I'm trying to get all of the outputs of a specific stack (s3 bucket id's) to be added to an IAM policy to allow access to them. This is what I'm thinking about:

s3_reference = pulumi.StackReference(f"s3")
buckets = << dictionary of all outputs from s3 stack>>
policy=pulumi.Output.all(all_bukcets=buckets).apply(lambda args: f"""{{
             {{
                 "Effect": "Allow",
                 "Action": ["s3:*"],
                 "Resource": [
                   << buckets go here >>
                 ]
              }},
}}

Does anybody have a good way of accomplishing this?

Does the typescript type aws.iam.PolicyDocument have a python equivalent? It allows the doc to be created outside the

apply()

, which makes this sort of iteration easy.