sticky-bear-14421
06/06/2023, 5:53 AMconst account = aws.getCallerIdentity({}).then((a) => a.accountId);
const region = aws.getRegion({}).then((r) => r.name):
These values end up in an IAM policy to access parameters in the SystemManager’s Parameter Store:
{
Action: ["ssm:GetParameter"],
Effect: "Allow",
Resource: [ `arn:aws:ssm:${region}:${account}:parameter/foo/bar/*` ],
}
But when I try to apply the code it will end in an error
error: 1 error occurred:
* updating urn:pulumi:dev::foo::aws:iam/rolePolicy:RolePolicy::lambdaRoleSapDataProcessorPolicy: 1 error occurred:
* putting IAM role policy lambdaRoleFooDataProcessorPolicy-681121b: MalformedPolicyDocument: The policy failed legacy parsing
To me, this looks like I am making a mistake in resolving the two promises? I am not very fluent with TypeScript