Update template.yaml

awslabs · Oct 31, 2023 · 52954be · 52954be
1 parent f55da58
commit 52954be
Showing 1 changed file with 47 additions and 24 deletions.
diff --git a/template.yaml b/template.yaml
@@ -96,70 +96,93 @@ Parameters:
 
   GoogleCredentials:
     Type: String
-    Description: Credentials to log into Google (content of credentials.json)
-    ConstraintDescription: You should save this information when following this setup https://developers.google.com/admin-sdk/directory/v1/guides/delegation
+    Description: |
+      Credentials to log into Google (content of credentials.json)
+    ConstraintDescription: |
+      You should save this information when following this setup https://developers.google.com/admin-sdk/directory/v1/guides/delegation
     NoEcho: true
   GoogleAdminEmail:
     Type: String
-    Description: Google Admin email
-    ConstraintDescription: This is a use with admin authority on your Google Directory, you will have used this when following this setup https://developers.google.com/admin-sdk/directory/v1/guides/delegation
+    Description: |
+      Google Admin email
+    ConstraintDescription: |
+      This is a use with admin authority on your Google Directory, you will have used this when following this setup https://developers.google.com/admin-sdk/directory/v1/guides/delegation
     NoEcho: true
   SCIMEndpointUrl:
     Type: String
-    Description: AWS IAM Identity Center - SCIM Endpoint Url
+    Description: |
+      AWS IAM Identity Center - SCIM Endpoint Url
     AllowedPattern: "https://scim.(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-([0-9]{1}).amazonaws.com/(.*)-([a-z0-9]{4})-([a-z0-9]{4})-([a-z0-9]{12})/scim/v2/"
-    ConstraintDescription: You should save this information when following this setup https://docs.aws.amazon.com/singlesignon/latest/userguide/provision-automatically.html
+    ConstraintDescription: |
+      You should save this information when following this setup https://docs.aws.amazon.com/singlesignon/latest/userguide/provision-automatically.html
     NoEcho: true
   SCIMEndpointAccessToken:
     Type: String
-    Description: AWS IAM Identity Center - SCIM AccessToken
-    ConstraintDescription: You should save this information when following this setup https://docs.aws.amazon.com/singlesignon/latest/userguide/provision-automatically.html
+    Description: |
+      AWS IAM Identity Center - SCIM AccessToken
+    ConstraintDescription: |
+      You should save this information when following this setup https://docs.aws.amazon.com/singlesignon/latest/userguide/provision-automatically.html
     NoEcho: true
   Region:
     Type: String
-    Description: AWS Region where AWS IAM Identity Center is enabled
-    ConstraintDescription: You can find this value on the settings page of the IAM Identity Center console page
+    Description: |
+      AWS Region where AWS IAM Identity Center is enabled
+    ConstraintDescription: |
+      You can find this value on the settings page of the IAM Identity Center console page
     AllowedPattern: '(us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\d'
   IdentityStoreID:
     Type: String
-    Description: Identifier of Identity Store in AWS IAM Identity Center
-    ConstraintDescription: You can find this value on the settings page of the IAM Identity Center console page
+    Description: |
+      Identifier of Identity Store in AWS IAM Identity Center
+    ConstraintDescription: |
+      You can find this value on the settings page of the IAM Identity Center console page
     NoEcho: true
     AllowedPattern: 'd-[1-z0-9]{10}'
 
   GoogleUserMatch:
     Type: String
-    Description: Google Workspace user filter query parameter, example: 'name:John* email:admin*', leave empty if you do not wish to pass this parameter 
-    ConstraintDescription: The parameter needs to be compliant with the Google admin-sdk api, https://developers.google.com/admin-sdk/directory/v1/guides/search-users
+    Description: |
+      Google Workspace user filter query parameter, example: 'name:John* email:admin*', leave empty if you do not wish to pass this parameter 
+    ConstraintDescription: |
+      The parameter needs to be compliant with the Google admin-sdk api, https://developers.google.com/admin-sdk/directory/v1/guides/search-users
     Default: ""
     AllowedPattern: '(?!.*\s)|(name|Name|NAME)(:([a-zA-Z0-9]{1,64})(\*))|(name|Name|NAME)(=([a-zA-Z0-9 ]{1,64}))|(email|Email|EMAIL)(:([a-zA-Z0-9.-_]{1,64})(\*))|(email|Email|EMAIL)(=([a-zA-Z0-9.-_]{1,64})@([a-zA-Z0-9.-]{5,260}))'
   GoogleGroupMatch:
     Type: String
-    Description: Google Workspace group filter query parameter, example: 'name:Admin* email:aws-*', leave empty if you do not wish to pass this parameter
-    ConstraintDescription: The parameter needs to be compliant with the Google admin-sdk api, see: https://developers.google.com/admin-sdk/directory/v1/guides/search-groups
+    Description: |
+      Google Workspace group filter query parameter, example: 'name:Admin* email:aws-*', leave empty if you do not wish to pass this parameter
+    ConstraintDescription: |
+      The parameter needs to be compliant with the Google admin-sdk api, see: https://developers.google.com/admin-sdk/directory/v1/guides/search-groups
     Default: 'name:AWS*'
     AllowedPattern: '(?!.*\s)|(name|Name|NAME)(:([a-zA-Z0-9]{1,64})\*)|(name|Name|NAME)(=([a-zA-Z0-9 ]{1,64}))|(email|Email|EMAIL)(:([a-zA-Z0-9.-_]{1,64})\*)|(email|Email|EMAIL)(=([a-zA-Z0-9.-_]{1,64})@([a-zA-Z0-9.-]{5,260}))'
   IgnoreGroups:
     Type: String
-    Description: Do NOT sync these Google Workspace groups into IAM Identity Center, leave empty if not required
-    ConstraintDescription: This should be a comma separated list of group names
+    Description: |
+      Do NOT sync these Google Workspace groups into IAM Identity Center, leave empty if not required
+    ConstraintDescription: |
+      This should be a comma separated list of group names
     Default: ""
-    AllowedPattern: '(?!.*\s)|([0-9a-zA-Z-= _]*)(,[0-9a-zA-Z-=@. _]*)*'
+    AllowedPattern: '(?!.*\s)|(["0-9a-zA-Z-=@. _]*)(,["0-9a-zA-Z-=@. _]*)*'
   IgnoreUsers:
     Type: String
-    Description: Ignore these Google Workspace users, leave empty if not required
-    ConstraintDescription: This should be a comma separated list of group names
+    Description: |
+      Ignore these Google Workspace users, leave empty if not required
+    ConstraintDescription: |
+      This should be a comma separated list of group names
     Default: ""
     AllowedPattern: '(?!.*\s)|([0-9a-zA-Z-= _]*)(,[0-9a-zA-Z-=@. _]*)*'
   IncludeGroups:
     Type: String
-    Description: Include only these Google Workspace groups, leave empty if not required. (Only applicable for SyncMethod user_groups)
-    ConstraintDescription: This should be a comma separated list of group names
+    Description: |
+      Include only these Google Workspace groups, leave empty if not required. (Only applicable for SyncMethod user_groups)
+    ConstraintDescription: |
+      This should be a comma separated list of group names
     Default: ""
     AllowedPattern: '(?!.*\s)|([0-9a-zA-Z-= _]*)(,[0-9a-zA-Z-=@. _]*)*'
   SyncMethod:
     Type: String
-    Description: Which sync method do you want to use with ssosync?
+    Description: |
+      Which sync method do you want to use with ssosync?
     Default: groups
     AllowedValues:
       - groups