No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

<@U01UNAF5815>, you need to make sure that your Lambda has the `AWSLambdaBasicExecutionRole` specified.

Or an equivalent custom policy of course.

<@U01UNJ960BH> Hey Simon!
How do I ensure that?
The way I got around it at the moment is by using the
```aws.iam.ManagedPolicy.CloudWatchLogsFullAccess```
policy, which isn’t ideal. I would love to be able to great a log group with specific retention days

Also would love to give each lambda specific queue access and not `AmaazonSQSFullAccess`

Thing is that I can’t pass `Output` objects to the `policies` property on the `CallbackFunction`

```aws.cloudwatch.onSchedule(
  'rate(1 minute)',
  new aws.lambda.CallbackFunction('get-team-leads', {
    policies: [aws.iam.ManagedPolicy.AWSLambdaBasicExecutionRole, aws.iam.ManagedPolicy.AWSLambdaRole],
    callback: async (e) =&gt; {
      console.log('Running...');```

but this isn’t very specific, isn’t it?

I mean, how can you send all logs to a specific log group with retention days?

Totally different question :slightly_smiling_face:

Sorry, don't have any insight on your more specific problem. Only been playing with Pulumi a week myself.

It’s nice, but missing more concrete examples, in my opinion

<@U01UNAF5815> when you say “missing more concrete examples”, are you referring to things outside the ones available here: <https://github.com/pulumi/examples>?

<@U01038HJ93R> yea. While there are various examples for all supported languages, the examples are simple and do not reflect real life scenarios (in my opinion). I would love it if the examples would also nourish a style guide and best practices as-well.
I don’t think anyone here would go ahead and create an `index.ts` file with 600 lines of code as a production code. They would split the code and will also split the logic from the infrastructure, so I don’t expect to see actual handler code along with the infrastructure definition

&gt; They would split the code and will also split the logic from the infrastructure, so I don’t expect to see actual handler code along with the infrastructure definition
It seems like you are looking for a very specific real world scenario that matches your exact use case.

It is expected that users will decide what works best for them. The purpose of the examples is to demonstrate how Pulumi would fit into those scenarios, but we have built a purposefully generalized tool and providing examples for all possible use cases would be frankly impossible :smile:

<@U01038HJ93R> I’m not really looking for a very specific real world scenario. I’m looking for “best practices”, but sure, we just eventually do whatever we feel comfortable with.
Giving examples for every possible scenario is indeed impossible :slightly_smiling_face: