damp-book-35965
03/26/2019, 12:06 AMconst iamRole = new aws.iam.Role(clusterName + "-server", {
assumeRolePolicy: JSON.stringify({
Version: "2012-10-17",
Statement: [{
Action: "sts:AssumeRole",
Principal: {
"AWS": cluster.instanceRole <- this is type=pulumi.Output<aws.iam.Role>;
},
Effect: "Allow"
}]
})
});
creamy-potato-29402
03/26/2019, 12:07 AMcluster.instanceRole.apply(ir => JSON.stringify(...))
assumeRolePolicy
goes.Input
in there.damp-book-35965
03/26/2019, 12:10 AMcreamy-potato-29402
03/26/2019, 12:11 AMassumeRolePolicy
in the AWS API is actually type string
right? So new aws.iam.Role
actually converts the JSON you provide into`string`. It does this by calling toString
, I believe.damp-book-35965
03/26/2019, 12:16 AMcreamy-potato-29402
03/26/2019, 12:16 AMcluster.instanceRole
doesn’t work inside JSON.stringify
is actually because Output
is basically a promise.JSON.stringfy
has to be run inside the .apply
—damp-book-35965
03/26/2019, 12:17 AMcreamy-potato-29402
03/26/2019, 12:17 AMdamp-book-35965
03/26/2019, 12:18 AMcreamy-potato-29402
03/26/2019, 12:19 AMdamp-book-35965
03/26/2019, 12:19 AM