-
Notifications
You must be signed in to change notification settings - Fork 5.8k
Expand file tree
/
Copy pathcreate-service-linked-role.js
More file actions
52 lines (47 loc) · 1.6 KB
/
create-service-linked-role.js
File metadata and controls
52 lines (47 loc) · 1.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
import { fileURLToPath } from "node:url";
// snippet-start:[iam.JavaScript.createservicelinkedrolev3]
import {
CreateServiceLinkedRoleCommand,
GetRoleCommand,
IAMClient,
} from "@aws-sdk/client-iam";
const client = new IAMClient({});
/**
*
* @param {string} serviceName
*/
export const createServiceLinkedRole = async (serviceName) => {
const command = new CreateServiceLinkedRoleCommand({
// For a list of AWS services that support service-linked roles,
// see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html.
//
// For a list of AWS service endpoints, see https://docs.aws.amazon.com/general/latest/gr/aws-service-information.html.
AWSServiceName: serviceName,
});
try {
const response = await client.send(command);
console.log(response);
return response;
} catch (caught) {
if (
caught instanceof Error &&
caught.name === "InvalidInputException" &&
caught.message.includes(
"Service role name AWSServiceRoleForElasticBeanstalk has been taken in this account",
)
) {
console.warn(caught.message);
return client.send(
new GetRoleCommand({ RoleName: "AWSServiceRoleForElasticBeanstalk" }),
);
}
throw caught;
}
};
// snippet-end:[iam.JavaScript.createservicelinkedrolev3]
// Invoke main function if this file was run directly.
if (process.argv[1] === fileURLToPath(import.meta.url)) {
createServiceLinkedRole("elasticbeanstalk.amazonaws.com");
}