https://pulumi.com logo
#aws
Title
# aws
c

calm-queen-58154

06/01/2023, 2:56 PM
Hey all, I'm trying to use an S3 bucket name from one stack to another and keep getting
Copy code
Calling __str__ on an Output[T] is not supported.
    To get the value of an Output[T] as an Output[str] consider:
    1. o.apply(lambda v: f"prefix{v}suffix")
    See <https://pulumi.io/help/outputs> for more details.
    This function may throw in a future version of Pulumi.
Ref stack does a bucketV2
Copy code
pulumi.export("bucket", bucket.id)
With the following used in the stack using it
Copy code
bucket = core_stack_ref.get_output("bucket")
It does not want to work and I cannot help but feel I'm missing something. ANy idea?
b

billowy-army-68599

06/01/2023, 3:08 PM
Where are you using the using the bucket name? The issue doesn’t appear to be the stack ref
c

calm-queen-58154

06/01/2023, 3:09 PM
In an AppRunner policy (python code):
Copy code
"Resource": [f"arn:aws:s3:::{bucket}/*" for bucket in bucket_list],
b

billowy-army-68599

06/01/2023, 3:09 PM
That’s the problem, you can’t interpolate an output like that
You need to use an apply
c

calm-queen-58154

06/01/2023, 3:10 PM
Oh!
not sure I understand what it means though
b

billowy-army-68599

06/01/2023, 3:11 PM
I’m in transit right now, once I get to a stopping point I’ll post a more thorough answer.
Are you familiar with outputs at all?
c

calm-queen-58154

06/01/2023, 3:11 PM
nope
Then I’ll send the answer over when I get to a laptop
c

calm-queen-58154

06/01/2023, 3:13 PM
not much that is, besides using them in a way that worked fine
Copy code
subnets=core_stack_ref.get_output("defaultPrivateSubnetIds"),
I've a tried a ton of different things to no avail. e.g.: this did not work
Copy code
name = bucket.apply(lambda v: f"prefix{v}suffix")
b

billowy-army-68599

06/01/2023, 5:57 PM
Can you post the full code of the consuming stack
c

calm-queen-58154

06/02/2023, 7:38 AM
I can post the bits that should be relevant, edited for clarity, python code
Copy code
#  In core stack

# Create an aws.s3.BucketV2 resource with KMS server-side encryption
bucket = aws.s3.BucketV2(
    "bucket",
    tags={
        "Environment": environment,
        "Service": "core",
    },
)

bucket_attachments_policy = aws.s3.BucketServerSideEncryptionConfigurationV2(
    "bucket-policy",
    bucket=bucket.id,
    rules=[
        aws.s3.BucketServerSideEncryptionConfigurationV2RuleArgs(
            apply_server_side_encryption_by_default=aws.s3.BucketServerSideEncryptionConfigurationV2RuleApplyServerSideEncryptionByDefaultArgs(
                kms_master_key_id=config.require("KMS_BUCKET_KEY"),
                sse_algorithm="aws:kms",
            ),
            bucket_key_enabled=True,
        ),
    ],
)

# Export the S3 bucket name
pulumi.export("bucket", bucket.id)


# In other stack that uses the core stack
# Fetch config values used throughout
core_org = config.require("core-org")
core_project = config.require("core-project")
core_stack_name = config.require("core-stack")
core_stack_ref = pulumi.StackReference(f"{core_org}/{core_project}/{core_stack_name}")

bucket = core_stack_ref.require_output("bucket")

bucket_list = [bucket]

apprunner_instance_policy_document = json.dumps(
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Action": [
                ],
                "Effect": "Allow",
                "Resource": [f"arn:aws:s3:::{bucket}/*" for bucket in bucket_list],
            },
        ],
    }
)
b

billowy-army-68599

06/02/2023, 3:34 PM
Copy code
apprunner_instance_policy_document = pulumi.Output.json.dumps(
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Action": [
                ],
                "Effect": "Allow",
                "Resource": [
                    pulumi.Output.concat("arn:aws:s3:::", bucket),
                 ],
            },
        ],
    }
)
c

calm-queen-58154

06/02/2023, 6:12 PM
thanks! will have a look on monday