brave-angle-33257
11/16/2018, 4:56 PMwhite-balloon-205
async function getAccountID() {
let identity = await aws.getCallerIdentity();
return identity.accountId;
}
export let accountId = getAccountID();
Promise
, so you'll need to write your code to construct IAM policies to handle that (with .then
or await
),brave-angle-33257
11/16/2018, 5:03 PMvar name = `mylambda.${env_id}`;
async function getAccountId() {
let identity = await aws.getCallerIdentity();
return identity.accountId;
}
getAccountId().then(account_id=>{
/// everything in here using account_id
role = new role
policy = new policy
white-balloon-205
async function createPolicy() {
let identity = await aws.getCallerIdentity();
return JSON.stringify({
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Principal": { "AWS": `arn:aws:iam::${identity.accountId}:root` },
"Action": "sts:AssumeRole"
}
});
}
let policy = new aws.iam.RolePolicy("policy", {
policy: createPolicy(),
})
The key is that you want to use the Promise as data, not as control flow. This is unfortunately somewhat different from the way Promises are commonly used in JavaScript. But in Pulumi programs, thinking of Promises as data that can be passed as inputs to resources often allows code to be much simpler (and less globally impactful).brave-angle-33257
11/16/2018, 7:54 PM