s3_bucket have_policy - would be nice to exclude randomly generated ids (Policy Id, Statement Id, IAM user id)

[NBJS]

Currently the have_policy test will only pass if you specify the randomly generated ids for Policy Id, Statement Id and IAM user Id in the spec. This means you first have to obtain these ids (which I'm currently getting via the sdk). I understand the def in /lib/awspec/type/s3_bucket.rb is just comparing json, but for future, it would be nice to exclude these ids from the comparison.

    {
        "Version": "2012-10-17",
        "Id": "#{policy_id}",
        "Statement": [
                {
                        "Sid": "#{statement_id}",
                        "Effect": "Allow",
                        "Principal": {
                                "AWS": "#{aws}"
                        },
                        "Action": "s3:PutObject",
                        "Resource": "arn:aws:s3:::#{bucket_name}/AccessLogs/AWSLogs/#{ac_id}/*"
                }
        ]
    }

    POLICY
  end

[k1LoW]

Hi @NBJS . Thank you for your comment!

awspec is testing framework (on Rspec ). So, I think that we should make strict comparisons.

If you want to solve it now, you can use resource (see https://github.com/k1LoW/awspec/blob/master/doc/resource_types.md#unlock-advanced-use-10 )

describe s3_bucket('my-bucket') do
  its('policy.policy.read') { should match /AccessLogs/ }
end

Regards