Lint on Fn::If gives false alarm on Array value of S3 Bucket CorsRule
exoego opened this issue · 0 comments
exoego commented
AllowdOrigins
properties for Amazon S3 Bucket CorsRule accepts Array
value.
My CF tempalte uses Fn::If
to switch AllowedOrigins
depending on environment like below:
"MyBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"CorsConfiguration": {
"CorsRules": [
{
"AllowedOrigins": {
"Fn::If": [
"IsDev",
[
"https://dev1.example.com",
],
[
"https://foo.prod1.example.com",
"https://bar.prod2.example.com",
]
]
},
This template is valid and works fine in CloudFormation.
However, cfn-lint
gives critical error on this like
1 crit
Resource: Resources > S3Annotation > Properties > CorsConfiguration > CorsRules > 0 > AllowedOrigins
Message: Fn::If does not allow 0 as a nested function within an array
Documentation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-conditions.html#intrinsic-function-reference-conditions-if
I think this is false alarm.
Suspect code is
Lines 1528 to 1537 in 7975480