diff: Improve diff of IAM policies

[eladb]

This doesn't really help out, especially when column-wrapped in the console:

[~] 🛠 Updating ReleaseReleaseProjectRoleDefaultPolicy84BD3DD4 (type: AWS::IAM::Policy)
 └─ [~] .PolicyDocument:
     └─ [~] .Statement:
         ├─ [-] Old value: [{"Action":["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":
[{"Fn::Join":["",["arn",":",{"Ref":"AWS::Partition"},":","logs",":",{"Ref":"AWS::Region"},":",
{"Ref":"AWS::AccountId"},":","log-group",":",{"Fn::Join":["",["/aws/codebuild/",
{"Ref":"ReleaseReleaseProject7FF55BD1"}]]}]]},{"Fn::Join":["",[{"Fn::Join":["",["arn",":",
{"Ref":"AWS::Partition"},":","logs",":",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":","log-
group",":",{"Fn::Join":["",["/aws/codebuild/",{"Ref":"ReleaseReleaseProject7FF55BD1"}]]}]]},":*"]]}]},
{"Action":
["s3:GetObject*","s3:GetBucket*","s3:List*","s3:PutObject*","s3:DeleteObject*","s3:Abort*"],"Effect":"A
llow","Resource":[{"Fn::GetAtt":["BuildPipelineArtifactsBucket6007E7FC","Arn"]},{"Fn::Join":["",
[{"Fn::GetAtt":["BuildPipelineArtifactsBucket6007E7FC","Arn"]},"/","*"]]}]},{"Action":
["s3:GetObject*","s3:GetBucket*","s3:List*","s3:PutObject*","s3:DeleteObject*","s3:Abort*"],"Effect":"A
llow","Resource":[{"Fn::GetAtt":["ReleasesCA994599","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":
["ReleasesCA994599","Arn"]},"/","*"]]}]},{"Action":"ses:SendEmail","Effect":"Allow","Resource":
{"Fn::Join":["",["arn",":",{"Ref":"AWS::Partition"},":","ses",":",{"Ref":"AWS::Region"},":",
{"Ref":"AWS::AccountId"},":","identity","/","foo@bar"]]}}]
         └─ [+] New value: [{"Action":
["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents"],"Effect":"Allow","Resource":
[{"Fn::Join":["",["arn",":",{"Ref":"AWS::Partition"},":","logs",":",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":","log-group",":",{"Fn::Join":["",["/aws/codebuild/",
{"Ref":"ReleaseReleaseProject7FF55BD1"}]]}]]},{"Fn::Join":["",[{"Fn::Join":["",["arn",":",
{"Ref":"AWS::Partition"},":","logs",":",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":","log-
group",":",{"Fn::Join":["",["/aws/codebuild/",{"Ref":"ReleaseReleaseProject7FF55BD1"}]]}]]},":*"]]}]},
{"Action":
["s3:GetObject*","s3:GetBucket*","s3:List*","s3:PutObject*","s3:DeleteObject*","s3:Abort*"],"Effect":"A
llow","Resource":[{"Fn::GetAtt":["BuildPipelineArtifactsBucket6007E7FC","Arn"]},{"Fn::Join":["",
[{"Fn::GetAtt":["BuildPipelineArtifactsBucket6007E7FC","Arn"]},"/","*"]]}]},{"Action":
["s3:GetObject*","s3:GetBucket*","s3:List*","s3:PutObject*","s3:DeleteObject*","s3:Abort*"],"Effect":"A
llow","Resource":[{"Fn::GetAtt":["ReleasesCA994599","Arn"]},{"Fn::Join":["",[{"Fn::GetAtt":
["ReleasesCA994599","Arn"]},"/","*"]]}]},{"Action":"ses:SendEmail","Effect":"Allow","Resource":
{"Fn::Join":["",["arn",":",{"Ref":"AWS::Partition"},":","ses",":",{"Ref":"AWS::Region"},":",
{"Ref":"AWS::AccountId"},":","identity","/","foo@zar"]]}}]

[ericzbeard]

@rix0rrr this is done, isn't it?

[peterwoodworth]

Think it's safe to say this issue can be closed out with the recent IAM policy optimizations implemented 🙂

[peterwoodworth]

Think it's safe to say this issue can be closed out with the recent IAM policy optimizations implemented 🙂

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.