The second s3 bucket arn shows up as ` Object Object ` for m Pulumi Community #general

The second s3 bucket arn shows up as `[Object Obje...

busy-umbrella-36067

04/24/2019, 6:12 PM

The second s3 bucket arn shows up as

[Object Object]/*

for me, is there any workaround for this?

Copy code

let rolePolicy = new aws.iam.RolePolicy(`${name}-s3-access`, {
    role: role.id,
    policy: pulumi.output({
      Version: "2012-10-17",
      Statement: [{
        Effect: "Allow",
        Action: [
          "s3:ListBucket",
          "s3:HeadBucket",
          "s3:PutObject",
          "s3:GetObject"
        ],
        Resource: [ bucket.arn, `${bucket.arn}/*` ]
      }]
    }).apply(JSON.stringify)
  }, {
    parent: role
  });

busy-umbrella-36067

04/24/2019, 6:17 PM

Got it working using this syntax, I guess we don’t need to convert the policies to strings anymore?

Copy code

let rolePolicy = new aws.iam.RolePolicy(`${name}-s3-access`, {
    role: role.id,
    policy: {
      Version: "2012-10-17",
      Statement: [{
        Effect: "Allow",
        Action: [
          "s3:ListBucket",
          "s3:HeadBucket",
          "s3:PutObject",
          "s3:GetObject"
        ],
        Resource: [
          bucket.arn.apply(arn => arn),
          bucket.arn.apply(arn => `${arn}/*`)
        ]
      }]
    }
  }, {
    parent: role
  });

white-balloon-205

04/24/2019, 7:01 PM

That's right - you no longer need to convert to a string. See https://pulumi.io/reference/pkg/nodejs/@pulumi/aws/iam/#RolePolicyArgs-policy which calls out that this now accepts either a string or a

PolicyDocument

interface.

👍 1

2 Views

Open in Slack

Previous Next