-
Notifications
You must be signed in to change notification settings - Fork 177
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JSON/YAML discrepancy when parsing functions #27
Comments
You are correct. The behaviors are different because of the different way CFn intrinsic functions are represented within the two formats. We're working through a number of possible ways to address it. Check out this part of the README for more info: https://github.com/aws-cloudformation/cloudformation-guard/blob/master/cfn-guard/README.md#working-with-cloudformation-intrinsic-functions For your second approach, try changing the |
The wildcard solution is sadly not applicable because it will fail on any additional tags that aren't defined in the ruleset (#23 (comment)) |
I added some comments to #23. [EDIT: Removed my repeat of the intrinsics details above] That said, I'm not happy about how it works right now. We're kicking around different approaches to come up with a behavior that reconciles the different representations without being lossy or confusing. Hopefully, we'll get an elegant, supportable solution out soon. In the mean time, you need to use the |
For example:
|
Yeah I'm using regex match now instead. It's really ugly tho 😅 |
Check out the latest For example:
Should now work correctly for both the YAML and JSON versions you're trying to check. |
Works and also 0.5.2 is quite a lot faster too! Thanks :) |
Awesome! 👍 |
Hi,
I have a policy to check for specific tags like:
They work fine on YAMLs in format:
However they fail on JSON:
with the error:
What would be the proper way of matching both formats?
//Edit
Using
IN [{"Key":"OwnerContact","Value":"OwnerContact"},{"Key":"OwnerContact","Value":{"Ref":"OwnerContact"}}]
doesnt work either with the error:However I believe this should be working as the matching object is in the list. (I tried with
[[{...}],[{...}]]
same result)//Edit2:
== /^\{"Key":"OwnerContact","Value":"OwnerContact"\}$|^\{"Key":"OwnerContact","Value":\{"Ref":"OwnerContact"\}\}$/
This seems to work, but I highly doubt this is how it's intended to work
The text was updated successfully, but these errors were encountered: