Using AWS and Typescript Is there any way to enumerate a lis Pulumi Community #aws

Using AWS and Typescript. Is there any way to enum...

salmon-ghost-86211

03/22/2021, 9:58 PM

Using AWS and Typescript. Is there any way to enumerate a list of IAM users from an existing IAM group? I can use the

aws.iam.Group.get

method to get the group, but I'm not sure how to actually access the existing group membership.

little-cartoon-10569

03/22/2021, 10:26 PM

You can't do it in Pulumi, it needs to the be AWS IAM SDK. The GetGroup command does it. https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-iam/modules/getgroupresponse.html#users There's an import alias for it in Pulumi. So something list this might work (untested code):

Copy code

(new aws.sdk.IAM()).getGroup((_, response) => {
          <http://pulumi.log.info|pulumi.log.info>(JSON.stringify(response.Users));
        });

salmon-ghost-86211

03/23/2021, 4:39 PM

Thanks @little-cartoon-10569. I found https://www.pulumi.com/docs/reference/pkg/aws/iam/getgroup/ in the AWS API spec. I wonder why there is both a

get

method which I tried above AND a

getGroup

method. When would I use only

get

little-cartoon-10569

03/23/2021, 7:34 PM

get

is a Pulumi object that loads a Pulumi group object. It isn't often useful, but occasionally you want to have a Pulumi object managed in one Project/stack, and used in a different one. This is the method that allows that.

little-cartoon-10569

03/23/2021, 7:35 PM

getGroup

is a wrapper around the AWS SDK getGroup function. It doesn't return a Pulumi object, it returns a GetGroupResult. It's handy for when you want information about an object that isn't managed by Pulumi, as in this case.

salmon-ghost-86211

03/23/2021, 9:49 PM

Thank you for the explanation. Also, I didn't notice that

getGroup

returns a GetGroupResult. I watch closer next time.

Open in Slack

Previous Next