in configTools/src/main/scala/com/gu/janus/Validation.scala [7:29]
def policySizeChecks(janusData: JanusData): ValidationResult = {
// AWS doesn't reveal how this limit is being calculated
// but based on trial and error it seems to be around 1050
val sizeLimit = 1050
val allPermissions = janusData.access.defaultPermissions ++
janusData.access.userAccess.values.flatten.toSet ++
janusData.admin.userAccess.values.flatten.toSet ++
janusData.support.supportAccess
val largePermissions = for {
largePermission <- allPermissions.filter { perm =>
// session policy limit includes the managed ARNs and inline policy document
val totalLength =
perm.policy // the inline policy document's size
.map(_.length)
.getOrElse(0) +
perm.managedPolicyArns // and the total size of the attached managed policy ARNs
.map(_.map(_.length).sum)
.getOrElse(0)
totalLength >= sizeLimit
}
} yield s"${largePermission.label} (${largePermission.description})"