Hi everyone i new in pulumi i have this basic code to deploy Pulumi Community #getting-started

Hi everyone, i new in pulumi i have this basic cod...

quiet-translator-27586

05/20/2021, 2:14 PM

Hi everyone, i new in pulumi i have this basic code to deploy a fargate cluster but i need to add to the task a permission to access a dynamodb table, how can I do it?

Copy code

import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";

// Create a load balancer to listen for requests and route them to the container.
const listener = new awsx.elasticloadbalancingv2.NetworkListener("bff-meds", { port: 8888 });

// Define the service, building and publishing our "./app/Dockerfile", and using the load balancer.
const service = new awsx.ecs.FargateService("bff-meds", {
  desiredCount: 2,
  taskDefinitionArgs: {
      containers: {
          nginx: {
              image: awsx.ecs.Image.fromPath("bff-meds", "./app"),
              memory: 512,
              portMappings: [listener],
          },
      },
  },
});

// Export the URL so we can easily access it.
export const frontendURL = pulumi.interpolate `http://${listener.endpoint.hostname}/`;

crooked-wolf-21506

05/20/2021, 5:40 PM

I’m working on a similar issue with the awsx.apigateway.API For FargateService you can access the

service.service.iamRole

as an

Output<string>

for a role arn, but not sure yet how to translate that to a role name needed for PolicyAttachments

crooked-wolf-21506

05/20/2021, 5:52 PM

I think the better route for

awsx.apigateway.API

is to use an

aws.lambda.CallbackFunction

to pass in a role that can be created with any Policy / Permissions I need

crooked-wolf-21506

05/20/2021, 6:05 PM

Yes, the CallbackFunction worked for me

quiet-translator-27586

05/20/2021, 8:07 PM

ok thanks 🙂

3 Views

Open in Slack

Previous Next