https://pulumi.com logo
Title
m

microscopic-dress-1605

03/09/2021, 8:38 AM
Hello, first time here. I would like to unit-test an IAM Policy that is build up dynamically using
aws.iam.getPolicyDocument
. However, I’ve noticed that
getPolicyDocument
gets mocked away during unit testing. As a result:
GetPolicyDocumentResult.json
returns undefined in the unit test 😒 Of course I can add something like this in
Mocks.call
:
pulumi.runtime.setMocks({
  newResource: function(resourceType: string, name: string, inputs: any, provider?: string, id?: string) {},
  call:  function(token: string, args: any, provider?: string) {
    switch (token) {
        case 'aws:iam/getPolicyDocument:getPolicyDocument':
          return {
            json: JSON.stringify(args),
          };
      }
      return args;
    },
});
But then the returned IAM Policy json document is not a valid IAM policy. What would be the preferred way of unit testing the result of
getPolicyDocument
? Thank you for your input. As you see the code is written in Typescript.
l

little-cartoon-10569

03/09/2021, 7:47 PM
In general in Pulumi, getPolicyDocument isn't needed. You can assign a simple JSON object (technically of type aws.iam.PolicyDocument) to a Role as its policy (or to anything that has a policy). Would that make testing easier?
An example from my code base
m

microscopic-dress-1605

03/09/2021, 7:52 PM
Alright. Yes. That makes sense. I haven’t thought about that. I’ll give that a try. I wasn’t aware we could just assign a JSON. For some reason I thought it only accepted json string 🤦‍♂️ Thank you @little-cartoon-10569!
👍 1
But what is then the use case of
getPolicyDocument
.
l

little-cartoon-10569

03/09/2021, 7:52 PM
I think: Terraform.
It's a carryover from the Terraform code where you can't write JSON.
m

microscopic-dress-1605

03/09/2021, 7:53 PM
Oh yes. Off course. Good point.
Well, that will certainly simplify testing!
💯 1