Cleanup IAM definitions

calavera commented 5 months ago

Description of changes:

We have two different definitions of IAM policies and statement. These changes centralize them both into one.

These changes also add the Condition field that was missing from both implementations.

These changes also make Effect to be an enum with the default Allow, instead of an optional string. This is more ergonomic than checking whether the effect is none or allow.

By submitting this pull request

[x] I confirm that my contribution is made under the terms of the Apache 2.0 license.
[x] I confirm that I've made a best effort attempt to update all relevant documentation.

calavera commented 5 months ago

@aesterline since it looks like you're using these events, you might want to take a pass at reviewing these changes

aesterline commented 5 months ago

@aesterline since it looks like you're using these events, you might want to take a pass at reviewing these changes

I pulled this branch into our code and ran it through our tests. Everything works! Looks good to me. Thanks for the more thorough implementation.

awslabs / aws-lambda-rust-runtime

Cleanup IAM definitions #856