDKNameProps <a name="IP6CDKNameProps" id="p6-cdk-name.IP6CDKNameProps"></a>
+### IP6CDKGHARoleProps <a name="IP6CDKGHARoleProps" id="p6-cdk-gha-role.IP6CDKGHARoleProps"></a>
 
-- *Implemented By:* <a href="#p6-cdk-name.IP6CDKNameProps">IP6CDKNameProps</a>
+- *Implemented By:* <a href="#p6-cdk-gha-role.IP6CDKGHARoleProps">IP6CDKGHARoleProps</a>
 
 
+#### Properties <a name="Properties" id="Properties"></a>
+
+| **Name** | **Type** | **Description** |
+| --- | --- | --- |
+| <code><a href="#p6-cdk-gha-role.IP6CDKGHARoleProps.property.principle">principle</a></code> | <code>aws-cdk-lib.Arn</code> | *No description.* |
+| <code><a href="#p6-cdk-gha-role.IP6CDKGHARoleProps.property.repo">repo</a></code> | <code>string</code> | *No description.* |
+| <code><a href="#p6-cdk-gha-role.IP6CDKGHARoleProps.property.policies">policies</a></code> | <code>aws-cdk-lib.aws_iam.IManagedPolicy[]</code> | *No description.* |
+
+---
+
+##### `principle`<sup>Required</sup> <a name="principle" id="p6-cdk-gha-role.IP6CDKGHARoleProps.property.principle"></a>
+
+```typescript
+public readonly principle: Arn;
+```
+
+- *Type:* aws-cdk-lib.Arn
+
+---
+
+##### `repo`<sup>Required</sup> <a name="repo" id="p6-cdk-gha-role.IP6CDKGHARoleProps.property.repo"></a>
+
+```typescript
+public readonly repo: string;
+```
+
+- *Type:* string
+
+---
+
+##### `policies`<sup>Optional</sup> <a name="policies" id="p6-cdk-gha-role.IP6CDKGHARoleProps.property.policies"></a>
+
+```typescript
+public readonly policies: IManagedPolicy[];
+```
+
+- *Type:* aws-cdk-lib.aws_iam.IManagedPolicy[]
+
+---
 

README.md

@@ -1,22 +1,25 @@
 DESC
 
-# P6CDKName
+# P6CDKGHARole
 
 ## LICENSE
 
 [![License](https://img.shields.io/badge/License-Apache%202.0-yellowgreen.svg)](https://opensource.org/licenses/Apache-2.0)
 
 ## Other
 
-![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod) ![Sonarcloud Status](https://sonarcloud.io/api/project_badges/measure?project=p6m7g8_p6-template-cdk-construct-eslint-npm-ts-flatfile&metric=alert_status) ![GitHub commit activity](https://img.shields.io/github/commit-activity/y/p6m7g8/p6-template-cdk-construct-eslint-npm-ts-flatfile) ![GitHub commit activity](https://img.shields.io/github/commit-activity/m/p6m7g8/p6-template-cdk-construct-eslint-npm-ts-flatfile)
+![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod) ![Sonarcloud Status](https://sonarcloud.io/api/project_badges/measure?project=p6m7g8_p6-cdk-gha-role&metric=alert_status) ![GitHub commit activity](https://img.shields.io/github/commit-activity/y/p6m7g8/p6-cdk-gha-role) ![GitHub commit activity](https://img.shields.io/github/commit-activity/m/p6m7g8/p6-cdk-gha-role)
 
 ## Usage
 
 ```ts
 ...
-import { P6CDKName } from 'p6-cdk-name';
+import { P6CDKGHARole } from 'p6-cdk-gha-role';
 
-new P6CDKName(this, 'P6CDKName', {
+new P6CDKGHARole(this, 'P6CDKGHARole', {
+  principle: arn,
+  repo: 'org/repo',
+  policies: []
 });
 ```
 

assets/diagram.dot

@@ -28,9 +28,31 @@ digraph "Diagram" {
     margin = 8,
   ];
   subgraph "VisualizeStack" {
-    "VisualizeStack" [
-      label = " VisualizeStack",
-      fontsize = 12,
-    ];
+    subgraph "cluster-SubGraph.VisualizeStack" {
+      graph [
+        label = "VisualizeStack",
+        labelloc = "b",
+        labeljust = "l",
+        margin = "10",
+        fontsize = "16",
+        penwidth = "2",
+        pencolor = "#888888",
+        style = "filled,rounded",
+        fillcolor = "#e4e4e4",
+      ];
+      "VisualizeStack/MyP6Stack/gha-p6m7g8-p6-roles" [
+        label = " gha-p6m7g8-p6-roles",
+        fontsize = 12,
+        image = "/Users/pgollucci/.p6/p6m7g8/p6-cdk-gha-role/node_modules/cdk-dia/icons/aws/Service/Arch_Security-Identity-Compliance/64/[email protected]",
+        imagescale = "true",
+        imagepos = "tc",
+        penwidth = "0",
+        shape = "node",
+        fixedsize = "true",
+        labelloc = "b",
+        width = 1.2,
+        height = 1.466,
+      ];
+    }
   }
 }

bin/visualize.ts

@@ -1,12 +1,19 @@
 import type { Construct } from 'constructs'
 import * as cdk from 'aws-cdk-lib'
-import { P6CDKName } from '../src'
+import * as iam from 'aws-cdk-lib/aws-iam'
+import { P6CDKGHARole } from '../src'
 
 class VisualizeStack extends cdk.Stack {
   constructor(scope: Construct, id: string) {
     super(scope, id)
 
-    new P6CDKName(this, 'MyP6Stack', {
+    new P6CDKGHARole(this, 'MyP6Stack', {
+      principle: 'arn:aws:iam::346733622331:oidc-provider/token.actions.githubusercontent.com',
+      repo: 'p6m7g8/p6m7g8.com',
+      policies: [
+        iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonS3FullAccess'),
+        iam.ManagedPolicy.fromAwsManagedPolicyName('CloudFrontFullAccess'),
+      ],
     })
   }
 }