Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-sso: PermissionSet InlinePolicy type should be string #26868

Closed
bellmatt opened this issue Aug 24, 2023 · 2 comments
Closed

aws-sso: PermissionSet InlinePolicy type should be string #26868

bellmatt opened this issue Aug 24, 2023 · 2 comments
Labels
@aws-cdk/aws-sso Related to the @aws-cdk/aws-sso package bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/medium Medium work item – several days of effort p2 response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.

Comments

@bellmatt
Copy link

Describe the bug

I get this error after upgrading from CDK v1.84.0 to v2 or latest v1:

RuntimeError: Error: Resolution error: Supplied properties not correct for "CfnPermissionSetProps"
  inlinePolicy: "{\"Statement\": [ [...] ] }" should be an 'object'.

AWS::SSO::PermissionSet InlinePolicy has PrimitiveType was set to Json here:
https://github.com/aws/aws-cdk/blob/main/packages/%40aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json#L152-L157

However, the examples and descriptions on the CloudFormation docs show this as a json string instead: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-inlinepolicy

The 000_AWS_SSO.json file linked above did not exist on the working version (1.84.0), so this may be why the error happens after upgrading

Expected Behavior

Allow a json string for the InlinePolicy property

Current Behavior

RuntimeError: Error: Resolution error: Supplied properties not correct for "CfnPermissionSetProps"
  inlinePolicy: "{\"Statement\": [ [...] ] }" should be an 'object'.

Reproduction Steps

Use CDK to deploy a template with an inline policy containing a json string like this

Resources:
  MyPermissionSet:
    Type: AWS::SSO::PermissionSet
    Properties:
      InstanceArn: arn
      Name: foo
      Description: bar
      InlinePolicy: '{"Statement": [...] }'

Possible Solution

The 000_AWS_SSO.json file linked above did not exist on our working version (1.84.0), so assuming this is why the error happens

Additional Information/Context

No response

CDK CLI Version

1.204.0

Framework Version

No response

Node.js Version

Any

OS

Any

Language

Python

Language Version

Python 3.8

Other information

No response
@bellmatt bellmatt added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 24, 2023
@github-actions github-actions bot added the @aws-cdk/aws-sso Related to the @aws-cdk/aws-sso package label Aug 24, 2023
@pahud
Copy link
Contributor

pahud commented Aug 24, 2023

Can you share a smallest CDK code that reproduces this issue?

@pahud pahud added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Aug 24, 2023
@github-actions
Copy link

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added closing-soon This issue will automatically close in 4 days unless further comments are made. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. and removed closing-soon This issue will automatically close in 4 days unless further comments are made. labels Aug 26, 2023
@github-actions github-actions bot mentioned this issue Sep 1, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-sso Related to the @aws-cdk/aws-sso package bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/medium Medium work item – several days of effort p2 response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pahud @bellmatt