[sam] AWS SAM Policies inside CDK

[rhboyd]

:rocket: Feature Request

General Information

• [X] :wave: I may be able to implement this feature request
• [ ] :warning: This feature might incur a breaking change

Description

The AWS SAM IAM Policy Templates should exist in the aws-SAM module so users can easily translate their SAM Templates into CDK

Proposed Solution

Naive approach, manually copy the templates. Smart approach, maybe find a way to load the policy definitions from the aws-sam repository.

[nija-at]

I suppose you're talking about this set of IAM policies - https://github.com/awslabs/serverless-application-model/blob/master/samtranslator/policy_templates_data/policy_templates.json

This would be a useful feature.

We'll need to think about the different ways the policy templates in the SAM repository may get added, updated or deleted and how that should to get reflected in a CDK app that uses them. The solution or approach to this problem would need to include these considerations.

[simalexan]

+1

[rhboyd]

I think this should be part of a larger epic to pull in the SAM Specification so we aren't asking SAM users to dump arbitrary json blobs into their templates.

[mnugter]

I have been referred to this issue because I have hit the limit of resources in a single template. Using inline resources would save a resource for each lambda function and would greatly help mitigating the problem with the significant increase in resources that are created with CDK.

+1

[dlydiard]

+1

[aoffpo]

+1

[njlynch]

Note: Please 👍 the main request, rather than leaving +1 comments; it's much easier to track and sort based on 👍 s. A comment which describes your use case is also helpful.

[jackmcguire1]

bump, this may resolve the issue where the new CF importation module will be able to translate the AWS SAM SSM and pinpoint policies I am using within my CF stack, as they're are not generated correctly on CDK synth