Need documentation on the parse command output. - Githubissues

awslabs / aws-cloudformation-iam-policy-validator

MIT No Attribution

132 stars 20 forks source link

Need documentation on the parse command output. #22

Open edenhare opened 2 years ago

edenhare commented 2 years ago

I am working on an article about cfn-policy-validator. Are these fields in the parse output documented somewhere?

"Roles": [],
"PermissionSets": [],
"Users": [],
"Groups": [],
"Resources": [],
"OrphanedPolicies": []

Thanks

mluttrell commented 2 years ago

Hi - the README is the entirety of the documentation for the tool today.

The fields in question here are mostly just for categorization to help with any sort of automation that one might want to do as a result of parsing a template. Some of the categories have fields that are specific to that category (e.g. Resources contains the type of resource).

One way to get a feel for the entirety of the schema is to run the validator against one of the test files in the repo. The file https://github.com/awslabs/aws-cloudformation-iam-policy-validator/blob/main/test_files/test_file_2.json is a mostly complete test of all of the features in the repo. You could run the parse command against this file and get a good picture of what the output looks like.