Skip to content

Additional validation of JSON/EST #2161

New issue
New issue
Open
Open
Additional validation of JSON/EST#2161
Labels
breaking-changeThis is (likely) a breaking changefeature-requestThis issue requets a substantial new feature
@victornicolet

Description

@victornicolet
victornicolet
opened on Feb 16, 2026

Describe the improvement you'd like to request

Some policies parse in JSON format, but converting them to the Cedar format results in policies that fail to parse. Additional validation should be done when parsing JSON, or at least when converting JSON policies to Cedar policy.

There are two examples of this for Policies:

  1. JSON policy with zero-argument method style call doesn't parse when converted to Cedar syntax #2116 , the JSON policy parsing is more lenient with respect to zero-argument method style
  2. extend the 'has' relation in EST and JSON policy format #2154 introduces the extended has operator in the JSON format. However, in Cedar format, the attributes in the extended form must be identifiers. This is not validated in the JSON format, and therefore can result in Cedar like e has attr."not identifier".attr2. This problem is currently mitigated by the fact that the conversion desugars, and therefore this is not an issue in the CLI's conversion tools.

Describe alternatives you've considered

No response

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this internal improvement
  • ⚠️ This feature might incur a breaking change

Metadata

Metadata

Assignees

No one assigned

    Labels

    breaking-changeThis is (likely) a breaking changefeature-requestThis issue requets a substantial new feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions