Create constants for AWS service principals #322
Comments
jen20
added a commit
to jen20/pulumi-aws
that referenced
this issue
Sep 16, 2018
This commit adds service principals for each of the known AWS services, in order to assist with autocompletion when writing trust policies for IAM roles. Fixes pulumi#322.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since the function
aws.iam.assumeRolePolicyForPrincipalwas introduced, code such as this has been common:Personally I can only remember about three of the commonly used service principal addresses, but this is something where autocomplete can help out! If we export constants of the
Principalstructure for each service from theaws.iamnamespace, this code could be rewritten:This has the secondary benefit of being a one-liner, making it less obtrusive to declare directly in the input properties of the resource using the policy, reducing the number of names in scope.
Something to investigate is whether the constants might be better inside the
aws.iampackage or inside the package for each service with a common name (e.g.aws.ec2.ServicePrincipal,aws.lambda.ServicePrincipal). I am tending towards the former since some services have many principals available (EC2 being a good example), and if several are imported for use without the qualifying namespace they will not conflict.The text was updated successfully, but these errors were encountered: