serverless-ide-vscode icon indicating copy to clipboard operation
serverless-ide-vscode copied to clipboard

Published 20 hours ago verified publisher icon threadheap

Inline IAM policy documents for AWS::Serverless::Function show as invalid

Open Sleavely opened this issue 3 years ago • 0 comments

Note: what to raise a request for unknown/new or required field or resource, then raise a PR. #68 and #62 are good examples of updating a schema definition. It should not take longer that 15 minutes.

What to prioritizer bugfix or feature? Hit that ❤️support button on the top of the screen.

And don't forget to 🌟star the repo

  • I'm submitting a ...

    • [X] bug report
    • [ ] feature request
    • [ ] support request => Please do not submit support request here, see note at the top of this template.

  • Do you want to request a feature or report a bug?

Bug

  • What is the current behavior?

For AWS::Serverless::Function resources, Policies is expecting a string or list of strings.

  • If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem via https://plnkr.co or similar.
Resources:
  ApiLambda:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: !Sub ${PROJECT}-api-${ENVIRONMENT}
      CodeUri: dist/src/
      Handler: index.handler
      Policies:
      - Version: 2012-10-17
        Statement:
          - Effect: Allow
            Action:
            - dynamodb:GetItem
            - dynamodb:PutItem
            Resource: !Join [ "", [ !GetAtt PostsTable.Arn, "*" ]]
  • What is the expected behavior?

It should accept inline IAM policy maps as well. From the docs:

Policies accepts a single string or a list of strings, and can be the name of AWS managed policies or AWS SAM policy templates, or inline IAM policy documents formatted in YAML.

https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html#sam-function-policies

  • What is the motivation / use case for changing the behavior?

It's all squiggly :(

  • Please tell us about your environment:

    • Plugin version: 0.5.30
    • VSCode version: 1.53.2
    • Template type: CloudFormation with the AWS::Serverless-2016-10-31 transform

  • Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. stackoverflow, gitter, etc)

I'm using the "default" validation provider setting.

Sleavely avatar Feb 26 '21 21:02 Sleavely