aws-cloudformation-resource-providers-codeartifact icon indicating copy to clipboard operation
aws-cloudformation-resource-providers-codeartifact copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

Multiple types for PolicyDocument?

Open richardhboyd opened this issue 5 years ago • 4 comments
trafficstars 

      "type": [
        "object",
        "string"
      ],

This seems a bit clunky. It would be hard for tools like CDK to help provide a better developer experience because many static typed languages don't support this type of input. Personally I would go with just an Object or (better yet) convince the IAM team to create an official PolicyDocument type that can be re-used. Also, calling it an "object" means it is arbitrary json and I DO NOT LIKE that. What are valid keys? what are valid values? what is even real anymore?

https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codeartifact/blob/master/aws-codeartifact-domain/aws-codeartifact-domain.json#L41-L44

richardhboyd avatar Aug 01 '20 20:08 richardhboyd

We have since changed this to object. What is the value of adding validation of permissions policies if the the service will handle misformed policies?

jonjara avatar Aug 28 '20 19:08 jonjara

If you were reading the docs for CodeArtifact and saw this, would you know what that json was supposed to look like?

richardhboyd avatar Aug 28 '20 19:08 richardhboyd

We have some examples available here that demonstrate how to add the policy doc: https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codeartifact/tree/main/sample-templates/json

detam-amazon avatar Aug 31 '20 20:08 detam-amazon

if I were reading this then it would definitely be clear, maybe we can add this to the "description" text?

jonjara avatar Aug 31 '20 20:08 jonjara