assertions: coarseStringLike

[nag0yan]

Describe the feature

Checking if some string is in specific property JSON string
For example,

BucketPolicy01:
  Type: AWS::S3::BucketPolicy
  Properties:
    Bucket:
      Ref: Bucket01
    PolicyDocument:
      Statement:
        - Action:
            - s3:GetObject
          Effect: Allow
          Principal:
            AWS:
              Fn::Join:
                - ""
                - - "arn:"
                  - Ref: AWS::Partition
                  - :iam::${account-id}:user/some-user
          ...

To check this template, we can check as below.

template.hasResourceProperties("AWS::S3::BucketPolicy", {
  PolicyDocument: {
    Statement: [
      {
        Action: ["s3:GetObject"],
        Effect: "Allow",
        Principal: Match.coarseStringLike("some-user") // new method
      },
    ],
  },
});

Use Case

const principal = new Capture();
template.hasResourceProperties("AWS::S3::BucketPolicy", {
  PolicyDocument: {
    Statement: [
      {
        Action: ["s3:GetObject"],
        Effect: "Allow",
        Principal: principal,
      },
    ],
  },
});
expect(JSON.stringify(principal.asObject())).toMatch(
  "some-user",
);

For many cases, it may be useful to check only partial string in JSON string.

Proposed Solution

I don't dived into assertions module yet, so I don't know this solution is feasible.
However, json utility tools( such as, JSON.stringify, json.dumps, json.Marshal ... ) would be helpful, I thought.

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

CDK version used

2.124.0

Environment details (OS name and version, etc.)

Windows WSL2

[tim-finnigan]

Hi @nag0yan thanks for the feature request. I think what you're trying to do can accomplished by capturing values, for example:

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { Capture } from 'aws-cdk-lib/assertions';
import { Template } from 'aws-cdk-lib/assertions';

export class AssertionCdkStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    let templateObject = {
      "Resources": {
        "BucketPolicy01": {
          "Type": "AWS::S3::BucketPolicy",
          "Properties": {
            "Bucket": {
              "Ref": "Bucket01"
            },
            "PolicyDocument": {
              "Statement": [
                {
                  "Action": ["s3:GetObject"],
                  "Effect": "Allow",
                  "Principal": {
                    "AWS": {
                      "Fn::Join": [
                        "",
                        [
                          "arn:",
                          {
                            "Ref": "AWS::Partition"
                          },
                          ":iam::${account-id}:user/some-user"
                        ]
                      ]
                    }
                  }
                }
              ]
            }
          }
        }
      }
    }

    const template = Template.fromString(JSON.stringify(templateObject));

    const principalCapture = new Capture();
    template.hasResourceProperties('AWS::S3::BucketPolicy', {
      PolicyDocument: {
        Statement: [
          {
            Action: ['s3:GetObject'],
            Effect: 'Allow',
            Principal: principalCapture,
          },
        ],
      },
    });

    const capturedPrincipal = JSON.stringify(principalCapture.asObject());

    console.log(capturedPrincipal.includes('some-user'));

    if (!capturedPrincipal.includes('some-user')) {
      throw new Error('Expected Principal to contain "some-user"');
    }
  }
}

[github-actions]

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

[nag0yan]

Hello, @tim-finnigan. Thank you for replying.
I already use that method (Capturing and JSON.stringify). I want to do the same thing as other Match static method. (see "Describe the feature")
So, many assertion tests, that checks a template with CloudFormation Built-in Function (such as, Fn::Join) will be more simple.