Open richardhboyd opened 3 years ago
We have since changed this to object
. What is the value of adding validation of permissions policies if the the service will handle misformed policies?
If you were reading the docs for CodeArtifact and saw this, would you know what that json was supposed to look like?
We have some examples available here that demonstrate how to add the policy doc: https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codeartifact/tree/main/sample-templates/json
This seems a bit clunky. It would be hard for tools like CDK to help provide a better developer experience because many static typed languages don't support this type of input. Personally I would go with just an Object or (better yet) convince the IAM team to create an official PolicyDocument type that can be re-used. Also, calling it an "object" means it is arbitrary json and I DO NOT LIKE that. What are valid keys? what are valid values? what is even real anymore?
https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-codeartifact/blob/master/aws-codeartifact-domain/aws-codeartifact-domain.json#L41-L44