add Policy resource (#6)

Adds the Policy resource Kind to the IAM controller. Note that currently
the Update code paths are not supported. This is because the Policy
resource in the IAM API does not support updates. Instead, you need to
call CreatePolicyVersion/DeletePolicyVersion. I will implement this as
custom update code paths in a future PR.

Signed-off-by: Jay Pipes <[email protected]>

aws-controllers-k8s/community#222

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Author: jaypipes

apis/v1alpha1/ack-generate-metadata.yaml

@@ -1,13 +1,13 @@
 ack_generate_info:
-  build_date: "2021-12-10T16:52:22Z"
+  build_date: "2021-12-12T13:43:21Z"
   build_hash: 285d87b66b62fbfb859986ddf74c9f9b6ae743fb
   go_version: go1.17
   version: v0.15.2
-api_directory_checksum: d19cbe57322f73edfbc00516371d96a3e7f31c29
+api_directory_checksum: 2cb2270674b7b11376f9dd8bb8e421f381e929e2
 api_version: v1alpha1
 aws_sdk_go_version: v1.40.2
 generator_config_info:
-  file_checksum: 0e4f42c57dc98ab50fbc2c3450d2f841891e1936
+  file_checksum: 6ada881f79941709582e58538bf5ac4ef6144787
   original_file_name: generator.yaml
 last_modification:
   reason: API generation

apis/v1alpha1/generator.yaml

@@ -6,7 +6,7 @@ ignore:
    - InstanceProfile
    - LoginProfile
    - OpenIDConnectProvider
-   - Policy
+   #- Policy
    - PolicyVersion
    #- Role
    - SAMLProvider
@@ -15,6 +15,46 @@ ignore:
    - User
    - VirtualMFADevice
 resources:
+  Policy:
+    renames:
+      operations:
+        CreatePolicy:
+          input_fields:
+            PolicyName: Name
+        GetPolicy:
+          input_fields:
+            PolicyName: Name
+        DeletePolicy:
+          input_fields:
+            PolicyName: Name
+    hooks:
+      sdk_create_post_set_output:
+        template_path: hooks/policy/sdk_create_post_set_output.go.tpl
+    exceptions:
+      terminal_codes:
+        - InvalidInput
+        - MalformedPolicyDocument
+    fields:
+      Description:
+        # You might be wondering why description is late-initialized, since
+        # there isn't a default server-side value for description.
+        #
+        # The CreatePolicy API call accepts a Description field in the input
+        # and the documentation (and API model) say that a Description field is
+        # included in the returned response from CreatePolicy, however the
+        # Description returned from the CreatePolicy API call is always
+        # missing/nil which means the SetResource code sets the
+        # Spec.Description to nil. When the next time the GetPolicy API call is
+        # made in the next reconciliation loop, GetPolicy returns the
+        # description that was originally set in the CreatePolicy API call and
+        # a Delta difference is discovered erroneously (because the SetResource
+        # call after CreatePolicy incorrectly set the description to nil). So,
+        # we set the late initialize property of the Description field here to
+        # override the Spec.Description to the original value we set in the
+        # CreatePolicy *input* shape.
+        late_initialize: {}
+      Path:
+        late_initialize: {}
   Role:
     hooks:
       sdk_create_post_set_output: