sparse-intern-71089
10/05/2022, 7:50 PMdamp-continent-75299
10/05/2022, 7:57 PMimport * as aws from '@pulumi/aws';
const defaultTags = { Creator: 'pulumi' };
const awsAccountId = pulumi.output(aws.getCallerIdentity()).accountId;
const infrastructureRole = new aws.iam.Role('infrastructure', {
name: 'infrastructure',
assumeRolePolicy: {
Version: '2012-10-17',
Statement: [{
Effect: 'Allow',
Action: 'sts:AssumeRole',
Principal: {
AWS: pulumi.interpolate`${awsAccountId}`,
}
}],
},
tags: defaultTags,
})
new aws.iam.RolePolicyAttachment('infrastructure-admin', {
role: infrastructureRole.name,
policyArn: aws.iam.getPolicyOutput({ name: 'SystemAdministrator'}).arn,
});
new aws.iam.RolePolicyAttachment('infrastructure-iam', {
role: infrastructureRole.name,
policyArn: aws.iam.getPolicyOutput({ name: 'IAMFullAccess' }).arn,
});
But for golangbillowy-army-68599
ApplyT
here’s a similarish example: https://github.com/lbrlabs/pulumi-aws-tailscale/blob/main/provider/pkg/provider/bastion.go#L102-L128damp-continent-75299
10/05/2022, 8:05 PM