Add runtime schema validation for things that can't be checked by JSONSchema

[aygold92]

• [x] a property can't be readOnly and writeOnly.
• [x] a property can't be readOnly and createOnly.
• [x] an identifier must be either createOnly or readOnly (note: this one is debatable, but CFN does not currently support updating the physicalResourceId)
• [ ] ensure that jsonPointers map to actual properties

Update (3/16/2020)

• [ ] Ensure primaryIdentifier can only refer to a property which itself is a String or Number.
• [ ] Ensure the property defined in primaryIdentifier exists

Please add more as we come across them

[tobywf]

Please see RPDK resource_generator.py (permalink) for additional semantic validations that should be implemented:

• strings: using format and pattern together may be nonsensical
• integer/number: using minimum and exclusiveMinimum together may be nonsensical, same with maximum
• integer/number: validate that minimum < maximum (minimum == maximum makes no sense either, and should use const instead), same for exclusive ones. added complication: perform this validation with minimum and exclusiveMaximum and vice versa.

[benkehoe]

While primaryIdentifier can be an array (of pointers), a pointer within that array should not point to an array (at least, that's not currently supported). This is not checked during registration but fails (opaquely) at runtime.

[PatMyron]

added some of these to cfn validate: https://github.com/aws-cloudformation/cloudformation-cli/pull/663, https://github.com/aws-cloudformation/cloudformation-cli/pull/668, https://github.com/aws-cloudformation/cloudformation-cli/pull/675, https://github.com/aws-cloudformation/cloudformation-cli/pull/729