Hi everyone, i new in pulumi i have this basic cod...
# getting-started
Hi everyone, i new in pulumi i have this basic code to deploy a fargate cluster but i need to add to the task a permission to access a dynamodb table, how can I do it?
Copy code
import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";

// Create a load balancer to listen for requests and route them to the container.
const listener = new awsx.elasticloadbalancingv2.NetworkListener("bff-meds", { port: 8888 });

// Define the service, building and publishing our "./app/Dockerfile", and using the load balancer.
const service = new awsx.ecs.FargateService("bff-meds", {
  desiredCount: 2,
  taskDefinitionArgs: {
      containers: {
          nginx: {
              image: awsx.ecs.Image.fromPath("bff-meds", "./app"),
              memory: 512,
              portMappings: [listener],

// Export the URL so we can easily access it.
export const frontendURL = pulumi.interpolate `http://${listener.endpoint.hostname}/`;
I’m working on a similar issue with the awsx.apigateway.API For FargateService you can access the
as an
for a role arn, but not sure yet how to translate that to a role name needed for PolicyAttachments
I think the better route for
is to use an
to pass in a role that can be created with any Policy / Permissions I need
Yes, the CallbackFunction worked for me
ok thanks 🙂