This message was deleted.
# general
s
This message was deleted.
c
AWS responds with
MalformedPolicyDocument: Syntax errors in policy.
, and indeed the policy looks completely wrong
{"Version":"2012-10-17","Statement":[{"Action":"lambda:InvokeFunction","Effect":"Allow","Resource":{"__pulumiOutput":true,"isKnown":{}}}]}
.
I’m creating the policy like so:
Copy code
const invocationPolicy = new aws.iam.RolePolicy(`${apiName}-authorizer-invoke-lambda-role-policy`, {
      role: invocationRole,
      policy: JSON.stringify({
        "Version": "2012-10-17",
        "Statement": [
          {
            "Action": "lambda:InvokeFunction",
            "Effect": "Allow",
            "Resource": authorizerLambda.arn    // <==== HERE
          }
        ]
      }),
    }, { dependsOn: authorizerLambda });    // <=== I tried adding this to see if it would help
I found the answer further up - I needed to use
.apply()
like so:
Copy code
policy: authorizerLambda.arn.apply(arn => JSON.stringify({
        "Version": "2012-10-17",
        "Statement": [
          {
            "Action": "lambda:InvokeFunction",
            "Effect": "Allow",
            "Resource": arn
          }
        ]
      })),
w
Yep -
apply
is the key to taking an output from one resource and using it to construct an input for another (in this case the policy document). Glad you found the answer - we know we need more docs on this!