https://pulumi.com logo
#python
Title
# python
s

steep-appointment-86731

12/18/2023, 4:59 AM
hi, I'm new to pulumi. Is it common to store iam policy within the main.py or is it a better practice to load it from json/yaml file?
a

ancient-thailand-47587

12/18/2023, 3:39 PM
Thanks for asking, I’ve been wondering that too.
b

billions-river-87988

12/18/2023, 7:33 PM
Either approach is valid, and comes down to preference. Often I see longer, more complex, or pre-defined policies defined in .json or .yaml files and loaded, while short or programmatically generated IAM policies are defined in-line with code (using multi-line strings)
additionally, in python, it can be quite convenient to define a policy as an object (dict), and render it into json with
json.dumps(policy_obj)
a

ancient-thailand-47587

12/18/2023, 7:41 PM
No, no preference, 😆 . That’s too difficult to have code uniformity 😆 😉
I hate the fact that for myself, I keep flip flopping thinking doing one way and then I feel like another way is better.
b

billions-river-87988

12/18/2023, 7:46 PM
I typically do it inline myself, if that helps... feels weird to load code into a program from a file, when i can just have it part of the program (since json is just code)
a

ancient-thailand-47587

12/18/2023, 7:48 PM
Yes, it’s just that sometimes it makes “the code” longer… Yep just preference and convenience …