AWS IAM: Add constants for ServicePrincipal values

[el-veee]

Describe the feature

We currently define input a string to the ServicePrincipal class, e.g. new ServicePrincipal("ec2.amazonaws.com").

The format for these values is largely predicatable. We should add constants (e.g. via an enum) which correspond to the string values for each service.

We can see something similar to this in other parts of the CDK library. For example, the WindowsVersion class.

e.g. WindowsVersion.WINDOWS_SERVER_2022_ENGLISH_CORE_CONTAINERSLATEST

Use Case

Relying on strings, users must lookup the appropriate values or memorise them.

Although the string format is predictable, we would get better IDE support picking values from enums versus of writing entire strings.

Proposed Solution

An enum defining the services.

enum ServicePricipalServices {
    EC2_SERVICE = "ec2.amazonaws.com",
    LAMBDA_SERVICE = "lambda.amazonaws.com"
}

Other Information

No response

Acknowledgements

• [X] I may be able to implement this feature request
• [ ] This feature might incur a breaking change

CDK version used

2.20.0

Environment details (OS name and version, etc.)

Linux (Kubuntu), Typescript

[rix0rrr]

Nice idea.

I would think that if we did this, we wouldn't enumize the string but the object itself: ServicePrincipals.EC2.

The question is where we would get the canonical list. I'm a little worried about maintenance here.

[watany-dev]

Third party listings found. It is a good current cross section, but there are challenges in keeping up with updates https://gist.github.com/shortjared/4c1e3fe52bdfa47522cfe5b41e5d6f22

That said, for many existing services this is useful.

• A cdk-like way to write it.ServicePrincipals.EC2
• Manual configuration. new ServicePrincipal("ec2.amazonaws.com")

It seems like a good idea to create both of them as shown in the following example. If you just want to follow the list above, I can handle this fix. Because I can't wait to try this writeup!