aws
feat(policy-templates) Add QLDBSendCommandPolicy
Issue: #2004
Description of changes: Add a new policy template "QLDBSendCommandPolicy"
Description of how you validated changes:
Checklist:
- [X] Write/update tests
- [ ]
make prpasses - [ ] Update documentation
- [ ] Verify transformed template deploys and application functions as expected
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Codecov Report
Merging #2003 (124f8bb) into develop (32211f2) will increase coverage by
0.05%. The diff coverage isn/a.
@@ Coverage Diff @@
## develop #2003 +/- ##
===========================================
+ Coverage 93.79% 93.84% +0.05%
===========================================
Files 90 90
Lines 5992 5992
Branches 1224 1224
===========================================
+ Hits 5620 5623 +3
+ Misses 171 169 -2
+ Partials 201 200 -1
| Impacted Files | Coverage Δ | |
|---|---|---|
| samtranslator/translator/logical_id_generator.py | 100.00% <0.00%> (+9.09%) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 32211f2...124f8bb. Read the comment docs.
When looking over QLDB actions, I notice this lacks PartiQL permissions, some of which relate to document/item actions. Are these excluded intentionally?
Looking at https://docs.aws.amazon.com/qldb/latest/developerguide/security_iam_id-based-policy-examples.html#security_iam_id-based-policy-examples-read-write for example, I don't think that this policy would work as written. I'm going to look at an alternative version of this, and given our pivot to connectors, likely we'll ship this as a Serverless Connector.