Hi everyone, i new in pulumi i have this basic code to deploy a fargate cluster but i need to add to the task a permission to access a dynamodb table, how can I do it?

import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";

// Create a load balancer to listen for requests and route them to the container.
const listener = new awsx.elasticloadbalancingv2.NetworkListener("bff-meds", { port: 8888 });

// Define the service, building and publishing our "./app/Dockerfile", and using the load balancer.
const service = new awsx.ecs.FargateService("bff-meds", {
  desiredCount: 2,
  taskDefinitionArgs: {
      containers: {
          nginx: {
              image: awsx.ecs.Image.fromPath("bff-meds", "./app"),
              memory: 512,
              portMappings: [listener],
          },
      },
  },
});

// Export the URL so we can easily access it.
export const frontendURL = pulumi.interpolate `http://${listener.endpoint.hostname}/`;

I’m working on a similar issue with the awsx.apigateway.API For FargateService you can access the

service.service.iamRole

as an

Output<string>

for a role arn, but not sure yet how to translate that to a role name needed for PolicyAttachments

ok thanks 🙂