-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add minified_json
to aws_iam_policy_document
data source
#35677
Conversation
Community NoteVoting for Prioritization
For Submitters
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Welcome @alexwilcox9 👋
It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.
Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.
Thanks again, and welcome to the community! 😃
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @alexwilcox9 - thanks for your submission!
The AWS IAM quotas page indicates that whitespace isn't counted against the character limit for inline or managed policies.
IAM doesn't count white space when calculating the size of a policy against these limits.
Is there a use case outside of IAM which this minified variant of the resulting JSON is intended for?
And to immediately contradict myself - the AWS Organizations quotas page states whitespace is not removed when using the AWS CLI or an SDK 🤦
With that context, this seems like a valuable enhancement. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🎉
% make testacc PKG=iam TESTS=TestAccIAMPolicyDocumentDataSource_
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/iam/... -v -count 1 -parallel 20 -run='TestAccIAMPolicyDocumentDataSource_' -timeout 360m
=== NAME TestAccIAMPolicyDocumentDataSource_StatementPrincipalIdentifiers_multiplePrincipalsGov
policy_document_data_source_test.go:393: skipping tests; current partition (aws) does not equal aws-us-gov
--- SKIP: TestAccIAMPolicyDocumentDataSource_StatementPrincipalIdentifiers_multiplePrincipalsGov (0.41s)
--- PASS: TestAccIAMPolicyDocumentDataSource_sourceListConflicting (4.75s)
--- PASS: TestAccIAMPolicyDocumentDataSource_sourceList (19.27s)
--- PASS: TestAccIAMPolicyDocumentDataSource_StatementPrincipalIdentifiers_stringAndSlice (21.24s)
--- PASS: TestAccIAMPolicyDocumentDataSource_sourcePolicyValidJSON (22.23s)
--- PASS: TestAccIAMPolicyDocumentDataSource_multipleConditionKeys (22.24s)
--- PASS: TestAccIAMPolicyDocumentDataSource_duplicateConditionKeys (22.40s)
--- PASS: TestAccIAMPolicyDocumentDataSource_sourceConflicting (22.43s)
--- PASS: TestAccIAMPolicyDocumentDataSource_noStatementOverride (22.43s)
--- PASS: TestAccIAMPolicyDocumentDataSource_duplicateSid (22.50s)
--- PASS: TestAccIAMPolicyDocumentDataSource_conditionWithBoolValue (22.54s)
--- PASS: TestAccIAMPolicyDocumentDataSource_singleConditionValue (22.62s)
--- PASS: TestAccIAMPolicyDocumentDataSource_noStatementMerge (22.64s)
--- PASS: TestAccIAMPolicyDocumentDataSource_StatementPrincipalIdentifiers_multiplePrincipals (22.64s)
--- PASS: TestAccIAMPolicyDocumentDataSource_basic (22.65s)
--- PASS: TestAccIAMPolicyDocumentDataSource_overrideList (22.70s)
--- PASS: TestAccIAMPolicyDocumentDataSource_override (22.70s)
--- PASS: TestAccIAMPolicyDocumentDataSource_version20081017 (25.89s)
--- PASS: TestAccIAMPolicyDocumentDataSource_overridePolicyDocumentValidJSON (26.75s)
--- PASS: TestAccIAMPolicyDocumentDataSource_source (27.32s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/iam 32.255s
Thanks for your contribution, @alexwilcox9! 👍 |
This functionality has been released in v5.49.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Description
This PR adds a new attribute to the
aws_iam_policy_document
data source to enable producing smaller JSONs. AWS Service Control Policies have a character limit of 5120 characters and in many cases I have seen policies approaching this limit.The current
json
attribute is padded which wastes characters. One way to solve this is to wrap thejson
attribute in thejsondecode
andjsonencode
functions as these don't pad the output.Having this as a direct attribute from the data source seems more efficient and allows for cleaner terraform files.
Relations
References
https://docs.aws.amazon.com/organizations/latest/userguide/org_troubleshoot_policies.html#scptoolong
Output from Acceptance Testing
I haven't currently got access to an environment where I can run the tests but from running the provider locally I can see the length is smaller