Unit testing an authorizer #44
Description
After creating an authorizer, you do of course want to unit test that the authorizer is producing policy documents that reflect the methods/resources that should allowed/denied based on the input.
I can't seem to find any tools that can be used locally to evaluate an IAM policy document given an action on a particular resource (or merely a request to an API endpoint).
Yes, you could treat the output of the authorizer as merely a JSON document, and test its content, but this does not provide for testing the semantics of policy evaluation.
Are there any tools that would allow an IAM policy document to be evaluated locally for local testing?