dilunika/cdk.ts

## cdk.ts
private createPipelineRole(sharedAccountPrincipal: AccountPrincipal) {
        const pipelineRole = new iam.Role(this, 'DHApiCodepipelineRole', {
            roleName: `DHApiCodepipelineRole`,
            assumedBy: new iam.CompositePrincipal(
                new iam.ServicePrincipal('codepipeline.amazonaws.com'),
                new iam.ServicePrincipal('codebuild.amazonaws.com'),
                sharedAccountPrincipal
            )
        });
        pipelineRole.attachInlinePolicy(new iam.Policy(this, 'SharedAccountAssumeRolePolicy', {
            policyName: 'SharedAccountAssumeRolePolicy',
            statements: [
                new iam.PolicyStatement({
                    actions: ['sts:AssumeRole'],
                    resources: ['arn:aws:iam::<shared-account>:role/*'] //TODO Remove hard code
                }),
                new iam.PolicyStatement({
                    sid: 'AdminPermission',
                    effect: iam.Effect.ALLOW,
                    actions: ['*'],
                    resources: ['*']
                })
            ]
        }));
        return pipelineRole;
  }
	private createPipelineRole(sharedAccountPrincipal: AccountPrincipal) {
	const pipelineRole = new iam.Role(this, 'DHApiCodepipelineRole', {
	roleName: `DHApiCodepipelineRole`,
	assumedBy: new iam.CompositePrincipal(
	new iam.ServicePrincipal('codepipeline.amazonaws.com'),
	new iam.ServicePrincipal('codebuild.amazonaws.com'),
	sharedAccountPrincipal
	)
	});
	pipelineRole.attachInlinePolicy(new iam.Policy(this, 'SharedAccountAssumeRolePolicy', {
	policyName: 'SharedAccountAssumeRolePolicy',
	statements: [
	new iam.PolicyStatement({
	actions: ['sts:AssumeRole'],
	resources: ['arn:aws:iam::<shared-account>:role/*'] //TODO Remove hard code
	}),
	new iam.PolicyStatement({
	sid: 'AdminPermission',
	effect: iam.Effect.ALLOW,
	actions: ['*'],
	resources: ['*']
	})
	]
	}));
	return pipelineRole;
	}