docs(integ-tests): how to use AwsApiCall.waiterProvider.addToRolePolicy() (aws#31167)

badmintoncryer · web-flow · commit c7f68a77f1c5 · 2024-11-21T01:49:12.000Z
### Issue # (if applicable) None ### Reason for this change By using `AwsApiCall.provider.addToRolePolicy()`, we can add the necessary IAM policy to execute `AwsApiCall`. However, when using `waitForAssertions()`, the test will fail unless we use `AwsApiCall.waiterProvider.addToRolePolicy()`. Since this information was not mentioned in the official documentation, I struggled to resolve the issue, so I submitted a pull request to add it to the documentation." ### Description of changes Add description. ### Description of how you validated changes None ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/@aws-cdk/integ-tests-alpha/README.md b/packages/@aws-cdk/integ-tests-alpha/README.md
@@ -345,6 +345,23 @@ apiCall.provider.addToRolePolicy({
 });
 ```
 
+When executing `waitForAssertion()`, it is necessary to add an IAM policy using `waiterProvider.addToRolePolicy()`.
+Because `IApiCall` does not have a `waiterProvider` property, you need to cast it to `AwsApiCall`.
+
+```ts
+declare const integ: IntegTest;
+
+const apiCall = integ.assertions.awsApiCall('S3', 'listObjectsV2', {
+  Bucket: 'mybucket',
+}).waitForAssertions() as AwsApiCall;
+
+apiCall.waiterProvider?.addToRolePolicy({
+  Effect: 'Allow',
+  Action: ['s3:GetObject', 's3:ListBucket'],
+  Resource: ['*'],
+});
+```
+
 Note that addToRolePolicy() uses direct IAM JSON policy blobs, not a iam.PolicyStatement
 object like you will see in the rest of the CDK.
 
